Resilient Trust for PeertoPeer based Critical Information Infrastructures

1
Resilient Trust for Peer-to-Peer based Critical
Information Infrastructures

• Claudiu Duma, Nahid Shahmehri, Eduard Turcan
• Dept. of Computer and Information Science
• Linköpings universitet
• Sweden

2
Overview

• P2P based Critical Information Infrastructures
• Peer-to-peer (P2P)
• Trust in P2P
• Resilient Trust Management for P2P
• Contribution of this work
• Conclusions and Future work

3
Critical infrastructures

• Increasingly interlinked and predominantly
  automated
• More and more dependent on the information
  infrastructure

4
Critical information infrastructures

• Must properly function even in times of crisis
  while under deliberate attacks, accidental
  failures, or catastrophes.
• Requirements for critical information services
• Fault-tolerance
• Self-management
• Scalability
• Challenge
• How to meet these requirements on the existing
  data communication networks, particularly on the
  Internet?

5
Peer-to-peer based critical information
infrastructures

• Build the critical services using peer-to-peer
  P2P technologies
• Inherit the properties of P2P
• Dynamic and self-organizing
• Fault Tolerant
• Scalable
• Adaptive

6
Peer-to-peer

• Distributed file sharing
• Napster
• FreeNet
• Gnutella
• And much more

7
Peer-to-peer

• A definition
• P2P is a type of network in which each
  workstation has equivalent capabilities and
  responsibilities. This differs from client-server
  architectures, in which some computers are
  dedicated to serving the others. (Webopedia)

-sensors -algorithms -actuators
Peer-to-peer
Centralized client-server
8
General P2P characteristics

• Decentralized functionality
• Avoid bottlenecks and single point of failures
• Can be established in an add-hoc manner
• Does not require central coordination
• Dynamic structures
• Can cope with node dynamics (join, leave) it is
  self-organizing
• Is an overlay network
• Can run on top of various exiting
  infrastructures can deal with physical link
  failures

9
P2P applications

• Applications beyond file sharing
• Distributed storage and backup facilities
• Knowledge management within enterprises
• Communication service for emergency teams
• Communication and control for critical systems
• P2P based intrusion detection systems
• Communication networks for car safety

10
Trust

• Peers could act maliciously!
• Provides false information
• Refuses to provide the service
• Provide malicious service (e.g. share infected
  data)
• How can peers establish trust with each other?

11
Trust

• A definition
• Trust is the belief in the competence of an
  entity to act dependably, securely, and reliably
  within a specified context". (Grandison 2000)
• Example
• Alice trusts Bob moderately to forward data.

trust
context (forward data) trust value (moderately)
Alice
Bob
12
Trust management
Collects information for trust
Monitors and re-evaluates the trust
Evaluates and establishes trust relationships
An essential component for the security of
distributed and decentralized systems, in general!
13
Trust management

• Policy-based trust management
• Trust is immutable.
• Reputation-base trust management (reputation
  systems)
• Suitable for P2P dynamics
• Predict the trust that can be invested in one
  peer from the history of its past behavior!

14
Reputation system
Recommenders for Bob
Alice
. . .
Own experiences
recommendations
Trust computation
trust(Alice, Bob) ?
Update own experiences
Interact
Interaction evaluation
15
Attacks on reputation systems

• Reputation systems help peers to recognize the
  trustworthy peers and avoid the malicious ones
• However, the reputation systems might be
  themselves target of attacks
• E.g. Some peer might report false recommendations!

16
Resilient reputation systems

• Resilient reputation system
• Resistant to attacks
• Can distinguish the trustworthy peers even when
  the reputation system is under attack
• This is the subject of this work

17
Our contributions in this paper

• Classification of existing reputation systems
  based on
• Architecture
• Where are the experiences collected and computed
• Trust metric
• What is the trust computation formula
• Taxonomy of attacks against reputation systems
• Analysis of resilience to attacks of the existing
  reputation systems

18
Analysis architecture

• Partial-decentralized and fully-decentralized
  with local computation architectures favors
  resiliency

Storage
Resilient configurations Non resilient
configurations
19
Analysis trust metric

• The existing metrics
• can only deal with simple attacks
• Static and partially dynamic
• Individual
• Random
• can not deal with more complex attacks
• Dynamic
• Colluding
• Targeted

20
Conclusions

• P2P networks are promising architectures for
  implementing critical information infrastructures
• However, trust is a major issue to be addressed
  in P2P
• This requires resilient reputation systems
  capable to withstand attacks

21
Future work

• Resilient reputation systems
• Investigate the efficiency versus resiliency
  tradeoffs of the architectures
• Investigate mechanisms for resilient trust metrics

22

• Questions?