Peer-to-Peer Networking and Applications

, Volume 4, Issue 3, pp 289–308

SyMon: A practical approach to defend large structured P2P systems against Sybil Attack

Article
  • 151 Downloads

Abstract

Sybil attack is one of the most challenging problems that plague current decentralized Peer-to-Peer(P2P) systems. In Sybil attack, a single malicious user creates multiple peer identities known as sybils. These sybils are employed to target honest peers and hence subvert the system. In this paper, we describe a novel solution that enables all honest peers to protect themselves from sybils with high probability in large structured P2P systems. In our proposed sybil defense system, we associate every peer with another non-sybil peer known as SyMon. A given peer’s SyMon is chosen dynamically such that the chances of both of them being sybils are very low. The chosen SyMon is entrusted with the responsibility of moderating the transactions involving the given peer and hence makes it almost impossible for sybils to compromise the system. We show the effectiveness of our proposed system in defending against Sybil attack both analytically and experimentally. In addition to this, we explore the feasibility of our proposed solution in two P2P applications: reputation systems for P2P based file sharing applications and P2P applications susceptible to Denial-of-Service(DOS) attack, systems known to be highly vulnerable to Sybil attack. In each of our case studies, we discuss possible ways in which our solution can be employed to defend the system against Sybil attack.

Keywords

Sybil attack P2P networks Structured overlay Reputation system DOS attack 

References

  1. 1.
    Back A (2002) Hashcash—a denial of service countermeasure. http://www.hashcash.org/hashcash.pdf
  2. 2.
    Bhattacharjee R, Goel A (2005) Avoiding ballot stuffing in ebay-like reputation systems. In: P2PECON ’05: proceedings of the 2005 ACM SIGCOMM workshop on economics of peer-to-peer systemsGoogle Scholar
  3. 3.
    BitTorrent. http://bitconjurer.org/BitTorrent/. Accessed March 2009
  4. 4.
    Borisov N (2006) Computational puzzles as sybil defenses. In: P2P ’06: proceedings of the sixth IEEE international conference on peer-to-peer computingGoogle Scholar
  5. 5.
    B. S. J, Janakiram D (2009) Symon: defending against sybil attack in large structured p2p systems. In: P2P’09: proceedings of the 9th international conference on peer-to-peer computing, pp 21–30Google Scholar
  6. 6.
    Castro M, Druschel P, Ganesh A, Rowstron A, Wallach DS (2002) Secure routing for structured peer-to-peer overlay networks. In: OSDI ’02: proceedings of the 5th symposium on operating systems design and implementationGoogle Scholar
  7. 7.
    Chan EM, Gunter CA, Jahid S, Peryshkin E, Rebolledo D (2008) Using rhythmic nonces for puzzle-based dos resistance. In: CSAW ’08: proceedings of the 2nd ACM workshop on computer security architecturesGoogle Scholar
  8. 8.
    Chokhani S, Ford W, Sabett RV, Merrill CR, Wu SS (2003) Internet x.509 public key infrastructure certificate policy and certification practices framework. RFC 3647Google Scholar
  9. 9.
    Christin N, Weigend AS, Chuang J (2005) Content availability, pollution and poisoning in file sharing peer-to-peer networks. In: EC ’05: proceedings of the 6th ACM conference on electronic commerceGoogle Scholar
  10. 10.
    Costa C, Almeida J (2007) Reputation systems for fighting pollution in peer-to-peer file sharing systems. In: P2P ’07: proceedings of the seventh IEEE international conference on peer-to-peer computingGoogle Scholar
  11. 11.
    Danezis G, Mittal P (2009) Sybilinfer: detecting sybil nodes using social networks. In: NDSS ’09: proceedings of the 16th annual network and distributed system security symposiumGoogle Scholar
  12. 12.
    Dasgupta A (2005) The matching, birthday and the strong birthday problem: a contemporary review. J Statist Plann Inference 130:377–389MathSciNetMATHCrossRefGoogle Scholar
  13. 13.
    Dinger J, Hartenstein H (2006) Defending the sybil attack in p2p networks: taxonomy, challenges, and a proposal for self-registration. In: ARES ’06: proceedings of the first IEEE international conference on availability, reliability and securityGoogle Scholar
  14. 14.
    Douceur JR (2002) The sybil attack. In: IPTPS ’01: the first international workshop on peer-to-peer systemsGoogle Scholar
  15. 15.
    Ellison C, Frantz B, Lampson B, Rivest R, Thomas B, Ylonen T (1999) Spki certificate theory. RFC 2693Google Scholar
  16. 16.
    FreePastry. http://www.freepastry.org/. Accessed March 2009
  17. 17.
    Friedman EJ, Resnick P (2001) The social cost of cheap pseudonyms. J Econ Manage Strategy 10(2):173–199CrossRefGoogle Scholar
  18. 18.
    Halderman JA, Waters B (2007) Harvesting verifiable challenges from oblivious online sources. In: CCS ’07: proceedings of the 14th ACM conference on computer and communications securityGoogle Scholar
  19. 19.
    Juels A, Brainard J (1999) Client puzzles: a cryptographic countermeasure against connection depletion attacks. In: ISOC ’99: proceedings of the 1999 ISOC network and distributed system security symposiumGoogle Scholar
  20. 20.
    Kamvar SD, Schlosser MT,, Garcia-Molina H (2003) The eigentrust algorithm for reputation management in p2p networks. In: WWW ’03: proceedings of the 12th international conference on World Wide WebGoogle Scholar
  21. 21.
    Kazaa. http://www.kazaa.com/. Accessed March 2009
  22. 22.
    Kelsey J, Schneier B (2005) Second preimages on n-bit hash functions for much less than 2n work. In: Advances in cryptology EUROCRYPTGoogle Scholar
  23. 23.
    Liang J, Kumar R, Xi Y, Ross KW (2005) Pollution in p2p file sharing systems. In: INFOCOM 2005: 24th IEEE international conference on computer communicationsGoogle Scholar
  24. 24.
    Liang J, Naoumov N, Ross KW (2005) Efficient blacklisting and pollution-level estimation in p2p file-sharing systems. In: Proceedings of AINTEC 2005Google Scholar
  25. 25.
    Lua EK, Crowcroft J, Pias M, Sharma R, Lim S (2005) A survey and comparison of peer-to-peer overlay network schemes. IEEE Comm Surveys and Tutorials 7(2):72–93CrossRefGoogle Scholar
  26. 26.
    Mahajan R, Castro M, Rowstron A (2003) Controlling the cost of reliability in peer-to-peer overlays. In: IPTPS ’03: the third international workshop on peer-to-peer systemsGoogle Scholar
  27. 27.
    Massoulié L, Merrer EL, Kermarrec AM, Ganesh A (2006) Peer counting and sampling in overlay networks: random walk methods. In: PODC ’06: proceedings of the twenty-fifth annual ACM symposium on principles of distributed computingGoogle Scholar
  28. 28.
    Napster. http://www.napster.com/. Accessed March 2009
  29. 29.
    Ripeanu M (2001) Peer-to-peer architecture case study: Gnutella network. In: P2P ’01: proceedings of the first international conference on peer-to-peer computingGoogle Scholar
  30. 30.
    Rowaihy H, Enck W, McDaniel P, Porta TL (2007) Limiting sybil attacks in structured p2p networks. In: INFOCOM 2007:26th IEEE international conference on computer communicationsGoogle Scholar
  31. 31.
    Rowstron AIT, Druschel P (2001) Pastry: scalable, decentralized object location and routing for large-scale peer-to-peer systems. In: Middleware ’01: proceedings of the IFIP/ACM international conference on distributed systems platforms HeidelbergGoogle Scholar
  32. 32.
    SHA-1. Secure hash algorithm. http://www.ietf.org/rfc/rfc3174.txt. Accessed March 2009
  33. 33.
    Shafaat TM, Ghodsi A, Haridi S (2008) A practical approach to network size estimation for structured overlays. In: IWSOS ’08: proceedings of the 3rd international workshop on self-organizing systemsGoogle Scholar
  34. 34.
    Shamir A, Tromer E (2003) On the cost of factoring rsa-1024. RSA CryptoBytes 6(2):10–19Google Scholar
  35. 35.
    Skype. http://www.skype.com/. Accessed March 2009
  36. 36.
    Stoica I, Morris R, Liben-Nowell D, Karger DR, Kaashoek MF, Dabek F, Balakrishnan H (2003) Chord: a scalable peer-to-peer lookup protocol for internet applications. IEEE/ACM Trans Netw 11(1)Google Scholar
  37. 37.
    Tiri K (2007) Side-channel attack pitfalls. In: DAC ’07: proceedings of the 44th annual conference on design automationGoogle Scholar
  38. 38.
    Tran N, Min B, Li J, Submaranian L (2009) Sybil-resilient online content voting. In: Proceedings of the 6th symposium on networked system design and implementation (NSDI)Google Scholar
  39. 39.
    Walsh K, Sirer EG (2005) Fighting peer-to-peer spam and decoys with object reputation. In: P2PECON ’05: proceedings of the 2005 ACM SIGCOMM workshop on economics of peer-to-peer systemsGoogle Scholar
  40. 40.
    Wang X, Yin YL, Yu H (2005) Finding collisions in the full sha-1. In: Crypto-05Google Scholar
  41. 41.
    Waters B, Juels A, Halderman JA, Felten EW (2004) New client puzzle outsourcing techniques for dos resistance. In: CCS ’04: proceedings of the 11th ACM conference on computer and communications securityGoogle Scholar
  42. 42.
    Yang Y, Feng Q, Sun YL, Dai Y (2008) Reptrap: a novel attack on feedback-based reputation systems. In: SecureComm ’08: proceedings of the 4th international conference on security and privacy in communication networksGoogle Scholar
  43. 43.
    Yu H, Gibbons PB, Kaminsky M, Xiao F (2008) Sybillimit: a near-optimal social network defense against sybil attacks. In: SP ’08: proceedings of the IEEE symposium on security and privacy.Google Scholar

Copyright information

© Springer Science + Business Media, LLC 2010

Authors and Affiliations

  1. 1.Distributed and Object Systems Lab, Department of Computer Science and EngineeringIndian Institute of Technology MadrasChennaiIndia

Personalised recommendations