P2PETrust: A novel distributed transaction history vector-based trust appraisal model for peer-to-peer e-commerce networks

,


INTRODUCTION
Peer-to-Peer (P2P) overlay network (Touch, 2001), which is self-organized and distributed, can make full use of the edge system entities in internet-scale to construct largescale cooperating and resource sharing environments.The P2P network can be classified into unstructured P2P and structured P2P in terms of the topology, and the structured P2P network is the third generation P2P network and more popularly used, while the unstructured P2P is the first and second generation.
With fast development in recent years, P2P electronic Sci.Res.Essays safer nodes for transactions, encouraging interactions between honest nodes and punishing or excluding malicious nodes.Nowadays, there has been a recent burst of interest on the topic of trust, due in part to the importance it plays in e-commerce applications.
Traditional trust model for E-commerce system is mainly based on trusted third-party such as central certification system, not suitable for P2P E-commerce system (Dou et al., 2004), for the P2P system is quiet distributed system.In a P2P E-commerce system, we should consider more aspects, including distributed data structure, distributed storage and distributed computing.
Based on some social network principles, this paper presents a new distributed trust model named P2PETrust (peer-to-peer E-commerce trust model).Similar to other trust models, we begin the study based on nodes' histories.The model has the following innovative features: It designs a transaction history vector and its distributed storage structure for P2P trust computing.This distributed method do not need additional topology but conforming to specific P2P topology which uses the P2PTrust.
Trust value can be calculated by a multi-dimensional factors, including time factor, transaction amount factor, and frequency factor and success rate, both in local and global environments.Especially, the transaction amount is based on value-amount which means the real value of the transaction amount calculated by the success rate, and the time factor is not simple linear to express the time's importance.
It presents three sub trust models.The basic one is local trust which has fast trust convergence, and global trust which is to resist single malicious behaviors is based on local trust.Correlation trust model is the product of global trust and nodes' history similarity, which can resist team malicious attacks.
In the remainder of the paper, we introduce some related works in the next section.Section 3 describes the transaction history vector for P2PETrust.Section 4 describes the local trust mechanism of P2PETrust while section 5 designs the computing method for global trust degree and section 6 describes the correlation trust model of P2PETrust.The simulations and results follow in section 7, with conclusions afterwards in section 8.

RELATED WORKS
Many researchers dedicated themselves to the P2P trust model.But what is trust?In social networks, trust has several connotations, the typical definition of trust follows the general intuition about trust and contains such elements as: (1) the willingness of one party (trustor) to be vulnerable to the actions of another party (trustee); (2) reasonable expectation (confidence) of the trustor that the trustee will behave in a way beneficial to the trustor; (3) risk of harm to the trustor if the trustee will not behave accordingly; (4) and the absence of trustor's enforcement or control over actions performed by the trustee (McKnight and Chervany, 1996).In 1990s, Marsh (1994) uses the definition by Gambetta (2000), which is commonly accepted in the literature: "…trust, (or symmetrically, distrust) is a particular level of the subjective probability with which an agent will perform a particular action, both before he can monitor such action (or independently of his capacity to monitor it) and in a context in which it affects his own action."Almost all of the related works on trust is based on the above definitions.
Trust is very important to a distributed P2P system.Many researchers do contributions to the P2P trustworthy issues (Aberer and Despotovic, 2001;Kamvar et al., 2003;Dou et al., 2004;Xiong and Liu, 2004;Jøsang et al., 2006;Jøsang and Bhuiyan, 2008;Wang and Wu, 2010;Jiang and Li, 2007;Li and Dai, 2010) in recent ten years.Aberer and Despotovic (2001) propose a complaintonly trust management method for a distributed P2P system, due to the lack of incentives for submitting feedbacks.The complaint-only trust metric works in very limited cases and is over-sensitive to the skewed distribution of the community and to several misbehaviors of the system.Although this mechanism has some limitations, it is the very early trust model for P2P Ecommerce.Kamvar et al. (2003) present the EigenTrust reputation system to compute a unique global trust in very distributed way.Such a global model does not need an administration center, but it is difficult to guarantee a fast and secure convergence when computing the global trust which also inspires this works.Dou et al. (2004) improve the EigenTrust in computing convergence and model security.However, there remain efficiency problems and its security mechanism is only from punishment and certification.Xiong and Liu (2004) proposed a PeerTrust model with three basic trust parameters and two adaptive factors in computing trust of peers, and then define a general trust metric to combine them.Jøsang et al. (2006) proposed a method for simplifying a complex network so that it can be expressed in a series of parallel network and then be computationally analyzed.This solution may lead to loss of trust information.An edge splitting method is proposed in their further works (Jøsang and Bhuiyan, 2008) to address this problem.But this method is valid only on a simple trust network.It may not be valid on a complex trust network.Wang and Wu (2010) proposed a multi-dimensional evidence-based trust management system with multitrusted paths (MeTrust for short) to conduct trust computation on any arbitrarily complex trusted graph.The trust computation in MeTrust is conducted at three tiers, namely, the node tier, the path tier, and the graph tier.It is an excellent trust model.But it does not provide distributed storage structure for P2P system.Jiang et al. (2007) presented a novel reputation-based trust mechanism for P2P e-commerce systems.In this mechanism, a peer has two kinds of reputations, namely local reputations and global reputations.To compute the local and global reputations precisely and to obtain stronger resistibility to attacks as well, many comprehensive factors in computing trust value are introduced in the mechanism.Anyway, this model is a comprehensive mechanism.However, its time factor is only linear to express the time's importance and there is no clear method to resist team malicious behaviors.Tan et al. (2009), presented a global trust model with correlation factor based on communication history.However, this mechanism has very simple history vector.Generally speaking, trust models above can be classified into two modes, one is local information based and one is global trust information based.The local trust of a peer relative to another peer is calculated in terms of the reference peer rating of the transaction between the two peers, whereas the global trust is computed based on all peers' rating of the transaction between them.Li and Dai (2010) have done a good job in concluding the trust models.

TRANSACTION HISTORY VECTOR
Topology of network could be described as a graph while V means vertices and E means the edges between vertices, such as topologies of computer network, social network and so on.A P2P overlay network belongs to a kind of G also; usually, we make an additional definition for it, that is , while the d means the participated degree of each network vertex.Of course, a P2P E-commerce system is one kind of P2P overlay networks.In our opinion, the participated degree in P2P E-commerce network could be considered as a trust vector and such network could be defined as . In order to define a relatively reasonable trust model for P2P E-commerce networks, we refer to some basic principles of social networks.
In social networks, we could judge a person is trustworthy or not by his social activities history.A person is more trustworthy when he gets more social activities especially successful business.And higher activity frequencies, better appraisals and more recent activities help more positive trustworthy to a person.
According to these factual principles from social networks, we define a social-like trust model for P2P Ecommerce network named P2PETrust (Peer-to-Peer Ebusiness Trust model) in this paper.First but most important, we need construct a transaction history vector named THVector (Transaction History Vector) for Tan et al. 3847 P2PETrust.In THVector, six factors are considered, including transaction time stamp, transaction frequency, successful transaction times, failed transaction times, transaction currency amount and transaction appraisal.The THVector can be formalized and defined as , that, t is the time stamp for the transaction, ϕ stands for frequency, s stands for successful times while f stands for failed ones, ω on behalf of the transaction amount and the φ means the user appraisals.This section will give more informative definition for the THVector and design the storage structure.

Basic definition
In the following definition, the symbol i or j stands for the node's identification in the P2P E-commerce system, and this symbol would be an integer number such as 1, 2, 3, and unique in one particular P2P business system.to stand for whether transaction occurs between nodes i and node j, and "true" means i have communicated with j (also means there exists history between i and j). to stand for the set of nodes who have ever both transacted with node i and node j.

Definition 4
Using S ij to stand for the successful transaction times between nodes i and j while F ij stands for the failed one between the two.
to represent the successful transaction rate between i and j from Obviously, the m ij λ is the success rate between i and j while m i λ means the total success rate of node i.

Using
to stand for the appraisal feedback for the m-th transaction between i and j.
Definition 7 to stand for the transaction frequency between nodes i and j up to the time , ( 0 ϕ ϕ to stand for the total transaction frequency of node i up to i m t .

Distributed storage structure for THvector
The P2P E-commerce system is a typical distributed system.So the transaction history of such a system should be distributed corresponding to the system topology.In P2PETrust, the THVector is a distributed vector and each transaction history data is stored in the corresponding node.All of the node's history vector could be combined into a whole transaction history vector.

Using
(m is a natural number) to store the time-related transaction data which node i trades with node j (m is the transaction ID, and max means the maximum transaction number for nodes i and j).Such data list also be called time database list (TimeDBList, TDL for short).
As we can see, The φ ω , and recorded the transaction history for node i to node j, including ID, transaction amount, appraisal and time stamp.We store the ) , ( j i TimeDBList in node i so that the transaction provider (node j) could not corrupt the history data.Figure 1 is a demonstration for ) , ( j i TimeDBList .

Definition 9
Using mdh-list(i) to store the transaction history of node I, and , each records the history between nodes i and j.Each node maintains such a list.Figure 2 shows an example.

P2PETRUST: LOCAL TRUST DEGREE COMPUTING
The local trust degree is the trust expectation of one node to another node according to the transaction history data between the two nodes.From the perspective of social networks, higher transaction frequency, more transaction amount and better appraisals will help the trust value between nodes.Meantime, elder transaction history should give lighter impact on the trust computing.Therefore, we discuss three factors for local trust firstly, including time factor, transaction amount factor and frequency factor.

Time factor
The more recent appraisals impact the trust deeper, that is: In this demonstration, about 4 nodes traded with node 1, and Figure 1 shows the TimeDBList(1,3).As shown, 5 transaction activities happened from node 1 to 3 with different trade amount and appraisals.Of course, if node 1 selects node 2 for transaction, the data list TimeDBList(1,2) will be stored on node 1 too.
Figure 2.This is a demonstration of mdh-list.As shown, the node 1 has ever traded with node {2, 3}, 5 times with node 3 and twice with node 2. Also, the success rate between node 1 and 3 is 80% while it is 100% between node 1 and 2. The related data lists were linked separately.
As a result, the time factor m tf is the area of ⊿ m (the shadow right triangle in Figure 3).Obviously, S⊿ m <S⊿ now .

Definition 10
Using ij m tf to represent the time factor of the m-th transaction of node i to node j. .

Transaction amount factor
In real social network, people think that larger transaction amount means better trust.At the same time, the transaction time is also very important to the amount factor.Suppose we have the same total trade amount in three transaction situation.Under the first situation, the biggest amount happened at the very early time; under the second condition, the biggest one happened in the middle time; and the biggest amount happened at the very current time in the third mode.Figure 4 shows these three kinds.
To be mentioned, we think the value of a transaction is relevant to the successful transaction rate ( Transaction Amount Transaction Amount

Transaction frequency factor
In real social network, higher transaction frequency has greater positive effect on the trust.

Definition 13
Using ij m f ϕ to represent the transaction frequency between nodes i and j.And:

Local trust degree and its storage
Based on the above analysis, the local trust degree can be defined easily.( ) However, in the above definition, the ij TL is a product by multiply five decimal fraction ranged between [0, 1] or [-1, 1].As a result, the ij TL modulus would be too small to be analyzed.In order to facilitate the computing and result analysis, we revise the definition of local trust degree by extracting the ij TL five times but remain the computing order and logic.The revised formula is: Now, the distributed storage for local trust degree should be discussed here.

Definition 15
Using TL-list(i) to store the local trust degree ij TL .And: and stored on node i.In P2PETrust, the TL-list could store all of the local trust information according to the specified P2P routing algorithm.Each node is responsible for its corresponding local trust information, and then all of the TL-list combines into a TL-list network.Figure 5 demonstrates the TL-list.

P2PETRUST: GLOBAL TRUST DEGREE
Local trust has some limitations on evaluating nodes' trust because of the computed history only comes from the related two nodes (nodes i and j) and could not avoid single malicious node's cheating or data attacking.For example, node may revise its history data or give false appraisal to a transaction.

Global trust factors
For the purpose of computing global trust degree, we need to consider impact factors as same as local trust, including global success rate, global frequency and global time factor.The former two factors have been defined in definitions 5(b) and 7(b), thus, the focus is on discussing global time factor.
Like the local time factor, we also use the right triangle (in time factor) to compute the global time factor.
(gf is shortcut for global time factor); we can compute the entire global time factor according to the method in time factor.

Definition 17
Using i j gf to stand for the global time factor, ranged between [0, 1], and:

Definition 16
Using i TG to express the global trust degree of node i, which is integrated by all of the local trust degrees from I i set (defined in definition 4). Figure 6 shows the distributed computing process of the global trust.
As we can see from Figure 6, we should design policy to calculate the global trust degree based on the local trust degrees.This policy should mean that the computing order should not affect the computing result.Iteration computing method and average value method could meet the policy's demand, and we use the latter in this paper.
Via average value method, the global trust degree is multiplied by three decimal fractions which are global success rate factor now i λ , global frequency factor i now ϕ and global time factor i j gf .Thus, to facilitate the computing and analysis, we amplify the result by extracting the result three times.Formula for global trust degree (ranged between [-1,1]) is: In the above formula, is the quantity of the nodes in i I .

CORRELATION TRUST DEGREE
Unlike the local trust degree, the global trust degree can avoid malicious behaviors from single node.However, it can not defend attacks from team malicious nodes that are cooperated with each other as a team.For example, the global trust degree could not recognize malicious team nodes' high appraisals to each other.Thus, a correlation trust degree is created.

Similarity factor
The correlation of appraisals by two different nodes is used to describe the associated extent of the specified two nodes via computing the history among these two nodes and their common third-party nodes.This situation is similar to social networks in judging a strange person.For example, A did not know B, but both share common friends {C, D}, then A can judge the correlation with B via his friends {C, D}.If the communicated history between A-{C, D} is similar to the history between B-{C, D}, then we say A and B have very similar correlation.
There are many methods to calculate the similarity between two items, such as cosine similarity, correlation similarity and adjusted cosine similarity (Deng et al., 2003;Benesty et al., 2008;Sarwar et al., 2001).
Cosine similarity is a measure of similarity between two vectors of n dimensions by finding the cosine of the angle between them, often used to compare documents in text mining.In addition, it is used to measure cohesion within clusters in the field of Data Mining.Given two vectors of attributes, A and B, the cosine similarity, θ, is represented using a dot product and magnitude as; Pearson's correlation coefficient is the most typical correlation similarity computing method, usually used in text data mining and information retrieval.The formula is; Where, ic R is the appraisal of node i, and i R is the average appraisal of node i to I ij .And jc R , j R have the similar meaning as i.Higher absolute value of sim(i, j) means high similarity.In P2PETrust, we calculate the similarity by TL-list.First but most important, converting the TL-list into a local trust degree matrix ε is a very small non-zero decimal.For example, 0.00001 or else, it is used to facilitate the nonhistory nodes' computing.And, nodes give themselves a full trust with 1.Then, Tan et al. 3853 ( ) The sim(i, j) ranged between [0, 1], and the similarity increases when the value sim(i,j) increased.Nevertheless, it would be error when the denominator in formula ( 11) is zero.We could not get the similarity at that time.Moreover, it would be trouble when nodes in ij I (which are the common third-party nodes) are so very rare that can not calculate the similarity.To solve these problems, we adjust the similarity formula and assume that sim(i, j) equals to zero when settable threshold value by user).The adjusted formula is:

Correlation trust degree
Correlation trust degree considers the histories similarity between nodes based on the global trust degree.

Definition 19
Using ij CorTG to stand for the correlation trust degree of node j which is evaluated by node i. And: degree is more objective than global trust degree.As can be imagined, the similarity between normal nodes and team malicious nodes would be very small for the common transaction histories would be less.

SIMULATIONS AND ANALYSIS
In order to verify the rightness of P2PETrust, we design a simulation platform by C# programming language, and simulate the P2P environment with multi processes and threads.Three kinds of nodes are designed. (

Simulation 1: Local trust degree of P2PETrust
The purpose of this simulation is to verify the validity of local trust factors, such as time stamp, transaction amount, frequency and appraisals.To facilitate the simulation, all of the tested nodes are generated by Class A.
Mark one node as 'A1' and another as 'A2', and compute the local trust degree both of A1 and A2.In the course of simulation, A1 is always doing transaction in high frequency and A2 is relatively lower.Meanwhile, A1 and A2 have the same transaction amount.Figure 7 shows the statistics result after cycles simulations.

Simulation 2: Global trust degree of P2PETrust
Here we simulate the transaction activities of a real P2P E-commerce system.Firstly, generate 200 A-nodes, 50 B-nodes and 100 C-nodes.Then put 2000 trusted file abstracts (with name, key words size and virtual price) on A-nodes, and put 1000 fake file abstracts on C-nodes, and put 500 fake file abstracts on B-nodes.Mark one of the A-nodes as 'A1', one of the B-nodes as 'B1' and one of the C-nodes as 'C1'.Initiating the simulation, all of the nodes transacts in a random P2P environment according to a random commerce demand lists.Observe the trends of global trust degrees of nodes A1, B1, and C1, shown in Figure 8.

Simulation 3: Correlation trust degree of P2PETrust
This simulation has same environment as the above  Figure 9.This is the simulation of similarity factor for correlation trust model of P2PETrust.As we can see from the chart, with the time going on, the similarity between A1-A2 was increasing rapidly while that of A1-C1 always stayed in a low level.It proved that the similarity factor is reasonable.simulation 2. In that environment, mark another node of class A as 'A2'.Initiate the simulation again to watch correlation trust degree between nodes A1 and A2, and also correlation trust degree between nodes A1 and C1.
Firstly, observe the similarities of A1 -A2 and A1 -C1. Figure 9 shows the result.Meanwhile, observe the correlation trust degree of A1 -A2 and that of A1 -C1. Figure 10  Figure 10.This is the simulation to test the correlation trust degree.In the results, A2 and C1 both had high global trust degree (TG(A2) and TG(C1)) because of the impact from team.However, the correlation trust degree of the two were quiet different because of the similarity factor.
A2) is increasing always but CorTG(A1,C1) is very low to zero even.Results showed that the correlation trust degree is objective, and can resist malicious behaviors from team malicious nodes.

Simulation 4: Comparing P2PETrust with other trust model
In this simulation, we compare the correlation trust degree model in P2PETrust model with EigenTrust (Kamvar et al., 2003), Jiang (Jiang and Li, 2007), NBRTrust (Tan et al., 2009) and random model.Assumed TotalCount is the total transaction times and BC_Count is the total transaction times with B-nodes or C-nodes which are malicious nodes.Then, the downloadresisting performance from malicious nodes could be described as TotalCount Count BC dr _ = . For example, a node from A-nodes has 100 transactions, and 20 transactions with B-nodes or C-nodes, then the download-resisting performance is dr = 20%.We do statistics of the download-resisting performance for these trust models.Figure 11 shows the results.
As we can see, the random model had the worst performance while P2PETrust had the best convergence.EigenTrust and Jiang had good convergences also but they could not resist team malicious nodes.This result proved the P2PETrust's rightness and is effective.nodes histories data to avoid team malicious nodes' behaviors.Simulations proved the rightness, and can resist single and team malicious nodes.However, it will be a long time to study the trust model for a distributed system.There are many problems waiting to be improved and solved.For examples, how to improve the distributed communication algorithms for P2P Trust model?How to use more trust principals of social networks for P2P Trust model?Can we compute the trust degree by transaction content in distributed networks?These problems will conduct our future work.

CONCLUSION
the time stamp of the m-th transaction activity between nodes i and j, especially, ij now t stands for the latest time stamp.b) Using i m t to represent the time stamp of the m-th transaction of transaction history of node i. especially, i t 0 represents the initialized time of node i and the set of nodes who have ever transacted with node i.
Figure1.In this demonstration, about 4 nodes traded with node 1, and Figure1shows the TimeDBList(1,3).As shown, 5 transaction activities happened from node 1 to 3 with different trade amount and appraisals.Of course, if node 1 selects node 2 for transaction, the data list TimeDBList(1,2) will be stored on node 1 too.

λ
is only 0.1, we think the value of this transaction is only 100 * 0.1 = $10.This policy can stimulate node's better service and better quality so as to improve the success rate.

Figure 3 .
Figure 3. Appoint the area of this right triangle is a unit 1, and the under leg is the time interval

Figure 4 .
Figure 4.It shows three kinds of transaction with biggest amount.We think the third one is most effective to trust because; it is the most recent one.
the local trust degree of node j Tan et al.

Figure 7 .
Figure7.This simulation is aiming to test the rightness of local trust degree.By the results obviously, A1 has more local trust degree than A2, since A1 higher frequency.The results confirm the definition of local trust, and prove that the local trust computing method of P2PETrust is valid and right.

Figure 11 .
Figure11.This is the simulation for download-resisting performances by comparing some typical trust models.
Distributed computing the global trust degree is based on local trust model.In order to compute the global trust degree of node 2, we collect local trust degrees of node 2 from nodes {1, 3, 5}, that is TL(1,2),TL(3,2)andTL(5,2).Then, calculate global trust degree of node 2.
latest time stamp in This simulation is to test the global trust degree in P2PETrust.From the results of three specific nodes A1, B1 and C1, As shown, the global trust degree of B1 decreased quickly while that of A1 and C1 both increased.It is owing to the fact that, B1 is 'single' while A1 (normal nodes) and C1 (team malicious node) has their own team.However, this result implies the global trust degree in P2PETrust could not resist team malicious behaviors although it can recognize the single malicious nodes.