By John R Douceur Presented by Samuel Petreski March 31 2009 Terminology Background Motivation for Sybil Attack Formal Model Lemmas Conclusion Resources Outline Entity An entity is a collection ID: 488166
Download Presentation The PPT/PDF document "The Sybil Attack" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
The Sybil Attack
By John R. Douceur
Presented by Samuel Petreski
March 31, 2009Slide2
Terminology
BackgroundMotivation for Sybil AttackFormal Model
Lemmas
ConclusionResources
OutlineSlide3
Entity
An entity is a collection of material resources
, of specifiable minimal
size, under control of a single group
Identity
Persistent information abstraction provably associated with a set of communication eventsValidationDetermination of identity differences
TerminologySlide4
Existence
of multiple unique identities to mitigate possible damage by other hostile entitiesIncrease and improve system reliability (replication)
P
rotect against integrity violations (data loss) and privacy violations (data leakage)
Lowers system reliability
The same entity creates multiple identities
BackgroundSlide5
One entity presents multiple identities for malicious
intentDisrupt geographic and multi-path routing protocols by “being in more than one place at once” and reducing
diversity
Relevant in many contextsP2P network
Ad hoc networks
Wireless sensor networksMotivation for Sybil AttackSlide6
A set of infrastructural entities e
A broadcast communication cloudA pipe connecting each entity to the cloud
Entity Subset C ( correct )
Entity Subset F ( faulty )Links are virtual, not physicalAccounts for spoofing and packet sniffing
Does not provide for central means of ID
Formal ModelSlide7
Formal ModelSlide8
Lemma 1
“If p is the ratio of the resources of a faulty entity to the resources of a minimally capable entity, then f can present g=floor(p) distinct identities to local entity L”Lower bound ->Upper bound
Restricting communication resources
Restricting storage resourcesRestricting computation resources
Lemmas (Direct Validation)Slide9
Lemma 2
“If a local entity L accepts entities that are not validated simultaneously, then a single faulty entity f can present an arbitrarily large number of distinct identities to entity L”Intrinsically temporal resources, make this lemma insurmountable
If an accepted entity ever fails to meet a challenge, we can catch a Sybil
attack
Lemmas (Direct Validation)Slide10
Lemma 3
“If local entity L accepts any identity vouched for by q accepted identities, then a set F of faulty entities can present an arbitrarily large number of distinct to L if either |F|>=q, or the collective resources available to F at least equals q+|F| minimally capable entities”
Trivially evident
Lemmas (Indirect Validation)Slide11
Lemma 4
“If the correct entities in set C do not coordinate time intervals during which they accept identities, and if local entity L accepts any identity vouched for by q accepted identities, then even a minimally capable faulty entity f can present g=floor(|C|/q) distinct identities to L.”
As in Lemma 1, this shows that a faulty entity can amplify its influence, and related number of faulty entities to faulty identities.
Lemmas (Indirect Validation)Slide12
P2P systems use redundancy to diminish dependence on hostile peers
Systems relying on implicit certification are particularly vulnerable ( eg. IPv6 )Absence of identification authority requires issuance of ‘challenges’ to determine veracity
ConclusionSlide13
QuestionsSlide14
John Douceur: The Sybil Attack. IPTPS 2003.
http://www.cs.rice.edu/Conferences/IPTPS02/101.pdf
http://ww2.cs.fsu.edu/~
jiangyhu/sybil-attack.pptBrian N. Levin: A Survey of Solutions to the Sybil
Attack.
http://prisms.cs.umass.edu/brian/pubs/levine.sybil.tr.2006.pdfWikipedia: Sybil Attack. http
://
en.wikipedia.org/wiki/Sybil_attack
Resources