Collaborative Research: SaTC: CORE: Small: Bankrupting Attackers in Dynamic Networks
University Of New Mexico, Albuquerque NM
Investigators
Abstract
In dynamic computer networks, participants may freely join and depart with little administrative control by the network, while enjoying significant anonymity. This makes dynamic networks vulnerable to the Sybil attack, where an adversary misrepresents itself as multiple participants in order to disrupt the network. Many Sybil defenses employ resource burning (RB), which is the verifiable expenditure of a network resource, such as computing power, computer memory, or bandwidth. Unfortunately, existing approaches require legitimate participants to constantly perform RB, regardless of whether an attack is occurring. The goal of this project is to design new Sybil defenses that are scalable; that is, the amount of RB is low in the absence of malicious behavior, and grows slowly as a function of the resources expended by the adversary to launch its attack. The outcomes of this research have the potential to secure a broad range of dynamic networks, such as content-sharing systems, e-commerce review platforms, and public-access server settings. This project will foster collaboration between cybersecurity practitioners and academia in the form of two research workshops. The objectives of this project are also integrated with curriculum development, along with research opportunities for both undergraduate and graduate students. Three general application areas are addressed under this project: efficient group maintenance for secure peer-to-peer networks; defending against spam in e-commerce review systems; and cloud-based methods for mitigating denial-of-service attacks. In each area, defenses will be designed that protect critical security invariants at an RB cost to legitimate participants that is scalable: growing slowly with both the RB cost paid by an attacker and the rate at which legitimate participants join and depart the system. To achieve this, the project leverages a novel framework, whereby the amount of adversarial activity is estimated, and then participants are charged an RB cost based on this estimate. This framework can leverage existing machine learning (ML) results to estimate adversarial activity. Importantly, the guarantees provided by these defenses hold over persistent attacks, even with ML error. The theoretical components of this research effort will be complemented by empirical evaluations of the proposed defenses. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →