A reputationbased trust management in peertopeer network systems

1
A reputation-based trust management in
peer-to-peer network systems

• Natalia Stakhanova, Sergio Ferrero,
• Johnny Wong, Ying Cai
• Department of Computer Science
• Iowa State University
• Ames, Iowa, USA

2
Outline

• Peer-to-peer(P2P) networks overview
• Related work
• Proposed approach
• Experiments

3
Peer-to-peer (P2P)networks overview

• P2P network - an overlay network of peers
  exchanging resources
• common uses file sharing, distributed computing,
  instant messaging
• types
• Centralized (Napster)
• Central indexing server contains information
  about all peers shared files
• Decentralized (Gnutella, Freenet)
• No central indexing, all peers are equal
• Very popular
• Hybrid (KaZaA, FastTrack)
• Supernodes maintain index of files shared by
  their local peers

4
P2P networks overview

• Differences with traditional networks
• Highly dynamic
• autonomous peers
• peers leave join the network at any time
• shared storage
• Peers act as servers and clients

5
P2P security threats

• Denial-Of-Service attacks (DoS)
• Decentralized P2P networks (Gnutella)
• Virus distribution
• Dishonest upload
• Unauthorized access to information
• Goal communication with trusted peers only

6
Reputation-based approach

• Natural mechanism for selecting trusted partners
  for communication
• limit communication with unreliable peers
• Most commonly used

7
Related work

• Centralized approaches
• Debit-Credit Reputation Computation (DCRC) schema
  
• Each peer tracks its own positive contribution
  using credit-debit mechanism
• Reputation Computation Agent (RCA) periodically
  collects reputations
• Decentralized approaches
• NICE
• Reputation is in form of cookies which express
  peers satisfaction about the transactions
• If no cookie is found information is requested
  from
• P2PRep
• Reputation of the peer is based on other peers
  opinion
• Request peers opinion on ones reputation
  through polling protocol
• Others
• Daswani and Garcia-Molinas schema for allocating
  resources fairly
• Traffic management based on load-balancing
  policies
• DoS attacks only

8
Factors to be considered inreputation-based
approach

• Extensive traffic in Gnutella-like P2P network
• Storage
• central
• local
• Cooperation of other peers
• System overhead

9
Proposed approach

• Reputation calculation is based the monitored
  activity of the connected peers
• assessing the reputation of the peers before
  accepting traffic from other peers
• if traffic is accepted update reputation of peers
  involved
• Decentralized - reputations are stored and
  managed locally

10
Contribution of our approach

• Fully decentralized model
• Requires no cooperation for reputation
  computation
• On demand calculations
• Lightweight little system overhead

11
Reputation calculation

• Peers reputation indicates its contribution to
  the functioning of the P2P network
• Four factors determining reputation
• Resource search
• Resource upload
• Resource download
• Traffic extensiveness
• Factors actions
• Bad actions
• Good actions

12
Resource search

• willingness of a peer to forward traffic
• employ trailer as an addition to Query message
  
• each peer that forwards the query adds its ID to
  the trailer
• when peer forms QueryHit, it transfers a
  trailer from Query to QueryHit
• peer originated a query receives QueryHit with
  trailer and updates reputations

13
Resource upload

• Indicates another peers interest in the shared
  resource
• Completely uploaded file is a successful upload
  or good action

14
Resource download

• reflects the quality of the downloaded
  information
• User decides if download was successful

15
Traffic extensiveness

• help to evaluate the traffic load coming from all
  connected peers
• based on the average load
• load is extensive if it exceeds the average
  amount by a user pre-defined threshold

LcK - current load from peer k t -
threshold n - number of connected peers lj
- number of bytes sent by peer j
n LcK gt ? lj /n t j1
16
Reputation calculation

• Reputation value (trust score) is a percent of
  bad actions happened during a period of time

Ri BAi/ TAi
Ri - trust score of peer i TAi - total
number of considered actions for this peer i BAi
- number of bad actions for this peer i
17
Trust thresholds

• indicate peers trust policy
• percent of bad actions acceptable by the peer

18
The correspondence between trust thresholds and
trust score

• Example
• trust score falls in range of average
• -gt x1(Ri x2)
• Computations
• 30-(13-4) 21
• 21 of peers traffic is accepted within period
  k.

Given Ri 13 x130 x24
19
Experiments system design

• implementation were based on Phex version
  0.9.5.54, a java-based Gnutella client

20
Experimental setup

• Network 3 P2P clients set up as Ultrapeers
• peer capacity - 20 queries per time period k
• k5 sec
• Extensive traffic threshold t1.7
• Trust thresholds
• x120
• x25
• Initial reputation values for peers were set up
  manually

21
Scenario 1

• Decrease of full reputation when peer P1 starts
  acting maliciously

22
Scenario 2

• Reputation gain when peer starts acting
  properly

23
Conclusion

• We have proposed reputation-based trust
  management model for P2P networks
• approach is decentralized
• requires no peers cooperation
• employs only on-demand calculations

24
Future work

• Enhancement of the model through
• user profiling techniques
• anomaly detection