Sybil attack - Wikipedia





	
	

	
	

	Sybil attack

	
		From Wikipedia, the free encyclopedia

		

		

		
		

		Jump to navigation
		Jump to search
		Attack done by multiple fake identities

In a Sybil attack, the attacker subverts the reputation system of a network service by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder.[1]  The name was suggested in or before 2002 by Brian Zill at Microsoft Research.[2] The term pseudospoofing had previously been coined by L. Detweiler on the Cypherpunks mailing list and used in the literature on peer-to-peer systems for the same class of attacks prior to 2002, but this term did not gain as much influence as "Sybil attack".[3]  Sybil attacks are also called sock puppetry.


Contents


	1 Description
	2 Example
	3 Prevention
	3.1 Identity validation
	3.2 Social trust graphs
	3.3 Economic costs
	3.4 Personhood validation
	3.5 Application-specific defenses



	4 See also
	5 References
	6 External links





Description[edit]

The Sybil attack in computer security is an attack wherein a reputation system is subverted by creating multiple identities.[4] A reputation system's vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity, and whether the reputation system treats all entities identically. As of 2012[update], evidence showed that large-scale Sybil attacks could be carried out in a very cheap and efficient way in extant realistic systems such as BitTorrent Mainline DHT.[5][6]

An entity on a peer-to-peer network is a piece of software which has access to local resources. An entity advertises itself on the peer-to-peer network by presenting an identity. More than one identity can correspond to a single entity. In other words, the mapping of identities to entities is many to one. Entities in peer-to-peer networks use multiple identities for purposes of redundancy, resource sharing, reliability and integrity. In peer-to-peer networks, the identity is used as an abstraction so that a remote entity can be aware of identities without necessarily knowing the correspondence of identities to local entities. By default, each distinct identity is usually assumed to correspond to a distinct local entity. In reality, many identities may correspond to the same local entity.

An adversary may present multiple identities to a peer-to-peer network in order to appear and function as multiple distinct nodes. The adversary may thus be able to acquire a disproportionate level of control over the network, such as by affecting voting outcomes.

In the context of (human) online communities, such multiple identities are sometimes known as sockpuppets.


Example[edit]

A notable Sybil attack (in conjunction with a traffic confirmation attack) was launched against the Tor anonymity network for several months in 2014 by unknown perpetrators.[7][8]


Prevention[edit]

Known approaches to Sybil attack prevention include identity validation, social trust graph algorithms, or economic costs, personhood validation, and application-specific defenses.


Identity validation[edit]

Validation techniques can be used to prevent Sybil attacks and dismiss masquerading hostile entities. A local entity may accept a remote identity based on a central authority which ensures a one-to-one correspondence between an identity and an entity and may even provide a reverse lookup. An identity may be validated either directly or indirectly. In direct validation the local entity queries the central authority to validate the remote identities. In indirect validation the local entity relies on already-accepted identities which in turn vouch for the validity of the remote identity in question.

Practical network applications and services often use a variety of identity proxies to achieve limited Sybil attack resistance, such as telephone number verification, credit card verification, or even based on the IP address of a client.  These methods have the limitations that it is usually possible to obtain multiple such identity proxies at some cost—or even to obtain many at low cost through techniques such as SMS spoofing or IP address spoofing.  Use of such identity proxies can also exclude those without ready access to the required identity proxy: e.g., those without their own mobile phone or credit card, or users located behind carrier-grade network address translation who share their IP addresses with many others.

Identity-based validation techniques generally provide accountability at the expense of anonymity, which can be an undesirable tradeoff especially in online forums that wish to permit censorship-free information exchange and open discussion of sensitive topics.  A validation authority can attempt to preserve users' anonymity by refusing to perform reverse lookups, but this approach makes the validation authority a prime target for attack.  Protocols using threshold cryptography can potentially distribute the role of such a validation authority among multiple servers, protecting users' anonymity even if one or a limited number of validation servers is compromised.[9]


Social trust graphs[edit]

Sybil prevention techniques based on the connectivity characteristics of social graphs can also limit the extent of damage that can be caused by a given Sybil attacker while preserving anonymity.  Examples of such prevention techniques include SybilGuard,[10] SybilLimit,[11] the Advogato Trust Metric,[12] and the sparsity based metric to identify Sybil clusters in a distributed P2P based reputation system.[13]

These techniques cannot prevent Sybil attacks entirely, and may be vulnerable to widespread small-scale Sybil attacks.  In addition, it is not clear whether real-world online social networks will satisfy the trust or connectivity assumptions that these algorithms assume.[14]


Economic costs[edit]

Alternatively, imposing economic costs as artificial barriers to entry may be used to make Sybil attacks more expensive.  Proof of work, for example, requires a user to prove that they expended a certain amount of computational effort to solve a cryptographic puzzle.  In Bitcoin and related permissionless cryptocurrencies, miners compete to append blocks to a blockchain and earn rewards roughly in proportion to the amount of computational effort they invest in a given time period. Investments in other resources such as storage or stake in existing cryptocurrency may similarly be used to impose economic costs.


Personhood validation[edit]

As an alternative to identity verification that attempts to maintain a strict "one-per-person" allocation rule, a validation authority can use some mechanism other than knowledge of a user's real identity - such as verification of an unidentified person's physical presence at a particular place and time as in a pseudonym party[15] - to enforce a one-to-one correspondence between online identities and real-world users.  Such proof of personhood approaches have been proposed as a basis for permissionless blockchains and cryptocurrencies in which each human participant would wield exactly one vote in consensus.[16][17]  A variety of approaches to proof of personhood have been proposed, some with deployed implementations, although many usability and security issues remain.[18]


Application-specific defenses[edit]

A number of distributed protocols have been designed with Sybil attack protection in mind.  SumUp[19] and DSybil[20] are Sybil-resistant algorithms for online content recommendation and voting.  Whānau is a Sybil-resistant distributed hash table algorithm.[21]
I2P's implementation of Kademlia also has provisions to mitigate Sybil attacks.[22]


See also[edit]

	Astroturfing
	Ballot stuffing
	Social bot
	Sockpuppetry


References[edit]


	^ Lynn Neary (20 October 2011). Real 'Sybil' Admits Multiple Personalities Were Fake. NPR. Retrieved 8 February 2017.

	^ Douceur, John R (2002). "The Sybil Attack". Peer-to-Peer Systems. Lecture Notes in Computer Science. 2429. pp. 251–60. doi:10.1007/3-540-45748-8_24. ISBN 978-3-540-44179-3.

	^ 
Oram, Andrew. Peer-to-peer: harnessing the benefits of a disruptive technology.

	^ 
Trifa, Zied; Khemakhem, Maher (2014). "Sybil Nodes as a Mitigation Strategy Against Sybil Attack". Procedia Computer Science. 32: 1135–40. doi:10.1016/j.procs.2014.05.544.

	^ 
Wang, Liang; Kangasharju, Jussi (2012). "Real-world sybil attacks in BitTorrent mainline DHT". 2012 IEEE Global Communications Conference (GLOBECOM). pp. 826–32. doi:10.1109/GLOCOM.2012.6503215. ISBN 978-1-4673-0921-9.

	^ 
Wang, Liang; Kangasharju, Jussi (2013). "Measuring large-scale distributed systems: case of BitTorrent Mainline DHT". IEEE P2P 2013 Proceedings. pp. 1–10. doi:10.1109/P2P.2013.6688697. ISBN 978-1-4799-0515-7.

	^ (30 July 2014). Tor security advisory: "relay early" traffic confirmation attack.

	^ Dan Goodin (31 July 2014). Active attack on Tor network tried to decloak users for five months.

	^ 
John Maheswaran, Daniel Jackowitz, Ennan Zhai, David Isaac Wolinsky, and Bryan Ford (9 March 2016). Building Privacy-Preserving Cryptographic Credentials from Federated Online Identities (PDF). 6th ACM Conference on Data and Application Security and Privacy (CODASPY).CS1 maint: uses authors parameter (link)

	^ 
Yu, Haifeng; Kaminsky, Michael; Gibbons, Phillip B; Flaxman, Abraham (2006). SybilGuard: defending against sybil attacks via social networks. 2006 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '06. pp. 267–78. doi:10.1145/1159913.1159945. ISBN 978-1-59593-308-9.

	^ 
SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks. IEEE Symposium on Security and Privacy. 19 May 2008.

	^ 
O'Whielacronx, Zooko. "Levien's attack-resistant trust metric". <p2p-hackers at lists.zooko.com>. gmane.org. Retrieved 10 February 2012. CS1 maint: discouraged parameter (link)

	^ 
Kurve, Aditya; Kesidis, George (2011). "Sybil Detection via Distributed Sparse Cut Monitoring". 2011 IEEE International Conference on Communications (ICC). pp. 1–6. doi:10.1109/icc.2011.5963402. ISBN 978-1-61284-232-5.

	^ 
Bimal Viswanath, Ansley  Post, Krishna Phani Gummadi, and Alan E Mislove (August 2010). "An analysis of social network-based Sybil defenses". ACM SIGCOMM Computer Communication Review. doi:10.1145/1851275.1851226.CS1 maint: uses authors parameter (link)

	^ 
Ford, Bryan; Strauss, Jacob (1 April 2008). An Offline Foundation for Online Accountable Pseudonyms. 1st Workshop on Social Network Systems - SocialNets '08. pp. 31–6. doi:10.1145/1435497.1435503. ISBN 978-1-60558-124-8.

	^ 
Maria Borge, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Bryan Ford (29 April 2017). Proof-of-Personhood: Redemocratizing Permissionless Cryptocurrencies. IEEE Security & Privacy on the Blockchain (IEEE S&B).CS1 maint: uses authors parameter (link)

	^ 
Ford, Bryan (December 2020). "Technologizing Democracy or Democratizing Technology? A Layered-Architecture Perspective on Potentials and Challenges".  In Lucy Bernholz; Hélène Landemore; Rob Reich (eds.). Digital Technology and Democratic Theory. University of Chicago Press. ISBN 9780226748573.

	^ 
Divya Siddarth, Sergey Ivliev, Santiago Siri, Paula Berman (13 October 2020). "Who Watches the Watchmen? A Review of Subjective Approaches for Sybil-resistance in Proof of Personhood Protocols". arXiv:2008.05300.CS1 maint: uses authors parameter (link)

	^ 
Nguyen Tran, Bonan Min, Jinyang Li, and Lakshminarayanan Subramanian (22 April 2009). Sybil-Resilient Online Content Voting (PDF). NSDI ’09: 6th USENIX Symposium on Networked Systems Design and Implementation.CS1 maint: uses authors parameter (link)

	^ 
Haifeng Yu, Chenwei Shi, Michael Kaminsky, Phillip B. Gibbons, and Feng Xiao (19 May 2009). DSybil: Optimal Sybil-Resistance for Recommendation Systems. 30th IEEE Symposium on Security and Privacy.CS1 maint: uses authors parameter (link)

	^ 
Chris Lesniewski-Laas and M. Frans Kaashoek (28 April 2010). Whānau: A Sybil-proof Distributed Hash Table (PDF). 7th USENIX Symposium on Network Systems Design and Implementation (NSDI).CS1 maint: uses authors parameter (link)

	^ 
"The Network Database - I2P".




External links[edit]

	
Querci, Daniele; Hailes, Stephen (2010). "Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue". 2010 Proceedings IEEE INFOCOM. pp. 1–5. CiteSeerX 10.1.1.360.8730. doi:10.1109/INFCOM.2010.5462218. ISBN 978-1-4244-5836-3.
	
Bazzi, Rida A; Konjevod, Goran (2006). "On the establishment of distinct identities in overlay networks". Distributed Computing. 19 (4): 267–87. doi:10.1007/s00446-006-0012-y.
	
Lesniewski-Laas, Chris (2008). "A Sybil-proof one-hop DHT". Proceedings of the 1st workshop on Social network systems - SocialNets '08. pp. 19–24. doi:10.1145/1435497.1435501. ISBN 978-1-60558-124-8.
	
Newsome, James; Shi, Elaine; Song, Dawn; Perrig, Adrian (2004). "The sybil attack in sensor networks". Proceedings of the third international symposium on Information processing in sensor networks - IPSN'04. pp. 259–68. doi:10.1145/984622.984660. ISBN 978-1581138467.
	A Survey of Solutions to the Sybil Attack
	On Network formation: Sybil attacks and Reputation systems
	
Seigneur, Jean-Marc; Gray, Alan; Jensen, Christian Damsgaard (2005). "Trust Transfer: Encouraging Self-recommendations Without Sybil Attack". Trust Management. Lecture Notes in Computer Science. 3477. pp. 321–37. CiteSeerX 10.1.1.391.5003. doi:10.1007/11429760_22. ISBN 978-3-540-26042-4.
	A Survey of DHT Security Techniques by Guido Urdaneta, Guillaume Pierre and Maarten van Steen. ACM Computing surveys, 2009.
	An experiment on the weakness of reputation algorithms used in professional social networks: the case of Naymz by Marco Lazzari. Proceedings of the IADIS International Conference e-Society 2010.












Retrieved from "https://en.wikipedia.org/w/index.php?title=Sybil_attack&oldid=1000481849"


		Categories: 	Computer network security
	Reputation management


Hidden categories: 	CS1 maint: uses authors parameter
	CS1 maint: discouraged parameter
	Articles with short description
	Short description matches Wikidata
	Articles containing potentially dated statements from 2012
	All articles containing potentially dated statements
	Use dmy dates from April 2011




	




	





	Navigation menu

	
		

	
		Personal tools
	

	
			Not logged in
	Talk
	Contributions
	Create account
	Log in


		
	



		
			

	
		Namespaces
	

	
			Article
	Talk


		
	



			

	
	
		Variants
	

	
		

		
	



		

		
			

	
		Views
	

	
			Read
	Edit
	View history


		
	



			

	
	
		More
	

	
		

		
	



			
	
		Search
	

	
		
			
			
			
			
		

	




		

	

	

	
		
	

	

	
		Navigation
	

	
			Main page
	Contents
	Current events
	Random article
	About Wikipedia
	Contact us
	Donate


		
	



	

	
		Contribute
	

	
			Help
	Learn to edit
	Community portal
	Recent changes
	Upload file


		
	




	
		Tools
	

	
			What links here
	Related changes
	Upload file
	Special pages
	Permanent link
	Page information
	Cite this page
	Wikidata item


		
	




	
		Print/export
	

	
			Download as PDF
	Printable version


		
	



	

	
		Languages
	

	
			Deutsch
	Español
	فارسی
	Français
	Italiano
	Português
	Русский
	Українська


		Edit links

	









		 This page was last edited on 15 January 2021, at 08:15 (UTC).
	Text is available under the Creative Commons Attribution-ShareAlike License;
additional terms may apply.  By using this site, you agree to the Terms of Use and Privacy Policy. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization.



		Privacy policy
	About Wikipedia
	Disclaimers
	Contact Wikipedia
	Mobile view
	Developers
	Statistics
	Cookie statement