AAU Student Projects - visit Aalborg University's student projects portal
A master's thesis from Aalborg University
Book cover


Decentralised and Trustless User-Driven Rating Platform Resilient to Attacks

Author

Term

4. term

Education

Software, Master

Publication year

2018

Submitted on

Pages

57

Abstract

En stor del af informationen på internettet formidles af få store tjenesteudbydere, hvilket giver dem betydelig indflydelse på, hvordan indhold bliver tilgængeligt. Denne afhandling undersøger et alternativ: en decentral, brugerdrevet vurderingsplatform uden en central, betroet myndighed, hvor brugerne selv styrer, hvordan vurderingsdata gemmes og deles. Platformen gør det muligt for applikationer og fællesskaber at indbygge et vurderingssystem og tilbyder metoder til at vurdere, hvad der er relevant. Vi gennemgår de centrale udfordringer ved at udvikle et decentraliseret og trustless system—altså et system, der ikke kræver tillid til én aktør—til at håndtere vurderingsdata, og vi beskriver teknologier og tilgange, der kan adressere dem. Den vigtigste trussel er Sybil-angreb, hvor én aktør skaber mange falske identiteter for at manipulere vurderinger. For at afbøde dette foreslår vi at bruge proof-of-work, som kræver beregningsarbejde for at oprette eller offentliggøre vurderinger, så massemanipulation bliver dyr. En vurdering af modstandsdygtighed over for angreb peger på, at systemet er gennemførligt at implementere og drive, men at det kræver en ikke-triviel kombination af teknologier og omhyggelig implementering. Vi konkluderer, at en fuld implementering er nødvendig for at kunne evaluere systemets effektivitet.

A large share of online information is delivered through a few major service providers, giving them significant influence over what content people can access. This thesis explores an alternative: a decentralized, user-driven rating platform with no central trusted authority, where users control how rating data is stored and shared. The platform is intended to let applications and communities plug in a rating system and to offer ways to assess content relevance. We outline the key challenges in building a decentralized, trustless system—one that does not depend on a single trusted party—for managing rating data, and we review methods and technologies that could address them. The main threat is Sybil attacks, in which one actor creates many fake identities to skew ratings. To mitigate this, we propose using proof-of-work, which requires computational effort to create or publish ratings, making large-scale manipulation costly. Based on an evaluation of attack resilience, we argue the system is feasible to implement and operate, but it depends on a nontrivial mix of technologies and careful engineering. We conclude that a complete implementation is needed to evaluate the system’s effectiveness.

[This abstract was generated with the help of AI]

Documents

Download
View record in AAU Student Projects