Securing P2P networks using peer reputations: is there a silver bullet?

Peer reputations have been used as security tools not only to motivate peers against cheating but also to protect good peers from the chronic cheaters. Although the reputation management techniques are not confined to P2P networks, they present novel challenges that were absent in central server based distributed systems. We enumerate these challenges and survey the solutions proposed by the community to counter them. These challenges include, but are not limited to, peer-identification in decentralized environments, reputation metrics, storage and exchange of reputation data. Finally we survey the applications which use P2P network paradigm and therefore can benefit from the reputation systems.

[1]  Chrysanthos Dellarocas,et al.  Immunizing online reputation reporting systems against unfair ratings and discriminatory behavior , 2000, EC '00.

[2]  David R. Karger,et al.  Chord: a scalable peer-to-peer lookup protocol for internet applications , 2003, TNET.

[3]  R. Dingledine,et al.  Reputation in P2P Anonymity Systems , 2003 .

[4]  J.-P. Hubaux,et al.  Enforcing service availability in mobile ad-hoc WANs , 2000, 2000 First Annual Workshop on Mobile and Ad Hoc Networking and Computing. MobiHOC (Cat. No.00EX444).

[5]  Munindar P. Singh,et al.  Trust and reputation management in a small-world network , 2000, Proceedings Fourth International Conference on MultiAgent Systems.

[6]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[7]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[8]  Glenn Shafer,et al.  Readings in Uncertain Reasoning , 1990 .

[9]  P. Resnick,et al.  Online Reputation Mechanisms-A Roadmap for Future Research , 2003 .

[10]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[11]  Axel Ockenfel,et al.  How Effective are Online Reputation Mechanisms? An Experimental Investigation , 2002 .

[12]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[13]  Julita Vassileva,et al.  Bayesian Network-Based Trust Model in Peer-to-Peer Networks , 2003 .

[14]  Chrysanthos Dellarocas,et al.  Building Trust On-Line: The Design of Reliable Reputation Reporting : Mechanisms for Online Trading Communities , 2001 .

[15]  E. Friedman,et al.  The Social Cost of Cheap Pseudonyms , 2001 .

[16]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[17]  Jaswinder Pal Singh,et al.  Computing and using reputations for internet ratings , 2001, EC '01.

[18]  David L. Rumpf Statistics for Dummies , 2004, Technometrics.

[19]  Partha Dasgupta,et al.  SECURING REPUTATION DATA IN PEER-TO-PEER NETWORKS , 2004 .

[20]  Kwangjo Kim,et al.  An Adaptive Authentication Protocol based on Reputation for Peer-to-Peer System , 2003 .

[21]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[22]  Beng Chin Ooi,et al.  Managing Trust in Peer-to-Peer Systems Using Reputation-Based Techniques , 2003, WAIM.

[23]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[24]  Refik Molva,et al.  Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks , 2002, Communications and Multimedia Security.

[25]  Ernesto Damiani,et al.  A reputation-based approach for choosing reliable resources in peer-to-peer networks , 2002, CCS '02.

[26]  Ian T. Foster,et al.  Mapping the Gnutella Network , 2002, IEEE Internet Comput..

[27]  Marianne Winslett,et al.  PRUNES: an efficient and complete strategy for automated trust negotiation over the Internet , 2000, CCS.

[28]  John Riedl,et al.  GroupLens: an open architecture for collaborative filtering of netnews , 1994, CSCW '94.

[29]  Mary Baker,et al.  Observation-based Cooperation Enforcement in Ad Hoc Networks , 2003, ArXiv.

[30]  Sheng Zhong,et al.  Sprite: a simple, cheat-proof, credit-based system for mobile ad-hoc networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[31]  Karl Aberer,et al.  Handling identity in peer-to-peer systems , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[32]  S. Buchegger,et al.  A Robust Reputation System for P2P and Mobile Ad-hoc Networks , 2004 .

[33]  Partha Dasgupta,et al.  On using reputations in ad hoc networks to counter malicious nodes , 2004, Proceedings. Tenth International Conference on Parallel and Distributed Systems, 2004. ICPADS 2004..

[34]  Jean-Yves Le Boudec,et al.  Self-policing mobile ad hoc networks by reputation systems , 2005, IEEE Communications Magazine.

[35]  Ernesto Damiani,et al.  Managing and Sharing Servents' Reputations in P2P Systems , 2003, IEEE Trans. Knowl. Data Eng..

[36]  Hector Garcia-Molina,et al.  Identity crisis: anonymity vs reputation in P2P systems , 2003, Proceedings Third International Conference on Peer-to-Peer Computing (P2P2003).