资源描述:
《Quantifying Resistance to the》由会员上传分享,免费在线阅读,更多相关内容在学术论文-天天文库。
1、QuantifyingResistancetotheSybilAttackN.BorisMargolinandBrianNeilLevineDept.ofComputerScience,Univ.ofMassachusetts,Amherst,MAUSA{margolin,brian}@cs.umass.eduAbstract.Sybilattackshavebeenshowntobeunpreventableexceptundertheprotectionofavigilantcentralauthority.Weuseaneconomicanalysi
2、stoshowquantitativelythatsomeappli-cationsandprotocolsaremorerobustagainsttheattackthanothers.Inourapproach,foreachdistributedapplicationandanattackerobjective,thereisacriticalvaluethatdeterminesthecost-effectivenessoftheattack.ASybilattackisworthwhileonlywhenthecriticalvalueisexc
3、eededbytheratioofthevalueoftheattacker’sgoaltothecostofidentities.Weshowthatformanyapplications,successfulSybilattacksmaybeexpensiveevenwhentheSybilattackcannotbeprevented.Specifically,weproposetheuseofarecurringfeeasadeterrentagainsttheSybilat-tack.Asadetailedexample,welookatfourv
4、ariationsoftheSybilattackagainstarecurringfeebasedonionroutinganonymousroutingnetworkandquantifyitsvulnerability.1IntroductionManydistributedservicesandpeer-to-peer(p2p)applicationsarevulnerabletoSybilattacks[17],whereasinglemaliciousentitymasqueradesasmanycounterfeitiden-titiesan
5、dusesthemtolaunchacoordinatedassault.Theattackcanbeusedtoruintheintegrityofreputationsystems[5,12],createfalseroutesinmobileadhocnet-works[23],identifyusersofanonymousroutingprotocols[16],cheatp2pcomputingsystems(e.g.,SETI@home)[47],andfree-ridecooperativefilestoragesystems[15].Afo
6、rmoftheSybilattackiscommonlyusedtofoolGoogle’sPageRankalgorithm[6].InmostsituationsitisnotpossibletopreventSybilattacksusingresourcetests,andcertificatesystemsgenerallydonotguaranteenoentityhastwokeys.TheSybilattackhasbeenwidelystudiedbutremainsunsolvedingeneral.Severalpapershaveev
7、aluatedformallytheconditionsunderwhichapplicationsaresusceptibletotheattack[12,17],howeverthisisacoarse-grainedapproach.Itisnottruethatallapplicationsareequallyvulnerable.Inthispaper,wequantifythethreatoftheSybilattackusinganeconomicmodel.Forthefirsttime,weshowthattheattackposesadi
8、fferentlevelofthreattodifferentap
