SybilDefense: Defending Sybil attacks using techniques from Complex Systems

Web 2.0 applications and websites towards social news, gaming and networking are particularly vulnerable to Sybil attacks. In a Sybil attack, a malicious user assumes many fake identities, and pretends to be multiple honest users in the system. By controlling a certain fraction of the nodes in the system, he out votes the honest users to promote his own news articles, which poses a threat to the functionality of the original application. Recent Sybil defense mechanisms are based on an assumption that malicious users might take several fake identities but few trust relationships. This assumption holds well for some peer to peer systems and distributed systems. However, recent studies on Facebook show sixty percent of users are willing to except friendship requests from unknown users. Furthermore, on Social news websites like Digg.com and career networking websites like Linkedin, a user is more willing to make connections with new and unknown people. In this work, we explore both SybilDefense mechanisms at the level of recommendation algorithms that applications could use to make it hard for Sybil nodes to control an application despite out voting the honest users. We also look at SybilDefense mechanisms from the prior trust assumption, and compare it to existing defense techniques.