The fluidity of identity on-line and the unavailability of practical legal recourse make evaluating trust and risk in on-line markets both vital and difficult. Reputation systems have been proposed as one possible means of building trust among strangers by aggregating the experience of many users, and prove more-or-less effective in peer-to-peer marketplaces like eBay. However, the very attributes that make reputation systems helpful also make them a target for fraud. A good reputation is valuable, so some users may try to circumvent the system to gain a high reputation without effort. We look at two specific ways in which users attack reputation systems in peer-to-peer markets and discuss ways in which the damage can be mitigated.

We first address retaliatory negative feedback, where a user leaves a negative feedback for someone who complained about their behavior. We show that allowing retaliation can result in a reputation system that is incapable of identifying low-quality users and allows cheating to go unpunished. We then present EM-Trust, a system that is better able to estimate true user quality even with high levels of retaliation.

We next look at the issue of sybil attacks, where a single user creates a large collection of identities to increase his own reputation. We show that EigenTrust, a widely discussed algorithm that purports to resist similar collusion attacks, does not work against sybils. We then present Relative Rank, a transformation of EigenTrust that is both sybil resistant and better suited to peer-to-peer marketplaces. Finally, we discuss RAW, a variation of PageRank that offers additional guarantees of sybil-resistance.

We demonstrate that it is possible to design reputation systems that are as effective as existing non-robust ones at discriminating between honest and dishonest user behavior, and considerably less affected by common attacks against these systems.