|
This research explores a new approach to securing systems that are based on crowd computations, where the operator polls the opinions of crowds--arbitrary users of the system--to provide a variety of recommendation services. Examples include services like Yelp, YouTube, Twitter, and TripAdvisor. However, today's services are known to suffer from multiple identity (Sybil) attacks, where an attacker creates many identities to subvert the system (e.g., make their business appear to be more popular on Yelp). Previous approaches have investigated detecting whether a single identity is likely to be fake, but these techniques suffer from a number of drawbacks in practice, as attackers are often able to create many fake accounts or leverage existing black-markets for fake or compromised accounts.
Instead, the PI is investigating an approach that shifts Sybil defense away from individual Sybil identity detection and towards directly detecting manipulation of large crowd computations themselves. In essence, the PI is shifting the problem from detecting whether a single identity is fake to detecting whether a set of identities are fake, the latter of which is likely to be significantly easier for the operator. If successful, the approach could tip the scales back in favor of the operator, preventing manipulation from attackers using fake, colluding, and compromised users in a variety of systems.
|
TWC: Small: Towards Robust Crowd Computations