Securing P2P systems from Sybil attacks through adaptive identity management

Authors:
Weverton Luis da Costa Cordeiro;Flávio Roberto Santos;Gustavo Huff Mauch;Marinho Pilla Barcelos;Luciano Paschoal Gaspary
Affiliations:
Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, RS, Brazil
Venue:
Proceedings of the 7th International Conference on Network and Services Management
Year:
2011

Citing 8
Cited 1

The Sybil Attack

IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Vivaldi: a decentralized network coordinate system

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Computational Puzzles as Sybil Defenses

P2P '06 Proceedings of the Sixth IEEE International Conference on Peer-to-Peer Computing
SybilLimit: A Near-Optimal Social Network Defense against Sybil Attacks

SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Protecting BitTorrent: Design and Evaluation of Effective Countermeasures against DoS Attacks

SRDS '08 Proceedings of the 2008 Symposium on Reliable Distributed Systems
Veracity: practical secure network coordinates via vote-based agreements

USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Sybil-resistant DHT routing

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Free-riding and whitewashing in peer-to-peer systems

IEEE Journal on Selected Areas in Communications

Identity management based on adaptive puzzles to protect P2P systems from Sybil attacks

Computer Networks: The International Journal of Computer and Telecommunications Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

An effective approach to tackle Sybil attacks consists in establishing computational puzzles to be solved prior to granting new identities. Solutions based on this approach, despite their potential, do not distinguish between identity requests originated from correct users and attackers, requiring both to pay the same cost for an identity requested. Assuming computational puzzles of similar complexity, attackers having access to high performance computing hardware might be able to solve them orders of magnitude faster than legitimate users. Consequently, attackers may obtain a larger number of identities. However, simply increasing the complexity of puzzles would hamper the admission of legitimate peers to the network. To address this problem, we propose the use of adaptive computational puzzles as an approach to limit the spread of Sybils. The key idea is to estimate a trust score of the source from which identity requests depart, calculated as a proportion to the recurrence rate of identity requests originated from other sources. The higher the frequency (the) user(s) associated to a source perform(s) identity requests, the lower the trust score of that source and, consequently, the higher the complexity of the puzzle to be solved. Results achieved by means of an experimental evaluation show the effectiveness of our solution. While comparatively more complex puzzles are assigned to potential attackers, legitimate users are minimally penalized with easier-to-solve puzzles.