Trust Management Against Risks In Peer To Peer E-Commerce

As the technology has been developing for the better, more organizations are using, or consider using the Internet for their daily activities. This increasing usage of online networks is due to increased bandwidth, low cost of hardware, and cheap provisioning of Internet connectivity. Peer-to-peer (P2P) systems which exist at the edge of the Internet have been widely applied in various applications, i.e., file transfer, file sharing, distributed computing, and voice over IP communications. The P2P network systems employ scalable mechanisms that allow anyone to offer content and services to system users online. Despite the rapid growth in the popularity of these online communities, the deployment of trust in P2P e-commerce remains an open challenge. The characteristics of these networks make them popular and vulnerable to risks, threats, and attacks from malicious or selfish peers, wishing to poison the system with corrupted data/services and worms.Many users are reluctant to transact any business, i.e., making payments using credit cards and other payment methods, filling their confidential information in the Internet for fear of risk. This has been due to issues users hear and read in reference to fraud cases and other threats. Many people have become victims of phishing, Sybil, collusion, and other forms of attacks which introduce many bogus and fake identities, as they make transactions. The relation between buyers and sellers has been constrained and deteriorating as time goes on, which necessitates dependency on trust.The fundamental issue forming the basis of the challenges in P2P e-commerce is to establish trust to address risk between the autonomous and unfamiliar entities. For consumers and small medium enterprises (SMEs) to embrace P2P e-commerce, there is a need of confidence in the trust of the online transactions. In this thesis, groups are formed based on the interest a peer has in products and services. Common similarity neighborhood is investigated based on the proximity of peers to others and their interest. Peers join a group by estimating the proximity of the group leader. For trust in P2P e-commerce, research deals with three levels of trust in the management, i.e., infrastructure, services, and communications. In this thesis we present a number of contributions.We propose a key generation approach, referred to as gkeying to generate six types of keys. The keys are used to secure recommendations among the peers to guarantee secrecy, integrity, and reliability. The proposed key generation is efficient in terms of communication cost, computation cost, and storage cost. For fast and efficient determination of whether trust evaluation is fit for transactions, we investigate how honest recommendations can be determined and validated for its suitability for trust in P2P e-commerce transactions. Further, we show how peers can be validated by considering the credibility of individual peers in different transactions.In addition, we investigate the vulnerabilities which exist in P2P e-commerce, i.e., threats, various attacks, and their defense mechanisms. Sybil attacks are the most common in P2P e-commerce. We identify, consolidate, and formulate a methodology to evaluate trust and defense ways to address risks and other threats in particular Sybil attacks. In this thesis, we propose the use of neighbor similarity trust to detect Sybil attacks referred to as SybilTrust. This thesis has investigated trust in P2P e-commerce transactions. Specific approaches for P2P e-commerce by which different types of trust can be established are investigated and new ways of addressing the risks and threats are found. The solutions will provide reliable security infrastructure for facilitating trust communications in P2P e-commerce infrastructures. We intend to implement SybilTrust within the context of peers in many groups.Finally, this thesis will be of benefit in a number of ways:first it will be a good step to utilize P2P networks in e-commerce applications. The P2P networks have always been used by Internet users for exchange of information and communications, second this thesis will be a starting point to address the risks, threats and attacks caused by malicious peers in P2P e-commerce at the edge of the Internet.