SybilLimit: A Near-Optimal Social
Network Defense Against Sybil Attacks
Haifeng Yu
National University of Singapore
Phillip B. Gibbons
Intel Research Pittsburgh
Michael Kaminsky
Intel Research Pittsburgh
Feng Xiao
National University of Singapore
Background: Sybil Attack
 Sybil attack: Single user
pretends many fake/sybil
identities
 Already observed in real-world
p2p systems
honest
malicious
 Sybil identities can become a
large fraction of all identities
launch
sybil
attack
 “Out-vote” honest users in
collaborative tasks
Haifeng Yu, National University of Singapore
2
Background: Defending Against Sybil Attack
 Using trusted central authority to tie identities to
human beings – not always desirable
 Much harder without a trusted central authority
[Douceur’02]
 Resource challenges not sufficient
 IP address-based approach not sufficient
 Widely considered as real & challenging:
 Over 40 papers acknowledging the problem of sybil
attack, without having a distributed solution
Haifeng Yu, National University of Singapore
3
SybilGuard / SybilLimit Basic Insight:
Leveraging Social Networks
SybilGuard [SIGCOMM’06] / SybilLimit [Oakland’08]:
The first to leverage social networks for thwarting sybil
attacks with provable guarantees.
 Nodes = identities
 Undirected edges =
strong mutual trust
 E.g., colleagues,
relatives in real-world
 Not online friends !
Haifeng Yu, National University of Singapore
4
Attack Model
 n honest users: One identity/node each
 Malicious users: Multiple identities each (sybil nodes)
sybil
nodes
honest
nodes
attack
edges
sybil nodes
may collude –
the adversary
malicious
users
Observation: Adversary cannot create extra
edges between honest nodes and sybil nodes
Haifeng Yu, National University of Singapore
5
SybilGuard/SybilLimit Basic Insight
Dis-proportionally
small cut
disconnecting a
large number of
identities
But cannot search
brute-force…
attack
edges
honest nodes
sybil nodes
Haifeng Yu, National University of Singapore
6
SybilGuard / SybilLimit End Guarantees
 Completely decentralized
 Enables any given verifier node to decide
whether to accept any given suspect node
 Accept: Provide service to / receive service from
 Ideally: Accept and only accept honest nodes –
unfortunately not possible
 SybilGuard / SybilLimit provably
 Bound # of accepted sybil nodes (w.h.p.)
 Accept all honest nodes except a small  fraction
(w.h.p.)
Haifeng Yu, National University of Singapore
7
Example Application Scenarios
If # of sybil nodes
accepted
< n/2
Then applications
can do
byzantine consensus
<n
majority voting
< n/c for some constant c
secure DHT
[Awerbuch’06, Castro’02,
Fiat’05]
…
Haifeng Yu, National University of Singapore
…
8
SybilLimit Contribution 1: “Pushing the Limit”
# sybil nodes accepted (smaller is better) per attack edge
total number of attack
edges g

g  O n / log n
g between 

SybilGuard
[SIGCOMM’06]

n / log n
and On / log n
 ( n log n)

~2000
unbounded
SybilLimit
[Oakland’08]
 (log n)
~10
 (log n)
~10
We also prove that SybilLimit is O (log n) away from optimal
Haifeng Yu, National University of Singapore
9
Outline
 Motivation, basic insight, and end guarantees
 SybilLimit Contribution 1: “Pushing the Limit”
 The near-optimal SybilLimit design
 SybilLimit Contribution 2: Validation on RealWorld Social Networks
Haifeng Yu, National University of Singapore
10
Identity Registration in SybilLimit
 Each node (honest or sybil) has a locally
generated public/private key pair
 “Identity”: V accepts S = V accepts S’s public key KS
 We do not assume/need PKI
 In SybilLimit, every suspect S “registers” KS on
some other nodes
Haifeng Yu, National University of Singapore
11
SybilLimit: Strawman Design – Step 1
 Ensure that sybil
nodes (collectively)
register only on
limited number of
honest nodes
 Still provide enough
“registration
opportunities” for
honest nodes
K: registered keys of
sybil nodes
K: registered keys of
honest nodes
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
honest region sybil region
Haifeng Yu, National University of Singapore
12
SybilLimit: Strawman Design – Step 2
K: registered keys of
sybil nodes
K: registered keys of
honest nodes
 Accept S only if KS is
register on sufficiently
many honest nodes
 Without knowing where
the honest region is !
 Circular design? We
can break this circle…
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
honest region sybil region
Haifeng Yu, National University of Singapore
13
Three Interrelated Key Techniques
 Technique 1: Use the tails of random routes
for registration
 Will achieve Step 1
 Random routes are from SybilGuard
 Novelty: The use of tails
 Novelty: The use of multiple independent instances
of shorter random routes
Haifeng Yu, National University of Singapore
14
Three Interrelated Key Techniques
 Technique 2: Use intersection condition and
balance condition to verify suspects
 Will break the circular design and achieve Step 2
 SybilGuard also has intersection condition
 Novelty: Intersection on edges
 Novelty: SybilGuard has no balance condition
 Technique 3: Use benchmarking technique to
estimate unknown parameters
 Breaks another seemingly circular design…
 Novelty: SybilGuard has no such technique
Haifeng Yu, National University of Singapore
15
Three Interrelated Key Techniques
 Technique 1: Use the tails of random routes
for registration
 Will achieve Step 1
 Random routes are from SybilGuard
 Novelty: The use of tails
 Novelty: The use of multiple independent instances
of shorter random routes
Haifeng Yu, National University of Singapore
16
Random Route: Convergence
f
a
b
ad
randomized b  a
routing table c  b
dc
d
c
de
ed
f f
e
Random 1 to 1 mapping between
incoming edge and outgoing edge
Using routing table gives Convergence Property:
Routes merge if crossing the same edge
Haifeng Yu, National University of Singapore
17
Registering Public Keys with Tails
 Every node initiates a “secure” random route
of length w from itself
 See paper for discussion on w
 See paper for how to make it “secure”
edge “CD” is the tail of A’s random route
w=3
A
B
C
D
Haifeng Yu, National University of Singapore
D records KA
under name
“CD”
18
Tails of Sybil Suspects
 Imagine that every sybil suspect initiates a
random route from itself
tainted tail
sybil
nodes
honest
nodes
total 1 tainted tail
Haifeng Yu, National University of Singapore
19
Counting The Number of Tainted Tails
attack
edge
honest
nodes
sybil
nodes
 Claim: There are at most w tainted tails per
attack edge
 Convergence: At most w tainted tails per attack edge
 Regardless of whether sybil nodes follow the protocol
Haifeng Yu, National University of Singapore
20
Back to the Strawman Design Step 1
 # of K ’s  gw
 Independent of # sybil
nodes
 # of K ’s  n – gw
 From “backtrace-ability”
property of random
routes
 See paper…
K: registered keys of
sybil nodes
K: registered keys of
honest nodes
K
K
K
honest
region
Step 1 achieved !
Haifeng Yu, National University of Singapore
K
K
K
K
21
Outline
 SybilLimit Contribution 1: “Pushing the Limit”
 Independent instances, intersection condition,
balance condition, benchmarking technique
 Avoids multiple seemingly circular designs (hardest
part…)
 Also see paper for
 Performance overheads…
 Near-optimality …
 SybilLimit Contribution 2: Validation on RealWorld Social Networks
Haifeng Yu, National University of Singapore
22
Validation on Real-World Social Networks
 SybilGuard / SybilLimit assumption: Honest
nodes are not behind disproportionally small cuts
 Rigorously: Social networks (without sybil nodes) have
small mixing time
 Mixing time affects # sybil nodes accepted and #
honest nodes accepted
 Synthetic social networks – proof in [SIGCOMM’06]
 Real-world social networks?
 Social communities, social groups, ….
Haifeng Yu, National University of Singapore
23
Simulation Setup
Crawled online social networks used in experiments
# nodes
# edges
Friendster
0.9M
7.8M
Livejournal
0.9M
8.7M
DBLP
0.1M
0.6M
 We experiment with:
 Different number and placement of attack edges
 Different graph sizes -- full size to 100-node sub-graphs
 Sybil attackers use the optimal strategy
Haifeng Yu, National University of Singapore
24
Brief Summary of Simulation Results
 In all cases we experimented with:
 Fraction of honest nodes accepted:
 ~95%
 # sybil nodes accepted:
 ~10 per attack edge for Friendster and LiveJournal
 ~15 per attack edge for DBLP
Haifeng Yu, National University of Singapore
25
Conclusions
 Sybil attack:
 Widely considered as a real and challenging problem
 SybilLimit: Fully decentralized defense protocol
based on social networks
 Provable near-optimal guarantees
 Experimental validation on real-world social networks
 Future work: Implement SybilLimit with real apps
Haifeng Yu, National University of Singapore
26