Peer-to-peer (P2P) networks, such as file-sharing networks, social networks (e.g. www.friendster.com), and e-mail exchange between peers (e.g., mailing lists), are currently receiving attention as a means of sharing and distributing information. In fact, peer-to-peer file-sharing networks have many benefits over standard client-server approaches to data distribution, including improved robustness, scalability, and diversity of available data. However, the open nature of these networks makes them sensitive to disruption by malicious peers. For instance, a file-sharing network can be disrupted when one or more peers in the network self-replicate inauthentic files, a social network can be disrupted when peers do not profile themselves accurately or use the network to harass others in the network, and an e-mail exchange can be disrupted by excessive unwanted e-mail (e.g., spam). Attacks by anonymous malicious peers have been observed on today's popular peer-to-peer networks. For example, malicious users have used these networks to introduce viruses such as the VBS.Gnutella worm, which spreads by making a copy of itself in a peer's Gnutella program directory, then modifying the Gnutella.ini file to allow sharing of .vbs files. Far more common have been inauthentic file attacks, wherein malicious peers respond to virtually any query providing ‘decoy files’ that are tampered with or do not work.
It has been suggested that the future development of P2P systems will depend largely on the availability of novel methods for ensuring that peers obtain reliable information on the quality of resources they are receiving. See Cornelli et al., “Choosing Reputable Servants in a P2P Network,” Proceedings of the 11th World Wide Web Conference, Hawaii, USA, May 2002. In this context, attempting to identify malicious peers (e.g. peers that provide inauthentic files, send spam) is superior to attempting to identify inauthentic files or unwanted e-mail, since malicious peers can easily generate a virtually unlimited number of inauthentic files or unwanted e-mail messages if they are not banned from participating in the network.
Reputation management systems have been used to identify malicious events in a centralized system. An example of a successful reputation management is the online auction system eBay (www.ebay.com). In eBay's reputation system, buyers and sellers can rate each other after each transaction, and the overall reputation of a participant is the sum of these ratings over the last six months. This system relies on a centralized system to store and manage these ratings.
In a distributed environment, such as a peer-to-peer network, peers can still rate each other after each transaction, as in the eBay system. For example, each time peer i receives information from peer j (e.g., a file, e-mail message, or other type of data) it can rate the transaction as positive (tr(i,j)=1) or negative (tr(i,j)=−1). Peer i can rate a transaction as negative, for example, if a file downloaded from j is not authentic, is tampered, or if the transaction is interrupted. Like in the eBay model, a local trust value Sij can be defined as the sum of the ratings of the individual transactions that peer i has had with peer j, Sij=Σtrij.
Equivalently, each peer i can store the number of satisfactory transactions it has had with peer j, sat(i,j) and the number of unsatisfactory transactions it has had with peer j, unsat(i,j). Then, Sij is defined:Sij=sat(i,j)−unsat(i,j)  (1)
Previous work in P2P reputation systems has been based on such notions of local trust values. See, for example, Cornelli et al., “Choosing Reputable Servants in a P2P Network,” Proceedings of the 11th World Wide Web Conference, Hawaii, USA, May 2002; Aberer and Despotovic, “Managing Trust in a Peer-2-Peer Information System,” Proceedings of the 10th International Conference on Information and Knowledge Management (ACM CIKM), New York, 2001. The challenge for reputation systems in a distributed environment is how to aggregate the local trust values Sij without a centralized storage and management facility. While each of the previous systems cited above addresses this issue, they suffer from one of at least two drawbacks. Either they aggregate the ratings of only a few peers and therefore don't get a wide view about a peer's reputation, or they aggregate the ratings of all the peers and congests the network with system messages asking for each peer's local trust values at every query.
Accordingly, effective systems and methods for aggregating local trust values in without a centralized storage and management facility in order to establish useful global trust values would be highly desirable.