Towards a Robust and Secure Decentralized Online Social Network
by David Koll
Date of Examination:2014-11-25
Date of issue:2015-01-15
Advisor:Prof. Dr. Xiaoming Fu
Referee:Prof. Dr. Xiaoming Fu
Referee:Prof. Dr. Dieter Hogrefe
Referee:Prof. Dr. Jun Li
Files in this item
Name:main2.pdf
Size:2.71Mb
Format:PDF
Abstract
English
The virtually unlimited growth of popular Online Social Networks (OSNs) is often accompanied by severe violations of their users' privacy and intellectual property rights. Both problems are rooted in the centralized architecture of many current OSNs, in which a single entity (the provider of the network) controls all globally stored but unencrypted user data. As a result, the provider is able to analyze, forward, sell, modify, or otherwise misuse the data. However, even though these practices have raised serious privacy concerns among OSN users, many providers continue to collect and analyze evermore data and introduce diverse restrictions on their users, while showing little interest in changing their behavior. On these grounds, Decentralized Online Social Networks (DOSNs) have attracted the attention of both researchers and users. A DOSN can function without a central provider and aims at allowing users to control access to their data by their own rules. However, by comprehensively reviewing state-of-the-art DOSNs this thesis shows that, although the need for a competitive DOSN is obvious, several challenges for DOSN remain unsolved, including the construction of a robust, privacy-preserving communication and data storage infrastructure. This thesis further emphasizes the prevalence of the Sybil attack in OSNs, in which an attacker orchestrates a large number of fake accounts for various malicious intents, including vote manipulation or distributing spam messages. A detailed study of state-of-the-art proposals to defend an OSN against this particular attack reveals that none of these solutions offers efficient detection or containment of the fake nodes. As a consequence, securing DOSN against the Sybil attack emerges as another central challenge. In tackling these major challenges, this thesis proposes a new, comprehensive DOSN. Dubbed SOUP, the Self-Organized Universe of People - among other distinctive and valuable features - in particular offers functionality to build a robust and secure DOSN. Its infrastructure is robust in the sense that SOUP effectively replaces the central OSN provider with a substrate built by the OSN participants themselves. The substrate, even though it does not rely on any permanently available resources, makes the encrypted data of all users highly available. It is further secure in the sense that it effectively guards user data from being accessed by unauthorized parties, and properly functions in the presence of large amounts of malicious users. In particular, even if an attacker can compromise large fractions of the OSN by a Sybil attack, she cannot significantly adversely affect SOUP's operation.
Keywords: OSN; Online Social Network; DOSN; Decentralized Online Social Networks; Social Networks; Privacy; Robustness; Security