1. Introduction

2. Theoretical Foundation And Sybil Attack Landscape

3. Methodology: Proposed SybilSocNet Algorithm

Next, our algorithm pseudocode gets portrayed. This study’s algorithm utilizes a dataset generating 71 smaller data blocks. The algorithm reads the dataset’s first line, subsequently skipping 70 nodes, capturing each new node after jumping and adding it to a small matrix. Such a process repeats itself until reaching the end, thus creating the first small matrix. Such iteration gets repeated for the second line, resulting in a second small matrix, thus continuing until 71 small matrices get generated. The Algorithm 1 depicted below outlines the pseudocode for this initial algorithm part. Once the 71 data blocks get formed, a matrix gets created for each, similar to the one depicted in Figure 3. Algorithm 1 provides pseudocode for generating these matrices.

Algorithm 1:Pseudocode For Splitting The Data.

4. Data Analysis

4.1. Steps, Results, and Validation

This section reviews the steps and results of this empirical study’s experiments using the dataset by Jethava and Rao [62]; previously utilized by Patel and Mistry [12]. First data got cleansed and reformatted so it can be used to train different ML algorithms to detect Sybil nodes. Twitter users’ dataset consists of followers and followees, i.e., indicates what accounts each account follows. Figure 7 signifies part of the Jethava and Rao [62] dataset, indicating that user ID 1 is following 4, 5, 7, etc., up to the end of the dataset.

Figure 7. Portion of adopted dataset 

Figure 7. Portion of adopted dataset 

Figure 8 depicts user 5’s connections 1, 4, 7, etc. A separate dataset segment consists of a two-row file containing Sybil and legitimate node IDs. This study has carefully processed and restructured the dataset for input into its ML algorithms accompanied by the matrix generation process using pseudocode, portrayed earlier in this article; Such entails crafting a comprehensive matrix where rows represented user IDs, followed by followers’ IDs in subsequent columns, and the last column indicated user legitimacy (0 for non-Sybil, 1 for Sybil), derived from ’269640_test.txt’ dataset row 2 (Jethava and Rao [62]).

This study generates a single matrix for training ML algorithms, followed by experiments to optimize accuracy. Due to the dataset’s extensive size, there arose the need for significant computational resources, e.g., supercomputers, but lacking access to one, circumstances got adapted to by splitting data into seventy one samples to generate corresponding smaller matrices for training and testing. Such an approach eased computational demands, crucial due to the initial matrix’s massive 117 GB size. Each of the seventy one matrices got approximately 299.62 MB, totaling to 20.77 GB. Despite such a size reduction, the original data remains intact, and as a result organized into independent matrices, thus enhancing manageability and computational feasibility. Next comes the ML algorithm phase in this study, where ML algorithms get deployed to employ KNN, SVM, and Random Forest algorithms and the respective training to differentiate Sybil nodes from legit nodes on the previously mentioned seventy one matrices. In the next section this study reports the distinct accuracy outcomes of each algorithm. While training, a challenge got encountered when training the SVM on four matrices when extensive training times got elapsed, though KNN and Random Forest trained successfully. Hence, this study opted to analyze algorithm results on sixty seven matrices omitting the four problematic ones. All ML algorithms utilize the aforementioned seventy one matrices as input for training. Segmented data blocks serve for training and testing, yielding high accuracy. The algorithms produce a uniform output format, enabling direct comparison with their outputs represented by a $2\times 2$ matrix (Figure 9).

As per Figure 9, a common $2\times 2$ output matrix is observed from the ML models, and can be interpreted as follows:

• Element I₀₀ : indicates true positives for non-Sybil instances, a value representing legit nodes correctly detected by the algorithm as such.
• Element I₀₁ : represents false positives for Sybil instances, signifying nodes falsely labeled as Sybil by the algorithm. Ideally, this value is minimal or zero, preventing the mislabeling of legit nodes as Sybil.
• Element I₁₀ : reflects undetected Sybil nodes by the algorithm while the general aim was to keep this count minimum to ensure Sybil detection.
• Element I₁₁ : stands for Sybil instances’ true positives, indicating correctly identified Sybil nodes.

E.g., consider the SVM algorithm’s output matrix (Figure 9), where I₀₀$=719$ represents the correctly detected legit nodes, I₀₁$=0$ means no false positives for Sybil nodes, which is desirable, I₁₀$=2$ indicates that two Sybil nodes went undetected, labeled as legit. And, I₁₁$=336$ specify the correct and accurate detection of Sybil nodes. The algorithm’s accuracy in this case is 99.81%, calculated by adding I₀₀ and I₁₁ and dividing it by the sum of all the elements in the matrix. Accuracy gets computed in every algorithm after processing each matrix. This study encountered issues obtaining SVM outputs for some of the matrices; this is not uncommon [2,7,28,53]. In our study we employed a linear kernel for the training phase, other kernel types might yield less or no issues for SVM computing.

4.2. Data Overview

This study compared the performance of various ML algorithms in terms of accuracy. Table 1 summarizes the results exposing the mean value and standard deviation for each algorithm we examined. Table 1 reveals that the SVM algorithm achieves the highest accuracy, trailed by the Random Forest algorithm. KNN ranks last in accuracy. In terms of standard deviation, the Random Forest Algorithm demonstrates the lowest value, with KNN following in second place, and the SVM algorithm exhibiting the highest standard deviation. The data presented is the output accuracy for the K-Nearest Neighbor, Random Forest, and SVM algorithms. The Tables for these algorithm’s data are portrayed in Appendix A, Appendix B, and Appendix C respectively.

Figure 10 and Figure 11 depict the KNN accuracy results for the different matrices. As depicted, the accuracy has a maximum of approximately 97% and a minimum of around 96%.

Figure 12 and Figure 13 depicts the accuracy for the Random Forest algorithm and the SVM algorithm, respectively.

When comparing the performance of the different ML algorithms regarding accuracy, Table 1 depicts results revealing the mean value and standard deviation for each examined ML algorithm, highlighting that the SVM algorithm has the highest accuracy, followed by the Random Forest algorithm. KNN ranks last in terms of accuracy. Regarding standard deviation, the Random Forest Algorithm bears the lowest standard deviation; KNN ranks second, followed by the SVM algorithm, ranking the highest standard deviation. Figure 14 and Figure 15 depict the different performance outcomes of all the examined algorithms.

Figure 14. Accuracy values for SVM and Random Forest 

Figure 14. Accuracy values for SVM and Random Forest 

Figure 15. Accuracy values for KNN and Support Vector Machine 

Figure 15. Accuracy values for KNN and Support Vector Machine 

Figure 16. Accuracy values for KNN and Random Forest 

Figure 16. Accuracy values for KNN and Random Forest 

Figure 17. Accuracy values for KNN, SVM, and Random Forest 

Figure 17. Accuracy values for KNN, SVM, and Random Forest 

Furthermore, the KNN algorithm had high accuracy levels; however, these accuracy levels are relatively lower than those of the Support Vector Machine algorithm and the random forest algorithm. The constant number K that was chosen can be investigated alongside the dataset’s size. As depicted in Figure 18, KNN has a normal distribution with accuracies ranging between 96% and 97.5%, with 96.6 having the highest frequency of occurring. While training the three ML algorithms, the SVM algorithm needed a relatively long time compared with the Random Forest and the KNN algorithm. It is important to notice that the SVM algorithm was taking too long to train on matrices [7,9,28,53]. we decided to skip these matrices. The average time the SVM took to train on other matrices was about 2 minutes. The normal distribution graph for the Support Vector Machine algorithm shown in Figure 19 indicates that the algorithm has a high probability of producing an accuracy value between 99.5% and 100% with a relatively low probability of having an accuracy between 97% and 99%.

During SCM training the three ML algorithms, the SVM algorithm needed a relatively long time compared with the Random Forest and the KNN algorithm. It is to be noted that the SVM algorithm also took too long to train on matrices for Medjahed, et al. [53]; Iswanto et al. [28]; Margolin and Levine [9]; and Misra et al. [7]; and others. After several days of not finishing with the computation, we decided to skip these matrices. The average time the SVM took to train on other matrices was about 2 minutes. The normal distribution graph for the Support Vector Machine algorithm shown in Figure 19 indicates that the algorithm has a high probability of producing an accuracy value between 99.5% and 100% with a relatively low probability of having an accuracy between 97% and 99%. Random Forest Random forest had high accuracy rates with the lowest stan- dard deviation value compared to the other machine learning algorithms. Also, the time required to train the random forest algorithm was relatively short com- pared to the time required to train the Support Vector Machine algorithm. The random forest algorithm has a normal distribution with an accuracy span rang- ing between 98.4% and 99.6% values, with a high probability of accuracy between 99.0% and 99.5%. The related Results of Mounica et al. [42] achieved an accuracy of 93%; their approach was only for wireless networks. Nevertheless, our algorithm works for wired and wireless networks with higher accuracy. Lu et al. [11] achieved an AUC value of 0.93 in their proposed Sybil detection method. Patel and Mistry [12] have an AUC value of 0.82 for the large Twitter dataset. Our accuracy results range from 96% (KNN) to 99% (SVM).

Figure 19. Normal distribution graph for Support Vector Machine algorithm 

Figure 19. Normal distribution graph for Support Vector Machine algorithm 

Figure 20. Normal distribution graph for Random Forest algorithm 

Figure 20. Normal distribution graph for Random Forest algorithm 

5. Conclusions, Limitations, and Future Recommendations

References

1. Saxena, G.D.; Dinesh, G.; David, D.S.; Tiwari, M.; Tiwari, T.; Monisha, M.; Chauhan, A. Addressing The Distinct Security Vulnerabilities Typically Emerge On The Mobile Ad-Hoc Network Layer. NeuroQuantology 2023, 21, 169–178. [Google Scholar]
2. Manju, V. Sybil attack prevention in wireless sensor network. International Journal of Computer Networking, Wireless and Mobile Communications (IJCNWMC) 2014, 4, 125–132. [Google Scholar]
3. Mahesh, B. Machine learning algorithms-a review. International Journal of Science and Research (IJSR).[Internet] 2020, 9, 381–386. [Google Scholar] [CrossRef]
4. Rahbari, M.; Jamali, M.A.J. Efficient detection of Sybil attack based on cryptography in VANET. arXiv preprint arXiv:1112.2257, arXiv:1112.2257 2011.
5. Chang, W.; Wu, J. A survey of sybil attacks in networks. Sensor Networks for Sustainable Development 2012. [Google Scholar]
6. Balachandran, N.; Sanyal, S. A review of techniques to mitigate sybil attacks. arXiv preprint arXiv:1207.2617, arXiv:1207.2617 2012.
7. Misra, S.; Tayeen, A.S.M.; Xu, W. SybilExposer: An effective scheme to detect Sybil communities in online social networks. 2016 IEEE International Conference on Communications (ICC). IEEE, 2016, pp. 1–6.
8. Fong, P.W. Preventing Sybil attacks by privilege attenuation: A design principle for social network systems. 2011 IEEE Symposium on Security and Privacy. IEEE, 2011, pp. 263–278.
9. Margolin, N.B.; Levine, B.N. Informant: Detecting sybils using incentives. International Conference on Financial Cryptography and Data Security. Springer, 2007, pp. 192–207.
10. Du, W.; Deng, J.; Han, Y.S.; Varshney, P.K.; Katz, J.; Khalili, A. A pairwise key predistribution scheme for wireless sensor networks. ACM Transactions on Information and System Security (TISSEC) 2005, 8, 228–258. [Google Scholar] [CrossRef]
11. Lu, H.; Gong, D.; Li, Z.; Liu, F.; Liu, F. SybilHP: Sybil Detection in Directed Social Networks with Adaptive Homophily Prediction. Applied Sciences 2023, 13, 5341. [Google Scholar] [CrossRef]
12. Patel, S.T.; Mistry, N.H. A review: Sybil attack detection techniques in WSN. 2017 4th International conference on electronics and communication systems (ICECS). IEEE, 2017, pp. 184–188.
13. Almesaeed, R.; Al-Salem, E. Sybil attack detection scheme based on channel profile and power regulations in wireless sensor networks. Wireless Networks 2022, 28, 1361–1374. [Google Scholar] [CrossRef]
14. Batchelor, B.G. Pattern recognition: Ideas in practice; Springer Science & Business Media, 2012.
15. Kafetzis, D.; Vassilaras, S.; Vardoulias, G.; Koutsopoulos, I. Software-defined networking meets software-defined radio in mobile ad hoc networks: State of the art and future directions. IEEE Access 2022, 10, 9989–10014. [Google Scholar] [CrossRef]
16. Cui, Z.; Fei, X.; Zhang, S.; Cai, X.; Cao, Y.; Zhang, W.; Chen, J. A hybrid blockchain-based identity authentication scheme for multi-WSN. IEEE Transactions on Services Computing 2020, 13, 241–251. [Google Scholar] [CrossRef]
17. Saraswathi, R.V.; Sree, L.P.; Anuradha, K. Support vector based regression model to detect Sybil attacks in WSN. International Journal of Advanced Trends in Computer Science and Engineering 2020, 9. [Google Scholar]
18. Choy, G.; Khalilzadeh, O.; Michalski, M.; Do, S.; Samir, A.E.; Pianykh, O.S.; Geis, J.R.; Pandharipande, P.V.; Brink, J.A.; Dreyer, K.J. Current applications and future impact of machine learning in radiology. Radiology 2018, 288, 318–328. [Google Scholar] [CrossRef]
19. Tong, F.; Zhang, Z.; Zhu, Z.; Zhang, Y.; Chen, C. A novel scheme based on coarse-grained localization and fine-grained isolation for defending against Sybil attack in low power and lossy networks. Asian Journal of Control 2023. [Google Scholar] [CrossRef]
20. Nayyar, A.; Rameshwar, R.; Solanki, A. Internet of Things (IoT) and the digital business environment: A standpoint inclusive cyber space, cyber crimes, and cybersecurity. The evolution of business in the cyber age 2020, 10, 9780429276484–6. [Google Scholar]
21. Alsafery, W.; Rana, O.; Perera, C. Sensing within smart buildings: A survey. ACM Computing Surveys 2023, 55, 1–35. [Google Scholar] [CrossRef]
22. NBC News. https://www.nbcnews.com/tech/social-media/, 2023. [NBC News Home.].
23. Vincent, J. Emotion and the mobile phone. Cultures of participation: Media practices, politics and literacy, 2011; 95–109. [Google Scholar]
24. Xiao, L.; Greenstein, L.J.; Mandayam, N.B.; Trappe, W. Channel-based detection of sybil attacks in wireless networks. IEEE Transactions on Information Forensics and Security 2009, 4, 492–503. [Google Scholar] [CrossRef]
25. Samuel, S.J.; Dhivya, B. An efficient technique to detect and prevent Sybil attacks in social network applications. 2015 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT). IEEE, 2015, pp. 1–3.
26. Douceur, J.R. The sybil attack. International workshop on peer-to-peer systems. Springer, 2002, pp. 251–260.
27. Arif, M.; Wang, G.; Bhuiyan, M.Z.A.; Wang, T.; Chen, J. A survey on security attacks in VANETs: Communication, applications and challenges. Vehicular Communications 2019, 19, 100179. [Google Scholar] [CrossRef]
28. Iswanto, I.; Tulus, T.; Sihombing, P. Comparison of distance models on K-Nearest Neighbor algorithm in stroke disease detection. Applied Technology and Computing Science Journal 2021, 4, 63–68. [Google Scholar] [CrossRef]
29. Helmi, Z.; Adriman, R.; Arif, T.Y.; Walidainy, H.; Fitria, M.; others. Sybil Attack Prediction on Vehicle Network Using Deep Learning. Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 2022, 6, 499–504. [Google Scholar] [CrossRef]
30. Ben-Hur, A.; Ong, C.S.; Sonnenburg, S.; Schölkopf, B.; Rätsch, G. Support vector machines and kernels for computational biology. PLoS computational biology 2008, 4, e1000173. [Google Scholar] [CrossRef]
31. Hu, L.Y.; Huang, M.W.; Ke, S.W.; Tsai, C.F. The distance function effect on k-nearest neighbor classification for medical datasets. SpringerPlus 2016, 5, 1–9. [Google Scholar] [CrossRef]
32. Lee, G.; Lim, J.; Kim, D.k.; Yang, S.; Yoon, M. An approach to mitigating sybil attack in wireless networks using zigBee. 2008 10th International Conference on Advanced Communication Technology. IEEE, 2008, Vol. 2, pp. 1005–1009.
33. Eschenauer, L.; Gligor, V.D. A key-management scheme for distributed sensor networks. Proceedings of the 9th ACM Conference on Computer and Communications Security, 2002, pp. 41–47.
34. Dhamodharan, U.S.R.K.; Vayanaperumal, R.; others. Detecting and preventing sybil attacks in wireless sensor networks using message authentication and passing method. The Scientific World Journal 2015, 2015. [Google Scholar] [CrossRef]
35. Ammari, A.; Bensalem, A. ; others. Fault tolerance and VANET (Vehicular Ad-Hoc Network). PhD thesis, UNIVERSITY of M’SILA, 2022.
36. Quevedo, C.H.; Quevedo, A.M.; Campos, G.A.; Gomes, R.L.; Celestino, J.; Serhrouchni, A. An intelligent mechanism for sybil attacks detection in vanets. ICC 2020-2020 IEEE International Conference on Communications (ICC). IEEE, 2020, pp. 1–6.
37. Yu, H.; Gibbons, P.B.; Kaminsky, M.; Xiao, F. Sybillimit: A near-optimal social network defense against sybil attacks. 2008 IEEE Symposium on Security and Privacy (sp 2008). IEEE, 2008, pp. 3–17.
38. Abbas, S.; Merabti, M.; Llewellyn-Jones, D.; Kifayat, K. Lightweight sybil attack detection in manets. IEEE systems journal 2012, 7, 236–248. [Google Scholar] [CrossRef]
39. Newsome, J.; Shi, E.; Song, D.; Perrig, A. The sybil attack in sensor networks: Analysis & defenses. Proceedings of the 3rd international symposium on Information processing in sensor networks, 2004, pp. 259–268.
40. Chen, Y.; Yang, J.; Trappe, W.; Martin, R.P. Detecting and localizing identity-based attacks in wireless and sensor networks. IEEE Transactions on Vehicular Technology 2010, 59, 2418–2434. [Google Scholar] [CrossRef]
41. Shetty, N.P.; Muniyal, B.; Anand, A.; Kumar, S. An enhanced sybil guard to detect bots in online social networks. Journal of Cyber Security and Mobility, 2022; 105–126. [Google Scholar]
42. Mounica, M.; Vijayasaraswathi, R.; Vasavi, R. RETRACTED: Detecting Sybil Attack In Wireless Sensor Networks Using Machine Learning Algorithms. IOP Conference Series: Materials Science and Engineering. IOP Publishing, 2021, Vol. 1042, p. 012029.
43. Twitter follower-followee graph. https://figshare.com/articles/dataset/Twitter_follower-followee_graph_labeled_with_benign_Sybil/20057300, 2022. [Labeled with benign/Sybil.].
44. Demirbas, M.; Song, Y. An RSSI-based scheme for sybil attack detection in wireless sensor networks. 2006 International symposium on a world of wireless, mobile and multimedia networks (WoWMoM’06). ieee, 2006, pp. 5–pp.
45. Machine LEarning Research. https://machinelearning.apple.com/research/hey-siri, 2023. [Apple’s siri voice recognition software.].
46. Alexa. https://developer.amazon.com/, 2023. [Amazon’s alexa voice recognition software.].
47. Kak, S. A three-stage quantum cryptography protocol. Foundations of Physics Letters 2006, 19, 293–296. [Google Scholar] [CrossRef]
48. Sahami, M.; Dumais, S.; Heckerman, D.; Horvitz, E. A Bayesian approach to filtering junk e-mail. Learning for Text Categorization: Papers from the 1998 workshop. Citeseer, 1998, Vol. 62, pp. 98–105.
49. Schiappa, M.C.; Rawat, Y.S.; Shah, M. Self-supervised learning for videos: A survey. ACM Computing Surveys 2023, 55, 1–37. [Google Scholar] [CrossRef]
50. Zamsuri, A.; Defit, S.; Nurcahyo, G.W. Classification of Multiple Emotions in Indonesian Text Using The K-Nearest Neighbor Method. Journal of Applied Engineering and Technological Science (JAETS) 2023, 4, 1012–1021. [Google Scholar] [CrossRef]
51. Gupta, M.; Judge, P.; Ammar, M. A reputation system for peer-to-peer networks. Proceedings of the 13th international workshop on Network and operating systems support for digital audio and video, 2003, pp. 144–152.
52. Michalski, R.S.; Stepp, R.E.; Diday, E. A recent advance in data analysis: Clustering objects into classes characterized by conjunctive concepts. In Progress in pattern recognition; Elsevier, 1981; pp. 33–56.
53. Medjahed, S.A.; Saadi, T.A.; Benyettou, A. Breast cancer diagnosis by using k-nearest neighbor with different distances and classification rules. International Journal of Computer Applications 2013, 62. [Google Scholar]
54. Swamynathan, G.; Almeroth, K.C.; Zhao, B.Y. The design of a reliable reputation system. Electronic Commerce Research 2010, 10, 239–270. [Google Scholar] [CrossRef]
55. Valarmathi, M.; Meenakowshalya, A.; Bharathi, A. Robust Sybil attack detection mechanism for Social Networks-a survey. 2016 3rd International conference on advanced computing and communication systems (ICACCS). IEEE, 2016, Vol. 1, pp. 1–5.
56. Vasudeva, A.; Sood, M. Survey on sybil attack defense mechanisms in wireless ad hoc networks. Journal of Network and Computer Applications 2018, 120, 78–118. [Google Scholar] [CrossRef]
57. Yu, H.; Kaminsky, M.; Gibbons, P.B.; Flaxman, A. Sybilguard: Defending against sybil attacks via social networks. Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications, 2006, pp. 267–278.
58. Yuan, D.; Miao, Y.; Gong, N.Z.; Yang, Z.; Li, Q.; Song, D.; Wang, Q.; Liang, X. Detecting fake accounts in online social networks at the time of registrations. Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, 2019, pp. 1423–1438.
59. Zhang, K.; Liang, X.; Lu, R.; Shen, X. Sybil attacks and their defenses in the internet of things. IEEE Internet of Things Journal 2014, 1, 372–383. [Google Scholar] [CrossRef]
60. Kaggle. https://www.kaggle.com/, 2023. [Level up with the largest AI & ML community.].
61. Jain, N.; Jana, P.K. LRF: A logically randomized forest algorithm for classification and regression problems. Expert Systems with Applications 2023, 213, 119225. [Google Scholar] [CrossRef]
62. Jethava, G.; Rao, U.P. User behavior-based and graph-based hybrid approach for detection of sybil attack in online social networks. Computers and Electrical Engineering 2022, 99, 107753. [Google Scholar] [CrossRef]