Sybil Attacks

One-way security can break down is in a Sybil attack. Named after the case study of a woman with multiple personality disorder, a Sybil attack is a type of security threat when a node in a network claims multiple identities.

Most networks, like a peer-to-peer network, depend on on assumptions of identity, where each computer denotes one identity. A Sybil attack occurs when an insecure computer is hijacked to claim multiple identities. Problems arise when a reputation system (such as a file-sharing reputation on a torrent network) is tricked into thinking that an attacking computer has a disproportionally large influence. Similarly, an attacker with many identities can use them to act maliciously, by either stealing information or troublemaking communication. It is important to recognize a Sybil attack and note its danger in order to protect yourself from being a target.

First defined by Microsoft researcher John Douceur, a Sybil attack relies on the fact that a network of computers cannot guarantee that each unknown computing component is a distinct, physical computer. A number of authorities have attempted to establish the identity of computers on a network (or nodes) by using certification software such as VeriSign, employing IP addresses to identify nodes, requiring passwords and usernames, and so forth. However, impersonation, both in the real and digital worlds, is commonplace. Friends may share passwords, communities may share website registrations and some services provide a single IP address that is shared among users.

Sybil attacks have appeared in many scenarios, with wide implications for security, safety and trust. For example, an internet poll can be rigged using multiple IP addresses to submit a large number of votes. Some companies have also used Sybil attacks to gain better ratings on Google Page Rank. Reputation systems like eBay's have also been victims of this type of attack.

There are few sure-fire ways to protect a network from a Sybil attack, but there is a wide range of literature dedicated to discussing options for protection and verification of computing identities. One way is by using trusted certification in which a single, central authority establishes and verifies each identity via a certificate. Trusted certification is not foolproof, however, and it can use up large amounts of resources and bottleneck traffic on the network.

Another option is called resource testing. The aim of resource testing is to determine whether a collection of identities possess fewer resources than they would if they were independent. Resource testing scans computing power, storage space, network bandwidth and other parameters to determine if the collection is from a single, Sybil-attacking computer or a series of true identities.

Utilizing trusted devices is similar to using trusted certification to defend against a Sybil attack. In this case, identities are associated to specific hardware devices. Similar to a central authority creating certificates, there are few ways to prevent an attacker from attaining multiple devices.


It is important to know what threats are out there. In a typical home or office setting, a Sybil attack may not have as much direct effect as a virus or Trojan attack, but this type of attack can affect the fabric of internet commerce and communication. Understanding what a Sybil attack is and how to spot one is essential for any savvy internet user.

Comments

Post a Comment

Popular posts from this blog

Introduction to Encryption

Image
What is Encryption? Encryption is like sending secret messages between parties; if someone tries to pry without the proper keys, they won't be able to understand the message. In other words, it is the process of locking up information using cryptography (Cryptography is both the practice and the study of hiding information.) Definition:  ‘ The Process of converting plain text into cipher text, something that appears to be random and meaningless ’ is called as the encryption. Process of converting cipher text back into original text is called as decryption . Terminology Original message is called as plain text/clear text.   Encrypted message is called as cipher text/encrypted text.  A Key which is a secret like a password which is used to encrypt and decrypt information.  Ciphers are the specific algorithms which are used to encrypt and decrypt data. A cipher is series of well-defined steps that can be followed as a procedure to encrypt and decrypt m
Read more

Cross-Site Request Forgery protection in web applications via Double Submit Cookies Patterns

Image
Double submission of cookies is another well-known method to block CSRF. Similar to using unique tokens, random tokens are assigned to both a cookie and a request parameter. In double-submitted cookie pattern, two cookies (for the session and for the CSRF token) are stored in the browser. This pattern is also called as Stateless CSRF Defense since the server site does not have to save this value in any way, thus avoiding server side state. In our previous method, we stored CSRF token values on the server side (text file). But here we don't do it. When a user authenticates to a site, the site should generate a (cryptographically strong) pseudorandom value and set it as a cookie on the user's machine separate from the session id. The site then requires that every transaction request include this random value as a hidden form value (or other request parameter). A cross origin attacker cannot read any data sent from the server or modify cookie values, per the same-origin
Read more

How to do a Phishing attack on Facebook?

Image
This is a Step by step tutorial to make an undetectable Facebook phishing site. Step 1: Download page source Go to https://www.facebook.com Right click on the blank area -> Click Save As When dialog box appears select ‘Webpage, complete’ as Save as type -> Click Save Step 2: Edit “Facebook - Log In or Sign Up.html” file and rename it. Open ‘Facebook - Log In or Sign Up.html’ file with notepad or Dreamweaver. Remove all the ajax codes. (You can download HTML file which removed all ajax codes form here https://github.com/nimeshikaranasinghe/Facebook-Phisihing.git   ) Search for login action (Press Ctrl + F -> type ‘ action= ’ -> Click Find Next) Replace the highlighted part (as in the following screenshot) with getDetails.php Save the file as index.html Step 3: Create getDetails.php Open a notepad. Type the following code <?php             $username = $_POS
Read more