Presentation is loading. Please wait.

Presentation is loading. Please wait.

June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 1 A Robust Reputation System for P2P and Mobile Ad-hoc Networks.

Published byTaliyah Nettles Modified over 10 years ago

Similar presentations

Presentation on theme: "June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 1 A Robust Reputation System for P2P and Mobile Ad-hoc Networks."— Presentation transcript:

1

2 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 1 A Robust Reputation System for P2P and Mobile Ad-hoc Networks P2PEcon 2004 Sonja Buchegger, Jean-Yves Le Boudec June 4, 2004

3 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 2 Presentation Outline Problem: Misbehavior in P2P and Mobile Ad-hoc Networks Proposed Solution: Misbehavior Detection and Reputation System Attacks on the Reputation System Performance Evaluation: Simulation Results Conclusions

4 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 3 Problem Statement How can we make a system work despite misbehavior? Example: Routing in mobile ad-hoc networks Misbehaving nodes decrease performance. They can be Selfish Example: No or incorrect forwarding Malicious Example: Route deviation Faulty Example: Repeating packets

5 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 4 Solution Proposal: Misbehavior Detection and Reputation System Nodes monitor their neighbors and keep track of good and bad behavior, using a Bayesian approach Periodically they exchange this information. The information from others, if compatible or trusted, slightly modifies the view a node has about another. Compatible = passing a deviation test Nodes classify others as normal or misbehaving according to their protocol behavior, and as trustworthy or untrustworthy according to the compatibility of their information. Nodes classified as misbehaving are excluded.

6 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 5 F A B E C D G Misbehavior

7 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 6 F A B E C D G Publication

8 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 7 2 nd Hand Info from G about C 2 nd Hand Info from E about C 2 nd Hand Info from F about C Reputation Rating of A about C 2 nd Hand Info from B about C Previous Rating of A about C Reputation

9 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 8 F A B E C D G Isolation and Rerouting

10 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 9 First hand : based on directly observed behavior, if any Reputation : based on own and received reports synthesis of first and second hand information Reflect perceived behavior of other nodes as protocol agents Used to classify others as normal/misbehaving Trust : Based on received reports Reflects perceived behavior of others as reputation agents Used to classify others as trustworthy/untrustworthy Nodes Keep 3 Types of Ratings

11 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 10 Bayesian Approach The three types of records are based on the same Bayesian approach; we explain it for First Hand Observation Node i believes that node j misbehaves with probability θ θ is drawn from a B(α, β) distribution (= the prior probability) The prior B(α, β) is the record B(1,1) Modified by Bayesian inference + aging mechanism (fading). Let s = 0 or 1 (misbehave) be the result of one observation. Then (with u = 0.999) Beta function is probability distribution of θ θ close to 0 is good, close to 1 is bad B(1,1) Node i has no information on node j B(100,10) Node i has conclusive information on node j

12 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 11 Reputation Ratings: First and Second-Hand All nodes locally broadcast their first hand observations and send it to the source Node i uses own + received first-hand information to build its reputation record for node k I K J F(j,k) F(i,j) R(i,j) T(i,k) F(k,j) R(k,j) T(k,j) F(j,k) = (, ) =

13 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 12 How Reputation is Made Node i makes direct observation on j R(i,j) is updated according to Node i receives from node k the first hand observation report F(k,j) Should received report F(k,j) be accepted (see later) ? If no, node i does not update reputation record If yes, i updates reputation record R(i,j), using Node i classifies node j according to Bayesian control (with r = 0.75) as Normal Misbehaving Normal Misbehaving

14 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 13 Deciding Whether to Accept Received Report Node i receives from k the (alleged) report F(k,j) if i thinks that k is trustworthy then F(k,j) is accepted else i does a deviation test: if report F(k,j) deviates largely from R(i,j) then reject else accept Deviation Test is with d =0.5

15 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 14 Features of the Reputation System Only first hand information is propagated All information needs to be re-enforced otherwise it fades out (reputation fading), allows redemption Separate behaviour as Protocol agent Reputation agent

16 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 15 How Trust is Made Node i maintains a trust rating T(i,k): a rating of k as reputation agent T(i,k) expresses how much k deviates from majority opinion, according to i Let T(i,k)=B(, ); i decides that k is (with t =0.25 to 1) i k j F(j,k) F(i,j) R(i,j) T(i,k) F(k,j) R(k,j) T(k,j) Trustworthy Untrustworthy

17 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 16 How Trust Rating is Computed Node i performs deviation test on received report; (s = 1 means the test is positive). T(i,k) = ( ) is updated according to (with v = 0.999) i k j F(j,k) F(i,j) R(i,j) T(i,k) F(k,j) R(k,j) T(k,j)

18 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 17 Example: E Joins Network, B misbehaves but does not lie E F R T A B C AB C F R T A B B F R T A D A F R T B D D F R T A B E C D

19 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 18 E F A B C A F B D C F A B D F A B B F A D Nodes Publish First Hand Information E F R T A B C AB C F R T A B B F R T A D A F R T B D D F R T A B E D C

20 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 19 E Accepts Reports and Classifies B E F R T A B C A B C F R T A B B F R T A D A F R T B D D F R T A B ECD

21 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 20 Dealing with Inconsistent Misbehavior Redemption Excluded nodes cannot improve their rating (no observable behavior) Reputation fading allows for redemption of Misclassified nodes Formerly faulty nodes Secondary Response When excluded node re-enters the network Lower thresholds for misbehavior tolerance Faster classification and isolation

22 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 21 C F A D F A Attacking the Reputation System: Big Lies. Node C comes and lies E F R T A D C AB C F R T A B B F R T A D A F R T B D D F R T A B E C D

23 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 22 C F A D F A E does Deviation Test and Does Not Believe C E F R T A D C A B C F R T A B B F R T A D A F R T B D D F R T A B ECD

24 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 23 Attacking the Reputation System: Stealthy Lying Attackers lie a little bit to gradually worsen reputation But the many little lies do not accumulate (reputation fading) For a more effective attack, liars need to lie more They will not be trusted anymore

25 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 24 B good A bad B good A bad B bad A good Attacking the Reputation System: Gain Trust and Then Lie A B E C D E F R T A B C 1. C says the truth to gain confidence; E trusts C A B E C D E F R T A B C 2. C says B good A bad; E believes C (and A and D) ang gets blurred picture on A and B. Cs trust decreases A B E C D E F R T A B C 3. C continues to lie; E does not believe C B bad A good A B E C D E F R T A B C 4. C says the truth again; trust becomes better.

26 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 25 Attacking the Reputation System: Brainwashing B E B E 1. E surrounded by liars. No first hand information on B E believes and trusts liars « brainwashed » 2. E moves to a healthier place. E does not believe the truth but does not update Bs reputation either, which fades out. Trust in the liars also fades out. E has now no opinion on B and can start believing the truth.

27 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 26 Simulation using GloMoSim Dynamic Source Routing Goal: Find tolerable number of misbehaving nodes Metrics: throughput, dropped messages detection time overhead (control messages) Scenarios: infiltrated vs. benign network defenseless vs. fortified network Misbehavior type: no forwarding lying

28 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 27 Throughput vs. % Misbehaving Nodes Copes well with up to 50% misbehaving nodes (no forwarding attack)

29 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 28 Effect of Reputation: Detection Speed Second-hand information decreases time to detect all misbehaving nodes.

30 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 29 Effect of Trust (False Pos./Neg.) Using trust reduces the number of false positives and false negatives.

31 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 30 Peer-to-Peer Anonymity System Misbehavior Detection and Reputation System: CONFIDANT Components/Applications Reputation System Goal: to create knowledge based on first and second-hand observations. Trust Manager Goal: to control how second- hand reports are handled. Monitor Goal: to detect misbehavior. Path Manager Implements decisions made by the reputation system. Peer-to-Peer File SharingRouting Protocol (DSR)

32 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 31 Future Work Application to P2P file sharing, anonymity systems Address identity problem More detailed attacker model and performance evaluation

33 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 32 Conclusions Have to cope with misbehavior Detection and reputation systems target a wider range of misbehavior than payment or cryptography approaches. Second-hand information helps detection. Our reputation systems makes use of it and is robust to spurious ratings of single attackers or small collusions and can recover from big collusions.

34 June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 33 Questions?

Download ppt "June 4, 2004 A Robust Reputation System for P2P and Mobile Ad-hoc Networks Sonja Buchegger 1 A Robust Reputation System for P2P and Mobile Ad-hoc Networks."

Similar presentations

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.

Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.

Copyright © 2011, Elsevier Inc. All rights reserved. Chapter 6 Author: Julia Richards and R. Scott Hawley.
Author: Julia Richards and R. Scott Hawley

Author: Julia Richards and R. Scott Hawley
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.

Properties Use, share, or modify this drill on mathematic properties. There is too much material for a single class, so you’ll have to select for your.
UNITED NATIONS Shipment Details Report – January 2006.

UNITED NATIONS Shipment Details Report – January 2006.
RXQ.11.4.1 Customer Enrollment Using a Registration Agent (RA) Process Flow Diagram (Move-In) Customer Supplier Customer authorizes Enrollment (11.3.2.1)

RXQ Customer Enrollment Using a Registration Agent (RA) Process Flow Diagram (Move-In) Customer Supplier Customer authorizes Enrollment ( )
Document #07-12G 1 RXQ.11.4.1 Customer Enrollment Using a Registration Agent Process Flow Diagram (Switch) Customer Supplier Customer authorizes Enrollment.

Document #07-12G 1 RXQ Customer Enrollment Using a Registration Agent Process Flow Diagram (Switch) Customer Supplier Customer authorizes Enrollment.
Document #07-12G 1 RXQ.11.4.1 Customer Enrollment Using a Registration Agent Process Flow Diagram (Switch) Customer Supplier Customer authorizes Enrollment.

Document #07-12G 1 RXQ Customer Enrollment Using a Registration Agent Process Flow Diagram (Switch) Customer Supplier Customer authorizes Enrollment.
Document #07-2I RXQ.11.4.1 Customer Enrollment Using a Registration Agent (RA) Process Flow Diagram (Move-In) (mod 7/25 & clean-up 8/20) Customer Supplier.

Document #07-2I RXQ Customer Enrollment Using a Registration Agent (RA) Process Flow Diagram (Move-In) (mod 7/25 & clean-up 8/20) Customer Supplier.
Chapter 3: Linked List Tutor: Angie Hui

Chapter 3: Linked List Tutor: Angie Hui
1 Hyades Command Routing Message flow and data translation.

1 Hyades Command Routing Message flow and data translation.
Writing Pseudocode And Making a Flow Chart A Number Guessing Game

Writing Pseudocode And Making a Flow Chart A Number Guessing Game
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Title Subtitle.

Title Subtitle.
Properties of Real Numbers CommutativeAssociativeDistributive Identity + × Inverse + ×

Properties of Real Numbers CommutativeAssociativeDistributive Identity + × Inverse + ×
Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.

Exit a Customer Chapter 8. Exit a Customer 8-2 Objectives Perform exit summary process consisting of the following steps: Review service records Close.
Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.

Local Customization Chapter 2. Local Customization 2-2 Objectives Customization Considerations Types of Data Elements Location for Locally Defined Data.

Similar presentations

Ads by Google