Results 1 - 10
of
263
A survey of trust and reputation systems for online service provision
, 2005
"... Trust and reputation systems represent a significant trend in decision support for Internet mediated service provision. The basic idea is to collect information about potential service providers in order to select the most reliable and trustworthy provider of services and information and to avoid th ..."
Abstract
-
Cited by 631 (15 self)
- Add to MetaCart
(Show Context)
Trust and reputation systems represent a significant trend in decision support for Internet mediated service provision. The basic idea is to collect information about potential service providers in order to select the most reliable and trustworthy provider of services and information and to avoid the less trustworthy. A natural side effect is that it also provides an incentive for good behaviour and therefore tends to have a positive effect on market quality. Reputation systems can be called collaborative sanctioning systems to reflect their collaborative nature, and are related to collaborative filtering systems. Reputation systems are already being used in successful commercial online applications. There is also a rapidly growing literature around trust and reputation systems, but unfortunately this activity is not very coherent. The purpose of this paper is to give an overview of existing and proposed systems that can be used to derive measures of trust and reputation for Internet transactions, to analyse the current trends and developments in this area, and to propose a research agenda for trust and reputation systems.
SybilLimit: A nearoptimal social network defense against sybil attacks
- 2008 [Online]. Available: http://www.comp.nus.edu.sg/~yuhf/sybillimit-tr.pdf
"... Abstract—Open-access distributed systems such as peer-to-peer systems are particularly vulnerable to sybil attacks, where a malicious user creates multiple fake identities (called sybil nodes). Without a trusted central authority that can tie identities to real human beings, defending against sybil ..."
Abstract
-
Cited by 213 (7 self)
- Add to MetaCart
(Show Context)
Abstract—Open-access distributed systems such as peer-to-peer systems are particularly vulnerable to sybil attacks, where a malicious user creates multiple fake identities (called sybil nodes). Without a trusted central authority that can tie identities to real human beings, defending against sybil attacks is quite challenging. Among the small number of decentralized approaches, our recent SybilGuard protocol leverages a key insight on social networks to bound the number of sybil nodes accepted. Despite its promising direction, SybilGuard can allow a large number of sybil nodes to be accepted. Furthermore, SybilGuard assumes that social networks are fast-mixing, which has never been confirmed in the real world. This paper presents the novel SybilLimit protocol that leverages the same insight as SybilGuard, but offers dramatically improved and near-optimal guarantees. The number of sybil nodes accepted is reduced by a factor of 2 ( p n), or around 200 times in our experiments for a million-node system. We further prove that SybilLimit’s guarantee is at most a log n factor away from optimal when considering approaches based on fast-mixing social networks. Finally, based on three large-scale real-world social networks, we provide the first evidence that real-world social networks are indeed fast-mixing. This validates the fundamental assumption behind SybilLimit’s and SybilGuard’s approach. Index Terms—Social networks, sybil attack, sybil identities, SybilGuard, SybilLimit. I.
A Survey of Trust in Computer Science and the Semantic Web
, 2007
"... Trust is an integral component in many kinds of human interaction, allowing people to act under uncertainty and with the risk of negative consequences. For example, exchanging money for a service, giving access to your property, and choosing between conflicting sources of information all may utilize ..."
Abstract
-
Cited by 143 (3 self)
- Add to MetaCart
Trust is an integral component in many kinds of human interaction, allowing people to act under uncertainty and with the risk of negative consequences. For example, exchanging money for a service, giving access to your property, and choosing between conflicting sources of information all may utilize some form of trust. In computer science, trust is a widelyused term whose definition differs among researchers and application areas. Trust is an essential component of the vision for the Semantic Web, where both new problems and new applications of trust are being studied. This paper gives an overview of existing trust research in computer science and the Semantic Web.
TrustGuard: Countering Vulnerabilities in Reputation Management for Decentralized Overlay Networks
, 2005
"... Reputation systems have been popular in estimating the trustworthiness and predicting the future behavior of nodes in a large-scale distributed system where nodes may transact with one another without prior knowledge or experience. One of the fundamental challenges in distributed reputation manageme ..."
Abstract
-
Cited by 105 (6 self)
- Add to MetaCart
Reputation systems have been popular in estimating the trustworthiness and predicting the future behavior of nodes in a large-scale distributed system where nodes may transact with one another without prior knowledge or experience. One of the fundamental challenges in distributed reputation management is to understand vulnerabilities and develop mechanisms that can minimize the potential damages to a system by malicious nodes. In this paper, we identify three vulnerabilities that are detrimental to decentralized reputation management and propose TrustGuard -- safeguard framework for providing a highly dependable and yet efficient reputation system. First, we provide a dependable trust model and a set of formal methods to handle strategic malicious nodes that continuously change their behavior to gain unfair advantages in the system. Second, a transaction based reputation system must cope with the vulnerability that malicious nodes may misuse the system by flooding feedbacks with fake transactions. Third, but not least, we identify the importance of filtering out dishonest feedbacks when computing reputation-based trust of a node, including the feedbacks filed by malicious nodes through collusion. Our experiments show that, comparing with existing reputation systems, our framework is highly dependable and effective in countering malicious nodes regarding strategic oscillating behavior, flooding malevolent feedbacks with fake transactions, and dishonest feedbacks.
A Survey of Attack and Defense Techniques for Reputation Systems
"... Reputation systems provide mechanisms to produce a metric encapsulating reputation for a given domain for each identity within the system. These systems seek to generate an accurate assessment in the face of various factors including but not limited to unprecedented community size and potentially ad ..."
Abstract
-
Cited by 103 (3 self)
- Add to MetaCart
(Show Context)
Reputation systems provide mechanisms to produce a metric encapsulating reputation for a given domain for each identity within the system. These systems seek to generate an accurate assessment in the face of various factors including but not limited to unprecedented community size and potentially adversarial environments. We focus on attacks and defense mechanisms in reputation systems. We present an analysis framework that allows for general decomposition of existing reputation systems. We classify attacks against reputation systems by identifying which system components and design choices are the target of attacks. We survey defense mechanisms employed by existing reputation systems. Finally, we analyze several landmark systems in the peer-to-peer domain, characterizing their individual strengths and weaknesses. Our work contributes to understanding 1) which design components of reputation systems are most vulnerable, 2) what are the most appropriate defense mechanisms and 3) how these defense mechanisms can be integrated into existing or future reputation systems to make them resilient to attacks.
Experience with an object reputation system for peer-to-peer filesharing
- In USENIX NSDI
, 2006
"... 1 Introduction Establishing trust is a fundamental problem in distributedsystems. Peer-to-peer systems, in which service functionality is distributed across clients, eliminate the cen-tralized components that have traditionally functioned as de facto trust brokers, and consequently exacerbate trust- ..."
Abstract
-
Cited by 91 (0 self)
- Add to MetaCart
(Show Context)
1 Introduction Establishing trust is a fundamental problem in distributedsystems. Peer-to-peer systems, in which service functionality is distributed across clients, eliminate the cen-tralized components that have traditionally functioned as de facto trust brokers, and consequently exacerbate trust-related problems. When peers lack meaningful measures on which to base trust decisions, they end up receivingservices from untrustworthy peers, with e ffects that canrange from wasted resources on mislabeled content to
Limited Reputation Sharing in P2P Systems
- In ACM Conference on Electronic Commerce (EC’04
, 2004
"... Abstract — As the popularity of resource-sharing through peerto-peer networks increases, so does the threat of agents seeking to weaken the network by propagating bad information and services. This paper presents advantages and disadvantages of resource selection techniques based on peer reputation. ..."
Abstract
-
Cited by 80 (3 self)
- Add to MetaCart
(Show Context)
Abstract — As the popularity of resource-sharing through peerto-peer networks increases, so does the threat of agents seeking to weaken the network by propagating bad information and services. This paper presents advantages and disadvantages of resource selection techniques based on peer reputation. We evaluate the effect of limited reputation information sharing on the efficiency and load distribution of a peer-to-peer system. I.
A Reputation-based Trust Management System for P2P Networks
- In Proceedings of the 4th IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid 2004
, 2004
"... The open and anonymous nature of a P2P network makes it an ideal medium for attackers to spread malicious content. In this paper, we propose a reputation-based trust management system for P2P networks that aims to build confidence among the good members of the community and identify the malicious on ..."
Abstract
-
Cited by 51 (0 self)
- Add to MetaCart
(Show Context)
The open and anonymous nature of a P2P network makes it an ideal medium for attackers to spread malicious content. In this paper, we propose a reputation-based trust management system for P2P networks that aims to build confidence among the good members of the community and identify the malicious ones. The proposed system is simple and efficient in design and can be integrated into most first generation P2P systems easily. A diverse set of simulation experiments conducted to test the performance of the system show that it can be highly effective in preventing the spread of malicious content. The proposed system has other potential benefits as well, such as supporting the detection of free riders in a file sharing application.
Privacy-preserving sharing and correlation of security alerts
- In USENIX Security Symposium
, 2004
"... Shmatikov z SRI International ..."
(Show Context)
Fuzzy techniques for trust and reputation management in anonymous peer-to-peer systems
- Journal of the American Society for Information Science and Technology
, 2006
"... P2P applications are rapidly gaining acceptance among users of Internet-based services, especially because of their capability of exchanging resources while preserving the anonymity of both requestors and providers. However, concerns have been raised about the possibility that malicious users can ex ..."
Abstract
-
Cited by 41 (2 self)
- Add to MetaCart
P2P applications are rapidly gaining acceptance among users of Internet-based services, especially because of their capability of exchanging resources while preserving the anonymity of both requestors and providers. However, concerns have been raised about the possibility that malicious users can exploit the network to spread tampered-with resources (e.g., malicious programs and viruses). A considerable amount of research has then focused on the development of trust and reputation models in P2P networks. In this paper, we propose to use fuzzy techniques in the design of reputation systems based on collecting and aggregating peers ’ opinions. Fuzzy techniques are used in the evaluation and synthesis of all the opinions expressed by peers. The behavior of the proposed system is described by comparison with probabilistic approaches. 1
