A reputation-based trust A reputation-based trust management in peer-to-peer management in peer-to-peer

network systemsnetwork systems

Natalia Stakhanova, Sergio Ferrero, Natalia Stakhanova, Sergio Ferrero, Johnny Wong, Ying CaiJohnny Wong, Ying Cai

Department of Computer ScienceDepartment of Computer ScienceIowa State UniversityIowa State University

Ames, Iowa, USAAmes, Iowa, USA

OutlineOutline

• Peer-to-peer(P2P) networks overviewPeer-to-peer(P2P) networks overview• Related workRelated work• Proposed approachProposed approach• ExperimentsExperiments

Peer-to-peer (P2P)Peer-to-peer (P2P)networks overviewnetworks overview

• P2P network - P2P network - an overlay network of peers exchanging an overlay network of peers exchanging resourcesresources • common uses: file sharing, distributed computing, common uses: file sharing, distributed computing,

instant messaging instant messaging • types: types:

• Centralized (Napster)Centralized (Napster)• Central indexing server contains information about all peer’s shared filesCentral indexing server contains information about all peer’s shared files

• Decentralized (Gnutella, Freenet) Decentralized (Gnutella, Freenet) • No central indexing, all peers are equalNo central indexing, all peers are equal• Very popularVery popular

• Hybrid (KaZaA, FastTrack)Hybrid (KaZaA, FastTrack)• Supernodes maintain index of files shared by their local peersSupernodes maintain index of files shared by their local peers

P2P networks overviewP2P networks overview

• Differences with traditional networksDifferences with traditional networks• Highly dynamic Highly dynamic

• autonomous peersautonomous peers• peers leave & join the network at any timepeers leave & join the network at any time• shared storageshared storage

• Peers act as servers and clientsPeers act as servers and clients

P2P security threats P2P security threats

• Denial-Of-Service attacks (DoS)Denial-Of-Service attacks (DoS)• Decentralized P2P networks (Gnutella)Decentralized P2P networks (Gnutella)

• Virus distributionVirus distribution• Dishonest uploadDishonest upload

• Unauthorized access to informationUnauthorized access to information

Goal: communication with trusted peers onlyGoal: communication with trusted peers only

Reputation-based approach Reputation-based approach

• Natural mechanism for selecting trusted Natural mechanism for selecting trusted partners for communicationpartners for communication• limit communication with unreliable peerslimit communication with unreliable peers

• Most commonly usedMost commonly used

Related workRelated work• Centralized approachesCentralized approaches

• Debit-Credit Reputation Computation (DCRC) schemaDebit-Credit Reputation Computation (DCRC) schema • Each peer tracks its own positive contribution using credit-debit mechanismEach peer tracks its own positive contribution using credit-debit mechanism• Reputation Computation Agent (RCA) periodically collects reputationsReputation Computation Agent (RCA) periodically collects reputations

• Decentralized approachesDecentralized approaches• NICE NICE

• Reputation is in form of cookies which express peer’s satisfaction about the Reputation is in form of cookies which express peer’s satisfaction about the transactionstransactions

• If no cookie is found information is requested from If no cookie is found information is requested from • P2PRepP2PRep

• Reputation of the peer is based on other peer’s opinion Reputation of the peer is based on other peer’s opinion • Request peer’s opinion on one’s reputation through polling protocolRequest peer’s opinion on one’s reputation through polling protocol

• OthersOthers• Daswani and Garcia-Molina’s Daswani and Garcia-Molina’s schema for allocating resources fairlyschema for allocating resources fairly

• Traffic management based on lTraffic management based on load-balancing policiesoad-balancing policies• DoS attacks onlyDoS attacks only

Factors to be considered inFactors to be considered inreputation-based approachreputation-based approach

• Extensive traffic in Gnutella-like P2P networkExtensive traffic in Gnutella-like P2P network• StorageStorage

• centralcentral

• locallocal

• Cooperation of other peers Cooperation of other peers • System overheadSystem overhead

Proposed approachProposed approach

• Reputation calculation is based Reputation calculation is based the monitored the monitored activity of the connected peersactivity of the connected peers

• assessing the reputation of the peers before assessing the reputation of the peers before accepting traffic from other peersaccepting traffic from other peers

• if traffic is accepted update reputation of peers if traffic is accepted update reputation of peers involvedinvolved

• Decentralized - reputations are stored and managed locally Decentralized - reputations are stored and managed locally

Contribution of our approachContribution of our approach

• Fully decentralized modelFully decentralized model• Requires no cooperation for reputation Requires no cooperation for reputation

computationcomputation• On demand calculationsOn demand calculations• Lightweight – little system overheadLightweight – little system overhead

Reputation calculationReputation calculation

• Peer’s reputationPeer’s reputation indicates indicates its its contribution to the functioning of contribution to the functioning of the P2P networkthe P2P network

• Four factors determining reputation:Four factors determining reputation:• Resource searchResource search• Resource uploadResource upload• Resource downloadResource download• Traffic extensiveness Traffic extensiveness

• Factors = actionsFactors = actions• Bad actions Bad actions • Good actions Good actions

Resource searchResource search

• willingness of a peer to forward traffic willingness of a peer to forward traffic employ “trailer” as an addition to Query message employ “trailer” as an addition to Query message

• each peer that forwards the query adds its ID to the each peer that forwards the query adds its ID to the “trailer” “trailer”

• when peer forms QueryHit, it transfers a “trailer” from when peer forms QueryHit, it transfers a “trailer” from Query to QueryHit Query to QueryHit

• peer originated a query receives QueryHit with “trailer” peer originated a query receives QueryHit with “trailer” and updates reputationsand updates reputations

Resource uploadResource upload

• Indicates another peer’s interest in the Indicates another peer’s interest in the shared resource shared resource • Completely uploaded file is a Completely uploaded file is a successful upload or successful upload or

good actiongood action

Resource downloadResource download

• reflects the quality of the downloaded reflects the quality of the downloaded information information

• User decides if User decides if download was successful download was successful

Traffic extensivenessTraffic extensiveness

• help to evaluate the traffic load coming help to evaluate the traffic load coming from all connected peers from all connected peers • based on the average loadbased on the average load

• load is extensive if it exceeds the average amount by a load is extensive if it exceeds the average amount by a user pre-defined threshold user pre-defined threshold

n

LcK > ∑ lj /n * t j=1

LcK - current load from peer k t - threshold n - number of connected peers lj - number of bytes sent by peer j

Reputation calculationReputation calculation

• Reputation value (trust score) isReputation value (trust score) is a percent of bad a percent of bad actions happened during a period of time actions happened during a period of time

Ri = BAi/ TAi

Ri - trust score of peer i TAi - total number of considered actions for this peer iBAi - number of bad actions for this peer i

Trust thresholdsTrust thresholds

• indicate peer’s trust policyindicate peer’s trust policy•percent of bad actions acceptable by the peer percent of bad actions acceptable by the peer

Trust ThresholdTrust Threshold MeaningMeaning DescriptionDescription

Greater than xGreater than x11 DistrustDistrust Peer is completely untrustworthy.Peer is completely untrustworthy.

Between xBetween x1 1 and xand x

22 AverageAverage Peer is trustworthy.Peer is trustworthy.

Less than xLess than x22 Full trustFull trust Peer has a complete trust.Peer has a complete trust.

The correspondence between trust The correspondence between trust thresholds and trust scorethresholds and trust score

Example:Example:

• trust score falls in range of “average” trust score falls in range of “average”

-> -> xx11–(R–(Rii – –xx22))

Computations:Computations:30-(13-4) = 2130-(13-4) = 2121% of peer’s traffic is accepted within period k.21% of peer’s traffic is accepted within period k.

Given:Ri =13x1=30 x2=4

RRii => x => x11 xx11> R> R

ii > x > x22 RRii =< x =< x

22

No traffic is acceptedNo traffic is accepted xx11–(R–(Rii––xx22) ) percent of the traffic percent of the traffic

from peer from peer ii is accepted for a is accepted for a period of time k.period of time k.

All traffic is All traffic is acceptedaccepted

Experiments: Experiments: system designsystem design

P2P client

…

Sec

urity

M

anag

er

Rep

utat

ion

Man

ager

Reputation repository

Internet

Connection Engine

• implementation were based on Phex version 0.9.5.54, a java-based Gnutella client

Experimental setup Experimental setup

• NetworkNetwork : 3 P2P clients set up as Ultrapeers : 3 P2P clients set up as Ultrapeers

• peer capacity - 20 queries per time period kpeer capacity - 20 queries per time period k• k=5 seck=5 sec

• Extensive traffic threshold t=1.7Extensive traffic threshold t=1.7 • Trust thresholds Trust thresholds

• xx11=20 =20

• xx22=5 =5

• Initial reputation values for peers were set up manually Initial reputation values for peers were set up manually

Scenario 1Scenario 1

• Decrease of full reputation when peer P1 starts “acting” Decrease of full reputation when peer P1 starts “acting”

maliciouslymaliciously

0%

20%

40%

60%

80%

100%

120%

0 1 4 7 10 13 16 18 21 24 27

Number of bad actions

P1 trust score % of proccessed queries for P1

% of proccessed queries for P2

Scenario 2Scenario 2

• Reputation gain when peer starts “acting” properlyReputation gain when peer starts “acting” properly

0%2%4%

6%8%

10%12%

14%16%18%

200 209 218 227 236 245 254 263 272 281 290 299 308 317 326 335

Total number of actions

Trust score % of proccessed queries

Conclusion Conclusion

• We have proposedWe have proposed reputation-based trust reputation-based trust management model for P2P networksmanagement model for P2P networks

• approach is decentralizedapproach is decentralized

• requires no peers’ cooperation requires no peers’ cooperation

• employs only on-demand calculations employs only on-demand calculations

Future workFuture work

• Enhancement of the model through Enhancement of the model through • user profiling techniquesuser profiling techniques• anomaly detectionanomaly detection