Phillip B. Gibbons
Intel Research Pittsburgh
DISC’08 / Graal’08
September 24, 2008
Slides (except those borrowed from colleagues) are © Phillip B. Gibbons

3
 Social Networks
–SybilLimit: Defending against Sybil Attacks in P2P
 Sensor Networks
–Synopsis Diffusion: Robust in-network aggregation
 Shape-Shifting Networks
–Claytronics: Aggregation in programmable matter
Phillip B. Gibbons, DISC’08/Graal’08

4
 Sybil attack:
Single user assumes many fake/sybil identities
– Already observed in real-world p2p systems malicious honest launch sybil attack
 Sybil identities can become a large fraction of all identities
– “Out-vote” honest users in collaborative tasks
Phillip B. Gibbons, DISC’08/Graal’08

 Using trusted central authority (TCA)
– Ties identities to human beings
– Not always desirable: who to trust, privacy, etc.
– Practice: Gmail accounts
 Much harder without a TCA [Douceur’02]
– Resource challenges not sufficient
– IP address-based approach not sufficient
– Practice: Wikipedia IP blocking
5
 Widely considered real & challenging
– 40 papers on sybil attacks, no distributed solution
Phillip B. Gibbons, DISC’08/Graal’08

SybilGuard
[SIGCOMM’06, TON 2008],
SybilLimit
[Oakland’08]
(with Haifeng Yu*, Michael Kaminsky)
First to leverage social networks for thwarting sybil attacks with provable guarantees
6
* Primary author
 Nodes = identities
 Undirected edges = strong mutual trust
– E.g., colleagues, relatives in real-world
– Not online friends !
Phillip B. Gibbons, DISC’08/Graal’08

 n honest users: One identity/node each
 Malicious users: Multiple identities each (sybil nodes)
Attack edge: edge honest nodes sybil nodes between honest node
& sybil node attack edges sybil nodes may collude – the adversary malicious users
7
Observation: Adversary cannot create extra attack edges
Phillip B. Gibbons, DISC’08/Graal’08

8
Dis-proportionally small cut disconnecting a large number of identities honest nodes attack edges sybil nodes
But cannot search bruteforce…
Phillip B. Gibbons, DISC’08/Graal’08

9
 Completely decentralized
 Enables any given verifier node to decide whether to accept any given suspect node
– Accept: Provide service to / receive service from
– Ideally: Accept and only accept honest nodes – unfortunately not possible
 Bounds # of accepted sybil nodes (w.h.p.)

(log n ) per attack edge [up to O
 n / log n
 attack edges]
 Accepts (1 ) n honest nodes (w.h.p.)
Phillip B. Gibbons, DISC’08/Graal’08

10
If # of sybil nodes accepted is
< n/2
< n
Then applications can do byzantine consensus majority voting
< n/c for some constant c
… secure DHT
[Awerbuch’06,
Castro’02, Fiat’05]
…
Phillip B. Gibbons, DISC’08/Graal’08

11
 Each node (honest or sybil) has a locally generated public/private key pair
– “Identity”: V accepts S means
V accepts S’s public key
K
S
– We do not assume/need PKI
 Every suspect S “ registers ”
K
S other nodes on some
Phillip B. Gibbons, DISC’08/Graal’08

12
 Ensure that sybil nodes (collectively) register only on limited number of honest nodes
– Still provide enough
“registration opportunities” for honest nodes
K : registered keys of sybil nodes
K : registered keys of honest nodes
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K honest region sybil region
Phillip B. Gibbons, DISC’08/Graal’08

13
 Accept S only if
K
S is register on sufficiently many honest nodes
– Without knowing where the honest region is !
– Circular design? We can use small cut against adversary
K : registered keys of sybil nodes
K : registered keys of honest nodes
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K honest region sybil region
Phillip B. Gibbons, DISC’08/Graal’08

14
 Take random “walks” of w=

(log n ) hops
– Honest nodes: likely to remain in honest region*
– Sybil nodes: must cross an attack edge to reach honest region
• Register key at last hop of “walk” K
K
K
K
K
K
K
K
K
K
K
K
* w = Social network’s mixing time End up at ~ random edge in honest region
K
K honest region
K
K sybil region
Phillip B. Gibbons, DISC’08/Graal’08

15 a b randomized routing table a
 d b
 a c
 b d
 c f d e c d
 e e
 d f
 f
Random 1 to 1 mapping between incoming edge and outgoing edge
Using routing table gives Convergence Property :
Routes merge if crossing the same edge
Phillip B. Gibbons, DISC’08/Graal’08

attack edge
Route length w
K honest nodes
K K
K sybil nodes
16
 Claim: There are at most w
K’s per attack edge
– Proof: By the Convergence property
– Regardless of whether sybil nodes follow protocol
Use  independent instances of random routing
Phillip B. Gibbons, DISC’08/Graal’08


 
1. request S’s set of tails A

B
V
2. I have three tails
A

B; C

D; E

F
3.common tail: E

F
S
17
4. Is K
5. Yes.
S registered?
E

F
F
C

D
4 messages involved
V accepts S Tails intersect + key registered
Phillip B. Gibbons, DISC’08/Graal’08

 Birthday paradox V & honest S share a common tail w.h.p.
 Limit on sybil Ks in honest region V & sybil S don’t share a common tail w.h.p.
– Unless V has a tail in sybil region: Handled in paper
 How to estimate parameters: w & m
18
 Evaluation w/ real-world social networks
– Friendster, LiveJournal, DBLP (Added sybil nodes)
Phillip B. Gibbons, DISC’08/Graal’08

19
 Sybil attack:
– Widely considered a real & challenging problem
 SybilLimit: Fully decentralized defense protocol based on social networks
– Provable near-optimal guarantees
– Experimental validation on real social networks
 Open Problem (in SybilLimit & Politics):
Honest users not voting
Phillip B. Gibbons, DISC’08/Graal’08

20
 Social Networks
–SybilLimit: Defending against Sybil Attacks in P2P
 Sensor Networks
– Synopsis Diffusion: Robust in-network aggregation
 Shape-Shifting Networks
–Claytronics: Aggregation in programmable matter
Phillip B. Gibbons, DISC’08/Graal’08

 Aggregate in-network over a tree
– Each node sends 1 short message (saves energy)
21
1
1
2
3
1
7
1
3
1
1
70
60
50
40
30
20
10
0
0 10 20
Time
30 40 50
Phillip B. Gibbons, DISC’08/Graal’08

 Tree topology used to avoid double-counting
 Aggregation and routing are tightly coupled 1
1
3
3
1
3 4
1
1
22
 Our goal: Decouple the two components
– They can be independently optimized
– Robust multi-path routing can be used
– Can exploit the broadcast medium
In contrast, a gossip approach requires point-to-point messages & explicit acks
Phillip B. Gibbons, DISC’08/Graal’08

[with Suman Nath*, Srini Seshan, Zach Anderson, SenSys’04, TOSN 2008]
 Each node generates a small synopsis of its readings (SG)
 Starting with outer ring, each node broadcasts its synopsis
 Synopsis Fusion (SF): Each node in next ring combines all synopses it hears into its own synopsis
 SF must be order- and duplicate- insensitive (ODI) e.g., Compute count or sum using Flajolet-Martin’s distinct-values counting [Considine et al, ICDE’04]
23
* Primary author
Phillip B. Gibbons, DISC’08/Graal’08
Example
Topology:
Rings

24
 SG(): Each node selects a random r in
[0,1], and creates a synopsis (r, id, val)
 SF(s,s’): Output the K (r,id,val) triples from s U s’ with maximum r-values
 SE(s): Output the K val’s in s
K=2: (.4,1,v1), (.7,2,v2), (.3,3,v3), (.8,4,v4)
{(.4,1,v1),(.7,2,v2)} {(.7,2,v2),(.3,3,v3)} {(.3,3,v3),(.8,4,v4)}
{(.7,2,v2), (.4,1,v1)}
{v2,v4}
{(.7,2,v2),(.8,4,v4)}
Phillip B. Gibbons, DISC’08/Graal’08

25
Result
SE
S
1
SG
SF SF SF
SF SF SF
SF
SF
SG SG SG SG r
1 r
2 r
3 r
4
Aggregation Topology r
5
Potentially large unknown set of combinations!
Key Result:
Give 4 simple, locally testable properties for
ODI correctness
(necessary & sufficient)
Makes topology independence tractable
ODI Goal: S
1 is always the same
Phillip B. Gibbons, DISC’08/Graal’08

 Necessary & sufficient conditions
1.
SF is commutative
2.
SF is associative
3.
SF is same-synopsis idempotent: SF(s,s) = s
4.
If readings r and r’ are “duplicates”, then SG(r) = SG(r’)
26
E.g., suppose use SF(s1,s2) = (s1+s2)/2, which of P1-P3 fails?
P2: SF(2,SF(6,30)) = 10 but SF(SF(2,6),30) = 17
Phillip B. Gibbons, DISC’08/Graal’08

27
 SF forms a semi-lattice
 Lattice property can tell if another
ODI synopsis accounts for my synopsis
10111 6
E.g., SF is bitwise-OR
00101
Not true for non-ODI e.g., sum
4
Implicit acks (Listen to what parent sends to know if your message was “received”)
Efficient adaptation to dynamic message loss, even when asymmetric links
More robust routing More accurate answers
Phillip B. Gibbons, DISC’08/Graal’08

Count, Count Distinct, Sum, Average,
Standard deviation, Second moment,
Uniform sample, k’th statistical moment,
Quantiles, Frequent items,
Range aggregates, Inner product queries
28
3
5
2
For ODI-correct algorithms:
Approximation guarantees
= same
…
3 5 2
Well-studied
Streaming Model
2
2
…
Phillip B. Gibbons, DISC’08/Graal’08

29
TAG (tree)
Adaptive Rings
Rings
Flood
600 sensors in 20x20
Count query
1
0.8
0.6
0.4
0.2
0
0 0.2
0.4
0.6
Loss Rate
0.8
More robust than TAG
1
Scheme Energy
Tree (TAG) 41.8mj
A. Rings
Flood
42.1mj
685mj
Almost as energy efficient as TAG
Phillip B. Gibbons, DISC’08/Graal’08

SD
Communication error
Approximation error
1% 10-15%
Number of Packets
1-3
Tree 60% 0-5% 1
Delta
30
Tributary-Delta : run both simultaneously, depending on:
• regional loss rate
• accumulated aggregation
[with Amit Manjhi, Suman Nath, ICDE’05]
Tributary
Phillip B. Gibbons, DISC’08/Graal’08

31
 Synopsis Diffusion
– ODI-correct algorithms + any multi-path routing
 Open Problems
– ODI-correct subtraction
– Use Synopsis Diffusion in other contexts:
– P2P, mobile, etc.
– ODI-correctness requires the same synopsis for all aggregation topologies
– However, too strong: E.g., quantiles – always meets guarantees but answer depends on order
– What is a formal framework for such scenarios?
Phillip B. Gibbons, DISC’08/Graal’08

32
 Social Networks
–SybilLimit: Defending against Sybil Attacks in P2P
 Sensor Networks
–Synopsis Diffusion: Robust in-network aggregation
 Shape-Shifting Networks
– Claytronics: Aggregation in programmable matter
Phillip B. Gibbons, DISC’08/Graal’08

 Large groups of tiny robot modules (10 6
-10 9 units), working in unison to form tangible, moving 3D shapes
33
 Not just an illusion of 3D (as with stereo glasses), but real physical objects
 Both an output device (rendering, haptics) & an input device (sensing)
Phillip B. Gibbons, DISC’08/Graal’08

34
Video: CMU Entertainment Technology Center
Phillip B. Gibbons, DISC’08/Graal’08

35
 Product design
 Medical visualization
 Adaptive form-factor devices
 Telepario
 3D fax
 Smart antennas
 Paramedic-on-demand
 Entertainment
 Etc.
Phillip B. Gibbons, DISC’08/Graal’08

[PIs: Seth Goldstein, Jason Campbell, Todd Mowry]
 Each sub-millimeter module (“catom”)
integrates computing & actuation
36
 Key issues:
– very high concurrency ( 10 6 -10 9 catoms)
– nondeterminism & unreliability
– efficient actuators, strong adhesion
– power, heat, dirt
– complex, dynamic networking (network diameters
≥ 1000, and changing topologies)
Phillip B. Gibbons, DISC’08/Graal’08

 Magnetic field one coil
 Electric field two assembled magnet rings
2 magnetic-field prototype catoms
37 electrostatic latch design
Phillip B. Gibbons, DISC’08/Graal’08 completed latch

patterned “flower”, including actuators
& control circuitry
2 mold wafers bonded around
1 thinned logic wafer arms curl up due to stresses between layers
Note: Both are early attempts
38
[J. Robert Reid,
Air Force Research Labs]
[Igal Chertkow & Boaz Weinfeld,
Phillip B. Gibbons, DISC’08/Graal’08
Intel]

 Actuation: Roll across each other (using electrostatics) under software control
– Planned motion, Reactive motion
 Power: Form own power grid
– Connected to external power source
39
 Communication: Between physically adjacent modules
– Either electrical contact, capacitive-coupled connections, or free space optics ( wire-like )
– Simultaneously with multiple neighbors
Phillip B. Gibbons, DISC’08/Graal’08

40
 In order to self-organize into a desired shape, the catom ensemble must:
– Be able to measure key aggregate properties
(e.g., center of mass)
– Coordinate their activities
…in real time
Diameter too large for standard hop-by-hop approach
Ensemble too dense for longer range wireless
Phillip B. Gibbons, DISC’08/Graal’08

[with Casey Helfrich, Todd Mowry, Babu Pillai,
Ben Rister, Srini Seshan]
E.g., regular 2D grid
Standard approach:
(regular) gradient
Our approach:
• Hierarchical Overlay
• Speculative forwarding on the long links
41 Phillip B. Gibbons, DISC’08/Graal’08

42
 Each catom maintains incoming-tooutgoing link mapping (e.g., last used)
 Each bit along incoming wire sent on outgoing wire according to the mapping
 When accumulate header, check for miss-speculation
Initial results are promising
Many issues:
• miss-speculations
• creating overlay
• shape changes
Aggregation deferred to nodes in the overlay
Phillip B. Gibbons, DISC’08/Graal’08

 Shape-Shifting Networks pose a new problem domain for algorithmic research
– Details are in flux; realizations years away
– Key issues: scale, dynamics, soft real-time
43
 Open Problems
– Much theory work to be done:
Formal modeling, new algorithms, new insights, lower bounds, etc.
– E.g., what is a robust, low-latency communication/aggregation scheme for catom ensembles?
– Ensemble algorithmics : local algs
Brownian hole motion
Grow/consume holes
Phillip B. Gibbons, DISC’08/Graal’08

44
 Social Networks
–SybilLimit: Defending against Sybil Attacks in P2P
 Sensor Networks
–Synopsis Diffusion: Robust in-network aggregation
 Shape-Shifting Networks
–Claytronics: Aggregation in programmable matter
Phillip B. Gibbons, DISC’08/Graal’08