The EigenTrust Algorithm for Reputation Management in P2P Networks: The EigenTrust Algorithm for Reputation Management in P2P Networks Sepandar D. Kamvar Mario T. Schlosser Hector Garcia-Molina Stanford University


Problem: Problem: Reduce inauthentic files distributed by malicious peers on a P2P network. Motivation: Problem “Major record labels have launched an aggressive new guerrilla assault on the underground music networks, flooding online swapping services with bogus copies of popular songs.” -Silicon Valley Weekly


Problem: Problem Goal: To identify sources of inauthentic files and bias peers against downloading from them. Method: Give each peer a trust value based on its previous behavior.


Some approaches: Some approaches Past History Friends of Friends EigenTrust


Terminology: Terminology Local trust value: cij. The opinion that peer i has of peer j, based on past experience. Global trust value: ti. The trust that the entire system places in peer i. Peer 1 Peer 3 Peer 2 Peer 4


Local Trust Values: Local Trust Values Each time peer i downloads an authentic file from peer j, cij increases. Each time peer i downloads an inauthentic file from peer j, cij decreases. Peer i Peer j Cij=


Normalizing Local Trust Values: Normalizing Local Trust Values All cij non-negative ci1 + ci2 + . . . + cin = 1


Local Trust Vector: Local Trust Vector Local trust vector ci: contains all local trust values cij that peer i has of other peers j.


Some approaches: Some approaches Past History Friends of Friends EigenTrust


Past history: Past history Each peer biases its choice of downloads using its own opinion vector ci. If it has had good past experience with peer j, it will be more likely to download from that peer. Problem: Each peer has limited past experience. Knows few other peers.


Friends of Friends: Friends of Friends Ask for the opinions of the people who you trust.


Friends of Friends: Friends of Friends Weight their opinions by your trust in them.


The Math: The Math


Problem with Friends: Problem with Friends Either you know a lot of friends, in which case, you have to compute and store many values. Or, you have few friends, in which case you won’t know many peers, even after asking your friends.


Dual Goal: Dual Goal We want each peer to: Know all peers. Perform minimal computation (and storage).


Knowing All Peers: Knowing All Peers Ask your friends: t=CTci. Ask their friends: t=(CT)2ci. Keep asking until the cows come home: t=(CT)nci.


Minimal Computation: Minimal Computation Luckily, the trust vector t, if computed in this manner, converges to the same thing for every peer! Therefore, each peer doesn’t have to store and compute its own trust vector. The whole network can cooperate to store and compute t.


Non-distributed Algorithm: Non-distributed Algorithm Initialize: Repeat until convergence:


Distributed Algorithm: Distributed Algorithm No central authority to store and compute t. Each peer i holds its own opinions ci. For now, let’s ignore questions of lying, and let each peer store and compute its own trust value.


Distributed Algorithm: Distributed Algorithm For each peer i { -First, ask peers who know you for their opinions of you. -Repeat until convergence { -Compute current trust value: ti(k+1) = c1j t1(k) +…+ cnj tn(k) -Send your opinion cij and trust value ti(k) to your acquaintances. -Wait for the peers who know you to send you their trust values and opinions. } }


Probabilistic Interpretation: Probabilistic Interpretation


Malicious Collectives: Malicious Collectives


Pre-trusted Peers: Pre-trusted Peers Battling Malicious Collectives Inactive Peers Incorporating heuristic notions of trust Convergence Rate


Pre-trusted Peers: Pre-trusted Peers Battling Malicious Collectives Inactive Peers Incorporating heuristic notions of trust Convergence Rate


Secure Score Management: Secure Score Management Two basic ideas: Instead of having a peer compute and store its own score, have another peer compute and store its score. Have multiple score managers who vote on a peer’s score. Score Manager Score Managers Distributed Hash Table


How to use the trust values ti: How to use the trust values ti When you get responses from multiple peers: Deterministic: Choose the one with highest trust value. Probabilistic: Choose a peer with probability proportional to its trust value.


Load Distribution: Load Distribution Deterministic Download Choice Probabilistic Download Choice


Threat Scenarios: Threat Scenarios Malicious Individuals Always provide inauthentic files. Malicious Collective Always provide inauthentic files. Know each other. Give each other good opinions, and give other peers bad opinions.


More Threat Scenarios: More Threat Scenarios Camouflaged Collective Provide authentic files some of the time to trick good peers into giving them good opinions. Malicious Spies Some members of the collective give good files all the time, but give good opinions to malicious peers.


Malicious Individuals: Malicious Individuals


Malicious Collective: Malicious Collective


Camouflaged Collective: Camouflaged Collective


Malicious Spies: Malicious Spies


Simulations: Simulations


Conclusion: Conclusion Eigentrust Dramatically reduces number of inauthentic files on the network. Robust to malicious peers. Low overhead.


The End: The End Paper available at http://www.stanford.edu/~sdkamvar/research.html


Revised Non-distributed Algorithm: Revised Non-distributed Algorithm Initialize: Repeat until convergence:


Simulator: Simulator Query-Cycle Simulator Models Peer Behavior. Query Behavior, Uptime, Activity, Authenticity Interests (Content Categories) Models Peer Content Assigns files to each peer based on interests, volume. Schlosser, Condie, and Kamvar, “Simulating a File-Sharing P2P Network” 1st SemPGRID Workshop, 2003 (http://dbpubs.stanford.edu/pub/2003-28)


Computation: Computation How long does it take for the cows to come home? Haveliwala and Kamvar, “The Second Eigenvalue of the Google Matrix” (http://dbpubs.stanford.edu/pub/2003-20)