What Is the Sybil Attack?
Sybil Attack can be translated as a witch attack. Douceur first introduced the concept of Sybil attack, that is, in a peer-to-peer network, a single node has multiple identities, and the role of redundant backup is weakened by controlling most nodes of the system. At the same time, a scheme is proposed that uses a trusted certificate center to verify the identity of the communicating entity to prevent Sybil attacks. This solution is obviously not suitable for sensor networks. The Newsome system analyzes the Sybil attack on many functions of the sensor network (including routing, resources Distribution, illegal behavior detection, etc.), scientifically classified Sybil attacks, proposed the use of wireless resource detection to detect Sybil attacks, and used identity registration and random key distribution schemes to establish secure connections between nodes. Prevent Sybil attacks.
- Sybil attack refers to an attack method that uses a small number of nodes in a social network to control multiple false identities, thereby using these identities to control or affect a large number of normal nodes in the network [1-3]
- Sybil attacks are of the following types:
- Direct communication: One form of sybil attack is that sybil nodes communicate directly with legitimate nodes. When a legitimate node sends a wireless message to a sybil node, one of the sybil nodes will listen for this message. Similarly, messages sent from all sybil nodes are actually sent from the same malicious device.
- Indirect communication: In this version of the attack, no legitimate node can directly communicate with the sybil node. Instead, one or more malicious nodes claim that they can reach the sybil node. Therefore, the message sent to the sybil node is routed and forwarded through one of the malicious nodes. This malicious node pretends to send the message to the sybil node, and in fact, the malicious node itself received or intercepted it. This news.
- Fake identity: In some cases, an attacker can generate arbitrary sybil identity. For example, if the identity of a node is a 32-bit integer, the attacker can directly assign a 32-bit value to each sybil node as its identity.
- Identity theft: Given a mechanism to identify a node's identity, an attacker cannot forge the identity. For example, a namespace, because the namespace itself is limited, does not allow the insertion of a new identity at all. In this case, the attacker needs to assign a legal identity to the sybil node. This kind of identity theft is difficult to detect when the attacker destroys or invalidates the original node.
- Simultaneous attack: An attacker simultaneously participates in all network sybil identities in one network communication at a time. If a node is required to use its identity only once, then the malicious node can use its multiple sybil identities in a loop to make it appear to be multiple nodes. This is simultaneity.
- Non-simultaneous attack: If the attacker only uses a part of the sybil identity in a specific time period, and in another time period these identities disappear and appear as another sybil identity, which looks like a normal node in the network Cancel and join.