非结构化对等网信任和信誉机制研究
|
摘要
近年来基于Gnutella协议的非结构化对等技术得到极大的普及应用,越来越多的用户享用这种技术带来的资源共享的便捷和灵活。但恶意用户节点却利用该技术的特性随意对路由转发的信息进行篡改或丢弃;将木马程序等恶意代码伪装成热点信息,提供网络中的其它用户节点下载;伪造大量不存在的用户节点标识或目的不可达信息,对网络中某一节点,甚至整个网络发动DDoS攻击等恶意行为。
上述安全问题产生的主要原因是Gnutella协议设计本身缺乏安全因素的考虑,导致网络中节点间无法相互信任,网络中共享资源的可靠性无法得到保障。针对上述安全问题的解决方案之一是在节点间构建一种信任机制,为节点选择可信的其它节点和内容真实的共享资源,提供评判依据。但是,目前对信任和信誉机制的研究主要基于对信任和信誉计算模型的研究,对整个机制涉及的研究内容还没有公认的研究性结论。因此,节点信任和信誉机制的课题研究对于P2P安全体系的构建和应用扩展,具有非常重要的现实意义。
本文针对节点的信任和信誉信息是衡量用户节点信任程度的最直接依据,贯穿节点信任与信誉机制研究的方方面面的特性分析,提出基于Gnutella协议的P2P信任和信誉机制的研究内容。同时,针对研究内容所涉及的节点间信任与信誉模型,信任与信誉信息的安全传输和安全存储分别进行深入研究,取得了以下创新性成果:
1.提出反映节点行为动态过程的全新信任与信誉模型。通过对现有模型存在问题的分析比较,提出节点近期状态结果对节点信任程度影响最大,并且节点的行为过程具有马尔科夫性。在此基础上,本文提出反映节点行为动态过程的马尔科夫信任和信誉计算模型。
2.提出了一种多路径、分片的节点信任和信誉信息的安全传输协议。针对节点信任与信誉信息传输重在完整性的分析研究,提出将Shamir门限秘密分割理论引入传输协议,对节点的信任和信誉信息进行分割,并将分割后的多个子秘密采用多路径方式回传。该协议为节点进行信任和信誉信息的安全传输提供了一种新的可替代方法。
3.提出分布式的安全冗余存储策略。针对节点信任与信誉信息安全存储的特性要求,引入柯西编码理论对节点的信任和信誉信息文件进行多节点分布式安全冗余存储,使存储该信息的节点无法获知存储于本地的信息内容,避免存储节点对该信息的恶意更改,提高节点信任与信誉信息文件存储的安全性,使节点信任与信誉信息存储的有效性和安全性都得到增强。
With rapid prevalence of the application on unstructured and distributed peer-to-peer technology which is based on Gnutella protocol people have been enjoying it on the convenience of using resource-sharing. However, malicious nodes in P2P network can easily make use of this technology characteristic to modify or discard messages routed at will; personate hot information with vicious codes such as Trojan horse for other nodes download; forge a great many of bogus identities or unreachable messages to launch DDos attack aiming at some nodes or the whole network.
The cause of these problems stems from the initial design that the Gnutella P2P network assumes that peers have confidence in one another and resource-sharing among them is trustful and reliable. In fact, the trustful relationship among peers is unexistence so that the malicious behavior can be done by using this assumed trust relationship among peers. Consequently, it is important for peers in the network to construct a mechnisam of trust-and-reputation. The construction of trust-and-reputation mechanism among peers can provide a way of evaluation for choosing trustful peers and reliable resource-sharing. However, existing researches at this field have not made any acknowledged conclusion in the mass, and the focus on the mechanism is mainly studies and improvements of these trust-and-reputation models. That is to say, it is necessary for constructing secure P2P systems and extending P2P applications to research the trust-and-reputation mechanism among peers.
Analysis of peers' value of trust-and-reputation, the contents of trust-and-reputation mechanism for Gnutella P2P are proposed, which mainly deal with the value of the trust and reputation computing model, the secure transport and the policy of secure storage. Moreover, based on systemic studies for these above contents, a few novel achievements are obtained and listed as follows:
(1) A trust-and-reputation model based on the Markov process of describing the peers'. dynamic behavior is proposed. Moreover, according to the random characteristic of the peers' behavior process and ones' state results, a new-style trust and reputation model forecasting and reflecting the peers' dynamic behavior process is constructed.
(2) A partition and multi-path transmission protocol of the peers' trust-and-reputation value is proposed. Based on the analysis of the peers' trust and reputation value concerning their integrality during the process of transmission, the Shamir secret threshold scheme is introduced into the protocol. In the protocol transmission, the peers' trust and reputation value are divided into segments and then resented back through multi-path. The method is provided with a new substitute for. security transmission of the peers' trust-and-reputation value.
(3) A redundant secure storage policy of the peers' trust-and-reputation value is put forward. In the policy, according to the requirement of the peers' trust-and-reputation security storage, Cauchy code theory is introduced into the content of the peers' trust-and-reputation distribution and storage to build an algorithm of redundant code. Since segments distribution is held among trusted peers, and those fragments are scattered ones, storage nodes can make nearly no knowledge of the local conserving information. This way can excellently avoid malicious peers' modification on them so that the validity and security on storage of trust-and-reputation value are enhanced.
上述安全问题产生的主要原因是Gnutella协议设计本身缺乏安全因素的考虑,导致网络中节点间无法相互信任,网络中共享资源的可靠性无法得到保障。针对上述安全问题的解决方案之一是在节点间构建一种信任机制,为节点选择可信的其它节点和内容真实的共享资源,提供评判依据。但是,目前对信任和信誉机制的研究主要基于对信任和信誉计算模型的研究,对整个机制涉及的研究内容还没有公认的研究性结论。因此,节点信任和信誉机制的课题研究对于P2P安全体系的构建和应用扩展,具有非常重要的现实意义。
本文针对节点的信任和信誉信息是衡量用户节点信任程度的最直接依据,贯穿节点信任与信誉机制研究的方方面面的特性分析,提出基于Gnutella协议的P2P信任和信誉机制的研究内容。同时,针对研究内容所涉及的节点间信任与信誉模型,信任与信誉信息的安全传输和安全存储分别进行深入研究,取得了以下创新性成果:
1.提出反映节点行为动态过程的全新信任与信誉模型。通过对现有模型存在问题的分析比较,提出节点近期状态结果对节点信任程度影响最大,并且节点的行为过程具有马尔科夫性。在此基础上,本文提出反映节点行为动态过程的马尔科夫信任和信誉计算模型。
2.提出了一种多路径、分片的节点信任和信誉信息的安全传输协议。针对节点信任与信誉信息传输重在完整性的分析研究,提出将Shamir门限秘密分割理论引入传输协议,对节点的信任和信誉信息进行分割,并将分割后的多个子秘密采用多路径方式回传。该协议为节点进行信任和信誉信息的安全传输提供了一种新的可替代方法。
3.提出分布式的安全冗余存储策略。针对节点信任与信誉信息安全存储的特性要求,引入柯西编码理论对节点的信任和信誉信息文件进行多节点分布式安全冗余存储,使存储该信息的节点无法获知存储于本地的信息内容,避免存储节点对该信息的恶意更改,提高节点信任与信誉信息文件存储的安全性,使节点信任与信誉信息存储的有效性和安全性都得到增强。
With rapid prevalence of the application on unstructured and distributed peer-to-peer technology which is based on Gnutella protocol people have been enjoying it on the convenience of using resource-sharing. However, malicious nodes in P2P network can easily make use of this technology characteristic to modify or discard messages routed at will; personate hot information with vicious codes such as Trojan horse for other nodes download; forge a great many of bogus identities or unreachable messages to launch DDos attack aiming at some nodes or the whole network.
The cause of these problems stems from the initial design that the Gnutella P2P network assumes that peers have confidence in one another and resource-sharing among them is trustful and reliable. In fact, the trustful relationship among peers is unexistence so that the malicious behavior can be done by using this assumed trust relationship among peers. Consequently, it is important for peers in the network to construct a mechnisam of trust-and-reputation. The construction of trust-and-reputation mechanism among peers can provide a way of evaluation for choosing trustful peers and reliable resource-sharing. However, existing researches at this field have not made any acknowledged conclusion in the mass, and the focus on the mechanism is mainly studies and improvements of these trust-and-reputation models. That is to say, it is necessary for constructing secure P2P systems and extending P2P applications to research the trust-and-reputation mechanism among peers.
Analysis of peers' value of trust-and-reputation, the contents of trust-and-reputation mechanism for Gnutella P2P are proposed, which mainly deal with the value of the trust and reputation computing model, the secure transport and the policy of secure storage. Moreover, based on systemic studies for these above contents, a few novel achievements are obtained and listed as follows:
(1) A trust-and-reputation model based on the Markov process of describing the peers'. dynamic behavior is proposed. Moreover, according to the random characteristic of the peers' behavior process and ones' state results, a new-style trust and reputation model forecasting and reflecting the peers' dynamic behavior process is constructed.
(2) A partition and multi-path transmission protocol of the peers' trust-and-reputation value is proposed. Based on the analysis of the peers' trust and reputation value concerning their integrality during the process of transmission, the Shamir secret threshold scheme is introduced into the protocol. In the protocol transmission, the peers' trust and reputation value are divided into segments and then resented back through multi-path. The method is provided with a new substitute for. security transmission of the peers' trust-and-reputation value.
(3) A redundant secure storage policy of the peers' trust-and-reputation value is put forward. In the policy, according to the requirement of the peers' trust-and-reputation security storage, Cauchy code theory is introduced into the content of the peers' trust-and-reputation distribution and storage to build an algorithm of redundant code. Since segments distribution is held among trusted peers, and those fragments are scattered ones, storage nodes can make nearly no knowledge of the local conserving information. This way can excellently avoid malicious peers' modification on them so that the validity and security on storage of trust-and-reputation value are enhanced.
引文
[1] E K Lua, J Crowcrof. A Survey and Comparison of Peer-to-Peer Overlay Network Scheme.IEEE Communications Survey and Tutorial. 2004: 1-22
[2] D S Milojicic, V Kalogeraki. Peer-to-Peer Computing. HP Labs, Palo Alto, Tech Report:HPL-2002-57, 2002
[3] C Bram. Incentives Build Robustness in BitTorrent, http://bitconjure.org /bittorrent /documentation.html, 2003
[4] Oceanstore website, http://oceanstore.cs.berkeley.edu/
[5] Maze website, http://maze.tianwang.com
[6] SET@Home Website, http://setiathome.ssl.berkeley.edu
[7] A D Basheer, G Manimaran. Distributed Packet Pairing for Reflector Based DDoS Attack Mitigation. Computer Communications. 2006, Vol.29 (12): 2269-2280
[8] N Daswani, H Garcia-Molina. Query-Flood DoS Attacks in Gnutella, Proceedings of the 9th ACM Conference on Computer and Communications Security. 2002: 181-192
[9] Gnutella website, http://www.gnutella.com/
[10] M Ripeanu. Peer-to-Peer Architecture Case Study: Gnutella Network, University of Chicago echnical Report TR-2001-26
[11] S Dan, S Wallach. A Survey of Peer-to-Peer Security Issues. International Symposium on Software Security. 2002: 34-47
[12] Z Despotovic. P2P Reputation Management: Probabilistic Estimation vs. Social Networks. Computer Networks. 2006, Vol.50 (4): 485-500
[13] S Marsh. Formalising Trust as a Computational Concept Ph.D. Thesis. University of Stirling,1994
[14] I Stocia, R Morris, D. Karger. Chord: A Scalable Peer-to-Peer Lookup Service for Internet Application. Proceedings of ACM SIGCOMM. 2001: 141-152
[15] A Rowstron, P Druschel. Pastry: Scalable, Distributed Object Location and Routing for Large-Scale Peer-to-Peer System. ACM International Conference on Distributed System Platforms, Kluwer Academic Press. 2001: 329-350
[16] BY Zhao. Tapestry: A Resilient Global Scale Overlay for Service Deployment. IEEE Jounal on Selected Areas in Communications. 2004, Vol.22 (1) pp.41-53
[17]B Huberman. Free Riding on Gnutella. 2000, Vol.5 (10)
[18]F Giancarlo, R Wilma. Using P2P, GRID and Agent Technologies for the Development of Content Distribution Networks. Future Generation Computer Systems. 2008, Vol.24 (3):180-190
[19]J T Kim, H K Park, E H Pailk. Security Issues in Peer-to-Peer Systems. The 7th Intenational Conference on Advanced Communication Technology. 2005:1059-1063.
[20]X Z Yao, H Y Ping, L L Deng. A Multilevel Reputation System for Peer-to-Peer Networks. Grid and Cooperative Computing. 2007:67 - 74
[21]J Rushby, B Randell. A Distributed Secure System. IEEE Computer. 1983, Vol.16 (7): 55-67
[22]胡和平,黄保华,姚寒冰等.P2P环境下局部可信度的神经网络识别方法.小型微型计算机系统.2006,Vol.27(8):33-41
[23]唐文,陈钟.基于模糊集合理论的主观信任管理模型研究.软件学报,2004,14(8):1401-1408
[24]窦文,王怀民,贾焰等.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报.2004,Vol.15(4):571-583
[25]张骞,张霞,文学志,刘积仁等.Peer-to-Peer环境下多粒度Trust模型构造.软件学报.2006,Vol.17(1):96-107
[26]M Gupta, P Judge, M Ammar. A Reputation System for Peer-to-Peer Networks. Proceedings of the 13th International Workshop on Network and Operating Systems Support for Digital Audio and Video, ACM Press. 2003:144-152
[27]T Grandison, M Sloman. A Survey of Trust in Internet Application. IEEE Communications Surverys and Tutorials.2000, Vol.4 (4): 2-16
[28]E Damiani, S De Capitani di Vimercati, S. Paraboschi, P. Samarati. P2Prep: A Reputation-Based System for P2P Networks. IEEE Transactions on Knowledge and Data Engineering. 2003, Vol.15 (4): 840-854
[29]K W Lee, S Chari, A Shaikh, S Sambit, P C Cheng. Improving the Resilience of Content Distribution Networks to Large Scale Distributed Denial of Service Attacks. Computer Networks. 2007, Vol.51 (10): 2753-2770.
[30]R Chen, W Yeager. Poblano: A Distributed Trust Model for Peer-to-Peer Networks. Technical Report, TR-I4-02-08,Palo Alto:Sun Microsystems,2002
[31]K Lee, J Kim, K H Kwon, Y G Han, S Kim. DDoS Attack Detection Method Using Cluster Analysis. Expert Systems with Applications. 2008, Vol.34 (3): 62-69.
[32] A Rahman, S Hailes. Supporting Trust in Virtual Communities. Proceeding of the 33rd Hawaii International Conference on System Sciences. 2000: 567-572
[33] M Yang, M H Chen, B Y Zhao. Deployment of a Large-Scale Peer-to-Peer Social Network. Proceedings of WORLDS. 2004: 121-134
[34] T G Papaioannou, G D Stamoulis. Effective Use of Reputation in Peer-to-Peer Environments. Cluster Computing and the Grid. IEEE International Symposium. 2004: 1124-1136
[35] S Ratnasmy, P Francis, M Handley, S Karp. A Scalable Content-Address Network. Proceedings of the 2001 Conference on Application, Technologies, Architechtures and Protocols for Compter Communication, ACM Press. 2001: 161-172
[36] A Rahman. A Distributed Trust Model. Proceedings of the 1997 New Security Paradigms Workshop, ACM Press. 1997: 48-60
[37] P Dewan. Peer-to-Peer Reputations. Proceedings of the 18th International Parallel and Distributed Processing Symposium. 2004: 151-163
[38] Y Wang. Bayesian Network-Based Trust Model in Peer-to-Peer Networks. Proceedings of the 3rd Int'l Conf. on Peer-to-Peer Computing. IEEE Press. 2003: 23-34
[39] eBay website, www.ebay.com.
[40] Taobao website, http://www.taobao.com.
[41] E Damiani, De C Vimercati, S Paraboschi. A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. Proceedings of the 9th ACM Conference on Computer and Communications Security.ACM Press. 2002: 207-216
[42] B Sieka, D Ajay. On the Security of Polling Protocols in Peer-to-Peer Systems. Proceedings of the 4th Interantional Conference on Peer-to-Peer Computing. 2004: 241-249
[43] F Cornelli. Choosing Reputable Servents in a P2P Network. Proceedings for 17th International World Wide Web. 2002.7: 441-449
[44] M J Chantler, N Bonavita, T Kayser, K W Mathisen. PRIDE: An Integrated Architecture and Tool Set for Industrial Model-Based Diagnosis. Proceedings of the IEEE International Conference. 1998, Vol.2: 1041-1045
[45] S D Kamvar, M T Schlosser. EigenRep: Reputation Management in P2P Networks. Proceedings of the 12th World Wide Web Conference. 2003:123-134
[46] S Ratnasamy, S Shenker, I Stoica. Routing Algorithms for DHTs: Some Open Questions. First International Workshop on Peer-to-Peer Systems. 2003: 45-52
[47]Kazaa website, http://www.kazaalite.tk
[48]Sig2dat Specification. 2002. http://www.geocities.com/vlaibb/
[49]P Xu, J Gao, H Guo. Rating Reputation: A Necessary Consideration in Reputation Mechanism. Proceeding of International Conference on Machine Learning and Cybernetics. 2005:202-221
[50]PKI Charter.http://www.ietf.com.org/charters/pkix-charter.html. 2003.
[51]W Dou, H Wang, Y Jia, P A Zou. A Recommendation-Based Peer-to-Peer Trust Model. Journal of Software. 2004, Vol. 15 (4): 571-583
[52]edonkey website, http://www.donkey.org/
[53]P Dewan, P Dasgupta. Securing Reputation Data in Peer-to-Peer Networks. International Conference on Parallel and Distributed Computing and Systems. 2004:57-63
[54]L Lintao, Z Shu, D Kyung. R-Chain: a Self-Maintained Reputation Management System in P2P Networks. 17th International Conference on Parallel and Distributed Computing Systems. 2004: 131-136
[55]J Mirkovic, S Dietrich, D Dittrich, P Reiher. Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall. 2004.
[56]L Xiong, L Liu. Peertrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities. IEEE Transactions on Knowledge and Data Engineering. 2004, Vol. 16:843-857
[57]K Aberer, Z Despotovic. Managing Trust in a Peer-To-Peer Information System. Proceedings of the 10th International Conference on Information and Knowledge Management. 2001: 310-317
[58]M Li. Change Trend of Averaged Hurst Parameter of Traffic under DDOS Flood Attacks. Computers and Security. 2006, Vol.25 (3): 213-220
[59]G Thanasis, P George, D Stamoulis. Effective Use of Reputation in Peer-to-Peer Environments. IEEE International Symposium on Cluster Computing and the Grid. 2004:259-268
[60]X X Ma, Y Liu, F L Zhang, Z G Qin. The Markov-Based Evaluation on Trust and Reputation in Peer-to-Peer. Proceedings of Communications, Circuits and Systems. 2006: 552-1556
[61]K Mujtaba, P Dasgupta, K D Ryu. A Role-Based Trust Model for Peer-to-Peer Communities and Dynamic Coalitions. Proceedings of the Second IEEE International Information Assurance Workshop. 2006:672-701
[62]M Steven, Bellovin. Security Aspects of Napster and Gnutella. The 9th Usenix Security Symposium Presentation. 2000:967-972
[63]D Z Yazti, Exploiting the Security Weaknesses of the Gnutella Protocol, Course Project for Seminar in Computer Security at the University of California Riverside, Computer Science, 2002:67-78 [64] E Damiani. A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. Proceedings of the 9th ACM Conference on Computer and Communications Security. 2002:207-216.
[65] M Ripeanu, I Foster, A Iamnitchi. Mapping the Gnutella Network: Properties of Large-Scale Peer-to-Peer Systems and Implications for System Design. IEEE Internet Computing, 2002,6(1): 50-57.
[66] Y Liu, X Wang, X Li. Defending P2Ps from Overlay Flooding-Based DDoS. International Conference on Parallel Processing. 2007: 45-55
[67] L E Baum, T Petrie. Statistical Inference for Probabilistic Functions of Finite State Markov Chains. Ann. Math. Stat. 1966, Vol. 37: 1554-1563
[68] S Sen, J Wang. Analyzing Peer-to-peer Traffic Across Large Networks. Proceedings of ACM SIGCOMM Internet Measurement Workshop. 2002: 346-354
[69] L E Baum, J A Egon. An Inequality with Applications to Statistical Estimation for Probabilistic Functions of a Markov Process and to a Model for Ecology. Bull. Amer. Meteorol.Soc. 1976, Vol.73: 360-363
[70] Shamir Homepage, http://www.cs.tau.ac.il/~rshamir/
[71] N Saxena, G Tsudik, J Y Hyun. Threshold Cryptography in P2P and MANETs: The Case of Access Control. Computer Networks. 2007,Vol.51 (12): 3632-3649
[72] L E Baum. An Inequality and Associated Maximization Technique in Statistical Estimation for Probabilistic Functions of Markov Processed. 1972, Vol.3: 1-8
[73] S Chen, Y Tang, W L Du. Stateful DDoS Attacks and Targeted Filtering. Network and Computer Applications. 2007, Vol.30(3): 823-840
[74] L E Baum, G R Sell. Growth Functions for Transformations on Manifolds. Pac. J. Math. 1968, Vol.27: 211-227
[75] J Dinger, H Hartenstein. Defending the Sybil Attack in P2P Networks: Taxonomy, Challenges, . and a Proposal for Self-Registration. Proceedings of the First International Conference on Availability, Reliability and Security. 2006: 201-215
[76] A Cheng, E Friedman. Sybil Proof Reputation Mechanisms. Proceedings of the ACM SIGCOMM Workshop on Economics of Peer-to-Peer Systems. 2005: 34-47
[77] L E Baum, T Petrie, G Soules, N Weiss. A Maximization Technique Occurring in the Statistical Analysis of Probabilistic Function of Markov Chains. Ann. Math. Stat. 1970, Vol.41: 164-171
[78] B Xiao, W Chen, Y X He. An Autonomous Defense Against SYN Flooding Attacks: Detect and Throttle Attacks at the Victim Side Independently. Parallel and Distributed Computing. 2007, Vol.34: 23-29
[79] E Damiani, S D C Vimercati, S Paraboschi, P Samarati, F Violante. A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. Proceedings of 9th ACM Conference on Computer and Communications Security. 2002: 207-216
[80] S Lee, R Sherwood, B Bhattacharjee. Cooperative Peer Groups in NICE. IEEE Infocom. 2003, Vol.2: 272-1282
[81] M Feldman, M Lai, K I Stocia. Robust Incentive Techniques for Peer-to-Peer Networks. Proceedings of EC. 2004: 342-348
[82] B Matthias, D Thomas, P E Bernhard. Enhanced Internet Security by a Distributed Traffic Control Service Based on Traffic Ownership. Network and Computer Applications. 2007, Vol.30 (3): 841-857
[83] A Vasilios, Siris, I. Stavrakis. Provider-Based Deterministic Packet Marking Against Distributed DoS Attacks. Network and Computer Applications. 2007, Vol.30 (3): 858-876
[84] L Brumbaugh, L Campbell. Information Technology: Coding and Computing. 2005 Vol.2: 205-213
[85] G Fortino, C Mastroianni. Special Section: Enhancing Content Networks with P2P, Grid and Agent Technologies. Future Generation Computer Systems. 2008,Vol.24 (3): 177-179
[86] H C Hsiao, C T King. Tornado: Capability-Aware Peer-to-Peer Storage Networks, IEEE/ACM Int'l Parallel and Distributed Processing Symposium. 2003: 72-77
[87] N Bansod, A Malgi, K Byung. C J Mayo. MuON: Epidemic Based Mutual Anonymity in Unstructured P2P Networks. Computer Networks Press, Uncorrected Proof. 2007, Vol.5: 51-58
[88] 田敬, 代亚非. P2P 持久存储研究. 软件学报. 2007, Vol.18 (6): 1379-1399
[89] Reed-Solomon Code(RS). http://www.vocal.com
[90] E D Karnin, J W Greene, M E Hellman. On Secret Sharing Systems. IEEE Transactions on Information Theory. 1983, Vol.29 (1): 35-41
[91] M O Rabin. Efficient Dispersal of Information for Security, Load Balancing, and Fault Tolerance. The Association for Computing Machinery. 1989, Vol.36 (2):335-348
[92] J Blomer, M Karpinski, M Kalfane. An XOR-Based Erasure-Resilient Coding Scheme. Technical Report TR-95-048. International Computer Science Institute. 1995
[93] S P James. Optimizing Cauchy Reed-Solomon Codes for Fault-Tolerant Storage Applications.Technical Report CS-05-569 Deparment of Computer Science University of Tenessee. 2005, http://www.cs.utk.edu/~plank/plank/papers/cs-05-569.html
[94] The Gnutella Protocol Specification, http://www9.limewire.com/
[2] D S Milojicic, V Kalogeraki. Peer-to-Peer Computing. HP Labs, Palo Alto, Tech Report:HPL-2002-57, 2002
[3] C Bram. Incentives Build Robustness in BitTorrent, http://bitconjure.org /bittorrent /documentation.html, 2003
[4] Oceanstore website, http://oceanstore.cs.berkeley.edu/
[5] Maze website, http://maze.tianwang.com
[6] SET@Home Website, http://setiathome.ssl.berkeley.edu
[7] A D Basheer, G Manimaran. Distributed Packet Pairing for Reflector Based DDoS Attack Mitigation. Computer Communications. 2006, Vol.29 (12): 2269-2280
[8] N Daswani, H Garcia-Molina. Query-Flood DoS Attacks in Gnutella, Proceedings of the 9th ACM Conference on Computer and Communications Security. 2002: 181-192
[9] Gnutella website, http://www.gnutella.com/
[10] M Ripeanu. Peer-to-Peer Architecture Case Study: Gnutella Network, University of Chicago echnical Report TR-2001-26
[11] S Dan, S Wallach. A Survey of Peer-to-Peer Security Issues. International Symposium on Software Security. 2002: 34-47
[12] Z Despotovic. P2P Reputation Management: Probabilistic Estimation vs. Social Networks. Computer Networks. 2006, Vol.50 (4): 485-500
[13] S Marsh. Formalising Trust as a Computational Concept Ph.D. Thesis. University of Stirling,1994
[14] I Stocia, R Morris, D. Karger. Chord: A Scalable Peer-to-Peer Lookup Service for Internet Application. Proceedings of ACM SIGCOMM. 2001: 141-152
[15] A Rowstron, P Druschel. Pastry: Scalable, Distributed Object Location and Routing for Large-Scale Peer-to-Peer System. ACM International Conference on Distributed System Platforms, Kluwer Academic Press. 2001: 329-350
[16] BY Zhao. Tapestry: A Resilient Global Scale Overlay for Service Deployment. IEEE Jounal on Selected Areas in Communications. 2004, Vol.22 (1) pp.41-53
[17]B Huberman. Free Riding on Gnutella. 2000, Vol.5 (10)
[18]F Giancarlo, R Wilma. Using P2P, GRID and Agent Technologies for the Development of Content Distribution Networks. Future Generation Computer Systems. 2008, Vol.24 (3):180-190
[19]J T Kim, H K Park, E H Pailk. Security Issues in Peer-to-Peer Systems. The 7th Intenational Conference on Advanced Communication Technology. 2005:1059-1063.
[20]X Z Yao, H Y Ping, L L Deng. A Multilevel Reputation System for Peer-to-Peer Networks. Grid and Cooperative Computing. 2007:67 - 74
[21]J Rushby, B Randell. A Distributed Secure System. IEEE Computer. 1983, Vol.16 (7): 55-67
[22]胡和平,黄保华,姚寒冰等.P2P环境下局部可信度的神经网络识别方法.小型微型计算机系统.2006,Vol.27(8):33-41
[23]唐文,陈钟.基于模糊集合理论的主观信任管理模型研究.软件学报,2004,14(8):1401-1408
[24]窦文,王怀民,贾焰等.构造基于推荐的Peer-to-Peer环境下的Trust模型.软件学报.2004,Vol.15(4):571-583
[25]张骞,张霞,文学志,刘积仁等.Peer-to-Peer环境下多粒度Trust模型构造.软件学报.2006,Vol.17(1):96-107
[26]M Gupta, P Judge, M Ammar. A Reputation System for Peer-to-Peer Networks. Proceedings of the 13th International Workshop on Network and Operating Systems Support for Digital Audio and Video, ACM Press. 2003:144-152
[27]T Grandison, M Sloman. A Survey of Trust in Internet Application. IEEE Communications Surverys and Tutorials.2000, Vol.4 (4): 2-16
[28]E Damiani, S De Capitani di Vimercati, S. Paraboschi, P. Samarati. P2Prep: A Reputation-Based System for P2P Networks. IEEE Transactions on Knowledge and Data Engineering. 2003, Vol.15 (4): 840-854
[29]K W Lee, S Chari, A Shaikh, S Sambit, P C Cheng. Improving the Resilience of Content Distribution Networks to Large Scale Distributed Denial of Service Attacks. Computer Networks. 2007, Vol.51 (10): 2753-2770.
[30]R Chen, W Yeager. Poblano: A Distributed Trust Model for Peer-to-Peer Networks. Technical Report, TR-I4-02-08,Palo Alto:Sun Microsystems,2002
[31]K Lee, J Kim, K H Kwon, Y G Han, S Kim. DDoS Attack Detection Method Using Cluster Analysis. Expert Systems with Applications. 2008, Vol.34 (3): 62-69.
[32] A Rahman, S Hailes. Supporting Trust in Virtual Communities. Proceeding of the 33rd Hawaii International Conference on System Sciences. 2000: 567-572
[33] M Yang, M H Chen, B Y Zhao. Deployment of a Large-Scale Peer-to-Peer Social Network. Proceedings of WORLDS. 2004: 121-134
[34] T G Papaioannou, G D Stamoulis. Effective Use of Reputation in Peer-to-Peer Environments. Cluster Computing and the Grid. IEEE International Symposium. 2004: 1124-1136
[35] S Ratnasmy, P Francis, M Handley, S Karp. A Scalable Content-Address Network. Proceedings of the 2001 Conference on Application, Technologies, Architechtures and Protocols for Compter Communication, ACM Press. 2001: 161-172
[36] A Rahman. A Distributed Trust Model. Proceedings of the 1997 New Security Paradigms Workshop, ACM Press. 1997: 48-60
[37] P Dewan. Peer-to-Peer Reputations. Proceedings of the 18th International Parallel and Distributed Processing Symposium. 2004: 151-163
[38] Y Wang. Bayesian Network-Based Trust Model in Peer-to-Peer Networks. Proceedings of the 3rd Int'l Conf. on Peer-to-Peer Computing. IEEE Press. 2003: 23-34
[39] eBay website, www.ebay.com.
[40] Taobao website, http://www.taobao.com.
[41] E Damiani, De C Vimercati, S Paraboschi. A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. Proceedings of the 9th ACM Conference on Computer and Communications Security.ACM Press. 2002: 207-216
[42] B Sieka, D Ajay. On the Security of Polling Protocols in Peer-to-Peer Systems. Proceedings of the 4th Interantional Conference on Peer-to-Peer Computing. 2004: 241-249
[43] F Cornelli. Choosing Reputable Servents in a P2P Network. Proceedings for 17th International World Wide Web. 2002.7: 441-449
[44] M J Chantler, N Bonavita, T Kayser, K W Mathisen. PRIDE: An Integrated Architecture and Tool Set for Industrial Model-Based Diagnosis. Proceedings of the IEEE International Conference. 1998, Vol.2: 1041-1045
[45] S D Kamvar, M T Schlosser. EigenRep: Reputation Management in P2P Networks. Proceedings of the 12th World Wide Web Conference. 2003:123-134
[46] S Ratnasamy, S Shenker, I Stoica. Routing Algorithms for DHTs: Some Open Questions. First International Workshop on Peer-to-Peer Systems. 2003: 45-52
[47]Kazaa website, http://www.kazaalite.tk
[48]Sig2dat Specification. 2002. http://www.geocities.com/vlaibb/
[49]P Xu, J Gao, H Guo. Rating Reputation: A Necessary Consideration in Reputation Mechanism. Proceeding of International Conference on Machine Learning and Cybernetics. 2005:202-221
[50]PKI Charter.http://www.ietf.com.org/charters/pkix-charter.html. 2003.
[51]W Dou, H Wang, Y Jia, P A Zou. A Recommendation-Based Peer-to-Peer Trust Model. Journal of Software. 2004, Vol. 15 (4): 571-583
[52]edonkey website, http://www.donkey.org/
[53]P Dewan, P Dasgupta. Securing Reputation Data in Peer-to-Peer Networks. International Conference on Parallel and Distributed Computing and Systems. 2004:57-63
[54]L Lintao, Z Shu, D Kyung. R-Chain: a Self-Maintained Reputation Management System in P2P Networks. 17th International Conference on Parallel and Distributed Computing Systems. 2004: 131-136
[55]J Mirkovic, S Dietrich, D Dittrich, P Reiher. Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall. 2004.
[56]L Xiong, L Liu. Peertrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities. IEEE Transactions on Knowledge and Data Engineering. 2004, Vol. 16:843-857
[57]K Aberer, Z Despotovic. Managing Trust in a Peer-To-Peer Information System. Proceedings of the 10th International Conference on Information and Knowledge Management. 2001: 310-317
[58]M Li. Change Trend of Averaged Hurst Parameter of Traffic under DDOS Flood Attacks. Computers and Security. 2006, Vol.25 (3): 213-220
[59]G Thanasis, P George, D Stamoulis. Effective Use of Reputation in Peer-to-Peer Environments. IEEE International Symposium on Cluster Computing and the Grid. 2004:259-268
[60]X X Ma, Y Liu, F L Zhang, Z G Qin. The Markov-Based Evaluation on Trust and Reputation in Peer-to-Peer. Proceedings of Communications, Circuits and Systems. 2006: 552-1556
[61]K Mujtaba, P Dasgupta, K D Ryu. A Role-Based Trust Model for Peer-to-Peer Communities and Dynamic Coalitions. Proceedings of the Second IEEE International Information Assurance Workshop. 2006:672-701
[62]M Steven, Bellovin. Security Aspects of Napster and Gnutella. The 9th Usenix Security Symposium Presentation. 2000:967-972
[63]D Z Yazti, Exploiting the Security Weaknesses of the Gnutella Protocol, Course Project for Seminar in Computer Security at the University of California Riverside, Computer Science, 2002:67-78 [64] E Damiani. A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. Proceedings of the 9th ACM Conference on Computer and Communications Security. 2002:207-216.
[65] M Ripeanu, I Foster, A Iamnitchi. Mapping the Gnutella Network: Properties of Large-Scale Peer-to-Peer Systems and Implications for System Design. IEEE Internet Computing, 2002,6(1): 50-57.
[66] Y Liu, X Wang, X Li. Defending P2Ps from Overlay Flooding-Based DDoS. International Conference on Parallel Processing. 2007: 45-55
[67] L E Baum, T Petrie. Statistical Inference for Probabilistic Functions of Finite State Markov Chains. Ann. Math. Stat. 1966, Vol. 37: 1554-1563
[68] S Sen, J Wang. Analyzing Peer-to-peer Traffic Across Large Networks. Proceedings of ACM SIGCOMM Internet Measurement Workshop. 2002: 346-354
[69] L E Baum, J A Egon. An Inequality with Applications to Statistical Estimation for Probabilistic Functions of a Markov Process and to a Model for Ecology. Bull. Amer. Meteorol.Soc. 1976, Vol.73: 360-363
[70] Shamir Homepage, http://www.cs.tau.ac.il/~rshamir/
[71] N Saxena, G Tsudik, J Y Hyun. Threshold Cryptography in P2P and MANETs: The Case of Access Control. Computer Networks. 2007,Vol.51 (12): 3632-3649
[72] L E Baum. An Inequality and Associated Maximization Technique in Statistical Estimation for Probabilistic Functions of Markov Processed. 1972, Vol.3: 1-8
[73] S Chen, Y Tang, W L Du. Stateful DDoS Attacks and Targeted Filtering. Network and Computer Applications. 2007, Vol.30(3): 823-840
[74] L E Baum, G R Sell. Growth Functions for Transformations on Manifolds. Pac. J. Math. 1968, Vol.27: 211-227
[75] J Dinger, H Hartenstein. Defending the Sybil Attack in P2P Networks: Taxonomy, Challenges, . and a Proposal for Self-Registration. Proceedings of the First International Conference on Availability, Reliability and Security. 2006: 201-215
[76] A Cheng, E Friedman. Sybil Proof Reputation Mechanisms. Proceedings of the ACM SIGCOMM Workshop on Economics of Peer-to-Peer Systems. 2005: 34-47
[77] L E Baum, T Petrie, G Soules, N Weiss. A Maximization Technique Occurring in the Statistical Analysis of Probabilistic Function of Markov Chains. Ann. Math. Stat. 1970, Vol.41: 164-171
[78] B Xiao, W Chen, Y X He. An Autonomous Defense Against SYN Flooding Attacks: Detect and Throttle Attacks at the Victim Side Independently. Parallel and Distributed Computing. 2007, Vol.34: 23-29
[79] E Damiani, S D C Vimercati, S Paraboschi, P Samarati, F Violante. A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks. Proceedings of 9th ACM Conference on Computer and Communications Security. 2002: 207-216
[80] S Lee, R Sherwood, B Bhattacharjee. Cooperative Peer Groups in NICE. IEEE Infocom. 2003, Vol.2: 272-1282
[81] M Feldman, M Lai, K I Stocia. Robust Incentive Techniques for Peer-to-Peer Networks. Proceedings of EC. 2004: 342-348
[82] B Matthias, D Thomas, P E Bernhard. Enhanced Internet Security by a Distributed Traffic Control Service Based on Traffic Ownership. Network and Computer Applications. 2007, Vol.30 (3): 841-857
[83] A Vasilios, Siris, I. Stavrakis. Provider-Based Deterministic Packet Marking Against Distributed DoS Attacks. Network and Computer Applications. 2007, Vol.30 (3): 858-876
[84] L Brumbaugh, L Campbell. Information Technology: Coding and Computing. 2005 Vol.2: 205-213
[85] G Fortino, C Mastroianni. Special Section: Enhancing Content Networks with P2P, Grid and Agent Technologies. Future Generation Computer Systems. 2008,Vol.24 (3): 177-179
[86] H C Hsiao, C T King. Tornado: Capability-Aware Peer-to-Peer Storage Networks, IEEE/ACM Int'l Parallel and Distributed Processing Symposium. 2003: 72-77
[87] N Bansod, A Malgi, K Byung. C J Mayo. MuON: Epidemic Based Mutual Anonymity in Unstructured P2P Networks. Computer Networks Press, Uncorrected Proof. 2007, Vol.5: 51-58
[88] 田敬, 代亚非. P2P 持久存储研究. 软件学报. 2007, Vol.18 (6): 1379-1399
[89] Reed-Solomon Code(RS). http://www.vocal.com
[90] E D Karnin, J W Greene, M E Hellman. On Secret Sharing Systems. IEEE Transactions on Information Theory. 1983, Vol.29 (1): 35-41
[91] M O Rabin. Efficient Dispersal of Information for Security, Load Balancing, and Fault Tolerance. The Association for Computing Machinery. 1989, Vol.36 (2):335-348
[92] J Blomer, M Karpinski, M Kalfane. An XOR-Based Erasure-Resilient Coding Scheme. Technical Report TR-95-048. International Computer Science Institute. 1995
[93] S P James. Optimizing Cauchy Reed-Solomon Codes for Fault-Tolerant Storage Applications.Technical Report CS-05-569 Deparment of Computer Science University of Tenessee. 2005, http://www.cs.utk.edu/~plank/plank/papers/cs-05-569.html
[94] The Gnutella Protocol Specification, http://www9.limewire.com/