SybilLimit: A near-optimal social network defense against sybil attacks

被引:233
作者
Yu, Haifeng [1 ]
Kaminsky, Michael [2 ]
Gibbons, Phillip B. [2 ]
Xiao, Feng [1 ]
机构
[1] Natl Univ Singapore, Sch Comp, Singapore 117543, Singapore
[2] Intel Labs Pittsburgh, Pittsburgh, PA 15213 USA
来源
PROCEEDINGS OF THE 2008 IEEE SYMPOSIUM ON SECURITY AND PRIVACY | 2008年
关键词
D O I
10.1109/SP.2008.13
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Decentralized distributed systems such as peer-to-peer systems are particularly vulnerable to Sybil attacks, where a malicious user pretends to have multiple identities (called Sybil nodes). Without a trusted central authority, defending against sybil attacks is quite challenging. Among the small number of decentralized approaches, our recent SybilGuard protocol [42] leverages a key insight on social networks to bound the number of sybil nodes accepted. Although its direction is promising, SybilGuard can allow a large number of sybil nodes to be accepted. Furthermore, SybilGuard assumes that social networks are fast mixing, which has never been confirmed in the real world. This paper presents the novel SybilLimit protocol that leverages the same insight as SybilGuard but offers dramatically improved and near-optimal guarantees. The number of sybil nodes accepted is reduced by a factor of circle dot(root n), or around 200 times in our experiments for a million-node system. We further prove that SybilLimit's guarantee is at most a log n factor away front optimal, when considering approaches based on fast-mixing social networks. Finally, based on three large-scale real-world social networks, we provide the first evidence that real-world social networks are indeed fast mixing. This validates the fundamental assumption behind SybilLimit's and SybilGuard's approach.
引用
收藏
页码:3 / +
页数:2
相关论文
共 39 条
[1]  
ABRAHAM I, 2003, DISC
[2]  
ANDERSON T, 2006, SIGCOMM 06 PUBLIC RE
[3]  
BACKSTROM L, 2006, ACM KDD
[4]  
BARYOSSEF Z, 2001, ACM STOC
[5]  
BAZZI R, 2005, ACM PODC
[6]  
Boyd S, 2005, IEEE INFOCOM SER, P1653
[7]  
CASTRO M, 2002, USENIX OSDI
[8]  
CHENG A, 2005, ACM P2PECON
[9]  
DANEZIS G, 2005, SPRINGER VERLAG LNCS, V3679
[10]  
DOUCEUR J, 2002, IPTPS