Various online systems offer a lightweight process for creating accounts (e.g., confirming an e-mail address), so that users can easily join them. With minimum effort, however, an attacker can subvert this process, obtain a multitude of fake accounts, and use them for malicious purposes. Puzzle-based solutions have been proposed to limit the spread of fake accounts, by establishing a price (in terms of computing resources) per identity requested. Although effective, they do not distinguish between requests coming from presumably legitimate users and potential attackers, and also lead to a significant waste of energy and computing power. In this paper, we build on adaptive puzzles and complement them with waiting time to introduce a green design for lightweight, long-term identity management; it balances the complexity of assigned puzzles based on the reputation of the origin (source) of identity requests, and reduces energy consumption caused by puzzle-solving. We also take advantage of lessons learned from massive distributed computing to come up with a design that makes puzzle-processing useful. Based on a set of experiments, we show that our solution provides significant energy savings and makes puzzle-solving a useful task, while not compromising effectiveness in limiting the spread of fake accounts. © 2015 Elsevier B.V. All rights reserved.

Making puzzles green and useful for adaptive identity management in large-scale distributed systems / Cordeiro and, Weverton Luis da Costa; Santos and, Flavio Roberto; And, Marinho P. Barcellos; Gaspary and, Luciano Paschoal; Kavalionak and, Hanna; Guerrieri and, Alessio; Montresor, Alberto. - In: COMPUTER NETWORKS. - ISSN 1389-1286. - STAMPA. - 2016, 95:(2016), pp. 97-114. [10.1016/j.comnet.2015.12.005]

Making puzzles green and useful for adaptive identity management in large-scale distributed systems

Montresor, Alberto
2016

Abstract

Various online systems offer a lightweight process for creating accounts (e.g., confirming an e-mail address), so that users can easily join them. With minimum effort, however, an attacker can subvert this process, obtain a multitude of fake accounts, and use them for malicious purposes. Puzzle-based solutions have been proposed to limit the spread of fake accounts, by establishing a price (in terms of computing resources) per identity requested. Although effective, they do not distinguish between requests coming from presumably legitimate users and potential attackers, and also lead to a significant waste of energy and computing power. In this paper, we build on adaptive puzzles and complement them with waiting time to introduce a green design for lightweight, long-term identity management; it balances the complexity of assigned puzzles based on the reputation of the origin (source) of identity requests, and reduces energy consumption caused by puzzle-solving. We also take advantage of lessons learned from massive distributed computing to come up with a design that makes puzzle-processing useful. Based on a set of experiments, we show that our solution provides significant energy savings and makes puzzle-solving a useful task, while not compromising effectiveness in limiting the spread of fake accounts. © 2015 Elsevier B.V. All rights reserved.
Cordeiro and, Weverton Luis da Costa; Santos and, Flavio Roberto; And, Marinho P. Barcellos; Gaspary and, Luciano Paschoal; Kavalionak and, Hanna; Guerrieri and, Alessio; Montresor, Alberto
Making puzzles green and useful for adaptive identity management in large-scale distributed systems / Cordeiro and, Weverton Luis da Costa; Santos and, Flavio Roberto; And, Marinho P. Barcellos; Gaspary and, Luciano Paschoal; Kavalionak and, Hanna; Guerrieri and, Alessio; Montresor, Alberto. - In: COMPUTER NETWORKS. - ISSN 1389-1286. - STAMPA. - 2016, 95:(2016), pp. 97-114. [10.1016/j.comnet.2015.12.005]
File in questo prodotto:
File Dimensione Formato  
comnet15.pdf

Solo gestori archivio

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.21 MB
Formato Adobe PDF
1.21 MB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11572/164954
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 2
social impact