Collusion in Peer-to-Peer Systems

Peer-to-peer systems have reached a widespread use, ranging from academic and industrial applications to home entertainment. The key advantage of this paradigm lies in its scalability and flexibility, consequences of the participants sharing their resources for the common welfare. Security in such systems is a desirable goal. For example, when mission-critical operations or bank transactions are involved, their effectiveness strongly depends on the perception that users have about the system dependability and trustworthiness. A major threat to the security of these systems is the phenomenon of collusion. Peers can be selfish colluders, when they try to fool the system to gain unfair advantages over other peers, or malicious, when their purpose is to subvert the system or disturb other users. The problem, however, has received so far only a marginal attention by the research community. While several solutions exist to counter attacks in peer-to-peer systems, very few of them are meant to directly counter colluders and their attacks. Reputation, micro-payments, and concepts of game theory are currently used as the main means to obtain fairness in the usage of the resources. Our goal is to provide an overview of the topic by examining the key issues involved. We measure the relevance of the problem in the current literature and the effectiveness of existing philosophies against it, to suggest fruitful directions in the further development of the field

Manipulating Scrip Systems: Sybils and Collusion

Game-theoretic analyses of distributed and peer-to-peer systems typically use the Nash equilibrium solution concept, but this explicitly excludes the possibility of strategic behavior involving more than one agent. We examine the effects of two types of strategic behavior involving more than one agent, sybils and collusion, in the context of scrip systems where agents provide each other with service in exchange for scrip. Sybils make an agent more likely to be chosen to provide service, which generally makes it harder for agents without sybils to earn money and decreases social welfare. Surprisingly, in certain circumstances it is possible for sybils to make all agents better off. While collusion is generally bad, in the context of scrip systems it actually tends to make all agents better off, not merely those who collude. These results also provide insight into the effects of allowing agents to advertise and loan money. While many extensions of Nash equilibrium have been proposed that address collusion and other issues relevant to distributed and peer-to-peer systems, our results show that none of them adequately address the issues raised by sybils and collusion in scrip systems.Comment: 20 pages, 5 figures. To appear in the Proceedings of The First Conference on Auctions, Market Mechanisms and Their Applications (AMMA '09

An Efficient Asynchronous Peer to Peer Auction using Yao Oblivious Transfer

Distributed electronic auctions are increasingly preferred over centralized electronic auctions today. The success of peer-to-peer file sharing networks has made distributed electronic auctions a possibility. Due to trust and conflict of interest issues with centralized auctioneer systems, multiple auctioneers in distributed roles are preferred. However, there is a possibility of auctioneer node collusion [16] and auctioneer-bidder collusion and auctioneer-seller collusion in such mechanisms. To overcome these problems, a new peer-to-peer auction protocol [17] with auctioneers forming auctioneer groups has been proposed. This protocol keeps the auctioneers honest by ensuring that no single auctioneer in the group has absolute control over the auction process. But, it leads to multiple bid comparisons and thus increases redundancy. It also fails to enforce a secure bid comparison method and hence fails to provide privacy of bids. This thesis presents a modified version of this protocol where the oblivious transfer method [14] is used to solve the Yao millionaires\u27 problem [22] that arises between two auctioneer groups when they have to compare bids. Additionally, a 2nd price mechanism in which only the second highest bid is known to all the auctioneer groups except for the auctioneer group which holds the highest bid, ensures that no unnecessary bid comparisons are made between auctioneer groups. Hence, the result is an efficient auction protocol which is iterative, asynchronous, 2nd price and based on a peer to peer mechanism

SocialLink: a Social Network Based Trust System for P2P File Sharing Systems

In peer-to-peer (P2P) file sharing systems, many autonomous peers without preexisting trust relationships share files with each other. Due to their open environment and distributed structure, these systems are vulnerable to the significant impact from selfish and misbehaving nodes. Free-riding, whitewash, collusion and Sybil attacks are common and serious threats, which severely harm non-malicious users and degrade the system performance. Many trust systems were proposed for P2P file sharing systems to encourage cooperative behaviors and punish non-cooperative behaviors. However, querying reputation values usually generates latency and overhead for every user. To address this problem, a social network based trust system (i.e., SocialTrust) was proposed that enables nodes to first request files from friends without reputation value querying since social friends are trustable, and then use trust systems upon friend querying failure when a node\u27s friends do not have its queried file. However, trust systems and SocialTrust cannot effectively deal with free-riding, whitewash, collusion and Sybil attacks. To handle these problems, in this thesis, we introduce a novel trust system, called SocialLink, for P2P file sharing systems. By enabling nodes to maintain personal social network with trustworthy friends, SocialLink encourages nodes to directly share files between friends without querying reputations and hence reduces reputation querying cost. To guarantee the quality of service (QoS) of file provisions from non-friends, SocialLink establishes directionally weighted links from the server to the client with successful file transaction history to constitute a weighted transaction network , in which the link weight is the size of the transferred file. In this way, SocialLink prevents potential fraudulent transactions (i.e., low-QoS file provision) and encourages nodes to contribute files to non-friends. By constraining the connections between malicious nodes and non-malicious nodes in the weighted transaction network, SocialLink mitigates the adverse effect from whitewash, collusion and Sybil attacks. By simulating experiments, we demonstrate that SocialLink efficiently saves querying cost, reduces free-riding, and prevents damage from whitewash, collusion and Sybil attacks

Behavior Modeling and Forensics for Multimedia Social Networks

Within the past decades, the explosive combination of multimedia signal processing, communications and networking technologies has facilitated the sharing of digital multimedia data and enabled pervasive digital media distribution over all kinds of networks. People involved in the sharing and distribution of multimedia contents form \emph{multimedia social networks} in which users share and exchange multimedia content, as well as other resources. Users in a multimedia social network have different objectives and influence each other's decision and performance. It is of ample importance to understand how users interact with and respond to each other and analyze the impact of human factors on multimedia systems. This thesis illustrates various aspects of issues and problems in multimedia social networks via two case studies of human behavior in multimedia fingerprinting and peer-to-peer live streaming. Since media security and content protection is a major issue in current multimedia systems, this thesis first studies the user dynamics of multimedia fingerprinting social networks. We investigate the side information which improves the traitor-tracing performance and provide the optimal strategies for both users (fingerprint detector and the colluders) in the multimedia fingerprinting social network. Furthermore, before a collusion being successfully mounted, the colluders must be stimulated to cooperate with each other and all colluders have to agree on the attack strategy. Therefore, not all types of collusion are possible. We reduce the possible collusion set by analyzing the incentives and bargaining behavior among colluders. We show that the optimal strategies designed based on human behavior can provide more information to the fingerprint detector and effectively improve the collusion resistance. The second part of this thesis focuses on understanding modelling and analyzing user dynamics for users in various types of peer-to-peer live streaming social networks. We stimulate user cooperation by designing the optimal, cheat-proof, and attack-resistant strategies for peer-to-peer live streaming social networks over Internet as well as wireless networks. Also, as more and more smart-phone users subscribe to the live-streaming service, a reasonable market price has to be set to prevent the users from reselling the live video. We start from analyzing the equilibrium between the users who want to resell the video and the potential buyers to provide the optimal price for the content owner

Incentivising monitoring in open normative systems

We present an approach to incentivising monitoring for norm violations in open multi-agent systems such as Wikipedia. In such systems, there is no crisp definition of a norm violation; rather, it is a matter of judgement whether an agent’s behaviour conforms to generally accepted standards of behaviour. Agents may legitimately disagree about borderline cases. Using ideas from scrip systems and peer prediction, we show how to design a mechanism that incentivises agents to monitor each other’s behaviour for norm violations. The mechanism keeps the probability of undetected violations (submissions that the majority of the community would consider not conforming to standards) low, and is robust against collusion by the monitoring agents

Student experiences of peer review marking of team projects

Peer review of students is a partial response to critics of group work who cite drawbacks of "free riders" and de-motivation. It is often used to motivate and focus students on their own development within a group work setting. Pressures of time, budget and student numbers often obviate deeper study of alternative assessment techniques. The study reported in this paper, made possible by an HEA grant, allowed for analysis of a peer review mechanism that had been operating for a number of years alongside a new web-based system. The paper reviews criticisms of peer review techniques in existing literature and outlines how student experiences of peer review were researched. Qualitative outcomes are discussed alongside an analysis of quantitative data from the systems used. Key conclusions from this research are that the data collection method made no significant difference to the reported student experiences of peer review or to the peer review marks. The findings update and strengthen previous literature and provide important new insights into the emotional perspective of students. The findings from this research are being used to aid development of the webbased system and to establish 'good practice' guidance on the deployment of this valuable and innovative technique

Enabling Social Applications via Decentralized Social Data Management

An unprecedented information wealth produced by online social networks, further augmented by location/collocation data, is currently fragmented across different proprietary services. Combined, it can accurately represent the social world and enable novel socially-aware applications. We present Prometheus, a socially-aware peer-to-peer service that collects social information from multiple sources into a multigraph managed in a decentralized fashion on user-contributed nodes, and exposes it through an interface implementing non-trivial social inferences while complying with user-defined access policies. Simulations and experiments on PlanetLab with emulated application workloads show the system exhibits good end-to-end response time, low communication overhead and resilience to malicious attacks.Comment: 27 pages, single ACM column, 9 figures, accepted in Special Issue of Foundations of Social Computing, ACM Transactions on Internet Technolog