The Sybil Attack, J. R. Douceur, IPTPS 2002.
Clifton Forlines
CSC2231 Online Social Networks
11/1/2007
Outline
• Brief overview of the paper
• Discussion on differences between P2P
networks and OSN and on how this effects
Sybil attacks
Sybil Attack
• “Sybil” (1973) by
Flora Rheta Schreiber
• Attacker creates
multiple identities to
control a large portion
of the network and
overcome redundancy
Identity Validation
• How does an entity know that two identities
come from different entities?
• Centralized server is one option
• Douceur mentions three mechanisms of
testing independence of identities in P2P
– Communication
– Computation
– Storage
Identity Validation
• Four Lemmas “prove” that Sybil attacks are
always possible without centralized
authority
Lemma 1
• Because entities are heterogeneous in terms
of capabilities, a malicious entity can create
several “minimal” identities
• Lower-bound on number of identities
Lemma 2
• Unless identities are tested simultaneously,
a compromised entity can create any
number of identities
• Simultaneous identity verification not
practical
Lemma 3
• If a certain number of identities must vouch
for a new identity for it to be accepted, then
a set of compromised identities can create
any number of new fake identities
Lemma 4
• Without simultaneous validation of
identities by a set of trusted entities, a single
faulty entity can present many identities.
• Again, simultaneous validation is difficult
in real-world networks.
Overview Conclusion
• Networks require centralized authority to
validate network identities
• Without one, Sybil attacks are always a
possibility
Identity Validation in an OSN
• Douceur mentions three mechanisms of
testing independence of identities in P2P
– Communication
– Computation
– Storage
• What mechanisms exist for social networks?
Identity Validation
?
Identity Validation
Identity Validation
• OSN have lots of techniques to validate
identities that are not present in P2P
Network
Network
Network
What about the links?
Links in a Social Network
• What are the Differences between links in a P2P
network and links in an on-line social network?
Links in a Social Network
• What are the Differences between links in a P2P
network and links in an on-line social network?
– Links in OSN correspond to real-world links
Links in a Social Network
• What are the Differences between links in a P2P
network and links in an on-line social network?
– Links in OSN correspond to real-world links
– Links in OSN take time and effort to setup
Links in a Social Network
• What are the Differences between links in a P2P
network and links in an on-line social network?
– Links in OSN correspond to real-world links
– Links in OSN take time and effort to setup
– Links in OSN cluster and have high # of intra-cluster
connections
Links in a Social Network
• What does a link in a social network signify?
Links in a Social Network
• What does a link in a social network signify?
– Indicates trust
Links in a Social Network
• What does a link in a social network signify?
– Indicates trust
– Vouches for individual
Links in a Social Network
• How many links can a malicious node in a P2P
network create?
• How many in an OSN?
Links in a Social Network
• How many links can a malicious entity in a P2P
network create?
– As many as one wants. (mostly)
• How many in an OSN?
– As many as one has time and effort to create.
Network
What about the links?
Network
Network
Network
Network
Network
Network
• How can we identify
this type of edge
without global
network typology?
Summary
• OSN have lots of techniques to validate identities
that are not present in P2P
• Links in an OSN
–
–
–
–
–
Indicates trust
Vouches for individual
correspond to real-world links
take time and effort to setup
cluster and have high # of intra-cluster connections
• Malicious entity can only create as many links as
they have time and effort to create.
Other Discussion Topics
• IPv6 privacy (mentioned in paper)