A Sybil attack can inject many forged identities (called Sybils) to subvert a target system. Among various defense approaches, of particular attention are those that explore the online social networks (OSNs) of users in a target system to detect or tolerate Sybil nodes. Albeit different in their working principle, all these approaches assume it is difficult for an attacker to create attack edges to connect Sybils with honest users. However, researchers have found that an attacker can employ simple strategies to obtain many attack edges. In this work we revisit the state-of-the-art, OSN-based Sybil defenses, and point out their strengths and weaknesses due to the impact of the new properties. We find these defense approaches are vulnerable to attackers under the new scenario, and in many cases a Sybil node only needs to obtain a handful of attack edges to disguise itself as a benign node.
展开▼