an analysis of social network based sybil defenses
play

An analysis of Social Network-based Sybil defenses Bimal Viswanath - PowerPoint PPT Presentation

Mar 26, 2023 •111 likes •519 views

An analysis of Social Network-based Sybil defenses Bimal Viswanath Ansley Post Krishna Gummadi Alan Mislove MPI-SWS Northeastern University SIGCOMM 2010 1 Sybil attack Fundamental problem in distributed systems Attacker

  1. An analysis of Social Network-based Sybil defenses Bimal Viswanath § Ansley Post § Krishna Gummadi § Alan Mislove ¶ § MPI-SWS ¶ Northeastern University SIGCOMM 2010 1

  2. Sybil attack Fundamental problem in distributed systems Attacker creates many fake identities (Sybils) Used to manipulate the system Many online services vulnerable Webmail, social networks, p2p Several observed instances of Sybil attacks Ex. Content voting tampered on YouTube, Digg 2

  3. Sybil attack Fundamental problem in distributed systems Attacker creates many fake identities (Sybils) Used to manipulate the system Many online services vulnerable Webmail, social networks, p2p Several observed instances of Sybil attacks Ex. Content voting tampered on YouTube, Digg 2

  4. Sybil defense approaches Tie identities to resources that are hard to forge or obtain RESOURCE 1 Certification from trusted authorities Ex. Passport, social security numbers Users tend to resist such techniques RESOURCE 2 Resource challenges (e.g., cryptopuzzles) Vulnerable to attackers with significant resources Ex. Botnets, renting cloud computing resources RESOURCE 3 Links in a social network? 3

  5. New approach: Use social networks Assumption: Links to good users hard to form and maintain Users mostly link to others they recognize Attacker can only create limited links to non-Sybil users 4

  6. New approach: Use social networks Assumption: Links to good users hard to form and maintain Users mostly link to others they recognize Attacker can only create limited links to non-Sybil users Leverage the topological feature introduced by sparse set of links 4

  7. Social network-based schemes 5

  8. Social network-based schemes Very active area of research Many schemes proposed over past five years Examples: SybilGuard [SIGCOMM’06] 5

  9. Social network-based schemes Very active area of research Many schemes proposed over past five years Examples: SybilGuard [SIGCOMM’06] SybilLimit [Oakland S&P ’08] 5

  10. Social network-based schemes Very active area of research Many schemes proposed over past five years Examples: SybilGuard [SIGCOMM’06] SybilLimit [Oakland S&P ’08] SybilInfer [NDSS’08] 5

  11. Social network-based schemes Very active area of research Many schemes proposed over past five years Examples: SybilGuard [SIGCOMM’06] SybilLimit [Oakland S&P ’08] SybilInfer [NDSS’08] SumUp [NSDI’09] 5

  12. Social network-based schemes Very active area of research Many schemes proposed over past five years Examples: SybilGuard [SIGCOMM’06] SybilLimit [Oakland S&P ’08] SybilInfer [NDSS’08] SumUp [NSDI’09] Whanau [NSDI’10] 5

  13. Social network-based schemes Very active area of research Many schemes proposed over past five years Examples: SybilGuard [SIGCOMM’06] SybilLimit [Oakland S&P ’08] SybilInfer [NDSS’08] SumUp [NSDI’09] Whanau [NSDI’10] MOBID [INFOCOM’10] 5

  14. But, many unanswered questions All schemes make same assumptions Use only social network But, schemes work using di fg erent mechanisms Unclear relationship between schemes Is there a common insight across the schemes? Is there a common structural property these schemes rely on? Understanding relationship would help How well would these schemes work in practice? Are there any fundamental limitations of Sybil defense? 6

  15. This talk Propose a methodology for comparing schemes Allows us to take closer look at how schemes are related Finding: All schemes work in a similar manner Despite di fg erent mechanisms Implications: Hidden dependence on network structure Understand the limitations of these schemes 7

  16. How to compare schemes? Straightforward approach is to implement and compare Treat like a black-box But, only gives one point evaluation Output dependent on scheme-specific parameters We want to understand HOW schemes choose Sybils Interested in underlying graph algorithm Thus, we had to open up the black-box We analyze SybilGuard, SybilLimit, SumUp and SybilInfer 8

  17. How do schemes work internally? Take in a social network and trusted node Declare Sybils from perspective of trusted node Internally, schemes assign probability to nodes Likelihood of being a Sybil Leverage this to compare schemes? View schemes as inducing ranking on nodes Easier to compare rankings than full schemes 9

  18. How do schemes work internally? Take in a social network and trusted node Declare Sybils from perspective of trusted node Internally, schemes assign probability to nodes Likelihood of being a Sybil Leverage this to compare schemes? View schemes as inducing ranking on nodes Easier to compare rankings than full schemes 9

  19. How do schemes work internally? Take in a social network and trusted node Declare Sybils from perspective of trusted node Internally, schemes assign probability to nodes Likelihood of being a Sybil Leverage this to compare schemes? View schemes as inducing ranking on nodes Easier to compare rankings than full schemes 9

  20. How do the rankings compare? 10

  21. How do the rankings compare? Cut-off All schemes observed to have distinct cut-o fg point What is going on at this cut-o fg point? 10

  22. Where do the rankings match? The cut-o fg point at the boundary of the local community Around the trusted node Community well-defined in paper Roughly, set of nodes more tightly knit than surrounding graph 11

  23. Investigating the cut-o fg point (higher is better) similarity Partition (lower is better) Community Strength Peak in similarly corresponds to boundary of local community Details, more results in paper 12

  24. Common insight across schemes All schemes are e fg ectively detecting communities Nodes in the local community are ranked higher Ranking within and outside community in no particular order 13

  25. Implications

  26. Leveraging community detection Community detection is a well-studied topic Wealth of algorithms available Can leverage existing work on community detection To design new approaches to detect Sybils Also, better understand the limitations 15

  27. What are the limitations? Recall, schemes e fg ectively finding local communities Suggests dependence on graph structural properties Size, location, characteristics of local community Explore two implications: IMPLICATION 1 Are certain network structures more vulnerable? IMPLICATION 2 What happens if the attacker knows this? Are more intelligent attacks possible? 16

  28. Certain network structures vulnerable? Increasing community structure of honest region 17

  29. Certain network structures vulnerable? Increasing community structure of honest region 17

  30. Certain network structures vulnerable? Increasing community structure of honest region Hypothesis: Community structure makes identifying Sybils harder 17

  31. Testing community structure hypothesis Selected eight real-world networks Online social networks: Facebook (2) Collaboration networks: Advogato, Wikipedia, co-authorship Communication networks: Email Simulated attack by consistently adding Sybils Similar strength attacker, despite di fg erent network sizes 5% attack links, 25% Sybil nodes Measure accuracy using ranking Accuracy: Probability Sybils ranked lower than non-Sybils Fair comparison across schemes, networks 18

  32. Impact of community structure? (higher is better) Accuracy Amount of community structure (modularity) (higher is more community structure) More community structure makes Sybils indistinguishable 19

  33. Can attacker exploit this dependence? Attacker’s goal is to be higher up in the rankings Increases likelihood of being “accepted” Existing Sybil schemes tested with “random” attackers Links placed to random non-Sybils What happens if attacker given slightly more power? 20

  34. Changing attacker strength Links placed closer to trusted node 21

  35. Changing attacker strength Links placed closer to trusted node Hypothesis: Closer links makes Sybils harder to detect 21

  36. Testing strong attacker hypothesis Simulated attack by consistently adding Sybils Same strength as before Allow attacker more flexibility in link placement Place links randomly among top N nodes; vary N Lower N represents more control Present results on the Facebook network Tested other networks as well What happens as Sybils given more control? 22

  37. Impact of targeted links? (higher is better) Accuracy Control over link placement (higher is more control over placement) Attack becomes much more e fg ective Sybils ranked higher than non-Sybils (accuracy << 0.5) 23

  38. Summary Many social network-based Sybil defense schemes proposed All use very di fg erent mechanisms Hard to understand relationship, fundamental insight Are they doing the same thing? Developed methodology to compare schemes Found they are all detecting local communities Significant implications of this finding Can leverage community detection for Sybil defense Certain networks more di ffj cult to defend Attacker can exploit this to spend e fg ort more wisely 24

  39. Moving forward Is social network-based Sybil defense always practical? Certain real networks have significant communities Could be still useful for white-listing small number of nodes Is more information beyond graph structure helpful? More information about Sybil/non-Sybil nodes is useful Other information from higher layers eg. interaction 25

  40. Questions? Thank You!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via Social Networks via Social Networks Intel Research Pittsburgh / CMU Haifeng Yu National University of Singapore Michael Kaminsky Intel Research

501 views • 22 slides
Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar &amp; Dirk

Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar &amp; Dirk

Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar &amp; Dirk Gaastra Supervisor: Vincent Van Mieghem, Deloitte 3 July, 2018 MSc Security and Network Engineering University of Amsterdam Introduction I2P -

720 views • 37 slides
SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng

SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng

SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky ,Phillip B. Gibbons, and Abraham Flaxman. Page 1 of 16 In procedings of the 2006 conference on Applications, technolo- gies,

318 views • 16 slides
Network Structure Grant Schoenebeck, Aaron Snook, Fang-Yi Yu Sybil Attack An attack to

Network Structure Grant Schoenebeck, Aaron Snook, Fang-Yi Yu Sybil Attack An attack to

Sybil Detection Using Latent Network Structure Grant Schoenebeck, Aaron Snook, Fang-Yi Yu Sybil Attack An attack to compromise a recommendation systems by forging identities. Recommendation System How is that restaurant? Bad Good Good

880 views • 29 slides
Social Network Analysis By: Danny Cohen What is Social Network Analysis (SNA)?

Social Network Analysis By: Danny Cohen What is Social Network Analysis (SNA)?

Social Network Analysis By: Danny Cohen What is Social Network Analysis (SNA)? Mapping/measuring of relationships between people, groups, etc. Depicts people or things as nodes in a network Links between nodes are the relationships or

311 views • 9 slides
analysis of a real online social network using semantic web frameworks Guillaume Erto,

analysis of a real online social network using semantic web frameworks Guillaume Erto,

analysis of a real online social network using semantic web frameworks Guillaume Erto, Michel Buffa, Fabien Gandon, Olivier Corby social media landscape social web amplifies social network effects overwhelming flow of social data social

322 views • 31 slides
Fast and Accurate Memristor- Based Algorithms for Social Network Analysis Sucheta Soundarajan

Fast and Accurate Memristor- Based Algorithms for Social Network Analysis Sucheta Soundarajan

Fast and Accurate Memristor- Based Algorithms for Social Network Analysis Sucheta Soundarajan Yanzhi Wang Overview of Memristors Invented by HP Labs in 2008 Resistance changes if voltage greater than V thresh is applied

452 views • 11 slides
SoK: The Evolution of Sybil Defense via Social Networks Alessandro Epasto 1 joint work with L.

SoK: The Evolution of Sybil Defense via Social Networks Alessandro Epasto 1 joint work with L.

IEEE Symposium on Security &amp; Privacy SAN FRANCISCO 21 ST MAY 2013 SoK: The Evolution of Sybil Defense via Social Networks Alessandro Epasto 1 joint work with L. Alvisi 2 , A. Clement 3 , S. Lattanzi 4 , A. Panconesi 1 Sapienza U.

855 views • 41 slides
SOIAL PROJECT NETWORK DETAILS CONCEPTS ASSOCIATION ANALYSIS Social network parameters

SOIAL PROJECT NETWORK DETAILS CONCEPTS ASSOCIATION ANALYSIS Social network parameters

SOIAL PROJECT NETWORK DETAILS CONCEPTS ASSOCIATION ANALYSIS Social network parameters SOCIAL NETWORKS A feedback network is one where active nodes or agents send tokens or communications through their network to help locate potential

220 views • 21 slides
Contents Graph and Social Network Analysis Graph Construction Graph Visualization Graph Query

Contents Graph and Social Network Analysis Graph Construction Graph Visualization Graph Query

Social Network Analysis with R Yanchang Zhao http://www.RDataMining.com R and Data Mining Course Beijing University of Posts and Telecommunications, Beijing, China July 2019 Chapter 11: Social Network Analysis, in R and Data Mining:

606 views • 37 slides
A proposal for an integrated approach between sentiment analysis and social network analysis

A proposal for an integrated approach between sentiment analysis and social network analysis

A proposal for an integrated approach between sentiment analysis and social network analysis Domenico De Stefano 1 and Francesco Santelli 1 1 Department of Political and Social Sciences, University of Trieste ddestefano@units.it

443 views • 21 slides
Applications of interest Computational biology Social network analysis Urban

Applications of interest Computational biology Social network analysis Urban

Coordinating More Than 3 Million CUDA Threads for Social Network Analysis Adam McLaughlin Applications of interest Computational biology Social network analysis Urban planning Epidemiology Hardware verification GTC 2015 2

730 views • 43 slides
On Network formation, (Sybil attacks and Reputation systems) (Position Paper) George Danezis and

On Network formation, (Sybil attacks and Reputation systems) (Position Paper) George Danezis and

On Network formation, (Sybil attacks and Reputation systems) (Position Paper) George Danezis and Stefan Schiffner December 26, 2006 Abstract We propose a model of network formation in peer-to-peer networks, that allows us to observe their

325 views • 7 slides
Social network analysis (SNA) in animal health Caryl Lockhart, DMV, Msc , Phd. Veterinary

Social network analysis (SNA) in animal health Caryl Lockhart, DMV, Msc , Phd. Veterinary

Social network analysis (SNA) in animal health Caryl Lockhart, DMV, Msc , Phd. Veterinary Epidemiologist, GLEWS-AGAH, FAO-Rome, Italy Social network analysis - Kansas state University, Manhattan, Kansas, 11 May 2016 Outline What are

458 views • 42 slides
Characterizing naval team readiness through social network analysis Jan Maarten Schraagen &amp;

Characterizing naval team readiness through social network analysis Jan Maarten Schraagen &amp;

Characterizing naval team readiness through social network analysis Jan Maarten Schraagen &amp; Wilfried Post Overview Team performance measurement Social network analysis Case study in naval teamwork Conclusions, lessons learned and

302 views • 16 slides
Cliques &amp; communities Network Analysis in Python I Cliques Social cliques:

Cliques &amp; communities Network Analysis in Python I Cliques Social cliques:

NETWORK ANALYSIS IN PYTHON I Cliques &amp; communities Network Analysis in Python I Cliques Social cliques: tightly-knit groups Network cliques: completely connected graphs Network Analysis in Python I Cliques Simplest

244 views • 20 slides
Forwarding-Loop Attacks in Content Delivery Networks Jianjun Chen , Jian Jiang, Xiaofeng Zheng,

Forwarding-Loop Attacks in Content Delivery Networks Jianjun Chen , Jian Jiang, Xiaofeng Zheng,

Forwarding-Loop Attacks in Content Delivery Networks Jianjun Chen , Jian Jiang, Xiaofeng Zheng, Haixin Duan, Jinjin Liang, Kang Li, Tao Wan, Vern Paxson 1 Content Delivery Networks CDN is now an important Internet infrastructure, it is a

381 views • 22 slides
Jonathan Sacks Executive Director Wayne County Criminal Advocacy Program September 2015

Jonathan Sacks Executive Director Wayne County Criminal Advocacy Program September 2015

Jonathan Sacks Executive Director Wayne County Criminal Advocacy Program September 2015 Background Counties Studied: Alpena, Bay, Chippewa, Grand Traverse, Jackson, Marquette, Oakland, Ottawa, Shiawassee and Wayne In the year-long study of

406 views • 40 slides
CSC 4992 Cyber Security Prac1ce Fengwei Zhang Wayne State University CSC 4992 Cyber Security

CSC 4992 Cyber Security Prac1ce Fengwei Zhang Wayne State University CSC 4992 Cyber Security

CSC 4992 Cyber Security Prac1ce Fengwei Zhang Wayne State University CSC 4992 Cyber Security Prac1ce 1 Who Am I? Fengwei Zhang Assistant Professor of Computer Science Office: Maccabees Building, Room 14109.3 Emai: fengwei at

616 views • 19 slides
Botnets, Collective Defense, and Project MARS Jeff Williams Principal Group Program Manager

Botnets, Collective Defense, and Project MARS Jeff Williams Principal Group Program Manager

Botnets, Collective Defense, and Project MARS Jeff Williams Principal Group Program Manager Microsoft Malware Protection Center The Basics A Picture of Health? Location 1Q2010 2Q10 3Q10 4Q10 Delta 4.2% United States 11,025,811

468 views • 31 slides
Network #5: Denial of Service and Firewalls (Most Slides stolen from Dave Wagner) 1

Network #5: Denial of Service and Firewalls (Most Slides stolen from Dave Wagner) 1

Computer Science 161 Fall 2016 Popa and Weaver Network #5: Denial of Service and Firewalls (Most Slides stolen from Dave Wagner) 1 Theme of This Lecture: Why Twitter &amp; Reddit Sucked Last Week Computer Science 161 Fall 2016

597 views • 46 slides
ROP is S(ll Dangerous: Breaking Modern Defenses David Wagner

ROP is S(ll Dangerous: Breaking Modern Defenses David Wagner

ROP is S(ll Dangerous: Breaking Modern Defenses David Wagner Nicholas Carlini Return Oriented Programming Basic ROP Mo(va(ons DEP Data

712 views • 11 slides
CSCI 8260 Spring 2016 Computer Network Attacks and Defenses Syllabus Prof. Roberto Perdisci

CSCI 8260 Spring 2016 Computer Network Attacks and Defenses Syllabus Prof. Roberto Perdisci

CSCI 8260 Spring 2016 Computer Network Attacks and Defenses Syllabus Prof. Roberto Perdisci perdisci@cs.uga.edu Who is this course for? l Open to graduate students only l Students who complete this course successfully will receive

492 views • 20 slides
Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc

Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc

Website Fingerprinting Defenses at the Application Layer Giovanni Cherubin 1 Jamie Hayes 2 Marc Juarez 3 1 Royal Holloway University of London 2 University College London 3 imec-COSIC KU Leuven 19th July 2017, PETS17, Minneapolis, MN, USA

735 views • 17 slides

More recommend