Decoupling Service and Feedback Trust in a Peer-to-Peer Reputation System [chapter]

Gayatri Swamynathan, Ben Y. Zhao, Kevin C. Almeroth
2005 Lecture Notes in Computer Science  
Reputation systems help peers decide whom to trust before undertaking a transaction. Conventional approaches to reputation-based trust modeling assume that peers reputed to provide trustworthy service are also likely to provide trustworthy feedback. By basing the credibility of a peer's feedback on its reputation as a transactor, these models become vulnerable to malicious nodes that provide good service to badmouth targeted nodes. We propose to decouple a peer's reputation as a service
more » ... from its reputation as a service recommender, making the reputation more robust to malicious peers. We show via simulations that a decoupled approach greatly enhances the accuracy of reputations generated, resulting in fewer malicious transactions, false positives, and false negatives. Introduction The explosive growth in the Internet in the last decade has resulted in an increase in the use and popularity of online peer-to-peer (P2P) communities. P2P file sharing communities like Gnutella [9] involve millions of users who interact daily to transfer files among each other free of cost. The success of this type of a P2P community relies on cooperation amongst all the peers in the community. However, peers are anonymous and can act in their self-interests. This open and anonymous nature makes the network difficult to police and vulnerable to a variety of attacks. A number of attacks can interfere with the operation of a P2P system. One common attack is the "whitewashing attack" where a free-riding node repeatedly joins the network under a new identity in order to avoid the penalties imposed on free-riders [8] . A more serious type of attack is when malicious peers exploit file sharing networks to distribute viruses and Trojan horses. The VBS.Gnutella worm, for example, stores trojan executables in network nodes. Mandragore, a Gnutella worm, registers itself as an active peer in the network, and in response to intercepted queries, provides a renamed copy of itself for download [5] . Peers also need to detect inauthentic file attacks, in which corrupted or blank files are passed off as legitimate files. Hence, it is necessary for P2P communities to combat these threats by motivating cooperation and honest participation within their network. Reputation systems help address this need by establishing a trust mechanism that helps peers decide whom to trust before undertaking a transaction. A number of reputation systems have been proposed or deployed in practice. While systems like eBay use a centralized approach [7], a number of decentralized reputation systems encourage cooperation and punish malicious behavior. These systems, within the bounds of their assumptions, demonstrate the ability to significantly reduce the number of malicious transactions in a P2P system [5, 1, 3, 6, 10, 12] .
doi:10.1007/11576259_10 fatcat:lqbfe2tnhrdrfdybnrjzsp2frm