mitigating sybil attacks on the i2p network using
play

Mitigating Sybil Attacks on the I2P Network Using Blockchain RP - PowerPoint PPT Presentation

Apr 09, 2023 •336 likes •720 views

Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar & Dirk Gaastra Supervisor: Vincent Van Mieghem, Deloitte 3 July, 2018 MSc Security and Network Engineering University of Amsterdam Introduction I2P -

  1. Mitigating Sybil Attacks on the I2P Network Using Blockchain RP #97, Kotaiba Alachkar & Dirk Gaastra Supervisor: Vincent Van Mieghem, Deloitte 3 July, 2018 MSc Security and Network Engineering University of Amsterdam

  2. Introduction

  3. I2P - Invisible Internet Project Anonymous Communication Network (ACN), similar to TOR, but with a few differences. • Fully peer-to-peer • No exit nodes • Internal communication only • Designed for slightly different purposes (e.g. filesharing) • Garlic routing • Unidirectional tunnels 1

  4. Network Topology Figure 1: I2P network topology example 1 1 https://geti2p.net/_static/images/net.png 2

  5. netDb - Network DataBase • Used for looking up resources: RouterInfos and LeaseSets • Distributed across so-called FloodFill routers • Automatically selected based on performance (e.g. bandwidth) • Or manually enabled • Each FF router is responsible for a part of the network • Based on Kademlia-style metric to determine closeness • Hash of RouterIdentity + current date • Changes every day at midnight (UTC) • aka ”keyspace rotation” 3

  6. I2P - User-base Figure 2: Rough estimation of the average number of I2P nodes 4

  7. Sybil Attack Figure 3: Sybil by F. R. Schreiber 2 ”A case study of a woman diagnosed with dissociative identity disorder 3 ” 2 http://whenfallsthecoliseum.com/wp-content/uploads/sybil.jpg 3 https://en.wikipedia.org/wiki/Sybil_(Schreiber_book) 5

  8. Sybil Attacks Create a large number of pseudonymous identities in order to cripple the peer-to-peer system Its impact depends on: • how cheaply identities can be generated • accept inputs from untrusted entities • whether all entities treated identically 6

  9. Sybil Attack on I2P Figure 4: Partial keyspace Sybil attack example Attack is very feasible, even with limited resources [1] 7

  10. Research Question How can a Sybil attack on the I2P network be made infeasible? 8

  11. Methodology

  12. Methodology • Evaluate existing mitigation state on the network • Examine proposed solutions from previous research • Construct our own solution 9

  13. Evaluation

  14. Current State • Router election • Enough resources required to be considered • Currently, becoming FF router is not hard • Keyspace rotation • Router ID hashed with date to determine closeness • Possible to precompute identities • Blacklist • Block known bad IPs • Centralized (blogs, forums, etc.) • Quis custodiet ipsos custodes? 10

  15. Previous Research

  16. Previous Research: PoW Proof-of-Work (PoW) suggested by I2P contributors [2] • Using HashCash 4 • Finish PoW before creating router • However, • Difficulty of PoW hard to determine • Trivial for a reasonably powerful attacker 4 http://www.hashcash.org/ 11

  17. Previous Research: Reputation Age-based reputation suggested by Egger et al. [1] • The longer a router is active, the higher the reputation • Bootstrapping issue • New router has no age information on peers 12

  18. Our Contribution

  19. Goal • Make it harder to create successful Sybil nodes • Create tamper-proof platform • Traceability • Evaluate FF routers • Offer both preventative, proactive, and retroactive solutions 13

  20. Criteria Our solution should be: • Distributed • Public • Permissionless • Anonymous • Open-source 14

  21. Distributed ledger technologies - why blockchain Distributed ledger - decentralized database which is synced and consented upon by all participants of the network Figure 5: DLTs comparison summary 15

  22. Distributed ledger technologies - why blockchain Distributed ledger - decentralized database which is synced and consented upon by all participants of the network Figure 6: DLTs comparison summary 16

  23. Implementation

  24. General Concept • Keeping track of FF routers • Verify age • Determine trustworthiness of FF router • Use blockchain randomness for closeness metric 17

  25. Implementation • Proof-of-Work vs Proof-of-Stake • PoW: High computation power required to add block • PoS: nodes with more coins have a higher chance to add a block • Incentive for miners • Reputation • Nodes should make decisions individually • Who to trust? • Who not to trust? 18

  26. Proof-of-Stake • Miner chosen based on their wealth • Wealthier miners have a higher stake and are more likely to be trustworthy • No expensive hardware required • Virtually all nodes are able to join • More decentralized than PoW • In PoW, miners tend to pool together 19

  27. Individual Decisions Being able to make decision about trustworthiness of a router is important... • Be as decentralized as possible • Nodes can come up with own criteria • Strict criteria for the paranoid • Loose criteria for performance-minded 20

  28. Transaction types MinerTransaction Reward for the miner EnrollmentTransaction Enrollment as miner RouterUp Announcement of new FF router RouterDown FF router no longer responsive Table 1: Blockchain transactions [3] 21

  29. General Structure • First block should have all FF routers • Subsequent blocks update that list • Traverse chain to get router age Figure 7: Overview of blockchain 22

  30. Positive Externalities More advantages to blockchain... • Bootstrapping issue solved • Nonce provides non-deterministic hash for router closeness • Retroactively and proactively verify attacks • Check certain criteria • Individually verify attack likelihood 23

  31. Conclusion

  32. Conclusion A Sybil attack can be made less feasible by using blockchain • The age and reputation of Floodfill routers can be identified • Routers are able to build up reputation • FF routers need reputation before they can join • The Kademlia closeness metric can be made non-deterministic 24

  33. Future Work

  34. Future Work • Study privacy implications • Implementational details • Exact Proof-of-Stake algorithm used • Analysis of the network’s performance with blockchain • Practical analysis of other technologies • Explore other solutions blockchain could provide to I2P • Replace netDb • Provide payment platform 25

  35. Q&A Figure 8: Presentation Overview 26

  36. References Christoph Egger, Johannes Schlumberger, Christopher Kruegel, and Giovanni Vigna. Practical attacks against the i2p network. In International Workshop on Recent Advances in Intrusion Detection , pages 432–451. Springer, 2013. I2p’s threat model, 2010. https://geti2p.net/en/docs/how/threat-model. Neo white paper, Nov 2016. http://docs.neo.org/en-us/. 27

  37. Miner Incentive • Altruistic nodes • Could work for I2P. However... • Blockchain reliability should not lean on this • Monetary • Advantage: currency for users • Disadvantage: complicated blockchain construction • Reputation • Two birds, one stone • Incentive and measure of trustworthiness 28

Recommend

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via

SybilGuard: Defending Against Sybil Attacks SybilGuard: Defending Against Sybil Attacks via Social Networks via Social Networks Intel Research Pittsburgh / CMU Haifeng Yu National University of Singapore Michael Kaminsky Intel Research

501 views • 22 slides
Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network

Successive Network Coding (SNC): A Mitigating Mechanism Against Eavesdropping Attacks In Network Coding Based Systems Vahid N. Talooki, University of Aveiro, Portugal Network Coding (NC) allows intermediate nodes not only to store and forward

307 views • 4 slides
On Network formation, (Sybil attacks and Reputation systems) (Position Paper) George Danezis and

On Network formation, (Sybil attacks and Reputation systems) (Position Paper) George Danezis and

On Network formation, (Sybil attacks and Reputation systems) (Position Paper) George Danezis and Stefan Schiffner December 26, 2006 Abstract We propose a model of network formation in peer-to-peer networks, that allows us to observe their

325 views • 7 slides
Detecting Sybil Attacks using Proofs of Work and Location for Vehicular AdHoc Networks (VANETS)

Detecting Sybil Attacks using Proofs of Work and Location for Vehicular AdHoc Networks (VANETS)

Master Defense Detecting Sybil Attacks using Proofs of Work and Location for Vehicular AdHoc Networks (VANETS) Presented by: Niclas Bewermeier Electrical and Computer December 14, 2018 Engineering Detecting Sybil Attacks using Proofs of

510 views • 49 slides
SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng

SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng

SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky ,Phillip B. Gibbons, and Abraham Flaxman. Page 1 of 16 In procedings of the 2006 conference on Applications, technolo- gies,

318 views • 16 slides
Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue Daniele Quercia Stephen

Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue Daniele Quercia Stephen

Sybil Attacks Against Mobile Users: Friends and Foes to the Rescue Daniele Quercia Stephen Hailes By XincenYu What is it about Propose a new decentralized defense for portable devices called MobID Every device manages two small

256 views • 24 slides
An analysis of Social Network-based Sybil defenses Bimal Viswanath Ansley Post Krishna

An analysis of Social Network-based Sybil defenses Bimal Viswanath Ansley Post Krishna

An analysis of Social Network-based Sybil defenses Bimal Viswanath Ansley Post Krishna Gummadi Alan Mislove MPI-SWS Northeastern University SIGCOMM 2010 1 Sybil attack Fundamental problem in distributed systems Attacker

519 views • 40 slides
Network Structure Grant Schoenebeck, Aaron Snook, Fang-Yi Yu Sybil Attack An attack to

Network Structure Grant Schoenebeck, Aaron Snook, Fang-Yi Yu Sybil Attack An attack to

Sybil Detection Using Latent Network Structure Grant Schoenebeck, Aaron Snook, Fang-Yi Yu Sybil Attack An attack to compromise a recommendation systems by forging identities. Recommendation System How is that restaurant? Bad Good Good

880 views • 29 slides
KRACKing WPA2 and Mitigating Future Attacks Mathy Vanhoef @vanhoefm CRYPTO Workshop on

KRACKing WPA2 and Mitigating Future Attacks Mathy Vanhoef @vanhoefm CRYPTO Workshop on

KRACKing WPA2 and Mitigating Future Attacks Mathy Vanhoef @vanhoefm CRYPTO Workshop on Attacks (WAC), Santa Barbara, 18 August 2018 Overview Key reinstalls in 4-way handshake Misconceptions Practical impact Channel validation 2

646 views • 51 slides
Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches Menghao Zhang 1 , Guanyu

Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches Menghao Zhang 1 , Guanyu

Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches Menghao Zhang 1 , Guanyu Li 1 , Shicheng Wang 1 , Chang Liu 1 , Ang Chen 2 , Hongxin Hu 3 , Guofei Gu 4 , Qi Li 1 , Mingwei Xu 1 , Jianping Wu 1 1 4 2 3 DDoS Attacks are

480 views • 23 slides
Understanding and Mitigating Leakage-Abuse Attacks against Searchable Encryption Raphael Bost 1 ,

Understanding and Mitigating Leakage-Abuse Attacks against Searchable Encryption Raphael Bost 1 ,

Understanding and Mitigating Leakage-Abuse Attacks against Searchable Encryption Raphael Bost 1 , Pierre-Alain Fouque 2 , Brice Minaud 3 1 Direction Gnrale de lArmement - Matrise de lInformation 2 Universit de Rennes 1 3 INRIA &

836 views • 45 slides
Replay, Relay and Inverse-Sybil Attacks on Proximity Tracing Apps Krzysztof Pietrzak 2020

Replay, Relay and Inverse-Sybil Attacks on Proximity Tracing Apps Krzysztof Pietrzak 2020

Replay, Relay and Inverse-Sybil Attacks on Proximity Tracing Apps Krzysztof Pietrzak 2020 Eurocrypt Rump Session, May 13th, Living Room Proximity Tracing . . . 8GD45AF3 8GD45AF3 . . . 8GD45AF3 Proximity Tracing . . . 8GD45AF3 8GD45AF3

223 views • 19 slides
Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks Bolun Wang*,

Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks Bolun Wang*,

Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks Bolun Wang*, Yuanshun Yao, Shawn Shan, Huiying Li, Bimal Viswanath , Haitao Zheng, Ben Y. Zhao University of Chicago, *UC Santa Barbara, Virginia Tech

770 views • 17 slides
A Tough call : Mitigating Advanced Code-Reuse Attacks At The Binary Level Victor van der Veen,

A Tough call : Mitigating Advanced Code-Reuse Attacks At The Binary Level Victor van der Veen,

A Tough call : Mitigating Advanced Code-Reuse Attacks At The Binary Level Victor van der Veen, Enes Gkta (joint first author) (VU) Moritz Contag, Andre Pawlowski, Thorsten Holz (RUB) Xi Chen, Sanjay Rawat, Herbert Bos, Elias Athanasopoulos,

587 views • 26 slides
Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to

Wireless Security Wireless Network Attacks Access control attacks These attacks attempt to penetrate a network by using wireless or evading WLAN access control measures, like AP MAC filters and 802.1X port access controls. Type of Attack

184 views • 7 slides
Measuring and Mitigating AS-level Adversaries Against Tor Oleksii Adva Phillipa Michael Starov

Measuring and Mitigating AS-level Adversaries Against Tor Oleksii Adva Phillipa Michael Starov

Measuring and Mitigating AS-level Adversaries Against Tor Oleksii Adva Phillipa Michael Starov Zair Gill Schapira Rishab Nithyanand Network-level Traffic Correlation Attacks Internet rou,ng is asymmetric. Source -> Entry != Entry

591 views • 11 slides
Mitigating Attacks in Unstructured Multicast Overlay Networks Cristina Nita-Rotaru,Aaron Walters,

Mitigating Attacks in Unstructured Multicast Overlay Networks Cristina Nita-Rotaru,Aaron Walters,

Mitigating Attacks in Unstructured Multicast Overlay Networks Cristina Nita-Rotaru,Aaron Walters, David Zage Dependable and Secure Distributed Systems Lab ((DS) 2 ) Department of Computer Science and CERIAS Purdue University Dependable and

781 views • 56 slides
Mitigating Covert Compromises: A Game-Theoretic Model of Targeted and Non-Targeted Covert Attacks

Mitigating Covert Compromises: A Game-Theoretic Model of Targeted and Non-Targeted Covert Attacks

Mitigating Covert Compromises: A Game-Theoretic Model of Targeted and Non-Targeted Covert Attacks Aron Laszka 1 , 2 Benjamin Johnson 3 Jens Grossklags 1 1 Pennsylvania State University 2 Budapest University of Technology and Economics 3 University

867 views • 43 slides
Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad

Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad

Mitigating IoT Device Based DDoS Attacks Using Blockchain Uzair Javaid, Ang Kiang Siang, Muhammad Naveed Aman, Biplab Sikdar by Uzair Javaid National University of Singapore, Singapore Cryblock , MobiSys 18, Munich, Germany Dated: June 15,

404 views • 15 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of

Overview Network and Server Goal of Security Control Attacks and Penetration Phases of Control Methods of Taking Control Common Points of Attack Multifront Attacks Chapter 12 Auditing to Recognize Attacks Malicious

535 views • 7 slides
Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu

Networking Attacks: Link-, IP-, and TCP-layer attacks Network Security Prof. Haojin Zhu Materials adopted from Prof. David Wagner 2019 General Communication Security Goals: CIA Confidentiality: No one can read our data / communication

876 views • 60 slides
CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

804 views • 31 slides
Network Threats & Attacks 1 Internet Structure backbone ISP local network Internet

Network Threats & Attacks 1 Internet Structure backbone ISP local network Internet

CS 134 Winter 2018 Lecture 16 Network Threats & Attacks 1 Internet Structure backbone ISP local network Internet service Autonomous system (AS) is a provider (ISP) collection of IP networks under control local network of a single

769 views • 54 slides

More recommend