摘要
信誉可以帮助用户在对等网络系统中做出更好的服务选择决策.然而女巫攻击者可以获取多个身份,并伪装成多个在系统中的实体,通过操控多个女巫节点的评价意向,让其他参与者的信誉随攻击者的意愿而改变.现有的防范方法需要引入特定环境进行攻击检测或者仅进行单次注册验证,难以从源头上抑制女巫攻击.通过引入多轮工作量证明验证和动态难度调整的验证机制,本文提出了一种针对对等网络信誉系统的女巫攻击者防范模型.理智的攻击者通常不会在没有收益的情况下进行攻击,因此可以通过使用多轮难题验证将攻击者的预期收益降至最低.此外考虑到攻击者在实施女巫攻击时引发洗白攻击重新申请节点的情况,将攻击者的洗白攻击纳入攻击效用考量,并通过理论分析和对比实验验证了模型的有效性.
Reputation can help users make better decisions of services in the P2 P system.However, Sybil attacker can obtain multiple identities and pretend to be multiple entities in the system.By manipulating the evaluation intentions of multiple Sybil nodes, the reputation of other participants can be changed according to the attacker′s wishes.The existing prevention methods need to introduce a specific environment for attack detection or only have a single registration verification, which is difficult to suppress Sybil attack from the source.By introducing multiple rounds of PoW(Proof of Work)verification and dynamic difficulty adjustment verification mechanism, this paper proposes a Sybil attack prevention model for P2 P reputation system.A sane attacker usually does not attack without gains, so we can minimize the attacker′s expected gains by using multiple rounds of puzzle verification.In addition, considering that the attacker triggers a whitewashing attack to reapply for a node when performing a Sybil attack, the attacker′s whitewashing attack is taken into consideration of the attack utility.The effectiveness of the model is verified through theoretical analysis and comparative experiments.
作者
李标奇
付晓东
岳昆
刘骊
刘利军
冯勇
LI Biao-qi;FU Xiao-dong;YUE Kun;LIU Li;LIU Li-jun;FENG Yong(Faculty of Information Engineering and Automation,Kunming University of Science and Technology,Kunming 650500,China;Yunnan Key Laboratory of Computer Technology Applications,Kunming 650500,China;School of Information Science and Engineering,Yunnan University,Kunming 650091,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2022年第1期137-143,共7页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61962030,U1802271,61862036,81560296,61662042)资助
云南省杰出青年科学基金项目(2019FJ011)资助
云南省中青年学术和技术带头人基金项目(202005AC160036)资助。
关键词
女巫攻击
P2P网络
工作量证明
难题验证
洗白攻击
sybil attack
peer-to-peer network
proof of work
puzzle verification
whitewashing