Various online systems offer a lightweight process for creating accounts (e.g., confirming an e-mail address), so that users can easily join them. With minimum effort, however, an attacker can subvert this process, obtain a multitude of fake accounts, and use them for malicious purposes. Puzzle-based solutions have been proposed to limit the spread of fake accounts, by establishing a price (in terms of computing resources) per identity requested. Although effective, they do not distinguish between requests coming from presumably legitimate users and potential attackers, and also lead to a significant waste of energy and computing power. In this paper, we build on adaptive puzzles and complement them with waiting time to introduce a green design for lightweight, long-term identity management; it balances the complexity of assigned puzzles based on the reputation of the origin (source) of identity requests, and reduces energy consumption caused by puzzle-solving. We also take advantage of lessons learned from massive distributed computing to come up with a design that makes puzzle-processing useful. Based on a set of experiments, we show that our solution provides significant energy savings and makes puzzle-solving a useful task, while not compromising effectiveness in limiting the spread of fake accounts.
Making puzzles green and useful for adaptive identity management in large-scale distributed systems
Kavalionak H;
2016
Abstract
Various online systems offer a lightweight process for creating accounts (e.g., confirming an e-mail address), so that users can easily join them. With minimum effort, however, an attacker can subvert this process, obtain a multitude of fake accounts, and use them for malicious purposes. Puzzle-based solutions have been proposed to limit the spread of fake accounts, by establishing a price (in terms of computing resources) per identity requested. Although effective, they do not distinguish between requests coming from presumably legitimate users and potential attackers, and also lead to a significant waste of energy and computing power. In this paper, we build on adaptive puzzles and complement them with waiting time to introduce a green design for lightweight, long-term identity management; it balances the complexity of assigned puzzles based on the reputation of the origin (source) of identity requests, and reduces energy consumption caused by puzzle-solving. We also take advantage of lessons learned from massive distributed computing to come up with a design that makes puzzle-processing useful. Based on a set of experiments, we show that our solution provides significant energy savings and makes puzzle-solving a useful task, while not compromising effectiveness in limiting the spread of fake accounts.File | Dimensione | Formato | |
---|---|---|---|
prod_347174-doc_109146.pdf
solo utenti autorizzati
Descrizione: Making puzzles green and useful for adaptive identity management in large-scale distributed systems
Tipologia:
Versione Editoriale (PDF)
Dimensione
876.54 kB
Formato
Adobe PDF
|
876.54 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.