A Reputation-based Trust Management in Peer-to-Peer Network Systems

Peer-to-peer networks have gained a lot of attention over the last couple of years, mainly due to the popularity of the free multimedia file-sharing program Napster and a legal battle around it. Being open by nature P2P systems represent an ideal environment for various types of malicious intrusions. The problem of securing hosts on P2P network while keeping the openness of the system has been studied extensively over last couple of years but still remains open. Existing solutions based on reputation management either employ centralized algorithms or rely on peers' cooperation on the network. We describe a fully decentralized approach that allows computing peers' reputation based on the traffic between a node and its peers, independently of these peers willingness to cooperate in calculation of their reputation. 1 INTRODUCTION Peer-to-peer (P2P) network systems are increasingly gaining popularity on the Internet. These networks allow individual hosts (peers) to share and distribute various types of information over the Internet. By their nature, P2P networks are structured in a way that allows an open and unsupervised communication between peers. Therefore, these systems are vulnerable to various types of attacks, among which are denial-of-service attacks (DoS) and distribution of viruses. To protect themselves from malicious intentions, hosts should be able to identify reliable peers for communication. Identifying these peers is a challenging task in highly dynamic network environments like P2P networks. In this paper we suggest a solution to this problem based on the notion of trust. We propose a policy for managing traffic in peer-to-peer network based on peers' reputation. We also describe a model for computing this reputation using the trust score based on the peers' interaction with each other. Unlike most existing reputation-based models, our approach does not employ a centralized storage and only produces reputation scores on demand. The proposed solution is fully distributed and does not require any cooperation from the rest of the network. Our model aims to help users to select the most reliable peers whose past behavior shows willingness to participate in a proper functioning of the P2P system and at the same time to anticipate possible attacks from malicious peers by limiting their access to the victim peer's resources. In this paper we focus on a particular type of P2P systems, called Gnutella, which proved to be one of the most popular P2P systems. Furthermore, unlike other popular P2P applications such as KaZaa, the source …