Academia.eduAcademia.edu

Outline

Title
Abstract
Figures
Introduction
Experimental Results
Conclusion
References
All Topics
Computer Science
Cybersecurity

Developing trust in large-scale peer-to-peer systems

Profile image of Bin YuBin Yu

2004

https://doi.org/10.1109/MASSUR.2004.1368412
visibility

description

10 pages

link

1 file

Abstract

In peer-to-peer (P2P) systems, peers often must interact with unknown or unfamiliar peers without the benefit of trusted third parties or authorities to mediate the interactions. A peer will need reputation mechanisms to incorporate the knowledge of others to decide whether to trust another party in P2P systems. This paper discusses the design of reputation mechanisms and proposes a novel distributed reputation mechanism to detect malicious or unreliable peers in P2P systems. It illustrates the process for rating gathering and aggregation and presents some experimental results to evaluate the proposed approach. Moreover, it considers how to effectively aggregate noisy (dishonest or inaccurate) ratings from independent or collusive peers using weighted majority techniques. Furthermore, it analyzes some possible attacks on reputation mechanisms and shows how to defend against such attacks.

Figures (7)
Figure 1. A trust graph generated from a query of P).
Figure 1. A trust graph generated from a query of P).
Table 1. The parameters in the experiments The peers are limited to having no more than 4 neigh- bors and 16 acquaintances. Queries are sent only to and re- ferrals are given only to neighbors. After every 5 queries, each peer decides which acquaintances are promoted to be- come neighbors and which neighbors are demoted to be or- dinary acquaintances based on the latest ratings. Other pa- rameters are defined as follows,
Table 1. The parameters in the experiments The peers are limited to having no more than 4 neigh- bors and 16 acquaintances. Queries are sent only to and re- ferrals are given only to neighbors. After every 5 queries, each peer decides which acquaintances are promoted to be- come neighbors and which neighbors are demoted to be or- dinary acquaintances based on the latest ratings. Other pa- rameters are defined as follows,
any peer. In our approach, each peer P; maintains a black- list for malicious peers who are swapped out from his ac- quaintance model. P; is in the blacklist of the correspond- ing peer at this time. Figure 3 illustrates the changes of rep- utation of P; in the whole process. The results indicate that our reputation mechanisms using either simple averaging or exponential averaging can detect the attacks from strategic peers. The reputation mechanism using exponential averag- ing is more effective in detecting these attacks, where the reputation of the malicious peer P; drops quickly from 0.89 to 0.20 during 400 cycles. The malicious peer P; may also attack the P2P search process through providing wrong re- ferrals. One solution is that every requesting peer may pe- nalize the weight for the credibility of P; so that they will have a reduced chance of contacting P; in the future. We will not discuss the details in this paper and defer this en- hancement to future work. Figure 2. Average rating distances of normal peers in the system
any peer. In our approach, each peer P; maintains a black- list for malicious peers who are swapped out from his ac- quaintance model. P; is in the blacklist of the correspond- ing peer at this time. Figure 3 illustrates the changes of rep- utation of P; in the whole process. The results indicate that our reputation mechanisms using either simple averaging or exponential averaging can detect the attacks from strategic peers. The reputation mechanism using exponential averag- ing is more effective in detecting these attacks, where the reputation of the malicious peer P; drops quickly from 0.89 to 0.20 during 400 cycles. The malicious peer P; may also attack the P2P search process through providing wrong re- ferrals. One solution is that every requesting peer may pe- nalize the weight for the credibility of P; so that they will have a reduced chance of contacting P; in the future. We will not discuss the details in this paper and defer this en- hancement to future work. Figure 2. Average rating distances of normal peers in the system
Figure 3. Reputation of an independent peer in group G
Figure 3. Reputation of an independent peer in group G
Figure 5. Average weights of witnesses for different exaggeration coefficients
Figure 5. Average weights of witnesses for different exaggeration coefficients
Figure 6. Average weights of independent or collusive peers in group G,
Figure 6. Average weights of independent or collusive peers in group G,

Related papers

A reputation system for peer-to-peer networks
M. Ammar

Proceedings of the 13th international workshop on Network and operating systems support for digital audio and video, 2003

We investigate the design of a reputation system for decentralized unstructured P2P networks like Gnutella. Having reliable reputation information about peers can form the basis of an incentive system and can guide peers in their decision making (e.g., who to download a file from). The reputation system uses objective criteria to track each peer's contribution in the system and allows peers to store their reputations locally. Reputation are computed using either of the two schemes, debit-credit reputation computation (DCRC) and credit-only reputation computation (CORC). Using a reputation computation agent (RCA), we design a public key based mechanism that periodically updates the peer reputations in a secure, light-weight, and partially distributed manner. We evaluate using simulations the performance tradeoffs inherent in the design of our system.

View PDFchevron_right
EigenRep: Reputation Management in P2P Networks
Mario Schlosser

2003

Peer-to-peer file-sharing networks are currently receiving much attention as a means of sharing and distributing information. However, as recent experience with P2P networks such as Gnutella shows, the anonymous, open nature of these networks offers an almost ideal environment for the spread of self-replicating inauthentic files. We describe an algorithm to decrease the number of downloads of inauthentic files in a peer-to-peer file-sharing network that assigns each peer a unique global reputation value, based on the peer's history of uploads. We present a distributed and secure method to compute global reputation values, based on Power iteration. By having peers use these global reputation values to choose the peers from whom they download, the network effectively identifies malicious peers and isolates them from the network. In simulations, this reputation system has been shown to significantly decrease the number of inauthentic files on the network, even under a variety of conditions where malicious peers cooperate in an attempt to deliberately subvert the system.

View PDFchevron_right
A Reputation based System to Overcome Malicious Behavior in Peer-to-Peer Networks
Mosharraf Hossain Khan

International Journal of Computer Applications, 2015

In recent times, the growth in the number of subscribers of peer to peer networks has been phenomenal. Anonymity being a character of such networks also gave rise to the number of free-riders and malicious behaviors. Though free riders consume network bandwidth and decrease the network performance by displaying selfish behavior, they are not a serious threat for the rest of the cooperative peers. Malicious peers on the other hand, spread viruses, worms, Trojans in the network, provide misleading feedback and try to disrupt the existing trust among the peers. Therefore, it is absolutely essential that a peer has reliable reputation information about other peers in order make informed decisions (e.g., who to download files from, who to serve content, which is a malicious node etc.). In this paper, we have proposed a reputation system that uses objective criteria to track each peer's contribution in the system and allows peers to store their reputations locally. In our opinion, such measures will eventually root out malicious peers from the system.

View PDFchevron_right
TREMA: A Tree-based Reputation Management Solution for P2P Systems
Quang Vu

Trust is an important aspect of Peer-to-Peer (P2P) systems, because in such systems, peers are usually anonymous. A popular method for evaluating trust in P2P systems is to use reputation, where the reputation of a peer is determined based on its prior transactions with other peers. Since no peer has easy access to global knowledge in a decentralized system, the main challenge of this reputation-based method is how to collect and distribute reputation scores of peers efficiently. While several solutions have been proposed to address this challenge, most of them rely on a gossiping algorithm, which is costly and communication-intensive. In this paper, we propose TREMA, a tree-based reputation management solution in which we present a trust model between nodes in the tree, and explain how trust is established and maintained between pairs of nodes. We show that, compared to existing solutions, TREMA allows for scalability and efficient algorithms with low overhead. We present two possible implementations of TREMA, and explain how they could be made stable and robust to network dynamism, thus addressing the greatest weakness of a tree structure. We also analyze each implementation for its security against various adversarial scenarios, and suggest further improvements that are possible for general tree-based systems.

View PDFchevron_right
Personalized reputation management in P2P networks
Mario Schlosser

2004

P2P networks have become increasingly popular in the recent years. However, their open, distributed and anonymous nature makes them very vulnerable against malicious users who provide bad responses to requests from other peers. Motivated by this observation, various solutions for distributed reputation systems have been presented recently. In this paper, we describe the first reputation system which incorporates both user-individual personalization and global experiences of peers in the network, for the distributed computation of reputation values. We also present a secure method to compute global trust values, thus assuring identification and isolation of malicious peers. Finally, our simulations show that our system is robust even against attacks from groups of malicious peers deliberately cooperating to subvert it.

View PDFchevron_right
Reputation-Based Trust Management in Peer-to-Peer Systems: Taxonomy and Anatomy
R. Boutaba, Youssef Iraqi

Handbook of Peer-to-Peer Networking, 2009

Trust is required in file sharing peer-to-peer (P2P) systems to achieve better cooperation among peers and reduce malicious uploads. In reputation-based P2P systems, reputation is used to build trust among peers based on their past transactions and feedbacks from other peers. In these systems, reputable peers will usually be selected to upload requested files, decreasing significantly malicious uploads in the system. This chapter surveys different reputation-based P2P systems. We will breakdown a typical reputation system into functional components. We will discuss each component and present proposed solutions from the literature. Different reputation-based systems will be described and analyzed. Each system presents a particular perspective in addressing peers' reputation.

View PDFchevron_right
Credibility Based Corrective Mechanism for Reputation Computation in Peer-to-Peer Communities
Raju KVSVN

IJCSNS, 2008

Trust plays a key role in each transaction in online peer-to-peer (P2P) communities. Transaction based trust computation is an insufficient mechanism when the number of transactions is less. Reputation plays a major role when a peer transacts with other peers for the first time. Reputation computation which is very close to the reality is very important to all the online transactions. Several methods were proposed in the literature for reputation computation. The mechanism discussed in this paper offers a weighted feedback based reputation computation. In case, a malicious peer deceives by exaggerating or underrating the feedback, the method includes a dynamic corrective procedure, which forces a peer to give correct feedback. Thus, this mechanism attempts to solve the reputation computation problem with minimum overheads of storage and retrieval.

View PDFchevron_right
New Metrics for Reputation Management in P2P Networks
Debora Donato

2007

In this work we study the effectiveness of mechanisms for decentralized reputation management in P2P networks. We depart from EigenTrust, an algorithm designed for reputation management in file sharing applications over p2p networks. EigenTrust has been proved very effective against three different natural attacks from malicious coalitions while it performs poorly on particular attack organized by two different kinds of malicious peers. We propose various metrics of reputation based on ideas recently introduced for detecting and demoting Web spam. We combine these metrics with the original EigenTrust approach. Our mechanisms are more effective than EigenTrust alone for detecting malicious peers and reducing the number of inauthentic downloads not only for all the cases previously addressed but also for more sophisticated attacks.

View PDFchevron_right
Reputation and trust management in heterogeneous peer-to-peer networks
Xiaowen Chu

Telecommunication Systems, 2010

In a heterogeneous ubiquitous peer-to-peer network, different peers may provide different qualities of service, and hence it is very important and helpful to identify those peers that can provide better services than others. In this paper, we use a reputation value to represent the quality of service offered by a peer. We design a novel reputation model which enables any peer to calculate the reputation value of any other peer, so as to differentiate peers that provide good quality of service from peers that provide poor or even faulty service. In order to speed up the convergence of reputation calculation, a peer collects recommendations from its neighbor peers. On the other hand, in order to overcome the problem of malicious recommendations, we propose an auxiliary trust mechanism which calculates a trust value for each peer. Our experimental results show that the reputation model achieves a fast convergence speed, and it is robust against a large portion of malicious peers that provide fraud recommendations.

View PDFchevron_right
A Reputation Management and Selection Advisor Schemes for Peer-to-Peer Systems
Youssef Iraqi

Lecture Notes in Computer Science, 2004

In this paper we propose a new and simple reputation management scheme for partially decentralized peer-to-peer systems. The reputation scheme helps to build trust between peers based on their past experiences and the feedback from other peers. We also propose two selection advisor algorithms for helping peers select the right peer to download from. The simulation results show that the proposed schemes are able to detect malicious peers and isolate them from the system, hence reducing the amount of inauthentic uploads. Our approach also allows to uniformly distribute the load between non malicious peers. * ,i : Successful downloads by other peers from peer P i ,

View PDFchevron_right

References (26)

  1. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings of the IEEE Symposium on Se- curity and Privacy, pages 164-173, 1996.
  2. S. Brin and L. Page. The anatomy of a large-scale hyper- textual web search engine. In Proceedings of the Seventh International World Wide Web Conference (WWW7), pages 107-117, 1998.
  3. S. Capkun, L. Buttyan, and J.-P. Hubaux. Small worlds in security systems: an analysis of the PGP certificate graph. In Proceedings of the ACM Workshop on New Security Paradigms, 2002.
  4. Y. Chawathe, S. Ratnasamy, L. Breslau, N. Lanham, and S. Shenker. Making gnutella-like P2P systems scalable. In Proceedings of the ACM SIGCOMM Conference on Appli- cations, Technologies, Architectures, and Protocols for Com- puter Communication, pages 407-418, 2003.
  5. F. Cornelli, E. Damiani, S. D. C. di Vimercati, S. Paraboschi, and P. Samarati. Choosing reputable servents in a P2P net- work. In Proceedings of the Eleventh International World Wide Web Conference, pages 376-386, 2002.
  6. E. Damiani, S. D. C. di Vimercati, S. Paraboschi, P. Sama- rati, and F. Violante. A reputation-based approach for choos- ing reliable resources in peer-to-peer networks. In Proceed- ings of the Ninth ACM Conference on Computer and Com- munications Security, pages 207-216, 2002.
  7. J. R. Douceur. The sybil attack. In Proceedings of First In- ternational Workshop on Peer-to-Peer Systems, 2002.
  8. C. M. Ellison. Establishing identity without certificate au- thorities. In Proceedings of the 6th USENIX Security Sym- posium, pages 67-76, 1996.
  9. E. J. Friedman and P. Resnick. The social cost of cheap pseudonyms. Journal of Economics and Management Strat- egy, 10(2):173-199, 2001.
  10. N. R. Jennings, K. Sycara, and M. Wooldridge. A roadmap of agent research and development. Autonomous Agents and Multiagent Systems, 1(1):275-306, 1998.
  11. S. D. Kamvar, M. T. Schlosser, and H. Garcia-Molina. The EigenTrust algorithm for reputation management in P2P net- works. In Proceedings of the Twelfth International World Wide Web Conference, pages 640-651, 2003.
  12. H. Kautz, B. Selman, and A. Milewski. Agent amplified communication. In Proceedings of the National Conference on Artificial Intelligence, pages 3-9, 1996.
  13. N. Li, B. N. Grosof, and J. Feigenbaum. Delegation logic: A logic-based approach to distributed authorization. ACM Transactions on Information and System Security (TISSEC), 6(1):128-171, 2003.
  14. N. Littlestone and M. K. Warmuth. The weighted majority algorithm. Information and Computation, 108(2):212-261, 1994.
  15. S. Marti and H. Garcia-Molina. Limited reputation sharing in P2P systems. In Proceedings of the ACM Conference on Electronic Commerce, 2004. to appear.
  16. M. Paolucci, K. Sycara, T. Nishimura, and N. Srinivasan. Us- ing DAML-S for P2P discovery. In Proceedings of the First International Conference on Web Services, pages 203-207, 2003.
  17. S. Ratnasamy, P. Francis, M. Handley, R. Karp, and S. Shenker. A scalable content-addressable network. In Pro- ceedings of ACM SIGCOMM, pages 161-172, 2001.
  18. M. K. Reiter and S. G. Stubblebine. Toward acceptable met- rics of authentication. In Proceedings of the IEEE Sympo- sium on Security and Privacy, pages 10-20, 1997.
  19. P. Resnick, R. Zeckhauser, E. Friedman, and K. Kuwabara. Reputation systems: Facilitating trust in internet interactions. Communications of the ACM, 43(12):45-48, 2000.
  20. M. Richardson, R. Agrawal, and P. Domingos. Trust man- agement for the semantic web. In Proceedings of the Sec- ond International Semantic Web Conference, pages 351-368, 2003.
  21. I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Bal- akrishnan. Chord: A scalable peer-to-peer lookup service for internet applications. In Proceedings of ACM SIGCOMM, pages 149-160, 2001.
  22. D. J. Watts and S. H. Strogatz. Collective dynamics of 'small-world' networks. Nature, 393:440-442, June 1998.
  23. B. Yu and M. P. Singh. An evidential model of distributed reputation management. In Proceedings of First Interna- tional Joint Conference on Autonomous Agents and Multi- agent Systems, pages 294-301, 2002.
  24. B. Yu and M. P. Singh. Detecting deception in reputation management. In Proceedings of Second International Joint Conference on Autonomous Agents and Multiagent Systems, pages 73-80, 2003.
  25. B. Yu, M. Venkatraman, and M. P. Singh. An adaptive so- cial network for information access: Theoretical and experi- mental results. Applied Artificial Intelligence, 17(1):21-38, 2003.
  26. T. Yu, M. Winslett, and K. E. Seamons. Interoperable strate- gies in automated trust negotiation. In Proceedings of the 8th ACM Conference on Computer and Communications Se- curity, pages 146-155, 2001.

Related papers

An Effective Calculation of Reputation in P2P Networks
Vegi Srinivas

Journal of Networks, 2009

With the advent of sophisticated networking technologies and the related applications, more and more computers are getting hooked to the Internet. This is mainly for utilizing several services ranging from information sharing to electronic transactions. P2P networks which allow decentralized systems, have posed problems related to trust when transactions have to be carried out. Current literature proposes several solutions for trust management and reputation computation. The solutions base their assessment of reputations on the number of successful transactions or on the similarity of the feedbacks. There are some concerns in the feedback ratings if we are not considering the issues like number of transactions, frequency of transactions with the same peer and different peers, age of transaction, how frequently a given peer attends a common vendor, and the number of common vendors between the pairs. This paper puts forward a reputation computation system addressing these concerns. It implicitly allows detection of malicious peers. It also incorporates a corrective mechanism, if the feedbacks are from more number of malicious peers. The implementations and the results that support our claims are also presented.

View PDFchevron_right
HonestPeer: An enhanced EigenTrust algorithm for reputation management in P2P systems
Heba Kurdi

Journal of King Saud University - Computer and Information Sciences, 2015

The visible success of the Peer to Peer (P2P) paradigm is associated with many challenges in finding trustworthy peers as reliable communication partners. Reputation management systems are emerging in the face of these challenges. The EigenTrust reputation management system is among the most known and successful reputation systems. On the other hand, a main drawback of this system is its reliance on a set of pre-trusted peers which causes nodes to center around them. As a consequence, other peers are ranked low despite being honest, marginalizing their effect in the system. To tackle this problem, this paper proposed enhancing the EigenTrust algorithm by giving peers with high reputation values (honest peers) a role in calculating the global reputation of other peers. Rather than solely depending on the static group of pre-trusted peers, the proposed algorithm, HonestPeer, selects the most reputable nodes, honest peers, dynamically based on the quality of the provided files. This makes HonestPeer more robust to the increase in the number of files and nodes in the system. Through simulation, it has been shown that HonestPeer has successfully maintained higher success rate and lower percentage of inauthentic downloads when compared to the original algorithm.

View PDFchevron_right
Detecting malicious peers in a reputation-based peer-to-peer system
Youssef Iraqi

Second IEEE Consumer Communications and Networking Conference, 2005. CCNC. 2005, 2005

In this paper we propose a reputation management scheme for partially decentralized peer-to-peer systems. The reputation scheme helps building trust between peers based on their past experiences and feedbacks from other peers. Our system is novel in that it is able to detect not only malicious peers sending inauthentic files but also malicious peers that are lying in their feedbacks. To detect those peers, we introduce the new concept of suspicious transactions. The simulation results show that the proposed scheme is able to effectively detect malicious peers and isolate them from the system, hence reducing the amount of inauthentic uploads and increasing peers' satisfaction.

View PDFchevron_right
The eigentrust algorithm for reputation management in p2p networks
Hector Garcia

Proceedings of the 12th …, 2003

Peer-to-peer file-sharing networks are currently receiving much attention as a means of sharing and distributing information. However, as recent experience shows, the anonymous, open nature of these networks offers an almost ideal environment for the spread of self-replicating inauthentic files.

View PDFchevron_right
A survey on Security Issues of Reputation Management Systems for Peer-to-Peer Networks
Chithra Selvaraj

Computer Science Review, 2012

The objective of this paper is to present a comprehensive survey of security issues in Reputation based Trust Management system (RTMS) also known in short as Reputation Management Systems for P2P networks. The wide adoption of P2P computing has enhanced content publishing, pervasive information collection, streaming of real-time sensed data and information sharing on an enormous global scale. At the same time, the open and anonymous nature of P2P makes it vulnerable to malicious attacks and the spread of malware. In this paper, we discuss in detail the different security attacks on P2P systems and have categorized them as network-related and peer-related attacks. RTMS helps to establish and evaluate Trust, which is the degree of belief that is established to prove that the right user is accessing the right resource. We have explained the different Trust Management schemes used in P2P networks and have compared them on the basis of trust establishment, security features, trust evaluation and weakness. We have surveyed the RTMSs currently in use and have compared them on the basis of reputation collection, aggregation, computation, storage and degree of centralization of reputation computation and management. We also present a comparison of protection provided by RTMs against the various security attacks discussed. Open research issues and challenges that have yet to be addressed in the design of current RTMs have been presented in detail. This survey can be used as a reference guide to understand Trust Management and RTMS for P2P networks and to further research in RTMSs to make them efficient, reliable and scalable to enable and promote the utilization of P2P systems for large communities and applications. c

View PDFchevron_right

Related topics

  • Trusted Third Party

    • Cited by

    Power versus trust – what matters more in collaborative consumption?
    Eva Hofmann

    Journal of Services Marketing, 2017

    Purpose Collaborative consumption, such as car sharing, specifically implicates customer-to-customer interaction, which must be regulated by service providers (companies, peers and self-regulating communities), comprising different challenges for business organizations. While in conventional business relations, consumers are protected from undesirable customer behavior by laws, regulations (power) in the context of collaborative consumption are rare, so that trust becomes more relevant. It is the purpose of the study to investigate possible mechanisms to prevent undesirable customers in collaborative consumption. Design/methodology/approach In between subject designs, samples of 186 and 328 consumers filled in experimental online questionnaires with vignettes. Analyses were made of differences among car sharing companies, private persons and car sharing communities in terms of the power of providers, trust in providers and trust in other users of the shared goods, undesirable custom...

    View PDFchevron_right
    VectorTrust: trust vector aggregation scheme for trust management in peer-to-peer networks
    Huanyu Zhao

    The Journal of Supercomputing, 2011

    With emerging Internet-scale open content and resource sharing, social networks, and complex cyber-physical systems, trust issues become prominent. In this paper, we propose a trust vector based scheme (VectorTrust) for aggregation of distributed trust scores. Leveraging a Bellman-Ford based algorithm for fast trust score aggregation, VectorTrust features localized and distributed concurrent communication. A VectorTrust-enabled system is decentralized by nature and does not rely on any centralized server or centralized trust aggregation. We design, implement, and analyze trust aggregation and trust management strategies. To evaluate the performance, we design and implement a VectorTrust simulator (VTSim) in an unstructured P2P network. The analysis and simulation results demonstrate the efficiency, accuracy, scalability and robustness of VectorTrust scheme. On average, VectorTrust converges faster and involves less computational complexity than most existing trust schemes. VectorTrust remains robust and tolerant to malicious peers and malicious behaviors. With dynamic growth of P2P network scales and topology complexities, VectorTrust scales well with reasonable overheads (O(lgN) communication overheads) and fast convergence speed (about O(lgN) steps).

    View PDFchevron_right
    580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved