Results 1 - 10
of
31
A Survey of Attack and Defense Techniques for Reputation Systems
"... Reputation systems provide mechanisms to produce a metric encapsulating reputation for a given domain for each identity within the system. These systems seek to generate an accurate assessment in the face of various factors including but not limited to unprecedented community size and potentially ad ..."
Abstract
-
Cited by 103 (3 self)
- Add to MetaCart
(Show Context)
Reputation systems provide mechanisms to produce a metric encapsulating reputation for a given domain for each identity within the system. These systems seek to generate an accurate assessment in the face of various factors including but not limited to unprecedented community size and potentially adversarial environments. We focus on attacks and defense mechanisms in reputation systems. We present an analysis framework that allows for general decomposition of existing reputation systems. We classify attacks against reputation systems by identifying which system components and design choices are the target of attacks. We survey defense mechanisms employed by existing reputation systems. Finally, we analyze several landmark systems in the peer-to-peer domain, characterizing their individual strengths and weaknesses. Our work contributes to understanding 1) which design components of reputation systems are most vulnerable, 2) what are the most appropriate defense mechanisms and 3) how these defense mechanisms can be integrated into existing or future reputation systems to make them resilient to attacks.
B-trust: Bayesian Trust Framework for Pervasive Computing
- in Proceedings of the 4th International Conference on Trust Management, LNCS
, 2006
"... Abstract. Without trust, pervasive devices cannot collaborate effectively, and without collaboration, the pervasive computing vision cannot be made a reality. Distributed trust frameworks may support trust and thus foster collaboration in an hostile pervasive computing environment. Existing framewor ..."
Abstract
-
Cited by 38 (8 self)
- Add to MetaCart
(Show Context)
Abstract. Without trust, pervasive devices cannot collaborate effectively, and without collaboration, the pervasive computing vision cannot be made a reality. Distributed trust frameworks may support trust and thus foster collaboration in an hostile pervasive computing environment. Existing frameworks deal with foundational properties of computational trust. We here propose a distributed trust framework that satisfies a broader range of properties. Our framework: (i) evolves trust based on a Bayesian formalization, whose trust metric is expressive, yet tractable; (ii) is lightweight; (iii) protects user anonymity, whilst being resistant to “Sybil attacks ” (and enhancing detection of two collusion attacks); (iv) integrates a risk-aware decision module. We evaluate the framework through four experiments. 1
Architectural Support for Trust Models in Decentralized Applications
- In Proceedings of the 28th International Conference on Software Engineering
, 2006
"... Decentralized applications are composed of distributed entities that directly interact with each other and make local autonomous decisions in the absence of a centralized coordinating authority. Such decentralized applications, where entities can join and leave the system at any time, are particular ..."
Abstract
-
Cited by 12 (4 self)
- Add to MetaCart
(Show Context)
Decentralized applications are composed of distributed entities that directly interact with each other and make local autonomous decisions in the absence of a centralized coordinating authority. Such decentralized applications, where entities can join and leave the system at any time, are particularly susceptible to the attacks of malicious entities. Each entity therefore requires protective measures to safeguard itself against these entities. Trust management solutions serve to provide effective protective measures against such malicious attacks. Trust relationships help an entity model and evaluate its confidence in other entities towards securing itself. Trust management is, thus, both an essential and intrinsic ingredient of decentralized applications. However, research in trust management has not focused on how trust models can be composed into a decentralized architecture. The PACE architectural style, described previously [21], provides structured and detailed guidance on the assimilation of trust models into a decentralized entity’s architecture. In this paper, we describe our experiments with incorporating four different reputation-based trust models into a decentralized application using the PACE architectural style. Our observations lead us to conclude that PACE not only provides an effective and easy way to integrate trust management into decentralized applications, but also facilitates reuse while supporting different types of trust models. Additionally, PACE serves as a suitable platform to aid the evaluation and comparison of trust models in a fixed setting towards providing a way to choose an appropriate model for the setting.
A decentralized recommendation system based on self-organizing partnerships
- In Networking
, 2006
"... Abstract. Small World patterns have been found in many social and natural networks, and even in Peer-to-Peer topologies. In this paper, we analyze File Sharing applications that aggregate virtual communities of users exchanging data. In these domains, it is possible to define overlaying structures t ..."
Abstract
-
Cited by 6 (4 self)
- Add to MetaCart
(Show Context)
Abstract. Small World patterns have been found in many social and natural networks, and even in Peer-to-Peer topologies. In this paper, we analyze File Sharing applications that aggregate virtual communities of users exchanging data. In these domains, it is possible to define overlaying structures that we call “Preference Networks ” that show self organized interest-based clusters. The relevance of this finding is augmented with the introduction of a proac-tive recommendation scheme that exploits this natural feature. The intuition behind this scheme is that a user would trust her network of “elective affini-ties ” more than anonymous and generic suggestions made by impersonal entities.
FairPeers: Efficient Profit Sharing in Fair Peer-to-Peer Market Places
, 2007
"... The technical impact of the Peer-to-Peer (P2P) paradigm on content distribution applications has been proved successful and efficient, when participants cooperation is achieved. Conversely, the business model is not clear: given a copy-protected object, its owner must be paid back for each transac ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
The technical impact of the Peer-to-Peer (P2P) paradigm on content distribution applications has been proved successful and efficient, when participants cooperation is achieved. Conversely, the business model is not clear: given a copy-protected object, its owner must be paid back for each transaction taking place from a provider to a receiver. The P2P paradigm assumes that a receiver turns into a provider, but it is questionable why she/he should provide properly the content, if the owner wants to be reimbursed. Actual systems introduce fairness, giving incentives (e.g., a differential service, like in BitTorrent) to altruistic peers, with the consequence that the owner of an object is economically damaged everyday. Hence, music and film industry sees P2P techniques as a hostile framework for distributing copy protected content for free: today’s answer of the industry is investing in DRM-based solutions, that are not interoperable between different devices and players. In this paper, we present FairPeers, a P2P market framework, that joins a straightforward intellectual property protection and a fair economic model by maintaining the efficiency typical of P2P file sharing systems. The study is completed with an exhaustive security analysis, and the description of a prototype implementation that shows that the P2P paradigm is mature enough to present to the broadest community new revenue models, simply using available tools and state-of-the-art techniques.
Decentralized virtual activities and technologies: A socio-technical perspective
, 2008
"... ..."
(Show Context)
SIFT: A Simulation Framework for Analyzing Decentralized Reputation-based Trust Models
, 2007
"... Abstract: Open decentralized applications are susceptible to the attacks of malicious entities. In such applications, each autonomous entity must adopt protective measures to safeguard itself. One set of such countermeasures are reputation-based trust management systems. However, designing these sys ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
(Show Context)
Abstract: Open decentralized applications are susceptible to the attacks of malicious entities. In such applications, each autonomous entity must adopt protective measures to safeguard itself. One set of such countermeasures are reputation-based trust management systems. However, designing these systems is arduous because the impact of factors introduced by decentralization on such systems is largely unknown. There is a lack of knowledge in existing literature that can guide the design of an appropriate trust solution. To address this shortcoming, we present a simulation-based framework called SIFT that allows a designer to explore and analyze the interplay of various trust and application settings. SIFT-based experiments with various trust and application settings have not only helped expose the pros and cons of different trust settings but also revealed several interesting insights that guide the selection and refinement of a set of trust settings for a given operating condition.
S.: A Data Privacy Service for Structured P2P Systems
- In: Mexican International Conference in Computer Science (ENC). México D.F
, 2009
"... Abstract—Online peer-to-peer (P2P) communities such as pro-fessional ones (e.g., medical or research) are becoming popular due to increasing needs on data sharing. P2P environments offer valuable characteristics but limited guarantees when sharing sensitive or confidential data. They can be consider ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Abstract—Online peer-to-peer (P2P) communities such as pro-fessional ones (e.g., medical or research) are becoming popular due to increasing needs on data sharing. P2P environments offer valuable characteristics but limited guarantees when sharing sensitive or confidential data. They can be considered as hostile because data can be accessed by everyone (by potentially un-trustworthy peers) and used for everything (e.g., for marketing or for activities against the owner’s preferences or ethics). In this paper we propose PriServ, a privacy service located on top of distributed hash table (DHT) based P2P systems which prevents data privacy violations. Based on data owner privacy preferences, PriServ uses Hippocratic database principles, takes into account which operations will be realized on shared data (e.g., read, write, disclosure) and uses reputation techniques to increase trust on peers. Several simulation results encourage our ideas and a prototype of PriServ is under development1. Keywords-Peer-to-peer; DHT; Data privacy; Purpose based access control; Trust;
R.: Reputation-based trust management in peer-to-peer systems: taxonomy and anatomy
- In: Handbook of Peer-to-Peer Networking
, 2010
"... Abstract Trust is required in file sharing peer-to-peer (P2P) systems to achieve bet-ter cooperation among peers and reduce malicious uploads. In reputation-based P2P systems, reputation is used to build trust among peers based on their past transac-tions and feedbacks from other peers. In these sys ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Abstract Trust is required in file sharing peer-to-peer (P2P) systems to achieve bet-ter cooperation among peers and reduce malicious uploads. In reputation-based P2P systems, reputation is used to build trust among peers based on their past transac-tions and feedbacks from other peers. In these systems, reputable peers will usually be selected to upload requested files, decreasing significantly malicious uploads in the system. This chapter surveys different reputation-based P2P systems. We will breakdown a typical reputation system into functional components. We will dis-cuss each component and present proposed solutions from the literature. Different reputation-based systems will be described and analyzed. Each system presents a particular perspective in addressing peers ’ reputation. 1
