Sybil Attacks: Nodes and Attack Edges

attack edges

The system is constructed with the formalization of honest and malicious users, which are specifically exemplified in Sybil Guard as nodes. The way to recognize potential attackers is by identifying how many identities one user occupies. For example, honest users have only one identity while the attacker has many identities, which the protocol detects.

As Yu and his contributing experts assert, ‘all honest nodes and sybil nodes in the system form a social network’ (Yu et al., 2008), which is precisely demonstrated in the given figure.

Subsequently, if two users are linked without corruptive intent and form an honest relationship, we call that connection an edge. In contrast, any honest user or node that connects with an attacker forms an attack edge. In the process of regulating potential attackers, this graph proves to be effective. Not only does it limit ‘the number of attack edges’ (Yu et al., 2008), it also concludes with the proposition that reliable users don’t need to form any bonds because they already have established friends, whereas, the intention of sybil attackers is to add friends which inevitably dispatches several attack edges. This model allows Sybil Guard to defend social networks against sybil intruders by obstructing and restricting the number of ‘false’ relationships one attacker creates.

 

References:

Yu, H., Kaminsky, M., Gibbons, P. B., & Flaxman A.D. (2008). SybilGuard: Defending against sybil attacks via social networks. IEEE/ACM Transactions on Networking, 16(3), 576-589.

 

 

Advertisements

Sybil Attacks: Sybil Guard or puzzles?

untitled

Sybil Guard is a decentralized system that ‘limits the corruptive influence of Sybil attacks’ (Yu et al., 2008) and determines potential attackers by using a graph system. This innovative system will ensure the verification of Sybil attacks by differentiating links in the graph, between Sybil nodes and human established connections known as honest nodes. In the world of social networking, Sybil Guard works efficiently. Subsequently, this mechanism is comprised with characteristics that will maintain security and trust in online social networking sites by identifying honest and malicious activity among users and networks. These characteristics will include the dissemination of attack edges that are vital to interpret malicious behaviour.

Another algorithm that is proposed is the conception of installing ‘computational puzzles to be solved prior to granting new identities’ (Cordeiro, Santos, Mauch, Barcelos, & Gaspary, 2012). Even though this approach will minimize attackers and the stealth of identities, there is a crucial disadvantage to this protocol. By assigning these puzzles that are targeted to confront sybil activity, honest users are coupled with this intractable task. In defense to this slight flaw, experts recommend higher, more complex puzzles to attackers while genuine users will be conformed to easier puzzles. As a result, by establishing these puzzles, the number of sybil attacks is brought to a minimum without ‘compromising the intrinsic characteristics of P2P networks’ (Cordeiro et al., 2012). In contrast to previous undertaken experiments, this mechanism will possess an ‘adaptive’ puzzle mechanism for identity administration and legitimization. Part 3: Nodes & Attack Edges.

References:

Yu, H., Kaminsky, M., Gibbons, P. B., & Flaxman A.D. (2008). SybilGuard: Defending against sybil attacks via social networks. IEEE/ACM Transactions on Networking, 16(3), 576-589.

Cordeiro, W. L. D., Santos, F. R., Mauch, G. H., Barcelos, M. P., & Gaspary, L. P. (2012). Identity management based on adaptive puzzles to protect P2P systems. Computer Networks, 56(11), 2569-2589.

Sybil Attacks

Social networks take over the world

Recent statistics reveal that over ‘1 billion users are connected through online social networks’ (Chbeir, 2013, n. p.), which is indeed, a staggering figure that calls for our attention. Social networks are exceeding our expectations in the ways we connect, communicate and understand the computerized world of today. However, as the numbers get higher, so should our awareness and understanding increase for the vulnerabilities and threats such networks pose given our excessive interchange of data and identities.

Sybil Attacks                ‘A hidden connection is stronger than an obvious one.’ – Heraclitus

All distributional systems, including social networks, are sensitive to Sybil attacks, which are otherwise known as clone attacks in computer science. The most evident intrusion of counterfeit profiles is seen in social networking sites, where users unintentionally consign their data and ‘identities’ to unknown systems or to possible ‘attackers’ in this case. A Sybil attack is the corruptive act of stealing and manipulating identities in the spheres of networking systems. The attack is established when a ‘malicious user takes on multiple identities and pretends to be multiple, distinct nodes in the system’ (Yu, Kaminsky, Gibbons, & Flaxman, 2008).

Source: Social Media apps [Digital Image], 2013.

Source: Social Media apps [Digital Image], 2013.

There are two main types of systems that are targeted: systems with a trusted authority, which are more reliable, and decentralized systems that are more vulnerable to Sybil attacks. The attackers are less likely to enter trusted systems given the requirement of various security codes and in advance payments. However, there is a certain drawback with the user’s probable refusal to provide the system with confidential and private information. On the other hand, experts are more focused on identifying specific approaches and strategies to accommodate users and prevent Sybil attacks in decentralized systems. As a result, experts and researchers have proposed the inauguration of IP addresses and their close link to an identity. Nonetheless, this strategy proves to be short-term and an ineffective solution given that ‘malicious users can easily harvest IP addresses’ (Yu et al., 2008). As an alternative to these two major systems, experts introduce Sybil Guard, a new defence scheme. In addition, another solution is seen in the problem-solving stratagem to protect identities and systems which will nevertheless prove challenging, both to users and experts alike. Part 2: Sybil Guard or Puzzles?

References:

Yu, H., Kaminsky, M., Gibbons, P. B., & Flaxman A.D. (2008). SybilGuard: Defending against sybil attacks via social networks. IEEE/ACM Transactions on Networking, 16(3), 576-589.

Chbeir, R. (2013). Security and privacy preserving in social networks. Dordrecht, Netherlands: Springer.