Towards a Hybrid Trust Management Model based on Reputation for P2P

اسم الباحث     :    Ghadeer Abdulbaqi Al-Duba i Ibrahim Ahmed Al-Baltah
سنة النشر     :    2017
ملخص البحث     :   

     One of the most popular types of multi-agent systems or distributed systems is P2P. Peep-to-peer systems paradigm has been growing at full pelt. Moreover, P2P has attracted significant interest by offering various and easily accessible sharing environment to users. As long as P2P based on using open nature, this flexibility helps to cause vulnerability instance that expose the system directly to all the possible attacks. In one hand, trust management become very critically important with the fast expansion of the P2Psystems where peer to peer applications are no longer limited to home users but start being accepted in academic corporate environments. In the other hand, this expansion and flexibility of P2P introducing huge amount of vulnerabilities as a peer often interacts with unknown peers and would exposed to several attacks. However, many reputation systems have been presented but no model was mixed with learning algorithm to manage and detect bad peers automatically, yet. Therefore, The proposed model is a genetic and self-organized reputation model that can be the best solution to provide guidance in selecting trustworthy node or peer that will ensure and enforce self and automated trust management model increasing the system security and reliability. Where a reputation model is used for gathering information about such a peer in a network based on the other peers' opinions and the peer's behavior itself.

Key words: P2P, Reputation, Security Threats, Genetic Programming, Forgiveness

1. Introduction.

[20] Internet has allowed computer users all over the world to communicate and interact with each other electronically.  As one of the most common ways for communication is the web pages as it makes data exchange limited to the client/server model where as the first device act like a client and the second one is the server that is used to provide data unless the server device has much more massive capabilities than the client. Anyway, the client/server model still not useful for data exchanging between networks of  distributed computational devices whereas, these devices have the same bandwidth and data provision capabilities, such  devices can be called as "peers". Due to the mentioned problem "peer-to-peer" communication mechanisms have been developed. Basically, peer-to-peer belongs to the distributed architecture that contrasts the client and server architecture. Peer-to-peer is fully decentralized system whereas all nodes are equivalent in term the tasks and the functionality they execute. According to [28], the most important characteristics of peer-to-peer are:

• Direct sharing of resources between peers or nodes, without the a centralized server as intermediate
• Self-organization, fault - tolerant, assuming variable connectivity and volatile population of nodes as norm, automatically adjusting to failures in network connections as well as computers.
• The notion that the system is built on the collaboration of the participants is considered as another key point in P2P.

Based on the previous  mentioned characteristics, Peer-to-Peer systems can be defined as  distributed systems consisting of interconnected nodes able to self-organize in topologies overlay in order to share resources such as content, CPU, Storage and bandwidth, capable of adjusting to transient populations of peers while preserving acceptable connectivity and performance, without requiring the a central entity as intermediation or support.” In a peer-to-peer system, nodes create logical connections to interact through them, forming an “overlay network”. The term “overlay” is used to indicate a set of interconnected nodes in a P2P system,

application, or network. In contrast, the term “network” is used to indicate the underlying physical network. [35] The P2P overlay consider as a key component in P2P systems, stocks mechanisms for message routing, peers membership management, peers lookup, etc. depending on the topology of the overlay, P2P systems are typically categorized as structured or unstructured. The ones that include centralized and decentralized control are better known as super peer architectures which are Hybrid topologies. In such topologies, some super peers force centralized control over a small number of nodes, while being connected among them through a structured or unstructured topology. As the overlay organization has serious impact in series of aspects, involving security, robustness and performance we discus more details on each topology such as [28]:

• Structured Peer-to-Peer Overlays. The structured P2P overlay exist to solve the problem of having a scalable P2P overlay network with no central control, also indicate to the term Distributed Hash Tables (DHTs). The basic idea is that objects and nodes have identifiers that can be mapped into the same space via a hash function. Each object is mapped onto the nodes with the closest hashed IDs to its own hashed object ID. The hash function is chosen to guarantee a uniform mapping of objects onto nodes, for good load balance [35] [28].
• Unstructured Peer-to-Peer Overlays do not enforce strong restrictions on the geometry of the topology. Instead, the connection of nodes in the overlay based on latency, geography, or simply happenstance. This typically has lower overlay maintenance costs, but cause inefficient searching service because clients need almost blind searches to cover a massive number of peers, which generates heavy loads in the network [35] [28].
• Super-Peer Architecture is pure P2P systems become to be inefficient. By giving equivalent roles and responsibilities to each peer, without thinking about the capability, bottlenecks that are caused by limited resources at some peers and the scale of the network. The super-peer architecture concern about this issue by evolving centralized architecture in a decentralized system: a super-peer represents a group of peers, appear as a local, centralized server. A normal peer can interact with its super-peers [35] [28].

     Although P2P networks can improve resource sharing and large-scale collaboration in geographically distributed environments based on a decentralized control and weak coupling. According to [28], it is a dilemma to assure security over such networks. However this freedom can be an organ for possible threats and risks for good behaving peers. Since there is no central authority responsible for managing inter-peer communication, malicious peers can easily act attacks or exploit the system resources badly. [17] We can define malicious nodes as dishonest, misbehaved and socially uncooperative in nature which can destroy the basic functionality of the P2P systems. In peer to peer systems there are many security threats scenarios that might occur when a peer is requested to provide one of the offered services. Therefore, in a good and beneficial way or it can provide a worse service, acting thus bad or maliciously. In [4] all possible known scenarios are explained in details to enrich the research with clear idea how the always connect between peers on a network in an open nature, self-organizing and decentralized mode; can be a real panic that must be handled. [13] A way to mitigate such threats is to create artificial trust relationships among users based on peer interactions. Trust models can help in such open environments to quantify trustworthiness numerically and create trust relationships among peers. However, it is hard to measure and formulate trust with numeric values. Furthermore, measuring trust without a priori knowledge is a challenging problem in P2P systems since peers mostly interact with unknown peers. Therefore, trust management in P2P environments is a difficult research problem [13]. In addition, Trust and reputation management has recently become a very useful and powerful tool in some specific environments where a lack of previous knowledge about the system can lead peers to undesired situations, specifically in virtual communities where users do not know each other at all or, at least, do not know everyone. Thus, in those cases where the application of trust and reputation mechanisms is more effective, helping a peer to find out which is the most trustworthy or reputable peer to have an interaction with, preventing  the dealing with a  malicious one. We can say that most of the current trust and reputation models follow these four general steps:

• Collecting information about a certain peer in the community by asking other users or peers about their opinions or recommendations about that peer [13].
• Aggregating all the received information and somehow computing a score for each peer in the network [13]
• Selecting the most trustworthy or reputable entity in the community providing a certain service and effectively having an interaction with it, assessing a posteriori the satisfaction of the user with the received service [13].
• According to the satisfaction obtained, a last step of punishing or rewarding is carried out, adjusting consequently the global trust (or reputation) deposited in the selected service provider [13]. [21] Another aspect can be added to this step which is the forgiveness is embedded into trust evaluation process here. We describe the forgiveness process as follows

1. When the targeted victim receives a malicious or corrupted file, he/she sends a well-meaning request containing the message of the file name/ID he/she just received and a malicious file label. This means that the victim has downloaded a malicious file from the offender (sender which could be a malicious peer or a good one).
2. The offender receives the request and checks her/his file directory to verify the quality of the file he transferred to the victim to make sure that the offender has comprehend that the sent file was a malicious one.
3. The offender gives a atonement or compensation to the victim by providing a correct version of the sent file (if he/she does not own the desired file, he/she will request from her/his neighbors and make sure not to fall in the malicious file trap).

      However, in the recent year the traditional trust management models or systems become useless in detecting complex intrusion and avoiding complex malicious attacks and behaviors before they occur in term of P2P systems, whether they rely on global reputation or neighbors’ recommendations. [2] Due to that, the need to merge these methods with new approaches to achieve the best value in return was mandatory. Whereas, evolutionary computation (EC) is standout among the most encouraging approaches in intrusion detection. evolutionary computation techniques permit to get more meaningful output by security specialists, lightweight solutions utilizing less features, and an set of solutions giving distinctive trade-offs between conflict objectives. Besides that, EC provides simplicity of representation, and it doesn't require suspicions about the solution space. Genetic Programming is a widespread evolutionary computation technique introduced by Koza that is proposed to discover automatically complex properties. [1] Where it can figure out how to solve the most complex issues and problems because in GP, an individual is represented with a GP tree, which is build and established of functions (operators, program statements etc.) and terminals(features, constants etc.). To discover conceivable solutions for a problem, a group of individuals (populations), candidate solutions for the problem, are generated by GP in each generation. The primary population is normally generated randomly. Subsequent generations by applying genetic operators such as crossover and mutation on individuals. Based on fitness values, new individuals are created by applying genetic operators, for example, reproduction, crossover and mutation on the existing population. This constitutes one generation of GP. The program is executed until the point when the best individual is gotten or he characterized number of generations are reached [2] [39] [28]. For example, the following figure1 demonstrates the GP in general [1].