Quantitative Analysis of the Sybil Attack and Effective Sybil Resistance in Peer-to-Peer Systems

Current peer-to-peer (P2P) systems are vulnerable to a variety of attacks due to the lack of a central authorization authority. The Sybil attack, i.e., the forging of multiple identities, is crucial as it can enable an attacker to control a substantial fraction or even the entire P2P system. However, the correlation between the resources available to an attacker and the resulting influence on the P2P system has yet not been studied in detail. The contributions of our paper are twofold: i) we present an approach for assessing the actual threats of Sybil attacks and ii) we propose a distributed approach to limit the impact of Sybil attacks effectively. Therefore, we conduct a thorough analysis of the Sybil attack w.r.t. the resource requirements to operate Sybil nodes and we investigate the quantitative influence of Sybil nodes on the overall system. Our study focuses on Kademlia, a very popular distributed hash table (DHT) which is for instance used in BitTorrent. We ran extensive Internet measurements within the BitTorrent DHT to determine the actual required resources to operate nodes. To evaluate the quantitative influence of Sybil nodes, we additionally conducted a comprehensive simulation study. The results show that upstream network bandwidth is the dominating factor concerning resources. Furthermore, we illustrate that small portions of Sybil nodes are tolerable in terms of global system stability. Finally, we propose a new approach called *RACING* to improve the resistance of DHTs against Sybil attacks. By establishing a new distributed identity registration procedure based on IP addresses, we are able to effectively limit the number of Sybil nodes.