PDF(1424 KB)
PDF(1424 KB)
PDF(1424 KB)
基于社交关系的DHT网络Sybil攻击防御
Sybil defenses in DHT networks based on social relationships
Sybil攻击通过恶意伪造大量虚假身份,破坏对等网络(P2P)网络中正常节点的寻路过程,是分布式Hash表网络(distributed Hash table, DHT)中主要的安全威胁。该文利用社交网络中社交关系的高可信度以及伪造难度大等特点,设计了Social-DHT方法以缓解DHT网络中Sybil攻击的影响。该方法采用基于社交关系的随机游走策略以构建相对可信的路由表,继而可以有效抵御Sybil恶意节点的影响,实现安全、高效的寻路过程。此外对该方法建立模型,对路由表的可信性和寻路阶段的成功概率进行了理论分析。仿真实验表明: 在有10 000条攻击边的情况下节点路由表中Sybil节点比例不超过3%, 搜索成功率则能够达到99%, 并且在搜索速度和带宽开销等方面优于已有的算法。
The Sybil attack, which creates a large amount of fake node identities to break the normal routing process in the peer-to-peer (P2P) networks, is the main threat faced by distributed networks. A Social-DHT protocol was developed using the properties of social relationships to mitigate Sybil attacks in distributed Hash table (DHT) networks using random walks over the social relationships. In addition, a model is given using a formalized definition to analyze the successful probability of searches. Simulations show that the Social-DHT routing table includes less than 3% of the Sybil nodes when there are 10000 attack edges and the successful search ratio reaches 99%, which is better than existing methods.
对等网络(P2P) / 分布式Hash表(DHT) / Sybil攻击 / 社交网络
peer-to-peer (P2P) / distributed Hash table (DHT) / Sybil attack / social networks
| [1] | Steinmetz R. Peer-to-Peer Systems and Applications [M]. Berlin, Germany:Springer, 2005. |
| [2] | Ratnasamy S, Francis P, Handley M, et al.A Scalable Content-Addressable Network [M]. Danvers, USA:Association for Computing Machinery, 2001. |
| [3] | Rowstron A, Druschel P. Pastry: Scalable, decentralized object location, and routing for large-scale peer-to-peer systems [C]// Middleware 2001. Berlin, Germany:Springer, 2001: 329-350. |
| [4] | Stoica I, Morris R, Karger D, et al.Chord: A scalable peer-to-peer lookup service for internet applications [J]. ACM SIGCOMM Computer Communication Review, 2001, 31(4): 149-160. |
| [5] | Maymounkov P, Mazieres D. Kademlia: A peer-to-peer information system based on the xor metric [C]// Peer-to-Peer Systems. Berlin, Germany: Springer, 2002: 53-65. |
| [6] | Douceur J R. TheSybil attack [C]// Peer-to-Peer Systems. Berlin, Germany: Springer, 2002: 251-260. |
| [7] | Castro M, Druschel P, Ganesh A, et al.Secure routing for structured peer-to-peer overlay networks[J]. ACM SIGOPS Operating Systems Review, 2002, 36(SI): 299-314. |
| [8] | WANG Honghao, ZHU Yingwu, HU Yiming. An efficient and secure peer-to-peer overlay network [C]// The IEEE Conference on Local Computer Networks 30th Anniversary. Washington DC, USA: IEEE Press, 2005: 764-771. |
| [9] | Bazzi R A, Konjevod G. On the establishment of distinct identities in overlay networks[J]. Distributed Computing, 2007, 19(4): 267-287. |
| [10] | ZHANG Ren, ZHANG Jianyu, CHEN Yu, et al.Making eclipse attacks computationally infeasible in large-scale DHTs [C]// Performance Computing and Communications Conference (IPCCC), 2011 IEEE 30th International. Washington DC, USA: IEEE Press, 2011: 1-8. |
| [11] | Rowaihy H, Enck W, McDaniel P, et al. Limiting sybil attacks in structured peer-to-peer networks [C]// IEEE Infocom Mini-Symposium. Washington DC, USA: IEEE Press, 2005. |
| [12] | Mittal P, Caesar M, Borisov N. X-Vine: Secure and pseudonymous routing using social networks [Z/OL]. (2013-10-13), http://arxiv.org/pdf/1109.0971.pdf. |
| [13] | Lesniewski-Lass C, Kaashoek M F. Whanau: Sybil-Proof Routing with Social Networks, Technical Report MIT-CSAIL-TR-2009-045 [R]. Cambridge, USA: Massachusetts Institute of Technology, 2009. |
| [14] | Lesniewski-Lass C, Kaashoek M F. Whanau: A sybil-proof distributed hash table [C]// 7th USENIX Symposium on Network Design and Implementation. Boston, USA: ACM SIGCOMM Computer Communication Review, 2010: 3-17. |
| [15] | Marti S, Ganesan P, Garcia-Molina H. SPROUT: P2P routing with social networks [C]// Current Trends in Database Technology-EDBT 2004 Workshops. Berlin, Germany: Springer, 2005: 425-435. |
| [16] | Hardt D. The OAuth 2.0 Authorization Framework [Z/OL]. (2013-10-13), http://tools.ietf.org/html/rfc6749. |
| [17] | Sina Corp. Sina Weibo Oauth API [Z/OL]. (2013-10-13), http://open.weibo.com/wiki/Oauth. |
| [18] | Renren Corp. Renren Oauth Wiki [Z/OL]. (2013-10-13), http://wiki.dev.renren.com/wiki/Authentication. |
| [19] | Tencent Corp. Tencent Weibo Oauth Wiki [Z/OL]. (2013-10-13), http://wiki.open.t.qq.com/index.php/OAuth授权说明. |
| [20] | Mitzenmacher M, Upfal E. Probability and computing: Randomized algorithms and probabilistic analysis [M]. Cambridge, UK: Cambridge University Press, 2005. |
| [21] | Viswanath B, Mislove A, Cha M, et al.On the evolution of user interaction in facebook [C]// Proceedings of the 2nd ACM Workshop on Online Social Networks. Danvers, USA: Association for Computing Machinery, 2009: 37-42. |
/
| 〈 |
|
〉 |
