What is Sybil Attack in Computer Networks?

Computer NetworkInternetMCA

A Sybil Attack subverts a network service's reputation system by establishing a large number of pseudonymous identities and using them to wield disproportionately great power. It's called after Sybil, the protagonist of the novel Sybil, which is a case study of a lady diagnosed with a dissociative identity disorder. Sock puppetry is another term for Sybil assaults.

In computer security, a Sybil Attack is a method of subverting a reputation system by establishing numerous identities. The vulnerability of a reputation system to a Sybil attack is determined by how cheap identities can be generated and the extent to which the reputation system accepts input from entities without a chain of trust connecting them to a trusted entity, and whether the reputation system treats all entities equally. As of 2012, data indicated that large-scale Sybil attacks could be carried out in actual existing systems like BitTorrent Mainline DHT for a very low cost and efficiency.

Methods to Prevent Sybil Attack

Following are some of the methods that can be employed to prevent a Sybil Attack −

Identity Validation

Sybil attacks can be avoided by employing validation procedures, which can also be used to discard masked hostile entities. A distant identity may be accepted by a local entity based on a central authority that assures a one-to-one correlation between an identity and an entity and may even enable a reverse lookup.

A person's identification can be verified directly or indirectly. The local entity contacts the central authority to authenticate the distant identities via direct validation. In indirect validation, the local entity depends on previously approved identities to vouch for the remote identity in question's authenticity.

Social Trust Graphs

Sybil protection methods based on social network connection features can further restrict the amount of harm a Sybil attacker might inflict while maintaining anonymity. SybilGuard, SybilLimit, the Advogato Trust Metric, SybilRank, and the sparsity-based metric to identify Sybil clusters in a distributed P2P-based reputation system are examples of such preventive approaches.

These solutions cannot completely avoid Sybil assaults, and they may be vulnerable to large-scale Sybil attacks.

Economic Costs

Alternatively, imposing economic penalties as artificial entrance barriers may be utilized to increase the cost of Sybil assaults. Proof of work, for instance, requires a user to demonstrate that they solved a cryptographic challenge with a particular level of computing effort.

Personhood Validation

As an alternative to identity verification that tries to maintain a strict "one-per-person" allocation rule, a validation authority can enforce a one-to-one correspondence between online identities other than knowing a user's true identity, such as verifying the actual presence of an unidentifiable individual at a given area and time, as in a pseudonym party-specific location and time, as in a pseudonym party.

Application-specific Defenses

Sybil attack security has been built into a variety of distributed protocols. Sybil-resistant algorithms for online content recommendation and voting are SumUp and DSybil. Whnau is a distributed hash table method that is Sybil-resistant. Sybil attacks are also mitigated by I2P's use of Kademlia.

Updated on 28-Oct-2021 06:31:36