The term "Sybil Attack" comes up often when discussing network security with researchers. What is it? How much of a concern is it to the Ethereum network? What are some effective ways to prevent it?
A Sybil attack occurs when one actor acts as multiple separate entities. Because many distributed systems have no form of identity management beyond accounts, and because accounts are trivially created, any actor can create an unbounded number of accounts.
This is a problem if, for instance, you want to implement a voting system, or in other situations where who someone is, or whether two different identifies refer to the same person matters, such as an auction (where allowing the seller to bid on their own items would give them an unfair advantage).
There are several ways to mitigate this, depending on your constraints:
Option 3 is the easiest to implement in many cases, but isn't universally applicable; for instance, in a system like Quadratic Voting, 100 ether pledged by one person holds less weight than 10 ether pledged by each of 10 people, so an attacker still has an incentive to use multiple identities.
From Sybil attack - Wikipedia:
The Sybil attack in computer security is an attack wherein a reputation system is subverted by forging identities in peer-to-peer networks. It is named after the subject of the book Sybil, a case study of a woman diagnosed with dissociative identity disorder.
In a Sybil attack the attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous identities, using them to gain a disproportionately large influence.