1 SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu Michael Kaminsky Phillip B. Gibbons Abraham Flaxman Presented by John Mak, Janet Yung
Dec 19, 2015
1
SybilGuard: Defending Against Sybil Attacks via Social Networks
Haifeng YuMichael KaminskyPhillip B. GibbonsAbraham Flaxman
Presented byJohn Mak, Janet Yung
2
Outline
• Introduction to Sybil Attack
• Model & Problem formulation
• Sybil Guard Overview
• Simulation Result & Analysis
• Conclusion
• Our views
3
Introduction to Sybil Attack
• P2p and decentralized, distributed systems particularly vulnerable
• Malicious user obtains multiple fake identities
• Gain large influence by “out vote” honest users
4
Introduction to Sybil Attack
• Malicious user obtains multiple fake identities
• Malicious behavior becomes a norm (e.g. Byzantine failures)
• Many protocols assume < 1/3 malicious nodes
• Easily create 1/3 nodes Break defense
5
Introduction to Sybil Attack
• Centralized authority:– Control Sybil attack easily– Verify real life credential– Hard for worldwide to trust– Single point of failure – bottleneck, DOS– Scare away potential users – requires
sensitive information
6
Introduction to Sybil Attack
• Decentralized approach is hard:– Harvest (Steal) IP addresses
• No common IP prefix Hard to filter
– Advertise BGP route on unused block of IP address
– Botnet - Co-opt large number of end-user machines
7
Introduction to Sybil Attack
• Not very successful defense approaches:– Resource-challenge approach (computational
puzzles)– Network coordinates– Reputation system based on historical
behavior
8
Model & Problem Formulation
• Users:– n honest users: single identity– 1+ malicious user: multiple identities
• Identity:– Also called “node”– Sybil identity: malicious user’s identity
• Defense system– Verifier node V accept another node S– Ideally, V only accept honest nodes.
9
Model & Problem Formulation
• Bounding no. of sybil groups– Divide all nodes into at most g equivalence
groups– Sybil Group: equivalence group contains at
least one Sybil node– Defense system guarantees no. of groups,
without need to know if the group is sybil
10
Model & Problem Formulation
• Bounding size of Sybil Group– at most w nodes in a group– limit no. of sybil nodes accepted each node can
accept
• Summary– decentralized– honest node accepts, and is accepted by most other
honest nodes– honest node accepts a bounded number of sybil
nodes.
11
Social Network
• Consists of users (nodes)• Human established trust relationships• Nodes connected by an edge (friend) • Real life relationship can bound both the number
and size of sybil groups– Usually degree ~ 30
• Malicious user fools honest user to trust him/her– an attack edge connected a malicious user and an
honest user
12
SybilGuard Overview
• Ensures honest user share at most one edge with sybil nodes created by a malicious user
• A protocol enables honest nodes to accept a large fraction of the other honest nodes
• SybilGuard does not increase or decrease the number of edges in the social network as a result of its execution
13
SybilGuard Overview
• Random routes direct random walk for all nodes • Pre-computed random permutation
– one-to-one mapping from incoming edges to out-going edges
• Random routes– convergence property– back-traceable property
• Multiple random routes of a certain length (w)
14
Random route
• Basis of SybilGuard
• Honest node (verifier) decides whether or not to accept another node (suspect)
• Honest node’s random route– highly likely to stay within the honest region– Highly likely to intersect within (w) steps
• If there are (g) attack edges, the number of sybil groups is bounded by (g)
15
Fast mixing property
• Assume social networks tend to be fast mixing, which necessarily means that subsets of honest nodes have good connectivity to the rest of the social network
• Assume the verifier is itself an honest node
16
Attack edge
17
Key exchange
• Each pair of friendly nodes shares a unique symmetric secret key (password) called the edge key
• Key distribution is done out-of-band
• Each honest node constrains its degree within some constant (e.g. 30) in order to prevent the adversary from increasing the number of attack edges (g) dramatically
18
Limits attack edges
• Limited number of attack edges (g)
• Adding new attack edge needs out-of-band verification
• Malicious users:– Hard to convince honest users to be friends– Quite difficult to do on a large scale
19
Common ways adversary may use to increase g
• Befriending with honest users in real life• Convince honest node to accept sybil nodes as
friends• Compromises a large fraction of nodes in the
system.– The adversary does not even need to launch a sybil
attack. SybilGuard will not help here.
• Botnet– Challenging to acquire a botnet containing many
nodes that already in the system.
20
Random route
• Convergence property– Once two routes traverse the same edge along
the same direction, they will merge and stay merged (i.e. the convergence property)
• Back-traceable property– Using a permutation as the routing table
further guarantees that the random routes are back-traceable
• There can be only one route with length (w) that traverses the same section of route (e)
21
Problems of random route
• Loop (same edge more than once)– Unlikely to form in a fast mixing graph
• Enters the sybil region– Unlikely according to:
THEOREM 1. For any connected and non-bipartite social network, the probability that a length-w random walk starting from a uniformly random honest node will ever traverse any of the g attack edges is upper bounded by gw/n. In particular, when w = Θ(√nlogn) and g = o(√n/logn), this probability is o(1).
22
SybilGuard Design
• Use redundancy– Instead of performing one random route– A node with degree (d) performs random
routes along each of its edges
• Verifier V accept suspect S– If exist d/2 routes from the verifier node– One of V’s route accept S if that route
intersect with one of S’s route
23
Registry table
• Each node will maintain and propagate one’s registry tables and witness tables to its neighbors
• SybilGuard requires a node to register with all (w) nodes along each of its routes by using public key cryptography
• When a verifier V wants to verify S, V will ask the intersection point between S’s route and V’s route whether S is indeed registered
24
Registry & Witness tables
25
Bandwidth consumption
• Studying a one million nodes social network• w=2000• Data sent by each node for registry table is small• Bandwidth consumption acceptable
– since the registry table updates are needed only when social trust relationships change
26
Witness table
• Propagated and updated in a similar fashion as the registry table
• Backward• Updated when a node’s IP address changes
• Can be done lazily in the verification process
27
Verify process
• For a node V to verify a node S– find the intersection nodes for all of its routes by the
witness tables downstream– Authenticates the intersection node one by one by the
private key– Ask that node to check if S’s public key is store in one
of its registry tables.– If S’s public key is found, that route of V will accept S
28
Verify Process
• If more than half of the route from V accept S,– node V will accept node S– V will interact will S later by request S to encrypt its
message by its private key
• For the sybil nodes region with (g) attack edges,– Polluted entries in registry tables bounded by g*w*w/2– still less than half of the total number of entries n*d*w– even with g*w tends to (n) with (d) being the degree of
each node (d >= 2) and (n) being the total number of nodes
29
Route length w
Constraints:• Must be sufficiently small to ensure remains
entirely within the honest region
• Must be sufficiently large to ensure that routes will intersect with high probability
• w related to n– Challenging because we do not know n for a
decentralized system
30
Route length w
• Determine locally by sampling
• Node A performs short random walk (e.g. 10 hops) at node B
• Assume B is honest (with high probability)
• A checks no. of hops for intersection with their random routes– A asks for the witness tables from B.
• Repeat above, calculate median value.
31
Sybil Guard under Dynamics
• Bypass offline nodes– V verify other node S
• Probably multiple intersection points• V have at least one intersection point online
– Propagate registry & witness tables• User creation / deletion / ip address change• Infrequent changes
– Lookahead route table• Store information of next K hops
32
Sybil Guard under Dynamics
• Incremental routing table maintenance– Instead of re-create a new permutation– Make changes in current permutation
• Add– X1 X2 X3 X4 (insert at end)– X1 X2 (insert here) X4 X3
• Delete “3”– Before: X1 X2 X3 X4 X5
– After: X1 X2 X5 X4
33
Attacks Exploiting Node Dynamics
• Potential attacks under Node Dynamics– Malicious user M change public key to key2– Suppose DABC– Suppose revoke key1– Random routes along all directions – D’s key3 will overwrite key2
34
Probability of Intersection
• Kleinberg’s synthetic social network model• a million-node graph with average node
degree of 24
35
Results with no Sybil Attackers
• Probability of random routes being loops– Loop reduces effective length of random route– Loop is very rare– 99.3% of the routes do not form loops in their
first 2500 hops
36
Results with no Sybil Attackers
• Probably of honest node being accepted– at least one intersection point online– If at least 10 online/offline intersection points
verification succeeds– In 1 million-node graph
• w = 300• probability = 99.96% having >=10 intersections
37
Results with no Sybil Attackers
• Estimate random route length w– Sampling technique to determine w– Node A choose a node B to determine w– Node B – not necessarily uniformly random– Need to re-estimate daily
38
Probability of routes in honest region
• 1 million-node graph• 100% for g <=2000; 99.8% for g=2500• 0.2% -- Nodes befriending with sybil
attackers
39
Probability of honest nodes being accepted
• Still 99.8% with 2500 attack edges• Redundancy is necessary
40
Our views
• Hard to link real life to virtual network?– My real life friends may not join the virtual
network– Maybe centralized authentication better?
• 99.8% honest nodes accepted, but 0.2% not accepted.– The 0.2% is honest
41
Others’ views
• Fast mixing assumption in social network– Japanese’s social network may not mix with
US social network?