Optimal Sybil-resilient node admission control

Nguyen Tran, Jinyang Li, Lakshminarayanan Subramanian, Sherman S M Chow

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Most existing large-scale networked systems on the Internet such as peer-to-peer systems are vulnerable to Sybil attacks where a single adversary can introduce many bogus identities. One promising defense of Sybil attacks is to perform social-network based admission control to bound the number of Sybil identities admitted. SybilLimit [22], the best known Sybil admission control mechanism, can restrict the number of Sybil identities admitted per attack edge to O(log n) with high probability assuming O(n/log n) attack edges. In this paper, we propose Gatekeeper, a decentralized Sybil-resilient admission control protocol that significantly improves over SybilLimit. Gatekeeper is optimal for the case of O(1) attack edges and admits only O(1) Sybil identities (with high probability) in a random expander social networks (real-world social networks exhibit expander properties). In the face of O(k) attack edges (for any k ∈ O(n/ log n)), Gatekeeper admits O(log k) Sybils per attack edge. This result provides a graceful continuum across the spectrum of attack edges. We demonstrate the effectiveness of Gatekeeper experimentally on real-world social networks and synthetic topologies.

Original languageEnglish (US)
Title of host publication2011 Proceedings IEEE INFOCOM
Pages3218-3226
Number of pages9
DOIs
StatePublished - 2011
EventIEEE INFOCOM 2011 - Shanghai, China
Duration: Apr 10 2011Apr 15 2011

Other

OtherIEEE INFOCOM 2011
CountryChina
CityShanghai
Period4/10/114/15/11

Fingerprint

Access control
Topology
Internet
Network protocols

ASJC Scopus subject areas

  • Computer Science(all)
  • Electrical and Electronic Engineering

Cite this

Tran, N., Li, J., Subramanian, L., & Chow, S. S. M. (2011). Optimal Sybil-resilient node admission control. In 2011 Proceedings IEEE INFOCOM (pp. 3218-3226). [5935171] https://doi.org/10.1109/INFCOM.2011.5935171

Optimal Sybil-resilient node admission control. / Tran, Nguyen; Li, Jinyang; Subramanian, Lakshminarayanan; Chow, Sherman S M.

2011 Proceedings IEEE INFOCOM. 2011. p. 3218-3226 5935171.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Tran, N, Li, J, Subramanian, L & Chow, SSM 2011, Optimal Sybil-resilient node admission control. in 2011 Proceedings IEEE INFOCOM., 5935171, pp. 3218-3226, IEEE INFOCOM 2011, Shanghai, China, 4/10/11. https://doi.org/10.1109/INFCOM.2011.5935171
Tran N, Li J, Subramanian L, Chow SSM. Optimal Sybil-resilient node admission control. In 2011 Proceedings IEEE INFOCOM. 2011. p. 3218-3226. 5935171 https://doi.org/10.1109/INFCOM.2011.5935171
Tran, Nguyen ; Li, Jinyang ; Subramanian, Lakshminarayanan ; Chow, Sherman S M. / Optimal Sybil-resilient node admission control. 2011 Proceedings IEEE INFOCOM. 2011. pp. 3218-3226
@inproceedings{235617db13b5424094979e235435d718,
title = "Optimal Sybil-resilient node admission control",
abstract = "Most existing large-scale networked systems on the Internet such as peer-to-peer systems are vulnerable to Sybil attacks where a single adversary can introduce many bogus identities. One promising defense of Sybil attacks is to perform social-network based admission control to bound the number of Sybil identities admitted. SybilLimit [22], the best known Sybil admission control mechanism, can restrict the number of Sybil identities admitted per attack edge to O(log n) with high probability assuming O(n/log n) attack edges. In this paper, we propose Gatekeeper, a decentralized Sybil-resilient admission control protocol that significantly improves over SybilLimit. Gatekeeper is optimal for the case of O(1) attack edges and admits only O(1) Sybil identities (with high probability) in a random expander social networks (real-world social networks exhibit expander properties). In the face of O(k) attack edges (for any k ∈ O(n/ log n)), Gatekeeper admits O(log k) Sybils per attack edge. This result provides a graceful continuum across the spectrum of attack edges. We demonstrate the effectiveness of Gatekeeper experimentally on real-world social networks and synthetic topologies.",
author = "Nguyen Tran and Jinyang Li and Lakshminarayanan Subramanian and Chow, {Sherman S M}",
year = "2011",
doi = "10.1109/INFCOM.2011.5935171",
language = "English (US)",
isbn = "9781424499212",
pages = "3218--3226",
booktitle = "2011 Proceedings IEEE INFOCOM",

}

TY - GEN

T1 - Optimal Sybil-resilient node admission control

AU - Tran, Nguyen

AU - Li, Jinyang

AU - Subramanian, Lakshminarayanan

AU - Chow, Sherman S M

PY - 2011

Y1 - 2011

N2 - Most existing large-scale networked systems on the Internet such as peer-to-peer systems are vulnerable to Sybil attacks where a single adversary can introduce many bogus identities. One promising defense of Sybil attacks is to perform social-network based admission control to bound the number of Sybil identities admitted. SybilLimit [22], the best known Sybil admission control mechanism, can restrict the number of Sybil identities admitted per attack edge to O(log n) with high probability assuming O(n/log n) attack edges. In this paper, we propose Gatekeeper, a decentralized Sybil-resilient admission control protocol that significantly improves over SybilLimit. Gatekeeper is optimal for the case of O(1) attack edges and admits only O(1) Sybil identities (with high probability) in a random expander social networks (real-world social networks exhibit expander properties). In the face of O(k) attack edges (for any k ∈ O(n/ log n)), Gatekeeper admits O(log k) Sybils per attack edge. This result provides a graceful continuum across the spectrum of attack edges. We demonstrate the effectiveness of Gatekeeper experimentally on real-world social networks and synthetic topologies.

AB - Most existing large-scale networked systems on the Internet such as peer-to-peer systems are vulnerable to Sybil attacks where a single adversary can introduce many bogus identities. One promising defense of Sybil attacks is to perform social-network based admission control to bound the number of Sybil identities admitted. SybilLimit [22], the best known Sybil admission control mechanism, can restrict the number of Sybil identities admitted per attack edge to O(log n) with high probability assuming O(n/log n) attack edges. In this paper, we propose Gatekeeper, a decentralized Sybil-resilient admission control protocol that significantly improves over SybilLimit. Gatekeeper is optimal for the case of O(1) attack edges and admits only O(1) Sybil identities (with high probability) in a random expander social networks (real-world social networks exhibit expander properties). In the face of O(k) attack edges (for any k ∈ O(n/ log n)), Gatekeeper admits O(log k) Sybils per attack edge. This result provides a graceful continuum across the spectrum of attack edges. We demonstrate the effectiveness of Gatekeeper experimentally on real-world social networks and synthetic topologies.

UR - http://www.scopus.com/inward/record.url?scp=79960849345&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79960849345&partnerID=8YFLogxK

U2 - 10.1109/INFCOM.2011.5935171

DO - 10.1109/INFCOM.2011.5935171

M3 - Conference contribution

SN - 9781424499212

SP - 3218

EP - 3226

BT - 2011 Proceedings IEEE INFOCOM

ER -