SORT:
A Self - Organizing Trust Model
for Peer-to-Peer Systems
Abstract:
Open nature of peer-to-peer systems exposes them to
malicious activity. Building trust relationships among peers can mitigate
attacks of malicious peers. This paper presents distributed algorithms that
enable a peer to reason about trustworthiness of other peers based on past
interactions and recommendations. Peers create their own trust network in their
proximity by using local information available and do not try to learn global
trust information. Two contexts of trust, service, and recommendation contexts,
are defined to measure trustworthiness in providing services and giving
recommendations. Interactions and recommendations are evaluated
based on importance, recentness, and peer satisfaction parameters.
Additionally, recommender’s trustworthiness and confidence about a
recommendation are considered while evaluating recommendations. Simulation
experiments on a file sharing application show that the proposed model can
mitigate attacks on 16 different malicious behavior models. In the experiments,
good peers were able to form trust relationships in their proximity and isolate
malicious peers.
Introduction:
PEER-TO-PEER (P2P) systems rely on collaboration of
peers to accomplish tasks. Ease of performing malicious activity is a threat
for security of P2P systems. Creating long-term trust relationships among peers
can provide a more secure environment by reducing risk and uncertainty in
future P2P interactions. However, establishing trust in an unknown entity is
difficult in such a malicious environment.
Furthermore, trust is a social concept and hard to
measure with numerical values. Metrics are needed to represent trust in
computational models. Classifying peers as either trustworthy or untrustworthy
is not sufficient in most cases. Metrics should have precision so peers can be
ranked according to trustworthiness. Interactions and feedbacks of peers
provide information to measure trust among peers. Interactions with a peer
provide certain information about the peer but feedbacks might contain
deceptive information. This makes assessment of trustworthiness
a challenge.
Existing
System:
In the presence of an authority, a central server is
a preferred way to store and manage trust information, e.g., eBay. The central
server securely stores trust information and defines trust metrics. Since there
is no central server in most P2P systems, peers organize themselves to store
and manage trust information about each other. Management of trust information
is dependent to the structure of P2P network. In distributed hash table
(DHT)-based approaches, each peer becomes a trust holder by storing feedbacks
about other peers .Global trust
Aim
of the Project:
We propose a Self-ORganizing Trust model (SORT) that
aims to decrease malicious activity in a P2P system by establishing trust
relations among peers in their proximity. No a priori information or a trusted
peer is used to leverage trust establishment. Peers do not try to collect trust
information from all peers. Each peer develops its own local view of trust
about the peers interacted in the past. In this way, good peers form dynamic
trust groups in their proximity and can isolate
malicious peers. Since peers generally tend to interact with a small set of
peers, forming trust relations in proximity of peers helps to mitigate attacks
in a P2P system.
Proposed
System:
We implemented a P2P file sharing simulation tool
and conducted experiments to understand impact of SORT in mitigating attacks.
Parameters related to peer capabilities (bandwidth, number of shared files),
peer behavior (online/ offline periods, waiting time for sessions), and
resource distribution (file sizes, popularity of files) are approximated to
several empirical results. This enabled us to make more realistic observations
on evolution of trus
relationships.
We studied 16 types of malicious peer behaviors, which perform both service and
recommendation- based attacks. SORT mitigated service-based attacks in all cases.
Recommendation-based attacks were contained except when malicious peers are in
large numbers, e.g., 50 percent of all peers. Experiments on SORT show that good
peers can defend themselves against malicious peers without having global trust
information. SORT’s trust
metrics
let a peer assess trustworthiness of other peers based on local information.
Service and recommendation contexts enable better measurement of
trustworthiness in providing services and giving recommendations.
Requirement
Analysis:
Software
Requirements
Language : Java1.5
Front End : Java Swing
Back End : Sql Server 2000
Operating System : Windows
Xp.
Hardware Requirements
Hard
disk : 60GB
RAM : 1GB
Processor : P IV
CONCLUSION
A
trust model for P2P networks is presented, in which a peer can develop a trust
network in its proximity. A peer can isolate malicious peers around itself as
it develops trust relationships with good peers. Two context of trust, service and
recommendation contexts, are defined to measure capabilities of peers in
providing services and giving recommendations. Interactions and recommendations
are considered with satisfaction, weight, and fading effect parameters. A
recommendation contains the recommender’s own experience, information from its
acquaintances, and level of confidence in the recommendation.
These
parameters provided us a better assessment of trustworthiness. Individual,
collaborative, and pseudonym changing attackers are studied in the experiments.
Damage of collaboration and pseudospoofing is dependent to attack behavior.
Although recommendations are important in hypocritical and oscillatory attackers,
pseudospoofers, and collaborators, they are less useful in naive and
discriminatory attackers. SORT mitigated both service and recommendation-based
attacks in most experiments. However, in extremely malicious environments such
as a 50 percent malicious network, collaborators can continue to disseminate
large amount of misleading recommendations. Another issue about SORT is
maintaining trust all over the network. If a peer changes its point of
attachment to the network, it might lose a part of its trust network. These
issues might be studied as a future work to extend the trust model
No comments:
Post a Comment
Note: only a member of this blog may post a comment.