Abstract
Due to the loosely coupled property of cloud computing environments, no node has complete knowledge of the system. For this reason, detecting a Sybil attack in cloud computing environments is a non‐trivial task. In such a dynamic system, the use of algorithms based on tree or ring structures for collecting the global state of the system has unfortunate downsides, that is, the structure should be re‐constructed in the presence of node joining and leaving. In this paper, we propose an unstructured Sybil attack detection algorithm in cloud computing environments. Our proposed algorithm uses one‐to‐one communication primitives rather than broadcast primitives and, therefore, the message complexity can be reduced. In our algorithmic design, attacker nodes forging multiple identities are effectively detected by normal nodes with the fail‐stop signature scheme. We show that, regardless of the number of attacker nodes, our Sybil attack detection algorithm is able to reach consensus.
Highlights
A Sybil attack [1] is a well-known attack in peer-to-peer (P2P) systems
We propose an efficient algorithm for detecting Sybil attacks in cloud computing environments
7: if pull mode updateInformation; 8: send; 9: end if 10: until forever; The summary of the fail-stop signature scheme, where signers enjoy unconditional unforgeability and verifiers bear the risk of forged signatures, is as follows [20]: A trusted third party (TTP) chooses a prime modulus p satisfying p – 1 = 2q, where q is a prime number, g ∈ Zp, and r ∈ Z* q, it computes R = gr and sends (p, q, g, R) to a node, while r is kept secret by the TTP
Summary
A Sybil attack [1] is a well-known attack in peer-to-peer (P2P) systems. To subvert the P2P systems, an attacker node generates non-existent pseudonymous identities and colludes with other attacker nodes to hinder or delay the objectives of normal nodes. In dynamic computing systems such as cloud computing, detecting Sybil attacks is a non-trivial task because the network topology is not fully connected due to the loosely coupled property. We propose an efficient algorithm for detecting Sybil attacks in cloud computing environments. To effectively detect a Sybil attack, we use the fail-stop signature scheme [20]. The objective of employing the fail-stop signature scheme is to remove attacker nodes’ information in the local view. How to detect attacker nodes in the system and how to realize such local view maintenance using the fail-stop signature scheme is at the core of our algorithmic design.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have