An Analysis of Social Network-Based Sybil Defenses Sybil Defender

Slides:



Advertisements
Similar presentations
An analysis of Social Network-based Sybil defenses Bimal Viswanath § Ansley Post § Krishna Gummadi § Alan Mislove ¶ § MPI-SWS ¶ Northeastern University.
Advertisements

An Evaluation of Community Detection Algorithms on Large-Scale Traffic 1 An Evaluation of Community Detection Algorithms on Large-Scale Traffic.
Minimizing Seed Set for Viral Marketing Cheng Long & Raymond Chi-Wing Wong Presented by: Cheng Long 20-August-2011.
Novembro 2003 Tabu search heuristic for partition coloring1/29 XXXV SBPO XXXV SBPO Natal, 4-7 de novembro de 2003 A Tabu Search Heuristic for Partition.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 7.3 Secure and Resilient Location Discovery in Wireless.
Analysis and Modeling of Social Networks Foudalis Ilias.
Modeling Malware Spreading Dynamics Michele Garetto (Politecnico di Torino – Italy) Weibo Gong (University of Massachusetts – Amherst – MA) Don Towsley.
Krishna P. Gummadi Networked Systems Research Group MPI-SWS
The Sybil Attack in Sensor Networks: Analysis & Defenses J. Newsome, E. Shi, D. Song and A. Perrig IPSN’04.
Authors Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, Abraham Flaxman Presented by: Jonathan di Costanzo & Muhammad Atif Qureshi 1.
Qiang Cao Duke University
Haifeng Yu National University of Singapore
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Localized Techniques for Power Minimization and Information Gathering in Sensor Networks EE249 Final Presentation David Tong Nguyen Abhijit Davare Mentor:
Beneficial Caching in Mobile Ad Hoc Networks Bin Tang, Samir Das, Himanshu Gupta Computer Science Department Stony Brook University.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.
Distributed Intrusion Detection Systems (dIDS) 2/10 CIS 610.
Measurement and Analysis of Online Social Networks By Alan Mislove, Massimiliano Marcon, Krishna P. Gummadi, Peter Druschel, Bobby Bhattacharjee Attacked.
A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.
 Structured peer to peer overlay networks are resilient – but not secure.  Even a small fraction of malicious nodes may result in failure of correct.
SocialFilter: Introducing Social Trust to Collaborative Spam Mitigation Michael Sirivianos Telefonica Research Telefonica Research Joint work with Kyungbaek.
On Power-Law Relationships of the Internet Topology.
University of California at Santa Barbara Christo Wilson, Bryce Boe, Alessandra Sala, Krishna P. N. Puttaswamy, and Ben Zhao.
OSN Research As If Sociology Mattered Krishna P. Gummadi Networked Systems Research Group MPI-SWS.
Preserving Link Privacy in Social Network Based Systems Prateek Mittal University of California, Berkeley Charalampos Papamanthou.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
Efficient Identification of Overlapping Communities Jeffrey Baumes Mark Goldberg Malik Magdon-Ismail Rensselaer Polytechnic Institute, Troy, NY.
Terminodes and Sybil: Public-key management in MANET Dave MacCallum (Brendon Stanton) Apr. 9, 2004.
WALKING IN FACEBOOK: A CASE STUDY OF UNBIASED SAMPLING OF OSNS junction.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
A Graph-based Friend Recommendation System Using Genetic Algorithm
Leveraging Social Networks to Defend against Sybil attacks Krishna Gummadi Networked Systems Research Group Max Planck Institute for Software Systems Germany.
Paper Group: 20 Overlay Networks 2 nd March, 2004 Above papers are original works of respective authors, referenced here for academic purposes only Chetan.
Security Mechanisms for Distributed Computing Systems A9ID1007, Xu Ling Kobayashi Laboratory GSIS, TOHOKU UNIVERSITY 2011/12/15 1.
Exploiting Context Analysis for Combining Multiple Entity Resolution Systems -Ramu Bandaru Zhaoqi Chen Dmitri V.kalashnikov Sharad Mehrotra.
Bimal Viswanath § Ansley Post § Krishna Gummadi § Alan Mislove ¶ § MPI-SWS ¶ Northeastern University SIGCOMM 2010 Presented by Junyao Zhang Many of the.
SOS: An Architecture For Mitigating DDoS Attacks Angelos D. Keromytis, Vishal Misra, Dan Rubenstein ACM SIGCOMM 2002 Presented By : Tracy Wagner CDA 6938.
Analyzing the Vulnerability of Superpeer Networks Against Attack Niloy Ganguly Department of Computer Science & Engineering Indian Institute of Technology,
Multiple Location Profiling for Users and Relationships from Social Network and Content Rui Li, Shengjie Wang, Kevin Chen-Chuan Chang University of Illinois.
The new protocol of freenet Taken from Ian Clarke and Oskar Sandberg (The Freenet Project)
Intradomain Traffic Engineering By Behzad Akbari These slides are based in part upon slides of J. Rexford (Princeton university)
1 - CS7701 – Fall 2004 Review of: Detecting Network Intrusions via Sampling: A Game Theoretic Approach Paper by: – Murali Kodialam (Bell Labs) – T.V. Lakshman.
6 December On Selfish Routing in Internet-like Environments paper by Lili Qiu, Yang Richard Yang, Yin Zhang, Scott Shenker presentation by Ed Spitznagel.
KAIS T On the problem of placing Mobility Anchor Points in Wireless Mesh Networks Lei Wu & Bjorn Lanfeldt, Wireless Mesh Community Networks Workshop, 2006.
SybilGuard: Defending Against Sybil Attacks via Social Networks.
A Framework for Reliable Routing in Mobile Ad Hoc Networks Zhenqiang Ye Srikanth V. Krishnamurthy Satish K. Tripathi.
1 NETWORKING 2012 Parallel and Distributed Systems Group, Delft University of Technology, the Netherlands May 22, 2012 Reducing the History in Decentralized.
Social Networks and Peer to Peer As Presented by Jeremy Robinson 3/22/2007.
Privacy Preserving in Social Network Based System PRENTER: YI LIANG.
Anonymous communication over social networks Shishir Nagaraja and Ross Anderson Security Group Computer Laboratory.
Multiple Location Profiling for Users and Relationships from Social Network and Content Rui Li, Shengjie Wang, Kevin Chen-Chuan Chang University of Illinois.
Sybil Attacks VS Identity Clone Attacks in Online Social Networks Lei Jin, Xuelian Long, Hassan Takabi, James B.D. Joshi School of Information Sciences.
1 Link Privacy in Social Networks Aleksandra Korolova, Rajeev Motwani, Shubha U. Nabar CIKM’08 Advisor: Dr. Koh, JiaLing Speaker: Li, HueiJyun Date: 2009/3/30.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai Supervised.
DIVYA K 1RN09IS016 RNSIT1. Cloud computing provides a framework for supporting end users easily through internet. One of the security issues is how to.
Measuring the Mixing Time of Social Graphs Abedelaziz Mohaisen, Aaram Yun, and Yongdae Kim Computer Science and Engineering Department University of Minnesota.
Presented by Edith Ngai MPhil Term 3 Presentation
Talal H. Noor, Quan Z. Sheng, Lina Yao,
A Study of Group-Tree Matching in Large Scale Group Communications
Applications of graph theory in complex systems research
Minimum Spanning Tree 8/7/2018 4:26 AM
Empirical analysis of Chinese airport network as a complex weighted network Methodology Section Presented by Di Li.
Dieudo Mulamba November 2017
Generative Model To Construct Blog and Post Networks In Blogosphere
By group 3(not the ones who made the paper :D)
Presentation transcript:

An Analysis of Social Network-Based Sybil Defenses Sybil Defender Sybil examples Wei Wei∗, Fengyuan Xu∗, Chiu C. Tan†, Qun Li∗ ∗The College of William and Mary

Table of Contents Introduction to Sybil attack Sybil Defense mechanisms Sybil Defender algorithm Limiting number of attacks Evaluation of the algorithm Limitations of Sybil Defense schemes Comparison of algorithms. Performance comparison of generated node Ranking Performance comparison for detection of Sybils

Schema of Sybil Attack www. Reputation System Sybils votes ID: 007 Internet traffic www.

Introduction to Sybil attack Malicious attackers can create multiple identities and influence the working of systems that rely upon open membership. Avoiding multiple identity, or Sybil, attacks is known to be a fundamental problem in the design of distributed systems.

Delivery systems -Examples

Recommendation system

Traditional defenses rely on trusted identities provided by a certification authority. Disadvantage : requiring users to present trusted identities runs counter to the open membership.

Solutions Rely on social network structure instead of real users of network so they don’t require central trusted identities . All Sybil defense schemes rank nodes similarly—nodes within local communities around the trusted node. For example: nodes that around the trusted node are ranked higher than nodes in the rest of the network.

Problem Analysis We look on the scheme core. the ranking nodes based on how well the nodes are connected to a trusted node.

Assumptions The attacker cannot establish an arbitrarily large number of social connections to non-Sybil nodes. The honest region is fast mixing. Sybil node have to cross small cut between regions. The network consist at least 1 honest node.

Synthetic Network two densely connected communities of 256 nodes each

Sybil Defender algorithm Based on random walk on the graph– the sequence of moves of a particle between nodes of G. The defender detect Sybil nodes and community of Sybils close to the theoretical bound. 2 users share a link if there is relationship between them. User = node Sybil entity = # of nodes , honest = 1 node Sybil community consist all the Sybil node.

Sybil Defender algorithm 3 components : Sybil Identification Algorithm Sybil Community Detection Algorithm Limiting the Number of Attack Edges

Definitions Frequency of a node - the number of times the node being traversed by a set of random walks. random walk on a graph- the sequence of moves of a particle between nodes of G.

Algorithm 1 Log n -> fast mixing Lmax -> large enough for R random walks to cover the region

Algorithm 2 Mean -> Average node number of frequency

Results of pre-processing

Limiting the Number of Attack Edges The theoretical bound of the sybils node that we cannot detect is O(log n). the users rate their relationships (friend or stranger). removing the relationships rated as stranger from the social graph when applying the Sybil defense schemes. Build activity network that is based on the interaction between users. Two nodes share an edge in an activity network if and only if they have interacted directly through the communication mechanisms or applications provided by the corresponding social network.

Examples of defenses to limit the attackers Captcha Verify mail Ip Social security number Copy of ID

Evaluation parameters L0 = 1000 , Lmin = 100 , Lmax = 10000 T = 5, alpha = 20 , Ls = 20 , F = 100 R e {1000,1500,2000} Number per attack = 1000 F+ -> percentage of honest that detect as sybil F- -> percentage of sybil detect as honest Sybil region = 10000 nodes Each point avg of 20 experiments Phi = mean – alpha * stdDeviation = t

EVALUATION evaluate the effectiveness of Sybil Defender using 2 data sets – the largest data sets that evaluate Sybil defense : 20% rate of confirm fake friend Facebook Orkut 3,097,165 nodes 3,072,441 nodes 28,377,481 edges 117,185,083 edges average degree of 18.32 average degree of 76.28 In the experiments we use 2 models to construct the sybil regions respectively: the preferential attachment (PA) model and the Erd¨os-R´enyi (ER) model.

Orkut

Compare originating PA Model Assumption: the existence of a small cut between the honest region and the Sybil region.

Compare per attack

Sybil limit VS Sybil defender

Sybil limit result

Running time Sybil Limit (R=2000) Sybil Defender (R=2000) 11.56 seconds 0.87 seconds one Sybil node 83.55 seconds 7.11 seconds one honest node Sybil Limit invokes a large number (r = 10000 for our Facebook data set) of instances of the random route generation protocol. Sybil Defender only relies on performing a limited number of random walks

Comparing algorithm defenses Each algorithm has been shown to work well under its own assumptions about the structure of the social network and the links connecting non-Sybil and Sybil nodes.

Comparing approch 1 view the schemes as complete coherent proposals (treat them as “black boxes”). Pros: would provide useful performance comparisons between a fixed configuration of schemes over a given set of social networks and attack strategies by the Sybils. Cons: would not yield conclusive information on how a particular scheme would perform if either the given social network or the behavior of the attacker should change. not allow us to derive any fundamental insights into how these schemes work.

Comparing approch 2 find a core insight common to all the schemes that would explain their performance in any setting. Pros: provides guidance on improving future designs, but also sheds light on the limits of social network-based Sybil defense. Cons: we need to reduce the schemes to their core task before analyzing them.

How the schemes works schemes attempt to isolate Sybils embedded within a social network topology. Every scheme declares nodes in the network as either Sybils or non-Sybils from the perspective of a trusted node, effectively partitioning the nodes in the social network into two distinct regions (non-Sybils and Sybils).

Balanced Partition graph The problem is under NP-Hard section (if the graph degree balanced so it NP-C). The problem is to find (k,v) partition k components of at most size v·(n/k) while minimizing the capacity of the edges between separate components.

Graph partition methods local methods to find partition graph are the Kernighan–Lin algorithm, and Fiduccia-Mattheyses algorithms Usage of this methods

Sybil Community Detection Algorithm

Sybil Community Detection Algorithm

Sybil community detection algorithm

Examples of defenses schemes

Data set evaluation ROC - is the probability that a Sybil defense scheme ranks a randomly selected Sybil node lower than a randomly selected non-Sybil node Conductance - metric for evaluating the quality of communities (lower numbers indicate stronger communities) Mutual Information - measures the similarity of two partitions of a set : 0 = no correlation 1 = perfect match

Limitations of Sybil Defense - Impact of Social Network Structure Synthetic Network

Limitations of Sybil Defense - Impact of Social Network Structure

Limitations of Sybil Defense – Targeted Sybil Attacks Sybil defense schemes assume that attackers (Sybils) establish links to randomly selected nodes in the network. To find out the performance of Sybil defense schemes in targeted attacks, attackers have more control over their link placement to k nodes closest to trusted node. As Sybil links get closer to trusted node, Sybil nodes are ranked higher than non-Sybil nodes

Community Detection (CD) Algorithms Section of algorithms that Very widely explorer and investigate so we can use of its detection of local community. We use the algorithm of “Mislove” that iteratively pass on his neighbor’s nodes from a given 1 or 2 initialize node. We will compare its node ranking with those of existing Sybil defense schemes, to determine if it is able to defend against sybils with similar accuracy.

Comparison of Generated Rankings Synthetic Network The similarity of generated partitions and quality of communities is max at partition size of 256

Comparison of Generated Rankings (Real World Networks) Facebook Network Astrophysics Network Nodes that are tightly connected around a trusted node are more likely to be ranked higher When there are multiple nodes that are similarly well connected to the trusted node are often ranked differently in different algorithms.

Performance comparison for Sybil Detection Synthetic Network Facebook Network