ISBN: 378-26-138420-01
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
Organizing the Trust Model in Peer-To-Peer System Using SORT R. Kiruthikalatha, B. Arputhamary M.C.A., MPhil, M.Phil scholar, Department of computer science, Bishop Heber college(Autonomous), Trichirapalli-620 017 Asst.professor, Department of computer Applications, Bishop Heber college(Autonomous), Trichirapalli-620017 kiruthikalatha@gmail.com arputhambaskaran@rediffmail.com using local information available and global trust information.
ABSTRACT Peer-to-Peer (P2P) Systems have attracted significant interest in recent years. In P2P networks, each peer acts as both a server and client. This characteristic makes peers vulnerable to a wide variety of attacks. Having robust trust management is very critical for such open environment to exclude unreliable peer from the system. Managing trust is a problem in peer to peer environment, so our SORT model is built based on trust metrics. The trust metrics such as reputation, service trust, recommendation trust are defined to precisely measure trustworthiness of peers. A peer’s trustworthiness is evaluated by considering provided services and given recommendations with service and recommendation contexts. When evaluating recommendation, recommender’s trustworthiness and confidence level about the information provided are also considered. Experiments on file sharing application demonstrate that peers with the highest trust value are considered and build the trust model in their contiguity and insulate malignant peers. Building trust relationships among peers can mitigate attacks of malicious peers. Peers create their own trust network in their proximity by
Keywords: Peer-to-peer systems, trust management, reputation, services, security.
I.
INTRODUCTION
PEER-TO-PEER (P2P) systems rely on collaboration of peers to accomplish tasks. Ease of performing malicious activity is a threat for security of P2P systems. Creating long-term trust relationships among peers can provide a more secure environment by reducing risk and uncertainty in future P2P interactions. However, establishing trust in an unknown entity is difficult in such a malicious environment. Furthermore, trust is a social concept and hard to measure with numerical values. Metrics are needed to represent trust in computational models. Classifying peers as either trustworthy or untrustworthy is not sufficient in most cases. Metrics should have precision so peers can be ranked according to trustworthiness. Interactions and feedbacks of peers provide information to measure trust among peers. Interactions with a peer provide certain information about the
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
219
www.iaetsd.in
ISBN: 378-26-138420-01
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
peer becomes an acquaintance of another peer after providing a service, e.g., uploading a file. If a peer has no acquaintance, it chooses to trust strangers. An acquaintance is always preferred over a stranger if they are equally trustworthy. Using a service of a peer is an interaction, which is evaluated based on weight (importance) and recentness of the interaction, and satisfaction of the requester. An acquaintance’s feedback about a peer, recommendation, is evaluated based on recommender’s trust-worthiness. It contains the recommender’s own experience about the peer, information collected from the recommender’s acquaintances, and the recommender’s level of confidence in the recommendation. If the level of confidence is low, the recommendation has a low value in evaluation and affects less the trustworthiness of the recommender. and defines two contexts of trust: service and recommendation contexts. Information about past interactions and recommendations are stored in separate histories to assess competence and integrity of acquaintances in these contexts. SORT defines three trust metrics. Reputation metric is calculated based on recommendations. It is important when deciding about strangers and new acquaintances. Reputation loses its importance as experience with an acquaintance increases. Service trust and recommendation trust are primary metrics to measure trustworthiness in the service and recommendation contexts, respectively. The service trust metric is used when selecting service providers. The recommendation trust metric is important when requesting recommendations. When calculating the reputation metric, recommendations are evaluated based on the recommendation trust metric. We implemented a P2P file sharing simulation tool and conducted experiments to understand impact of SORT in mitigating attacks. Parameters related to
peer but feedbacks might contain deceptive information. This makes assessment of trustworthiness a challenge. In the presence of an authority, a central server is a preferred way to store and manage trust information, e.g., eBay. The central server securely stores trust information and defines trust metrics. Since there is no central server in most P2P systems, peers organize themselves to store and manage trust information about each other [1], [2]. Management of trust information is dependent to the structure of P2P network. In distributed hash table (DHT)-based approaches, each peer becomes a trust holder by storing feedbacks about other peers [1], [3], [4]. Global trust information stored by trust holders can be accessed through DHT efficiently. In unstructured networks, each peer stores trust information about peers in its neighbor-hood or peers interacted in the past. A peer sends trust queries to learn trust information of other peers. A trust query is either flooded to the network or sent to neighborhood of the query initiator. Generally, calculated trust information is not global and does not reflect opinions of all peers. We propose a Self-Organizing Trust model (SORT) that aims to decrease malicious activity in a P2P system by establishing trust relations among peers in their proximity. No a priori information or a trusted peer is used to leverage trust establishment. Peers do not try to collect trust information from all peers. Each peer develops its own local view of trust about the peers interacted in the past. In this way, good peers form dynamic trust groups in their proximity and can isolate malicious peers. Since peers generally tend to interact with a small set of peers [7], forming trust relations in proximity of peers helps to mitigate attacks in a P2P system. In SORT, peers are assumed to be strangers to each other at the beginning. A
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
220
www.iaetsd.in
ISBN: 378-26-138420-01
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
peer capabilities (bandwidth, number of shared files), peer behavior (online/ offline periods, waiting time for sessions), and resource distribution (file sizes, popularity of files) are approximated to several empirical results. This enabled us to make more realistic observations on evolution of trust relationships. We studied 16 types of malicious peer behaviors, which perform both service and recommendation-based attacks. SORT mitigated service-based attacks in all cases. Recommendation-based attacks were contained except when malicious peers are in large numbers, e.g., 50 percent of all peers. Experiments on SORT show that good peers can defend themselves against malicious peers without having global trust information. SORT’s trust metrics let a peer assess trustworthiness of other peers based on local information. Service and recommendation contexts enable better measurement of trustworthiness in providing services and giving recommendations. Outline of the paper is as follows: Section 2 discusses the related research. Section 3 explains the computational model of SORT. Section 4 presents the simulation experiments and results. Section 5 summarizes the results and possible future work directions.
trustworthiness of participating peers and to combat the selfish, dishonest, and malicious peer behaviors. [2] Guruprasad Khataniar, Hitesh Tahbildar, and Prakriti Prava Das [Guru, Hit Tah, PravDa, 13] describes There are various overlay structures that provide efficient and scalable solutions for point and range query in a peer-to peer network. [3] Karl Aberer, Philippe CudréMauroux, Anwitaman Datta, Zoran Despotovic, Manfred Hauswirth, Magdalena Punceva, Roman Schmidt.[Mag Pun, Zor, Anw Datt, 12] describes, sometimes p2p system structure are not in uniform our concept is used to organizing the p2p system structure in self. [4] Kevin Hoffman, David Zage, Cristina Nita-Rotaru.[Ke Hoff, Cris Nit Dav Za, 07] describes, The rapid growth of communication networks such as the Internet and ad hoc wireless mesh networks has spurred the development of numerous collaborative applications. [5] Stephen Boyd Arpita Ghosh Balaji Prabhakar Devavrat Shah.[ApriGho, Pra Dev, 06] Motivated by applications to sensor, peer-to-peer and ad hoc networks, we study distributed algorithms, also known as gossip algorithms, for exchanging information and for computing in an arbitrarily connected network of nodes. The topology of such networks changes continuously as new nodes join and old nodes leave the network. [6] Sylvia Ratnasamy, Paul Francis, Mark Handley, Richard Karp1, Scott Shenker [Sy Pat,Paul, Mk Han, 01]. Hash tables – which map “keys” onto “values” – are an essential building block in modern software systems. We believe a similar functionality would be equally valuable to large distributed systems.
Fig 1. Peer-to-Peer Model II. RELATED WORK [1] Run fang Zhou, Kai Hwang.,[R Zhou, Kai Hw,06] describes the
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
221
www.iaetsd.in
ISBN: 378-26-138420-01
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
[7] Yao Wang[Ya Wan, 05 ]. Peerto-peer networks are networks in which all peers cooperate with each other to perform article function in a decentralized manner All peers are both users and providers of resources and can access each other directly without intermediary agents. Compared with a centralized system, a peer-to-peer (P2P) system provides an easy way to aggregate large amounts of resource residing on the edge of Internet or in ad-hoc networks with a low cost of system maintenance.
[11] Shanshan Song, Kai Hwang, and Runfang Zhou., [S Song, K Hwang, R Zhou,
fuzzy
logic
system benefits from the distinct advantages of fuzzy inferences, which can handle imprecise linguistic terms effectively. In the “Fuzzy Logic Inference and Applications� sidebar, we give details on how to perform fuzzy inference in the Fuzzy Trust system. III. SYSTEM MODEL SORT defines three trust metrics. Reputation metric is calculated based on recommendations. It is important when deciding about strangers and new acquaintances. Reputation loses its importance as experience with an acquaintance increases. Service trust and recommendation trust are primary metrics to measure trustworthiness in the service and recommendation contexts, respectively. The service trust metric is used when selecting service providers. The recommendation trust metric is important when requesting recommendations. When calculating the reputation metric, recommendations are evaluated based on the recommendation trust metric. We implemented a P2P file sharing simulation tool and conducted experiments to understand impact of SORT in mitigating attacks. Parameters related to peer capabilities (bandwidth, number of shared files), peer behavior (online/ offline periods, waiting time for sessions), and resource distribution (file sizes, popularity of files) are approximated to several empirical results. This enabled us to make more realistic observations on evolution of trust relationships. We studied 16 types of
[10] Ion Stoica, Robert Morris, David Liben-Nowell, David R. Karger, M. Frans Kaashoek, Frank Dabek , Hari Balakrishnan [ I stoica, R Morris, D Karger, Fr Kaashoek ,F Dabek, 01]. Peer to Peer Systems are loosley organized systems without any centralized control or any hierarchical system. Each node runs software with equivalent functionality. Peer to peer systems provide users with features such as availability, permanence, redundant nearby
uses
and to aggregate global reputation. This
[9] Runfang Zhou, Kai Hwang[R Zhou, Kai Hw, 07]. Peer-to-Peer (P2P) reputation systems are needed to evaluate the trustworthiness of participating peers and to combat selfish and malicious peer behaviors. The reputation system collects locally generated peer feedbacks and aggregates them to yield global reputation scores. Development of decentralized reputation system is in great demand for unstructured P2P networks since most P2P applications on the Internet are unstructured.
of
System
inference rules to calculate local trust scores
[8] Jon Kleinberg[Jo Kl, 09]. A social network exhibits the small-world phenomenon if, roughly speaking, any two individuals in the network are likely to be connected through a short sequence of intermediate acquaintances.
storage, selection anonymity.
05].
servers,
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
222
www.iaetsd.in
ISBN: 378-26-138420-01
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
malicious peer behaviors, which perform both service and recommendation- based attacks. SORT mitigated service-based attacks in all cases. Recommendation-based attacks were contained except when malicious peers are in large numbers, e.g., 50 percent of all peers. Experiments on SORT show that good peers can defend themselves against malicious peers without having global trust information. SORT’s trust metrics let a peer assess trustworthiness of other peers based on local information. Service and recommendation contexts enable better measurement of trustworthiness in providing services and giving recommendations.
peer to peer system. Many possibilities hacking of information. Self organized based peer systems provide the better security among the number of system. on trust values of recommenders based on accuracy of their recommendations. In SORT method trust is based on the service and recommendation .There are three metrics are used for peer to peer system. Reputation metric is calculated based on recommendations. It is important when deciding about strangers and new acquaintances. Reputation loses its importance as experience with an acquaintance increased. Different types attacks prevented in this method. When pi searches for a particular service, it gets a list of service providers. Considering a file sharing application, pi may download a file from either one or multiple up loaders. With multiple up loaders, checking integrity is a problem since any file part downloaded from an up loader might be inauthentic. When evaluating an acquaintance’s trustworthiness in the service context, a peer first calculates competence and integrity belief values using the information in its service history. IV.PERFORMANCE EVALUATION A file sharing simulation program is implemented in Java to observe results of using SORT in a P2P environment. Some questions studied in the experiments are as follows: how SORT handles attacks, how much attacks can be mitigated, how much recommendations are (not) helpful in correctly identifying malicious peers, and what type of attackers are the most harmful.
Fig. 3 Architecture Flow Process
A. Trust model for Peer-To-Peer In Proposed SORT reputation based metric has been used. After calculating value, pi updates recommendation many important files are shared with peer to peer system. The Central server makes the trustiness between the peer systems. In many cases there is no central server in the
A. Method
cycle
The simulation runs as cycles. Each represents a period of time.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
223
www.iaetsd.in
ISBN: 378-26-138420-01
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
Downloading a file is an interaction. A peer sharing files is called an uploader.
Hence team size is increased to observe effects of collaboration better. V. CONCLUSION AND FUTURE WORK
B. Attacker Model Attackers can perform service-based and recommendation based attacks. Uploading a virus infected or an inauthentic file is a service-based attack. Giving a misleading recommendation intentionally is a recommendation-based attack.
A. CONCLUSION Trust model for P2P networks is presented, in which a peer can develop a trust network in its proximity. A peer can isolate malicious peers around itself as it develops trust relationships with good peers. Two context of trust, service and recommendation contexts, are defined to measure capabilities of peers in providing services and giving recommendations. Interactions and recommendations are considered with satisfaction, weight, and fading effect parameters. A recommendation contains the recommender’s own experience, information from its acquaintances, and level of confidence in the recommendation. These parameters provided us a better assessment of trustworthiness. Individual, collaborative, and pseudonym changing attackers are studied in the experiments. Damage of collaboration and pseudo spoofing is dependent to attack behavior. Although recommendations are important in hypocritical discriminatory attackers. Attacks in most experiments. However, in extremely malicious environments such as a 50 percent malicious network, collaborators can continue to disseminate large amount of misleading recommendations. Another issue about SORT is maintaining trust all over the network. If a peer changes its point of attachment to the network, it might lose a part of its trust network. These issues might be studied as a future work to extend the trust model. Using trust information does not solve all security problems in P2P systems but can enhance security and effectiveness of systems. If interactions are
C. Analysis on Individual Attackers This section explains the results of experiments on individual attackers. For each type of individual attacker, two separate network topologies are created: one with 10 percent malicious and one with 50 percent malicious. Each network topology is tested with four trust calculation methods. In the experiments, a hypocritical attacker behaves malicious in 20 percent of all interactions. A discriminatory attacker selects 10 percent of all peers as victims. D. Analysis on Individual Pseudospoofers This section explains the results of experiments on individual pseudospoofers. Pseudospoofers change their pseudonyms after every 1,000 cycles. For other parameters, attackers behave as described. E. Analysis on Collaborators Collaboration of attackers generally makes attack prevention harder. This section presents experimental results on collaborators. Collaborators form teams of size 50 and launch attacks as teams. We first tried teams of size 10 but this was not enough to benefit from collaboration and results were close to individual attackers.
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
224
www.iaetsd.in
ISBN: 378-26-138420-01
INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH, ICCTER - 2014
Despotovic, Manfred Hauswirth, Magdalena Punceva, Roman Schmidt.[Mag Pun, Zor, Anw Datt, 12]
modeled correctly, SORT can be adapted to various P2P applications, e.g., CPU sharing, storage networks, and P2P gaming. Defining application specific context of trust and related metrics can help to assess trustworthiness in various tasks.
[4] A Survey of attacks on Reputation Systems: Kevin Hoffman, David Zage, Cristina Nita-Rotaru.[Ke Hoff, Cris Nit Dav Za, 07]
B. Future Work Managing trust is a problem of particular importance in peer-to-peer environments where one frequently encounters unknown agents. We present an approach that addresses the problem of reputation-based trust management at both th data management and the scientific level. We employ at both levels scalable data structures and algorithm that require no central control and allows assessing trust by computing any agents reputation from its former interactions with other agents. Thus the method can be implemented in a p2p environment and scales well for very large number of participants. We expect that scalable methods for trust management are an important factor, if fully decentralized peer-to-peer systems should become the platform for more serious applications than simple exchange.
[5] Randomized Gossip Algorithms: Stephen Boyd Arpita Ghosh Balaji Prabhakar Devavrat Shah.[ApriGho, Pra Dev, 06]. [6] A Scalable Content-Addressable Network: Sylvia Ratnasamy, Paul Francis, Mark Handley, Richard Karp1, Scott Shenker [Sy Pat,Paul, Mk Han, 01]. [7] Bayesian Network Trust Model in Peer-to-Peer Networks: Yao Wang[Ya Wan, 05 ]. [8] The Small-World Phenomenon: An Algorithmic Perspective Jon Kleinberg[Jo Kl, 09]. [9] Gossip-based Reputation Aggregation for Unstructured Peer-to-Peer Networks. Runfang Zhou, Kai Hwang[R Zhou, Kai Hw, 07].
Reference [1] A Robust and Scalable Reputation System for Trusted Peer-to-Peer Computing: Run fang Zhou, Kai Hwang.,[R Zhou, Kai Hw,06]
[10] A scalable peer-to-peer look-up protocol for internet applications Ion Stoica, Robert Morris, David Liben-Nowell, David R. Karger, M. Frans Kaashoek, Frank Dabek , Hari Balakrishnan [ I stoica, R Morris, D Karger, Fr Kaashoek ,F Dabek, 01].
[2] Attacks and Counter Measures in BST Overlay Structure of Peer-To-Peer System: Guruprasad Khataniar, Hitesh Tahbildar, and Prakriti Prava Das [Guru, Hit Tah, PravDa, 13]
[11] Trusted P2P Transactions with Fuzzy Reputation Aggregation: Shanshan Song, Kai Hwang, and Runfang Zhou., [S Song, K Hwang, R Zhou, 05].
[3] P-Grid: Self-organizing Structured P2P System: Karl Aberer, Philippe CudrĂŠMauroux, Anwitaman Datta, Zoran
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
225
www.iaetsd.in