On Tue, Jul 17, 2012 at 10:10 AM, Michael Rogers <[email protected]>wrote:
> I'm not sure that's true in the general case. For example, if the > collaborative filtering algorithm looks for "files rated highly by > peers that give similar ratings to mine" then the attacker can create > one Sybil for each legitimate peer that echoes the peer's ratings and > adds a high rating for virus.exe. The Sybils don't have to do any > useful work, just retrieve and publish ratings. Each legitimate peer > will find that its perfect "taste buddy" gives a high rating to virus.exe. > > Does the Cryptosphere prevent that sort of attack? The trust network is for peers (as identified by what will soon be an ECDSA key), not individual files. The trust function is a collaborative filtering algorithm such as Slope One or Singular Value Decomposition. The inputs to the trust function are BitCoin style peer-specific "long chain" files of a peer's transfer history that a given peer has collected through direct interaction. We might look for the following: success/failure and transfer rate. The first thing we do is build a sparse matrix of the similarity of all peers to all other peers in the system (let's assume Slope One is the algorithm for now). This is what we'll use for computing trust. Now we actually do the collaborative filtering calculation: we look for peers that are similar to ourself, by inputting our own transfer history and the sparse matrix we calculated in the previous step. The output should be peers similar to ourself: namely ones which experience a similar history of success/failures and similar transfer rates. With enough information, this should begin to reveal this like which peers are "closest" to us on the network (i.e. least bottlenecked by the network relative to us, not geographical closeness or closeness in the DHT) To be highly rated by such a function, the Sybil would have to pretend to be a normal peer long enough to establish behavioral data that might make it appear similar enough in its interactions that the collaborative filtering function might select it for use in the DHT or potentially storing files. -- Tony Arcieri
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
