Trusted P2P Transactions with Fuzzy Reputation...

Shanshan Song, Kai Hwang,and Runfang ZhouUniversity of Southern California

Yu-Kwong KwokUniversity of Hong Kong

Trusted P2P Transactions with FuzzyReputation Aggregation

Internet commerce and online commodity exchanges suffer from distrust

among sellers and buyers, who are often strangers to each other. The authors

present a new P2P reputation system based on fuzzy logic inferences, which

can better handle uncertainty, fuzziness, and incomplete information in peer

trust reports.This system aggregates peer reputations with affordable message

overhead. By testing the system using eBay transaction data in the public

domain, the authors seek to demonstrate the efficacy and robustness of two

P2P reputation systems — FuzzyTrust and EigenTrust — at establishing trust

among the peers in P2P applications.

The Internet has enabled e-commerceand e-auctions for online commodi-ty exchanges among strangers

worldwide. Many companies, includingeBay, Amazon, uBid, and Yahoo, nowoffer e-auction platforms to facilitatesuch transactions. A growing number ofonline commercial transactions occur inpeer-to-peer (P2P) environments, whichdon’t require a central authority to medi-ate such exchanges. Rather, participatingpeers can sign in and out asynchronous-ly at will and perform their transactionspoint-to-point or point-to-multipointanonymously. Thus, a business or enter-prise must have an effective reputationsystem to help users locate trustworthypartners and exchange commoditiessecurely with confidence.

A reputation system’s effectivenessdepends on the trust model adapted.Most existing trust models are developedfor general-purpose P2P applicationsthat emphasize distributed file-sharing1

(see the “Related Work in P2P Reputa-tion Systems” sidebar). Little work hasbeen done in establishing trust in e-commerce applications. Most notably,Daniel Manchala has assessed some met-rics to quantify the trust among e-trans-action intermediaries.2 Li Xiong andLing Liu proposed the PeerTrust systemfor trust management.3

At the University of Southern Califor-nia (USC), we aimed to develop an effec-tive and efficient reputation system basedon a fuzzy-logic approach, leveragingfuzzy-logic’s ability to handle uncertain-

24 NOVEMBER • DECEMBER 2005 Published by the IEEE Computer Society 1089-7801/05/$20.00 © 2005 IEEE IEEE INTERNET COMPUTING

Ad

Hoc

and

P2P

Sec

urit

y

ty, fuzziness, and incomplete information adap-tively. To this end, we first analyzed the eBay auc-tion-based transaction trace data to sort out clientbehavioral characteristics. Then we builtFuzzyTrust, a prototype P2P reputation systemthat helps establish mutual trust among strangersin P2P transaction applications.

Our system uses fuzzy logic inference rules tocalculate local trust scores and to aggregate glob-al reputation. This system benefits from the dis-tinct advantages of fuzzy inferences, which canhandle imprecise linguistic terms effectively. In the

“Fuzzy Logic Inference and Applications” sidebar,we give details on how to perform fuzzy inferencein the FuzzyTrust system. The system uses distrib-uted-hash-table (DHT) overlay networks to per-form fast and secure reputation disseminationamong peers.4

We evaluated the FuzzyTrust system via simu-lation experiments over the eBay trace data, whichwe collected from the public domain during March2005. We then compared FuzzyTrust with theEigenTrust algorithm proposed at Stanford Uni-versity,5 which calculates global peer reputation by

IEEE INTERNET COMPUTING www.computer.org/internet/ NOVEMBER • DECEMBER 2005 25

Fuzzy Reputation Aggregation

Related Work in P2P Trust Management

Several representative P2P reputationsystems currently exist, although the

list we present is by no means exhaustive.The eBay and PeerTrust systems intro-duced here focus on trust management insecuring commodity exchanges in e-com-merce applications, as does the FuzzyTrustsystem we present in the main text.Theother systems focus on generic P2P appli-cations such as P2P file sharing and Webservice sharing.

The eBay user feedback system1 (www.ebay.com) is by far the simplest and mostpopular trust-management system, and isspecifically tailored for e-auction applica-tions. It applies a centralized database tostore and manage the trust scores. Data isopen to the general public, so newcomerscan easily obtain peer scores. It’s really ahybrid P2P system using both distributedclient resources and centralized servers.

R. Guha and colleagues at IBM AlmadenResearch Center developed an interestingidea about the propagation of distrust.2 Inaddition to maintaining positive trust val-ues for peers, the system also allows theproactive dissemination of some maliciouspeers’ bad reputations. Sonja Bucheggerand Jean-Yves Le Boudec designed a dis-tributed reputation system using a Bayesianapproach, in which the second-hand repu-tation rating is accepted only when it isn’tcompatible with the primary rating.3

Several universities are working onresearch projects involving trust manage-ment in P2P applications. At Georgia Tech,Li Xiong and Ling Liu have developed the

PeerTrust model.4 Their model is based ona weighted sum of five peer feedback fac-tors:peer records, scope, credibility, transactioncontext, and community context. PeerTrust isfully distributed, uses overlay for trustpropagation, public-key infrastructure forsecuring remote scores, and prevents peersfrom some malicious abuses.

At Stanford University, Hector Garcia-Molina and colleagues proposed the Eigen-Trust algorithm,5 which captures peerreputation in the number of satisfactorytransactions and then normalizes it over allparticipating peers.The algorithm aggre-gates the scores by a weighted sum of allraw reputation scores. EigenTrust is fullydistributed using a DHT-based overlay net-work.The system also assumes pre-trustpeers and uses majority voting to checkfaulty reputation scores reported.

Weisong Shi and colleagues at WayneState University proposed the TrustWaresystem (http://mist.cs.wayne.edu/trustware.html),6 a trusted middleware for P2P appli-cations. Their approach consists of twomodels: the Multiple Currency Based Eco-nomic model (M-CUBE) and the Personal-ized Trust model (PET). The M-CUBEmodel provides a general and flexible sub-strate to support high-level P2P resource-management services. PET derives peertrustworthiness from long-term reputationevaluation and short-term risk evaluation.

At University of Maryland, SeungjoonLee and colleagues proposed in the Niceproject a scheme for trust inference in P2Pnetworks.(www.cs.umd.edu/projects/nice/).7

The trust inference consists of two partsfor local trust inference and distributedsearch. After each transaction, the systemgenerates cookies to record direct trustbetween peers. It also uses trust graphs toinfer transitive trust along a peer chain.

References1. P. Resnick and R. Zeckhauser, “Trust among

Strangers in Internet Transactions: Empirical Analy-

sis of eBay’s Reputation System,” The Economics of

the Internet and E-commerce, M.R.Baye, ed., Elsevi-

er, 2002, pp. 127–157.

2. R. Guha et al,“Propagation of Trust and Distrust,”

Proc. World Wide Web Conf. (WWW 2004), ACM

Press, 2004, pp. 403–412.

3. S. Buchegger and J.-Y. Le Boudec,“A Robust Rep-

utation System for P2P and Mobile Ad-Hoc Net-

works,” Proc. 2nd Workshop Economics of

Peer-to-Peer Systems, 2004; http://citeseer.ist.psu.

edu/buchegger04robust.html.

4. L. Xiong and L. Liu,“PeerTrust: Supporting Repu-

tation-Based Trust for Peer-to-Peer Electronic

Communities,” IEEE Trans.Knowledge and Data Eng.,

vol. 16, no. 7, 2004, pp. 843–857.

5. S. Kamvar, M. Schlosser, and H. Garcia-Molina,“The

EigenTrust Algorithm for Reputation Management in

P2P Networks,” Proc. World Wide Web Conf. (WWW

2003), ACM Press,2003,pp.640–651.

6. Z. Liang, and W. Shi, “PET: A PErsonalized Trust

Model with Reputation and Risk Evaluation for P2P

Resource Sharing,” Proc. 38th Ann.Hawaii Int’l Conf.

System Sciences, IEEE CS Press, 2005, pp. 201.2.

7. S. Lee, R. Sherwood, and B. Bhattacharjee,“Coop-

erative Peer Groups in NICE,” Proc. IEEE Conf.Com-

puter Comm. (INFOCOM 03), IEEE CS Press, 2003,

pp.1272–1282.

considering the entire system’s history. We demon-strate via experimentation that FuzzyTrust is moreeffective in identifying malicious peers and is effi-cient with reduced message overhead in the glob-al reputation aggregation process.

P2P ReputationSystems for e-TransactionsP2P systems are client-oriented, and the peersinvolved are autonomous. Such systems can growor shrink dynamically with self-organizing capa-bilities. Unfortunately, dynamic features of P2Psystems make them prone to cyberspace abusesand attacks. P2P reputation systems aim to stopsuch abuses and avoid unnecessary losses for well-behaved peers.1 Figure 1 shows the key compo-nents of a typical P2P reputation system.

At the top of the diagram, we identify fourmajor P2P applications: consumer product ex-change, distributed file-sharing, security infor-

mation sharing, and processing-cycle sharingamong distributed clients. To support consumerproduct exchange and share security information,we designed our reputation system specifically fore-commerce applications. In such applications,both sellers and buyers are participating peers: thesellers post their merchandise on the Internet forsale, and the buyers place their orders from theclient hosts at the Internet edge. We built a P2Poverlay network on top of the peer hosts that actsas a virtual network for peer reputation evalua-tion and dissemination. We preferred using astructured P2P overlay such as DHT rather thanunstructured P2P systems because it shortens thedata-search process and reduces routing com-plexity.4 In Figure 1, solid lines link the intendedexchange partners and symbolize the establish-ment of mutual trust. The dashed lines refer tointermediate peers involved in the reputation-aggregation process.

26 NOVEMBER • DECEMBER 2005 www.computer.org/internet/ IEEE INTERNET COMPUTING

Ad Hoc and P2P Security

Ever since Lotfi Zadeh proposed fuzzylogic 40 years ago,1 fuzzy theory has

demonstrated its power in managing

uncertainties and mimicking the humandecision-making process. (You can findarchival articles and tutorials on fuzzy

logic at www.austinlinks.com/Fuzzy/, andbooks, journals, and research groups onthe topic at www.abo.fi/~rfuller/fuzs.html).

Figure A. Fuzzy membership functions and the fuzzy reputation aggregation procedure. We show (1) the highmembership function of a local score (� ), (2) the five levels of membership functions of � , and (3) the application oftwo rules to induce the seller’s local score.

� (0.75) = 1

�high = (� ) � (� )

� (0.6) = 0.26

1.0

0.5

0.0 0.2 0.4 0.6 0.8 1.0

1.0

0.5

0.0 0.2 0.4 0.6 0.8 1.0

High

(1)

(3)

(2)

Verylow Low Medium High

Veryhigh

Rule 1: Q is very good

Rule 2: Q is ordinary

AND

AND

T is moderate IMPLY

T is fast

Q= 0.84 T = 0.26

� is high

IMPLY � is medium

� = 0.6

Aggregate

Fuzzy Logic Inference and Applications

P2P Transaction ApplicationsIn this article, we concentrate on P2P transactionsthat don’t use external authorities to mediatetransaction flows. Every peer node is both a clientand a server and acts as an information source. Inconsumer product exchanges, buyers like to knowa seller’s reputation before they commit to payingfor desired goods. In a file-sharing application,downloading peers prefer to receive files fromtrusted peers to ensure that such files aren’t infect-ed with viruses or embedded with Trojan horses.Consumer product exchanges and P2P file sharingusually occur at client desktops.

Conversely, benefiting from recent advance-ments in Web services architectures, some P2Pactivities occur at the server level, such as securi-ty information sharing. Clearly, a server wouldalways want to receive and process securityupdates from other trusted servers. In a P2P gridenvironment, users share their processing cycles to

perform large-scale, collective, and cooperativecomputational applications. For security reasons,users would want to avoid executing their jobs onremote machines, especially if they couldn’t fullytrust those machines.6

Reputation Evaluation and DisseminationReputation is hard to quantify because manydynamic factors are involved. In a fully distributedP2P system involving numerous peers, a peer oftencan’t assess another peer’s reputation effectively,but rather must rely on collective opinions fromother peers. However, this introduces new chal-lenges, such as how to determine the accuracy ofthe collected opinions and how to aggregate theconflicting opinions to yield a global reputation.Furthermore, the global reputation aggregationprocess can be very time consuming and incur aheavy messaging overhead when high accuracy orupdated reputation are desired.



Researchers report successful applicationof fuzzy theory for adaptive control inrobotics, tracking, and consumer electron-ics; information retrieval in database man-agement; pattern recognition in advancedautomation; and fuzzy decision support tohandle uncertainties in large-scale infor-mation systems.2

We introduce yet another importantapplication to the network security area:fuzzy reputation management. This is anew approach to supporting approxi-mated reasoning. The FuzzyTrust model isuseful in manipulating imprecise or uncer-tain information. Indeed, there are fivecommon features between a reputationsystem and a fuzzy controller designed forcontrol optimization:

• Imprecise inputs: Transaction recordscan contain untruthful information —a situation similar to the handling ofnoisy signals in a control application.

• Linguistics expertise knowledge: Inevaluating reputation, human know-ledge must be the fundamental input.This is similar to the use of linguisticsinformation in a control application.

• Prior information: We need to use

imprecise transaction records accu-mulated in the past. This resembles thelearning process in evolving the fuzzycontroller rule set.

• Dynamic environment: Peer behaviorchanges dynamically, and such changesmust be tracked efficiently.This parallelsthe handling of dynamically changingenvironmental signals in a controlapplication.

• Capture of feedback: We must usefeedback from previous reputationevaluation results in a way similar tocalibrating a fuzzy controller by systemfeedback.

To explain basic fuzzy concepts,we usethe seller’s local score inference example.In fuzzy theory, the membership function�(x) for a fuzzy variable x specifies thedegree of an element belonging to a fuzzyset. It maps x into the range [0, 1], where 1is full membership and 0 is no membership.Figure A1 shows a high membership func-tion for modeling the local score (� ), andFigure A2 shows the five levels of member-ship function. Figure A3 illustrates the infer-ence process.Consider two fuzzy variables:one is the product quality (Q) and another is

the delivery time (T), with initial values Q =0.84 and T = 0.26.

To illustrate,we apply the following twosimple fuzzy inference rules in Figure A3:

1. If Q is very good AND T is moderate,then � is high.

2. If Q is ordinary AND T is fast, then � ismedium.

We infer all rules in parallel and deter-mine the resulting membership by assessingall terms in the premise. We apply the fuzzyoperator AND to determine the supportdegree of the rules, and the AGGREGATEoperator superimposes two resulting mem-bership curves. We generate the final localscore � = 0.6 by defuzzifying from theaggregation result, taking the centroid of thesuperimposed membership curve in FigureA3. In a real-life P2P reputation system, thisfuzzy logic inference process could demandanywhere from tens to hundreds of rules.

References1. L. Zadeh,“Fuzzy Sets,” Information and Control, vol.

8, 1965, pp. 338–353.

2. G.J. Klir, U. St. Clair, and B.Yuan, Fuzzy Set Theory:

Foundations and Applications, Prentice Hall, 1997.

Fuzzy Logic Inference and Applications (cont.)

An effective P2P reputation system assessesreputation locally and aggregates the meta-reputation globally. It must accurately capture andtrack various local parameters — buyers should beable to capture potential sellers’ credit records, forexample — or preferences with respect to thegoods being sold. The reputation system mustalso accurately filter out untrustworthy secondopinions from any malicious peers trying toblacken the reputations of some well-behavedpeers in the system.

Analysis of the eBay Transaction DataeBay (www.ebay.com) is by far the most successfulcyberexchange platform currently on the Internet,and most transactions via the site are conductedamong strangers. Although eBay has a centralizedreputation system, all transactions among the peersare distributed at the client end. The eBay transac-tion records provide a real-life data set for testing aP2P reputation system’s efficacy.

To obtain eBay transaction records, we ex-tracted public-domain data released on its Website, crawling over more than 10,000 Web pagesfrom users to produce the trace file. We observedthree important characteristics of eBay transac-

tions: super versus small users; unstable transac-tion intervals for small users; and skewedtransaction amounts. We briefly describe thesecharacteristics, and Figure 2 illustrates the peerfeedback distribution, user interaction pattern,transaction interval, and variation of transactionamounts illustrated.

Super Users versus Small UsersFigure 2a demonstrates how we sort users in adecreasing order based on how many transactionsthey’ve conducted. The eBay transactions follow apower-law distribution across the peer ranks. Inour analysis, we found a hot-spot situation inwhich a few super users (big circles in Figure 2b)contributed most of the transactions, whereasmany small users (small circles in Figure 2b)engaged in only a few transactions. The superusers have a high node degree — or many linkswith other users, as Figure 2b shows — and thesmall users have a lower node degree, indicatingthat they have just a few transaction partners.

Unstable Transactions by Small UsersThe time interval between two adjacent transac-tions is short and stable for super users. For smallusers, however, the transaction intervals are longand unstable, as Figure 2c illustrates. Our eBaytrace shows that some super users conducted morethan 10,000 transactions in three months, whereasthe small users conducted only a few tens of trans-actions in several years. Additionally, super usersconducted 65 percent of subsequent transactionswithin 10 minutes of the previous transaction,whereas small users conducted 50 percent of sub-sequent transactions 40 hours later.

Skewed Transaction AmountThe transaction amount is highly skewed in thesense that a small number of large transactionscoexist with a large number of small transactions.The large transactions dominate the total amounttransacted. Figure 2d shows typical transactionamounts in the eBay system. Here, the normalizedtransaction rank indicates the percentage of top-valued commodities transacted. We plot thepercentage of cumulative amount verses the trans-action rank. For example, Figure 2d shows that 30percent of the large transactions make up 70 per-cent of the total commodity value. This impliesthat 70 percent of the remaining smaller transac-tions contribute only 30 percent of the total trans-action amount.



Figure 1. A typical peer reputation aggregation system. Thesystem is built with a P2P overlay network to facilitate trustedcommodity exchanges over the Internet. The lower solid line linksthe intended exchange partners. The upper solid line shows theestablishment of mutual trust between the peers. The dashed linesrefer to intermediate peers involved in the aggregation process.

Reputation evaluation and dissemination system

Internet

Logicalremote

reputationacquisition

Intended exchange partners

Local aggregationof reputation data

Consumerproductexchange

Filesharing

Securityinformation

sharing

Processingcycle sharing

Data Data Data

P2P overlay network infrastructure

Multihop reputationrelaying via the

overlay network

FuzzyTrust System ArchitectureAfter analyzing the characteristics of eBay’s trans-action data, we developed the FuzzyTrust prototypesystem for evaluating peer reputation in P2P trans-actions. We built FuzzyTrust with the fuzzy-logicinference technique introduced in the sidebar. In par-ticular, the system is capable of handling impreciseor uncertain information collected from the peers.

System Design RequirementsUsing what we learned from eBay’s transactioncharacteristics, we suggest three important designcriteria:

• First, the network bandwidth consumptionrequired to exchange local trust scores for hotspots can be extremely high. Thus, a reputationsystem for e-transactions should consider theunbalanced transactions among users.

• Second, to address the lesser impact from smallusers, a reputation system shouldn’t apply thesame evaluation cycle for all peers. The superusers should be updated more often than thesmall users.

• Third, with a skewed transaction amount, itmakes sense to evaluate the large transactionsmore often than the small ones.



Figure 2. P2P interaction characteristics. We revealed four characteristics using real-life eBay transaction traces. Welooked at (a) peer ranks (power-law distribution), (b) hot spots (super versus small users), (c) the transaction interval,and (d) the transaction amount distribution.

0.4 0.6 0.8 1.0

0.2

0.4

0.6

0.8

1.0

70%

30%

Acc

umul

ativ

e am

ount

(%

)

Normalized transaction ranks10 100 1,000 10,000 100,0000

10

20

30

40

50

60

Num

ber

of t

rans

actio

ns (

%)

Transaction interval (minutes)

Super userSmall user

(a) (b)

(c) (d)

1 10 100 1,000 10,000 100,000 1e+06 1e+07

Num

ber

of t

rans

actio

ns

Peer rank

70

10

100

1,000

10,000

0.20.0

Our system works by performing two major infer-ence steps: local-score calculation and global rep-utation aggregation (see Figure 3).

Local-Score Computation. In FuzzyTrust, peersperform fuzzy inference on local parameters togenerate the local scores. Figure 3a illustrates thelocal-score calculation for eBay transactions. Thefuzzy inference mechanism can capture someuncertainties and is self-adjusting. It can adap-tively track the variation of local parameters, suchas payment method and time, goods quality, deliv-ery time, and so on. Additional examples of thisprocess are available elsewhere.7

Global Reputation Aggregation. The FuzzyTrustsystem aggregates local trust scores collectedfrom all peers to produce a global reputation foreach peer. The system uses fuzzy inference toobtain the global reputation aggregation weights,as illustrated in Figure 3b. We determine theaggregation weights using three variables: thepeer’s reputation, the transaction date, and thetransaction amount. In a full-scale P2P reputa-tion system, the number of fuzzy inference rulescould be extended to several hundreds. Howev-er, we list five frequently used fuzzy inferencerules we applied to the prototype FuzzyTrust sys-tem construction.

1. If the transaction amount is very high and thetransaction time is new, then the aggregationweight is very large.

2. If the transaction amount is very low or thetransaction time is very old, then the aggre-gation weight is small.

3. If a peer’s reputation is good and the trans-action amount is high, then the aggregationweight is very large.

4. If a peer’s reputation is good and the trans-action amount is low, then the aggregationweight is medium.

5. If a peer’s reputation is bad, then the aggre-gation weight is very small.

We calculate the global reputation using thefollowing formula:

(1)

where Ri is the global reputation of peer i, S is theset of peers with whom peer i has conducted trans-actions, tji is the local trust score of peer i rated bypeer j, and wj is the aggregation weight of tji. Theglobal aggregation process runs multiple iterationsuntil each Ri converges to a stable global reputa-tion rating for peer i.

DHT-Based Overlay ImplementationWe implemented the prototype FuzzyTrust systemon a DHT-based P2P overlay network, with anarchitecture similar to that of Chord,4 a DHT ringthat provides fast trust aggregation and securemessage transmission. The Chord system is high-ly scalable, robust to failure, and self-organizingin that it handles peer join and leave from the sys-tem. Figure 4 shows the DHT-based FuzzyTrustsystem architecture.

Each peer maintains two tables: a transac-tion record table to maintain transaction recordswith remote peers, and a local score table tomaintain remote peers’ evaluated trust scores.Based on the transaction records, we infer theglobal aggregation weights through the fuzzyinference system. When performing global rep-

Rw

wt

w t

wij

j Sj

jij S

j jij S

jj S

=

=

∈∈

∈

∈∑∑

∑

∑∑,



Figure 3. Local trust inference versus global reputation aggregation. The FuzzyTrust system (a) performs fuzzy logicinferences to determine the local trust scores and (b) uses accumulated local scores for weight inference in globalreputation aggregation.

Buyer’s localtrust score

Paymentmethod

Paymenttime

Fuzzy inference

Seller’s localtrust score

Goodsquality

Deliverytime

Fuzzy inference

Remote peer'strust score

Transactiondate

Global reputationaggregation weight

Transactionamount

Fuzzy inference

(a) (b)

utation aggregation, each peer queries the trustscores from remote peers. To tackle the hot-spotissue, the system partially queries qualifiedpeers that meet an aggregation threshold. Fig-ure 5 shows an example of global reputationaggregation based on the DHT configuration inFigure 4.

In this particular example, the system sets anaggregation threshold of 0.7 for Peer 2. Thus,Peers 28 and 20 are qualified to be queried, where-as Peers 9 and 4 aren’t qualified and thus aren’tqueried. Peers 28 and 20 transmit their localscores t28,2 and t20,2 to Peer 2. We use Equation 1to calculate Peer 2’s global reputation. We set ahigh threshold for the hot spots, so the systemqueries only a few peers, thus reducing the band-width consumption.



Figure 4. The FuzzyTrust system architecture. We built FuzzyTrust with a DHT-based overlay network supporting the localtrust score dissemination and global reputation aggregation.

Remotepeer ID

Remotepeer’s trust

score

Transactionamount

Transactiondate

Globalaggregation

weight

4 0.5 $15 02/11/2005 0.59 0.7 $10 02/15/2005 0.620 0.9 $99 02/13/2005 0.828 0.8 $399 02/14/2005 0.9

Peer 2 transaction record table

Remotepeer ID

Remotepeer’s trust

score

Transactionamount

Transactiondate

Globalaggregation

weight

20 0.9 $5 02/01/2005 0.5

9 0.8 $100 02/15/2005 0.9

Peer 16 transaction record table

Remotepeer ID

Localscore

2 0.94 0.7...

Peer 28 score table

Remotepeer ID

Localscore

2 0.716 0.9...

Peer 20 score tableRemotepeer ID

Localscore

2 0.616 0.8...

Peer 9 score table

Remotepeer ID

Localscore

2 0.7...

Peer 4 score table

Peer 28Peer 4

Peer 9

Peer 16

Peer 20

t28,2 = 0.9

t20,2 = 0.7

t9,16 = 0.6

Peer 2

Figure 5.Global reputation aggregation using the DHT ring from Figure4. The system sets Peer 2 with an aggregation threshold of 0.7. ThusPeer 9 and Peer 4 are disqualified from participating in the evaluationprocess. Peer 2’s reputation is aggregated from two local trust scores,t28,2 and t20,2, generated by Peer 28 and Peer 20, respectively.

Qualified peers Disqualified peers

Aggregationthreshold = 0.7

w28 = 0.9

t20,2 = 0.7t28,2 = 0.9

w20 = 0.8

w9 = 0.6

w4 = 0.5

R2 =w28

w28 + w20t28,2 +

w20

w28 + w20t20,2

= 0.90.9 + 0.8

× 0.9 + 0.80.9 + 0.8

× 0.7 = 0.81

Peer 2

Peer 28 Peer 20 Peer 9 Peer 4

Simulated Performance ResultsWe evaluated the FuzzyTrust and EigenTrust sys-tems for P2P transactions using the eBay tracedata set we collected at USC. We compare the twoP2P reputation systems in the following three per-formance matrices:

• the convergence time needed to establish eachpeer’s global reputation,

• the detection rate of malicious peers, and • the message overhead involved in global repu-

tation aggregation.

We simulated the global reputation aggrega-tion of the two P2P reputation systems over P2Psystems with N = 100 to 10,000 peers. For eachcase, the super users or most active peers per-formed 10N transactions. The number of transac-tions per peer follows the power-law distributionwith a slope of –1.215, which we obtained fromthe eBay trace experiments. The transaction datefollows a Poisson distribution with an arrival rate� = 0.2 transactions per minute. The simulationcalculates all local trust scores and aggregatesglobal peer reputation. Figure 6 plots the simulat-ed performance results in four aspects: global con-vergence time, malicious-peer-detection rate,messaging overhead for individual peers, and totalmessaging overhead.

Global Convergence TimeWe plot the convergence times of the EigenTrustand FuzzyTrust systems in Figure 6a. Their con-vergence times are quite close to each other,although the FuzzyTrust system convergesslightly faster than the EigenTrust system. Over-all, their convergence times are comparable, bothincreasing linearly with respect to the P2P net-work size.

Malicious Peer Detection RateMalicious peers are those that, as buyers, make lateor no payments, and, as sellers, deliver bad-qual-ity goods or fail to deliver goods at all. Let � bethe percentage of malicious peers in the P2P sys-tem and m be the number of malicious peers in thesystem. We have m = �N, where N is the systemsize. In our simulation experiments, we preset � =0.3, meaning 30 percent of the peers are poten-tially abusing the system. We denote the numberof malicious peers detected as d(t), which dependson the time of measurement. We define the detec-tion rate � of malicious peers as

�(t) = d(t) /m = d(t)/� N. (2)

Figure 6b plots the measured malicious-peer-detection rate as a function of time represented bythe number of iterations in the evaluation process.The bars correspond to various system sizes Nwith a fixed � = 0.3. We observed two importantphenomena: for all system sizes, FuzzyTrustdetects more than 99 percent of malicious peersafter four iterations, and malicious peers are mucheasier to detect in small systems. Given a systemwith 100 peers, for example, the FuzzyTrust sys-tem detects more than 90 percent of maliciouspeers after the first iteration. The EigenTrust sys-tem has slightly lower detection rates, and isn’tplotted in Figure 6b.

Messaging OverheadFigure 6c plots the average message overhead perindividual peer for a system of 1,000 peers. Werank peers by number of messages transmitted.Compared with the EigenTrust system, messagestransmitted in FuzzyTrust are more evenly dis-tributed among the peers. On average, each peerin FuzzyTrust transmits 17 messages with a stan-dard deviation of 15, compared with 73 messagestransmitted in EigenTrust with a standard devia-tion of 227.

Using the FuzzyTrust system, the peers do expe-rience a noticeably lower messaging overhead. Inother words, our system can better alleviate thehot-spot problem, whereas the EigenTrust systemcannot. Figure 6d shows the total number of mes-sages required to reach a global convergence. Thegap between total message overheads widens as thenetwork size increases. The FuzzyTrust system isscalable in handling an even larger number of P2Pservices. For 10,000 peers, our system needs180,000 messages to aggregate all global reputa-tion scores, whereas the EigenTrust system need580,000 messages to perform the same task.

Fuzzy logic inference is clearly effective for dis-tributed trust management in P2P networks.

Based on the eBay trace data, our experimentalresults show that both the FuzzyTrust and Eigen-Trust systems have comparable global reputationconvergence time. Our system detects all mali-cious peers after a few aggregation iterations. Onaverage, the peers transmit fewer messages usingthe FuzzyTrust system than using EigenTrustwhen performing global reputation aggregation.



Through our experiments, we reveal the power-law connectivity of the DHT-based overlay net-work for fast establishment of global trust amonga scalable number of peers.

For the future, we suggest extending the workon P2P reputation systems by considering peeranonymity and secure storage of global reputa-tions.9. Evaluating various P2P systems over dis-tributed file sharing and P2P grid computing isanother direction for future research.6 For theFuzzyTrust system, we could consider additional e-commerce data traces other than eBay’s, such asthat from Amazon or Yahoo transaction records.We might also further evaluate system performancevia more real-life experiments. It would be usefulto see the FuzzyTrust prototype converted as a pro-duction system in real-life P2P applications.10

AcknowledgmentsUS National Science Foundation Information Technology

Research grant NSF 0325409 supported this work. We thank

the USC GridSec research team for their technical assistance

and useful discussions.

References

1. S. Marti and H. Garcia-Molina, “Taxonomy of Trust: Cat-

egorizing P2P Reputation Systems,” Computer Networks,

special issue on trust and reputation in P2P systems,

2005.

2. D.W. Manchala, “E-Commerce Trust Metrics and Models,”

IEEE Internet Computing, vol. 4, no. 2, 2000, pp. 36–44.

3. L. Xiong and L. Liu, “PeerTrust: Supporting Reputation-

Based Trust for Peer-to-Peer Electronic Communities,”

IEEE Trans. Knowledge and Data Eng., vol. 16, no. 7,

2004, pp. 843–857.



Figure 6. Simulated performance of two P2P reputation systems. We compared the FuzzyTrust system with the EigenTrustsystem over the same eBay transaction data set. We plot (a) the global convergence time, (b) the detection rate ofmalicious peers, (c) the message overhead per individual peer, and (d) the total message overhead needed for globalreputation aggregation.

Con

verg

ence

tim

e (s

ec)

Det

ectio

n ra

te o

f mal

icio

us p

eers

(%

)

0 100 200 300 400 500 600 700 800 900 1,0001

10

100

1,000

Num

ber

of m

essa

ges

by in

divi

dual

pee

r

Peer rank

0

1x105

2x105

3x105

4x105

5x105

6x105

Tota

l mes

sage

ove

rhea

d

0.1

1

10

100

1,000FuzzyTrustEigenTrust

100 200 500 1,000 2,000 5,000P2P system size (N) Iteration number

0

20

40

60

80

100

1 2 3 410,000(a) (b)

(c) P2P system size (N)(d)

100 200 500 2,000 5,000 10,0001,000

FuzzyTrustEigenTrust

FuzzyTrust, � = 17.0, � = 15.978EigenTrust, � = 72.8, � = 227.43

N = 100N = 1,000N = 5,000N = 10,000

4. I. Stoica et al., “Chord: A Scalable Peer-to-Peer Lookup Pro-

tocol for Internet Applications,” IEEE/ACM Trans. Net-

working, vol. 11, no. 1, 2003, pp. 17–32.

5. S. Kamvar, M. Schlosser, and H. Garcia-Molina, “The

EigenTrust Algorithm for Reputation Management in P2P

Networks,” Proc. World Wide Web Conf. (WWW 2003),

ACM Press, 2003, pp. 640–651.

6. R. Zhou and K. Hwang, Trust Overlay Networks for Global

Reputation Aggregation in P2P Grid Computing, tech.

report TR-2005-16, Internet and Grid Computing Lab.,

Univ. of Southern California, October 2005.

7. S. Song, K. Hwang, and Y.-K. Kwok, “Trusted Grid Com-

puting with Security Binding and Trust Integration,” J.

Grid Computing, vol. 3, no. 1, 2005; www.springerlink.

com/link.asp?id=7028153w8653340.

8. S. Marti and H. Garcia-Molina, “Limited Reputation Shar-

ing in P2P Systems,” Proc. ACM Conf. Electronic Commerce

(EC 04), ACM Press, 2004, pp. 91–101.

9. A. Singh and L. Liu, “TrustMe: Anonymous Management

of Trust Relationships in Decentralized P2P Systems,” Proc.

3rd Int’l Conf. Peer-to-Peer Computing (P2P 2003), IEEE CS

Press, 2003, pp. 142–149.

10. S. Song, “Trusted Grid and P2P Computing with Security

Binding and Reputation Aggregation,” PhD dissertation,

Dept. Computer Science, Univ. of Southern California,

Nov. 2005.

Shanshan Song is a PhD student in computer science at the

University of Southern California. She has worked as a

research assistant at the USC Internet and Grid Computing

Laboratory. Her technical expertise lies in grid computing,

network security, and trust management in P2P and grid

systems. Song has a BS in computer science from the Uni-

versity of Science and Technology of China. She is a stu-

dent member of the IEEE and the ACM. Contact her at

[email protected].

Kai Hwang is a professor of electrical engineering and computer

science at the University of Southern California, director

of the USC Internet and Grid Computing Laboratory, and

leader of USC’s GridSec project. He specializes in comput-

er architecture, parallel processing, network security, dis-

tributed computing, and grid and P2P systems. Hwang has

a PhD in electrical engineering and computer science from

the University of California, Berkeley. He is a fellow of the

IEEE. Contact him at [email protected]; http://GridSec.

usc.edu/Hwang.html.

Runfang Zhou is a PhD student in computer science at the Uni-

versity of Southern California. Her research interests

include P2P reputation systems, overlay networks, and net-

work security. Zhou has a BS and an MS in computer sci-

ence from Southeast University, China. Contact her at

[email protected].

Yu-Kwong Kwok is an associate professor of electrical and elec-

tronic engineering at the University of Hong Kong. His

research interests include grid and mobile computing, wire-

less communications, and network protocols. Kwok has a

PhD in computer science from the Hong Kong University

of Science and Technology. He is a senior member of the

IEEE. Contact him at [email protected].



ArchitecturesSupport Services

Algorithm/Protocol Design and AnalysisMobile Environment

Mobile Communication SystemsApplications

Emerging Technologies

IEEE Transactions onMobile Computing

revolutionary new quarterly journal that seeks out and delivers the very best peer-reviewed research results on mobility of users, systems, data, computing information organization and access, services, management, and applications. IEEE Transactions on Mobile Computing gives you remarkable breadth and depth of coverage …

ATo subscribe:

http://computer.org/tmc

or callUSA and CANADA:

+1 800 678 4333WORLDWIDE:

+1 732 981 0060

SubscribeNOW!

本文献由“学霸图书馆-文献云下载”收集自网络，仅供学习交流使用。

学霸图书馆（www.xuebalib.com）是一个“整合众多图书馆数据库资源，

提供一站式文献检索和下载服务”的24 小时在线不限IP

图书馆。

图书馆致力于便利、促进学习与科研，提供最强文献下载服务。

图书馆导航：

图书馆首页文献云下载图书馆入口外文数据库大全疑难文献辅助工具

http://www.xuebalib.com/cloud/

http://www.xuebalib.com/

http://www.xuebalib.com/cloud/


http://www.xuebalib.com/vip.html

http://www.xuebalib.com/db.php

http://www.xuebalib.com/zixun/2014-08-15/44.html


Trusted P2P Transactions with Fuzzy Reputation...

Documents

Transcript of Trusted P2P Transactions with Fuzzy Reputation...