A Hierarchical Trust Model for Peer-to-Peer Networks

: Trust has become an increasingly important issue given society’s growing reliance on electronic transactions. Peer-to-peer (P2P) networks are among the main electronic transaction environments affected by trust issues due to the freedom and anonymity of peers (users) and the inherent openness of these networks. A malicious peer can easily join a P2P network and abuse its peers and resources, resulting in a large-scale failure that might shut down the entire network. Therefore, a plethora of researchers have proposed trust management systems to mitigate the impact of the problem. However, due to the problem’s scale and complexity, more research is necessary. The algorithm proposed here, HierarchTrust, attempts to create a more reliable environment in which the selection of a peer provider of a file or other resource is based on several trust values represented in hierarchical form. The values at the top of the hierarchical form are more trusted than those at the lower end of the hierarchy. Trust, in HierarchTrust, is generally calculated based on the standard deviation. Evaluation via simulation showed that HierarchTrust produced a better success rate than the well-established EigenTrust algorithm.


Introduction
Peer-to-peer (P2P) networks are comprised of a set of nodes that can directly communicate with each other without the need for a centralised server. Peers (users) in these networks are characterised by their anonymity, and anonymous peers can join or leave the network at any time. This makes P2P networks an ideal environment for malicious peers, who may provide harmful resources or act in a malicious manner. This, of course, puts the security of the network at risk and is considered to be one of the main challenges of P2P systems [Androutsellis-Theotokis and Spinellus (2004)]. Therefore, the challenge of establishing trust relationships between peers to ensure reliable file/service sharing and safe etransactions is receiving increasing attention [Yang, Qin, Wang et al. (2010)]. It is important to build trust relationships between peers to encourage sharing of resources [Bhise and Kamble (2016)]. As a result of this increased interest, many researchers have focused on developing trust and reputation systems for various networks, e.g. [Kamvar, Schlosser and Garcia-Molina (2003); Kurdi (2015); Xiong and Liu (2017) ;Zhang, Zheng, Liu et al. (2011);Kurdi, Alshayban, Altoaimy et al. (2018); Bursell (2005); Mondal and Kitsuregawa (2006); Shala, Wacht, Trick et al. (2017); Zhao and Li (2013), Xie, Yuan, Zhou et al. (2018)].
EigenTrust is one of the most popular reputation algorithms used in P2P networks; this algorithm uses an eigenvector in its calculation of a trust value [Kamvar, Schlosser and Garcia-Molina (2003)]. HonestPeer extends the original EigenTrust algorithm to overcome the issue of peers congregating around pre-trusted peers [Kurdi (2015)]. HonestPeer selects the most reputable (i.e., honest) peers dynamically based on the quality of the files each peer provides. Another trust-based algorithm, PeerTrust, calculates trust based on several factors such as feedback, number of transactions, credibility and community context factors [Xiong and Liu (2004)]. Alternatively, algorithms such as GroupTrust organise peers into different groups based on their evaluation of the same or similar services [Zhang, Zheng, Liu et al. (2011)]. In these instances, the evaluation of the trustworthiness of peers outside the group is based on their local and global reputations, which are aggregated from other peers. TrustFeer is another trust management system proposed for P2P federated clouds [Kurdi, Alshayban, Altoaimy et al. (2018)]. The algorithm relies on subjective logic opinions that are based on the reputation of peers and on service level agreements (SLAs) when evaluating the trustworthiness of peers. As shown above, the literature contains many trust models. However, none consider a trust hierarchy built from a peer's direct experience, recommendations, reputation and feedback. This paper proposes HierarchTrust, a novel trust model that relies on the standard deviation in its trust calculations. HierarchTrust determines trust based on values assigned to various factors, including trust, reputation, feedback and recommendations, which are checked in order of their reliability as measures of trust. At the top of the trust hierarchy is direct experience, followed by recommendations and feedback, and finally reputation. There is more confidence in the elements at the top of the hierarchical form, and confidence in the trust ranking decreases as we move away from the top of the hierarchy. The remainder of this paper is organised as follows. Section 2 describes the trust model in detail. Section 3 explains the methodology that has been followed in the experiments, while Section 4 provides the result and a discussion of the experiments. Finally, Section 5 presents the conclusions.

System design
In a P2P network, a file requester sends file requests to its neighbouring peers. After receiving the requested file, the peer gives a rating to the provider peer based on the authenticity of the file received. Trust value, reputation, feedback and recommendations are computationally derived from the positive and negative ratings given to each peer by their peers. The proposed model then determines the trustworthiness of the file providers in the P2P network. The model applies the standard deviation in its computation of trust in all the trust models used in HierarchTrust. Fig. 1 illustrates the abstract architecture of the HierarchTrust algorithm. The trust metric is computed as in Eq. (1): where TV is the trust value, REC is the recommendation received from the peer's friends, FB is the feedback rating and REP is the reputation of the provider.
The trust value (TV) is computed after each transaction using the standard deviation based on the positive and negative ratings received. After a good or a bad transaction, respectively, the trust value is calculated using Eq.
(2) or Eq. (3): where NT is the new trust value, which is computed as = 1 − , and OT is the old trust value.
The recommendation REC is computed at each transaction when the TV is unavailable.
The REC is computed as follows: where R1 is the first recommender and R2 is the best friend of the first recommender if the first recommender does not have enough experience with the provider and so on.
The feedback (FB) is calculated for each transaction if neither TV nor REC are available. FB relies on the positive and negative ratings received for each transaction. Finally, if TV, REC and FB are unavailable, the reputation (REP) is computed for each transaction.

Methodology
The proposed trust management system is used to assess the trustworthiness of peers in P2P networks. We hypothesise that utilising the proposed algorithm, HierarchTrust, will increase the success rate of good peers.  [Kamvar, Schlosser and Garcia-Molina (2003)]. Success rate was utilised as a performance measure and was computed as follows: The number of malicious peers was controlled in the evaluation to provide a representative sample of a P2P environment. The number of transactions was stabilised at 400 transactions, and the number of malicious peers was varied as 10, 20, 30, 40, 50, 60 and 70 peers. Two models of attack were simulated: pure attacks and feedback-based attacks utilising both naï ve and collective strategies. The total number of peers was set at 300. The network also maintained a constant number of files, in this case, 2000 files.

Results and discussion
The following results represent a practical application of the previously described methodology. The experimental setup considers two different types of attacks, pure attacks and feedback-based attacks, utilising naï ve and collective strategies, as shown in Figs. 2, 3, 4, and 5, respectively. The attacks shown in these figures are pure attacks that utilise either naï ve or collective strategies. HierarchTrust displays a better success rate than EigenTrust, even as the number of malicious peers is increased. Similar to EigenTrust, the success rate of good peers with HierarchTrust decreases as the number of malicious peers increases.   Fig. 4), the proposed algorithm outperforms EigenTrust for more than half of the malicious attacks shown. However, when a collective attack strategy was used, EigenTrust outperforms HierarchTrust (see Fig. 5).

Conclusion
P2P networks are beneficial as a method for resource sharing, but the inherent openness of these systems makes them an ideal space in which malicious peers can prosper. Therefore, numerous trust and reputation models have been proposed to tackle this problem. This paper proposes HierarchTrust, a trust management system that computes trust based on standard deviation using various trust values (trust, reputation, feedback and recommendations), which are computationally derived from positive and negative ratings given to each peer by their peers. The performance of HierarchTrust was comparatively assessed in a simulated environment against EigenTrust to determine the success rate of good peers as the number of malicious peers was varied. The results show the superiority of the proposed algorithm under pure attacks in comparison to EigenTrust. HierarchTrust also proved stable under feedback-based attacks utilising naï ve strategies, but EigenTrust proved stronger against collective strategies. This limitation lends itself to future work. Several other types of threat will also be considered in the future.