In a Sybil attack, the attacker subverts the reputation system of a network service by creating a large number of pseudonymous identities and uses them to gain a disproportionately large influence. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder. The name was suggested in or before 2002 by Brian Zill at Microsoft Research. The term pseudospoofing had previously been coined by L. Detweiler on the Cypherpunks mailing list and used in the literature on peer-to-peer systems for the same class of attacks prior to 2002, but this term did not gain as much influence as "Sybil attack". Sybil attacks are also called sock puppetry.
The Sybil attack in computer security is an attack wherein a reputation system is subverted by creating multiple identities. A reputation system's vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity, and whether the reputation system treats all entities identically. As of 2012[update], evidence showed that large-scale Sybil attacks could be carried out in a very cheap and efficient way in extant realistic systems such as BitTorrent Mainline DHT.
An entity on a peer-to-peer network is a piece of software which has access to local resources. An entity advertises itself on the peer-to-peer network by presenting an identity. More than one identity can correspond to a single entity. In other words, the mapping of identities to entities is many to one. Entities in peer-to-peer networks use multiple identities for purposes of redundancy, resource sharing, reliability and integrity. In peer-to-peer networks, the identity is used as an abstraction so that a remote entity can be aware of identities without necessarily knowing the correspondence of identities to local entities. By default, each distinct identity is usually assumed to correspond to a distinct local entity. In reality, many identities may correspond to the same local entity.
An adversary may present multiple identities to a peer-to-peer network in order to appear and function as multiple distinct nodes. The adversary may thus be able to acquire a disproportionate level of control over the network, such as by affecting voting outcomes.
Validation techniques can be used to prevent Sybil attacks and dismiss masquerading hostile entities. A local entity may accept a remote identity based on a central authority which ensures a one-to-one correspondence between an identity and an entity and may even provide a reverse lookup. An identity may be validated either directly or indirectly. In direct validation the local entity queries the central authority to validate the remote identities. In indirect validation the local entity relies on already accepted identities which in turn vouch for the validity of the remote identity in question.
Identity-based validation techniques generally provide accountability at the expense of anonymity, which can be an undesirable tradeoff especially in online forums that wish to permit censorship-free information exchange and open discussion of sensitive topics. A validation authority can attempt to preserve users' anonymity by refusing to perform reverse lookups, but this approach makes the validation authority a prime target for attack. Alternatively, the authority can use some mechanism other than knowledge of a user's real identity - such as verification of an unidentified person's physical presence at a particular place and time - to enforce a one-to-one correspondence between online identities and real-world users.
Sybil prevention techniques based on the connectivity characteristics of social graphs can also limit the extent of damage that can be caused by a given Sybil attacker while preserving anonymity, though these techniques cannot prevent Sybil attacks entirely, and may be vulnerable to widespread small-scale Sybil attacks. Examples of such prevention techniques are SybilGuard and the Advogato Trust Metric and also the sparsity based metric to identify Sybil clusters in a distributed P2P based reputation system.
- Lynn Neary (20 October 2011). Real 'Sybil' Admits Multiple Personalities Were Fake. NPR. Retrieved 8 February 2017.
- Douceur, John R (2002). "The Sybil Attack". Peer-to-Peer Systems. Lecture Notes in Computer Science. 2429. pp. 251–60. doi:10.1007/3-540-45748-8_24. ISBN 978-3-540-44179-3.
- Oram, Andrew. Peer-to-peer: harnessing the benefits of a disruptive technology.
- Trifa, Zied; Khemakhem, Maher (2014). "Sybil Nodes as a Mitigation Strategy Against Sybil Attack". Procedia Computer Science. 32: 1135–40. doi:10.1016/j.procs.2014.05.544.
- Wang, Liang; Kangasharju, Jussi (2012). "Real-world sybil attacks in BitTorrent mainline DHT". 2012 IEEE Global Communications Conference (GLOBECOM). pp. 826–32. doi:10.1109/GLOCOM.2012.6503215. ISBN 978-1-4673-0921-9.
- Wang, Liang; Kangasharju, Jussi (2013). "Measuring large-scale distributed systems: case of BitTorrent Mainline DHT". IEEE P2P 2013 Proceedings. pp. 1–10. doi:10.1109/P2P.2013.6688697. ISBN 978-1-4799-0515-7.
- (30 July 2014). Tor security advisory: "relay early" traffic confirmation attack.
- Dan Goodin (31 July 2014). Active attack on Tor network tried to decloak users for five months.
- O'Whielacronx, Zooko. "Levien's attack-resistant trust metric". <p2p-hackers at lists.zooko.com>. gmane.org. Retrieved 10 February 2012.
- Kurve, Aditya; Kesidis, George (2011). "Sybil Detection via Distributed Sparse Cut Monitoring". 2011 IEEE International Conference on Communications (ICC). pp. 1–6. doi:10.1109/icc.2011.5963402. ISBN 978-1-61284-232-5.
- "Bit Gold proposal - Bitcoin Wiki". en.bitcoin.it. Retrieved 19 January 2018.
- "The Network Database - I2P".
- Querci, Daniele; Hailes, Stephen (2010). "Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue". 2010 Proceedings IEEE INFOCOM. pp. 1–5. CiteSeerX 10.1.1.360.8730. doi:10.1109/INFCOM.2010.5462218. ISBN 978-1-4244-5836-3.
- Bazzi, Rida A; Konjevod, Goran (2006). "On the establishment of distinct identities in overlay networks". Distributed Computing. 19 (4): 267–87. doi:10.1007/s00446-006-0012-y.
- Ford, Bryan; Strauss, Jacob (2008). "An offline foundation for online accountable pseudonyms". Proceedings of the 1st workshop on Social network systems - SocialNets '08. pp. 31–6. doi:10.1145/1435497.1435503. ISBN 978-1-60558-124-8.
- Lesniewski-Laas, Chris (2008). "A Sybil-proof one-hop DHT". Proceedings of the 1st workshop on Social network systems - SocialNets '08. pp. 19–24. doi:10.1145/1435497.1435501. ISBN 978-1-60558-124-8.
- Newsome, James; Shi, Elaine; Song, Dawn; Perrig, Adrian (2004). "The sybil attack in sensor networks". Proceedings of the third international symposium on Information processing in sensor networks - IPSN'04. pp. 259–68. doi:10.1145/984622.984660. ISBN 978-1581138467.
- A Survey of Solutions to the Sybil Attack
- Yu, Haifeng; Kaminsky, Michael; Gibbons, Phillip B; Flaxman, Abraham (2006). "SybilGuard: defending against sybil attacks via social networks". Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications - SIGCOMM '06. pp. 267–78. doi:10.1145/1159913.1159945. ISBN 978-1-59593-308-9.
- On Network formation: Sybil attacks and Reputation systems
- Seigneur, Jean-Marc; Gray, Alan; Jensen, Christian Damsgaard (2005). "Trust Transfer: Encouraging Self-recommendations Without Sybil Attack". Trust Management. Lecture Notes in Computer Science. 3477. pp. 321–37. CiteSeerX 10.1.1.391.5003. doi:10.1007/11429760_22. ISBN 978-3-540-26042-4.
- A Survey of DHT Security Techniques by Guido Urdaneta, Guillaume Pierre and Maarten van Steen. ACM Computing surveys, 2009.
- An experiment on the weakness of reputation algorithms used in professional social networks: the case of Naymz by Marco Lazzari. Proceedings of the IADIS International Conference e-Society 2010.