Advertisement

Reputation based approach for improved fairness and robustness in P2P protocols

  • Francis N. Nwebonyi
  • Rolando Martins
  • Manuel E. Correia
Article
  • 38 Downloads

Abstract

Peer-to-Peer (P2P) overlay networks have gained popularity due to their robustness, cost advantage, network efficiency and openness. Unfortunately, the same properties that foster their success, also make them prone to several attacks. To mitigate these attacks, several scalable security mechanisms which are based on the concepts of trust and reputation have been proposed. These proposed methods tend to ignore some core practical requirements that are essential to make them more useful in the real world. Some of such requirements include efficient bootstrapping of each newcomer’s reputation, and mitigating seeder(s) exploitation. Additionally, although interaction among participating peers is usually the bases for reputation, the importance given to the frequency of interaction between the peers is often minimized or ignored. This can result in situations where barely known peers end-up having similar trust scores to the well-known and consistently cooperative nodes. After a careful review of the literature, this work proposes a novel and scalable reputation based security mechanism that addresses the aforementioned problems. The new method offers more efficient reputation bootstrapping, mitigation of bandwidth attack and better management of interaction rate, which further leads to improved fairness. To evaluate its performance, the new reputation model has been implemented as an extension of the BitTorrent protocol. Its robustness was tested by exposing it to popular malicious behaviors in a series of extensive PeerSim simulations. Results show that the proposed method is very robust and can efficiently mitigate popular attacks on P2P overlay networks.

Keywords

Trust P2P Edge clouds Reputation And security 

Notes

Acknowledgements

This work is partially funded by project “NanoSTIMA: Macro-to-Nano Human Sensing: Towards Integrated Multimodal Health Monitoring and Analytics/NORTE-01-0145-FEDER-000016” financed by the North Portugal Regional Operational Programme (NORTE 2020), under the PORTUGAL 2020 Partnership Agreement, and through the European Regional Development Fund (ERDF).

References

  1. 1.
    Khan, A.M., Freitag, F. Rodrigues, L.: Current trends and future directions in community edge clouds. In: 4th IEEE International Conference on Cloud Networking (CloudNet), pp. 239–241. IEEE, Niagara Falls (2015)Google Scholar
  2. 2.
    Baqer K, Anderson R (2015) Do you believe in tinker bell? The social externalities of trust. In: Cambridge international workshop on security protocols, pp. 224–236. SpringerGoogle Scholar
  3. 3.
    Sarjaz BS, Abbaspour M (2013) Securing BitTorrent using a new reputation-based trust management system. Peer-to-Peer Networking and Applications 6:86–100CrossRefGoogle Scholar
  4. 4.
    Konrath, M. A. Barcellos, M. P. Mansilha, R. B. : Attacking a swarm with a band of liars: evaluating the impact of attacks on bittorrent. In: 7th IEEE international conference on peer-to-peer computing, pp. 37–44. IEEE (2007)Google Scholar
  5. 5.
    Naghizadeh A, Razeghi B, Radmanesh I, Hatamian M, Atani RE, Norudi ZN (2015) Counter attack to free-riders: filling a security hole in BitTorrent protocol. In: 12th IEEE international conference on networking, sensing and control, pp. 128–133. IEEEGoogle Scholar
  6. 6.
    Dhungel P, Wu D, Ross KW (2009) Measurement and mitigation of BitTorrent leecher attacks. Comput Commun 32:1852–1861CrossRefGoogle Scholar
  7. 7.
    Wong KY, Yeung KH, Choi YM (2009) Solutions to swamp poisoning attacks in BitTorrent networks. In: 1st international MultiConference of engineers and computer scientists, pp. 360–363. IMECSGoogle Scholar
  8. 8.
    Aringhieri R, Damiani E, Vimercati D, De Capitani S, Paraboschi S, Samarati P (2006) Fuzzy techniques for trust and reputation management in anonymous peer-to-peer systems. J Am Soc Inf Sci Technol 57:528–537CrossRefGoogle Scholar
  9. 9.
    Qureshi, A. Rifa-Pous, H. Megıas, D.:Electronic Payment and Encouraged Cooperation in a Secure and Privacy-Preserving P2P Content Distribution System. In: The 7th International Conferences on Advances in Multimedia, pp. 8–14. MMEDIA(2015)Google Scholar
  10. 10.
    Kamvar SD, Schlosser MT, Garcia-Molina H (2003) The eigentrust algorithm for reputation management in P2P networks. In: Proceedings of the 12th international conference on world wide web, 640–651. ACM pressGoogle Scholar
  11. 11.
    Cornelli F, Damiani E, di Vimercati S, Paraboschi S, Samarati P (2002) Choosing rep- utable servents in a P2P network. In: Proceedings of the 11th international conference on world wide web, pp. 376–386. ACM pressGoogle Scholar
  12. 12.
    Dhungel P, Hei X, Wu D, Ross KW (2008) The seed attack: can bittorrent be nipped in the bud?. Technical report, Department of Computer and Information Science. In: Polytechnic institute of NYUGoogle Scholar
  13. 13.
    Dhungel P, Hei X, Wu D, Ross KW (2011) A measurement study of attacks on bittorrent seeds. In: 2011 IEEE international conference on communications (ICC), pp. 1–5. IEEEGoogle Scholar
  14. 14.
    Montresor A, Jelasity M (2009) PeerSim: A scalable P2P simulator. In: 9th IEEE international conference on peer-to-peer computing, pp. 99–100. IEEEGoogle Scholar
  15. 15.
    Nwebonyi FN, Ani UP (2015) DanielBYOD network: enhancing security through trust– aided access control mechanisms. International Journal of Cyber-Security and Digital Forensics 4:272–290CrossRefGoogle Scholar
  16. 16.
    Gambetta D (2000) Can we trust trust?. Trust: making and breaking cooperative relations. In: Gambetta, Diego (ed.) trust: making and breaking cooperative relations, electronic edition, Department of Sociology, University of Oxford, pp. 213–237. University of OxfordGoogle Scholar
  17. 17.
    Jøsang A, Ismail R, Boyd C (2007) A survey of trust and reputation systems for online service provision. Decis Support Syst 43:618–644CrossRefGoogle Scholar
  18. 18.
    England P, Shi Q, Askwith B, Bouhafs F (2012) A survey of trust management in mobile ad-hoc networks. In: Proceedings of the 13th annual post graduate symposium on the convergence of telecommunications, networking, and broadcasting. PGNETGoogle Scholar
  19. 19.
    Lilien L, Al-Alawneh A, Ben Othmane L (2010) The pervasive trust foundation for security in next generation networks. In: Proceedings of the 2010 workshop on new security paradigms, pp. 129–142. ACMGoogle Scholar
  20. 20.
    Resnick P, Zeckhauser R, Swanson J, Lockwood K (2006) The value of reputation on eBay: a controlled experiment.: experimental economics, pp 79–101. SpringerGoogle Scholar
  21. 21.
    Gregg DG (2009) Outline reputation scores: how well are they understood?: journal of computer information systems, pp 90–97. Taylor & FrancisGoogle Scholar
  22. 22.
    Venkanna U, Agarwal JK, Velusamy RL (2015) A Cooperative Routing for MANET Based on Distributed Trust and Energy Management. In: A cooperative routing for MANET based on distributed trust and energy management.: wireless personal communications, pp. 961–979. SpringerGoogle Scholar
  23. 23.
    Josang A, Ismail R (2002) The beta reputation system. In: Proceedings of the 15th bled electronic commerce conference, pp. 2502–2511. BledGoogle Scholar
  24. 24.
    Skopik F, Schall D, Dustdar S (2009) Start trusting strangers? Bootstrapping and prediction of trust. In: International conference on web information systems engineering, pp. 275–289. Springer Berlin HeidelbergGoogle Scholar
  25. 25.
    Yahyaoui H, Zhioua S (2011) Bootstrapping trust of web services through behavior observation. In: International conference on web engineering, pp. 652–659 springer Berlin HeidelbergGoogle Scholar
  26. 26.
    Sherchan W, Loke SW, Krishnaswamy S (2006) A fuzzy model for reasoning about reputa- tion in web services. In: Proceedings of the 2006 ACM symposium on applied computing, pp 1886–1892. ACMGoogle Scholar
  27. 27.
    Benincasa, C., Calden, A., Hanlon, E., Kindzerske, M., Law, K., Lam, E., Rhoades, J., Roy, I., Satz, M., Valentine, E., Whitaker, N.: Page Rank Algorithm. : Department of Mathematics and Statics, University of Massachusetts, Amherst, Research (2006)Google Scholar
  28. 28.
    Josang A (1999) Trust-based decision making for electronic transactions. In: Proceedings of the 4th Nordic workshop on secure computer systems, pp. 496–502. NORDSECGoogle Scholar
  29. 29.
    Pouwelse J, Garbacki P, Epema D, Sips H (2005) The bittorrent p2p file-sharing system: measurements and analysis. In: International workshop on peer-to-peer systems, pp. 205–216. SpringerGoogle Scholar
  30. 30.
    Fattaholmanan A, Rabiee HR, Large-Scale Active A (2016) Measurement study on the effectiveness of piece-attack on BitTorrent networks. IEEE Trans Dependable Secure Comput 13:509–518CrossRefGoogle Scholar
  31. 31.
    Wang L, Kangasharju J (2013) Measuring large-scale distributed systems: case of bittorrent mainline dht: IEEE thirteenth international conference on peer-to-peer computing (P2P), pp. 1–10. IEEEGoogle Scholar
  32. 32.
    Dhungel, P., Wu, D., Schonhorst, B., Ross, K. W.: A measurement study of attacks on BitTorrent leechers. In: 7th international conference on peer-to-peer systems, pp. 7–15. ACM (2008)Google Scholar
  33. 33.
    Adamsky F, Khayam SA, Jäger R, Rajarajan M (2014) Stealing bandwidth from BitTorrent seeders. Computers & Security 46:126–140CrossRefGoogle Scholar
  34. 34.
    Douceur JR (2002) The Sybil attack. In: International workshop on peer-to-peer systems, pp. 251–260. Springer Berlin HeidelbergGoogle Scholar
  35. 35.
    Alice C, Eric F (2005) Sybilproof reputation mechanisms. In: Proceedings of the 2005 ACM SIGCOMM workshop on economics of peer-to-peer systems. ACM Press, USA, pp 128–132Google Scholar
  36. 36.
    Kong J, Cai W, Wang L (2010) The evaluation of index poisoning in bittorrent. In: Second international conference on communication software and networks, pp. 382–386. IEEEGoogle Scholar
  37. 37.
    Kong J, Cai W, Wang L, Zhao Q (2010) A study of pollution on BitTorrent. In: The 2nd international conference on computer and automation engineering (ICCAE), pp. 118–122. IEEEGoogle Scholar
  38. 38.
    Su, M., Zhang, H., Fang, B., Du, X.: DDoS vulnerability of BitTorrent peer exchange extension: analysis and Defense In: 2012 IEEE International Conference on Communi- cations (ICC), pp. 1048–1052. IEEE(2012)Google Scholar
  39. 39.
    Saini, N. K., Chaturvedi, A., Yadav, R.: Identifying Collusion Attacks in P2P Trust and Reputation systems.: Int J Comput Appl(IJCA) (2014)Google Scholar
  40. 40.
    Ragab-Hassen, H., Jones, O., Galanis, N.: Rabit: a reputation architecture for BitTorrent. In: 2012 IEEE global communications conference (GLOBECOM), pp. 850–855. IEEE (2012)Google Scholar
  41. 41.
    Ormándi R, Hegedus I, Csernai K, Jelasity M (2010) Towards inferring ratings from user behavior in BitTorrent communities. In: 19th IEEE international workshop on enabling technologies: infrastructures for collaborative enterprises (WETICE), pp. 217–222. IEEEGoogle Scholar
  42. 42.
    Santos FR, da CC, Weverton L, Gaspary LP, Barcellos MP (2011) Funnel: choking polluters in bittorrent file sharing communities. In: 8th IEEE transactions on network and service management, pp. 310–321. IEEE, vol 8, pp 310–321Google Scholar
  43. 43.
    Riccardo P (2016) A trust and reputation method to mitigate a Sybil attack in Kademlia. Comput Netw 94:205–218CrossRefGoogle Scholar
  44. 44.
    Wang J, Wu X, Guo N (2010) Ullrich, C.,Luo, H.: discouraging improper exploitation against seeds in BitTorrent swarms. In: International conference on cyber-enabled distributed computing and knowledge discovery (CyberC), pp. 235–242. IEEE pressGoogle Scholar
  45. 45.
    Singh A, Liu L (2003) TrustMe: anonymous Management of Trust Relationships in Decen- tralized P2P systems. In: Proceedings of the 3rd international conference on peer-to-peer computing (P2P 2003), pp. 142–149. IEEE pressGoogle Scholar
  46. 46.
    Chen K, Liu G, Shen H, Qi F (2015) Sociallink: utilizing social network and transaction links for effective trust management in P2P file sharing systems. In: IEEE international conference on peer-to-peer computing (P2P). IEEE Press, Boston, pp 1–10Google Scholar
  47. 47.
  48. 48.
    Danezis G, Lesniewski-Laas C, Kaashoek MF, Anderson R (2005) Sybil-resistant DHT routing. In: European symposium on research in computer security, pp. 305–318. SpringerGoogle Scholar
  49. 49.
    Yu Y, Xia C, Li Z (2015) A trust bootstrapping model for defense agents. In: IEEE international conference on communication software and networks (ICCSN), pp. 77–84. IEEE pressGoogle Scholar
  50. 50.
    Tavakolifard M, Knapskog SJ (2011) Trust evaluation initialization using contextual in- formation. In: Proceedings of the international conference on Management of Emergent Digital EcoSystems, pp. 1–8. ACMGoogle Scholar
  51. 51.
    Jiao H, Liu J, Li J, Liu C (2011) A framework for reputation bootstrapping based on reputation utility and game theories. In: 10th IEEE international conference on trust, security and privacy in computing and communications (TrustCom), pp. 344–351. IEEE pressGoogle Scholar
  52. 52.
    Malik Z, Bouguettaya A (2009) Reputation bootstrapping for trust establishment among web services. IEEE Internet Comput 13:40–47CrossRefGoogle Scholar
  53. 53.
    Oram A (2001) Peer-to-peer: harnessing the power of disruptive technologies. O’Reilly me- dia. In: IncGoogle Scholar
  54. 54.
    Mónica D, Leitao J, Rodrigues L, Ribeiro C (2009) On the use of radio resource tests in wireless ad hoc networks. Technical report, proc. In: 3rd WRAITSGoogle Scholar
  55. 55.
    Borisov N (2006) Computational puzzles as Sybil defenses. In: 6th IEEE international con- ference on peer-to-peer computing, pp. 171–176. IEEE pressGoogle Scholar
  56. 56.
    Ping W, Jing Q (2007) A mathematical trust model in e-commerce. In: International conference on multimedia and ubiquitous engineering (. MUE’07), pp. 644–649. IEEE pressGoogle Scholar
  57. 57.
    Yager RR (1988) On ordered weighted averaging aggregation operators in multicriteria decision making. IEEE Transactions on systems, Man, and Cybernetics 18:183–190MathSciNetCrossRefGoogle Scholar
  58. 58.
    Xinxing Z, Zhihong T, Luchen Z (2016) A measurement study on mainline DHT and magnet link: IEEE international conference on data science in cyberspace (DSC), pp. 11–19. IEEEGoogle Scholar
  59. 59.
    Ripeanu M, Foster I, Iamnitchi A (2002) Mapping the gnutella network: properties of large- scale peer-to-peer systems and implications for system design. In: arXiv preprint cs/0209028Google Scholar
  60. 60.
    Fabrizio F, Pedrolli M (2008) A BitTorrent module for peersim. University of Trento, Technical reportGoogle Scholar
  61. 61.
    Wang G, Musau F, Guo S, Abdullahi MB (2015) Neighbor similarity trust against sybil attack in P2P e-commerce.: IEEE transactions on parallel and distributed systems, pp. 824–833. IEEEGoogle Scholar
  62. 62.
    Ferreira A, Huynen J, Lenzini G, Koenig V (2015) In cyber-space no one can hear you S-CREAM: a root cause analysis of technique for socio-technical attacks. In: 11th workshop on security and trust management, pp. 255–264. ESORICSGoogle Scholar
  63. 63.
    Marinelli E (2009) E.: hyrax: cloud computing on mobile devices using MapReduce. Carnegie-mellon univ Pittsburgh PA school of computer. scienceGoogle Scholar
  64. 64.
    Rodrigues J (2017) Marques, E. RB: lopes, L.: Silva, F.: towards a middleware for mobile edge-cloud applications. In: Proceedings of the 2nd workshop on middleware for Edge Clouds & Cloudlets. Pp. 1. ACMGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Faculty of SciencesUniversity of Porto, & CRACS/INESC-TECPortoPortugal

Personalised recommendations