SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks

被引:77
作者
Yu, Haifeng [1 ]
Gibbons, Phillip B. [2 ]
Kaminsky, Michael [2 ]
Xiao, Feng [1 ]
机构
[1] Natl Univ Singapore, Sch Comp, Singapore 117543, Singapore
[2] Intel Labs Pittsburgh, Pittsburgh, PA 15213 USA
关键词
Social networks; sybil attack; sybil identities; SybilGuard; SybilLimit;
D O I
10.1109/TNET.2009.2034047
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Open-access distributed systems such as peer-to-peer systems are particularly vulnerable to sybil attacks, where a malicious user creates multiple fake identities (called sybil nodes). Without a trusted central authority that can tie identities to real human beings, defending against sybil attacks is quite challenging. Among the small number of decentralized approaches, our recent SybilGuard protocol leverages a key insight on social networks to bound the number of sybil nodes accepted. Despite its promising direction, SybilGuard can allow a large number of sybil nodes to be accepted. Furthermore, SybilGuard assumes that social networks are fast-mixing, which has never been confirmed in the real world. This paper presents the novel SybilLimit protocol that leverages the same insight as SybilGuard, but offers dramatically improved and near-optimal guarantees. The number of sybil nodes accepted is reduced by a factor of Theta(root n), or around 200 times in our experiments for a million-node system. We further prove that SybilLimit's guarantee is at most a log n factor away from optimal when considering approaches based on fast-mixing social networks. Finally, based on three large-scale real-world social networks, we provide the first evidence that real-world social networks are indeed fast-mixing. This validates the fundamental assumption behind SybilLimit's and SybilGuard's approach.
引用
收藏
页码:885 / 898
页数:14
相关论文
共 45 条
[1]  
ABRAHAM I, 2003, P 17 INT S DISTR COM, P60
[2]  
ANDERSON T, 2006, SIGCOMM 06 PUBLIC RE
[3]  
[Anonymous], 2002, ACM C COMP COMM SEC
[4]  
[Anonymous], 2009, NDSS
[5]  
[Anonymous], 2008, 5th Conference on Networked Systems Design and Implementation
[6]  
[Anonymous], 2004, the third international symposium on Information processing in sensor networks
[7]  
[Anonymous], [No title captured]
[8]  
[Anonymous], 2009, Proceedings of the 6th USENIX symposium on Networked systems design and implementation
[9]  
AWERBUCH B., 2006, Proceedings of the 18th ACM Symposium on Parallelism in Algorithms and Architectures (SPAA), P318
[10]  
Backstrom L., 2006, Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, P44, DOI DOI 10.1145/1150402.1150412