ABSTRACT
Reputation is a primary mechanism for trust management in decentralized systems. Many reputation-based trust functions have been proposed in the literature. However, picking the right trust function for a given decentralized system is a non-trivial task. One has to consider and balance a variety of factors, including computation and communication costs, scalability and resilience to manipulations by attackers. Although the former two are relatively easy to evaluate, the evaluation of resilience of trust functions is challenging. Most existing work bases evaluation on static attack models, which is unrealistic as it fails to reflect the adaptive nature of adversaries (who are often real human users rather than simple computing agents).
In this paper, we highlight the importance of the modeling of adaptive attackers when evaluating reputation-based trust functions, and propose an adaptive framework - called COMPARS - for the evaluation of resilience of reputation systems. Given the complexity of reputation systems, it is often difficult, if not impossible, to exactly derive the optimal strategy of an attacker. Therefore, COMPARS takes a practical approach that attempts to capture the reasoning process of an attacker as it decides its next action in a reputation system. Specifically, given a trust function and an attack goal, COMPARS generates an attack tree to estimate the possible outcomes of an attacker's action sequences up to certain points in the future. Through attack trees, COMPARS simulates the optimal attack strategy for a specific reputation function f, which will be used to evaluate the resilience of f. By doing so, COMPARS allows one to conduct a fair and consistent comparison of different reputation functions.
- R. Aringhieri, E. Damiani, S. D. C. D. Vimercati, S. Paraboschi, and P. Samarati. Fuzzy techniques for trust and reputation management in anonymous peer-to-peer systems. J. Am. Soc. Inf. Sci. Technol., 57(4):528--537, 2006. Google ScholarDigital Library
- P. Chandrasekaran and B. Esfandiari. A model for a testbed for evaluating reputation systems. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2011 IEEE 10th International Conference on, pages 296--303. IEEE, 2011. Google ScholarDigital Library
- A. Cheng and E. Friedman. Sybilproof reputation mechanisms. In Proceedings of the 2005 ACM SIGCOMM workshop on Economics of peer-to-peer systems, pages 128--132. ACM, 2005. Google ScholarDigital Library
- Z. Cheng and N. Hurley. Analysis of robustness in trust-based recommender systems. In Adaptivity, Personalization and Fusion of Heterogeneous Information, pages 114--121. LE CENTRE DE HAUTES ETUDES INTERNATIONALES D'INFORMATIQUE DOCUMENTAIRE, 2010. Google ScholarDigital Library
- M. Fan, Y. Tan, and A. B. Whinston. Evaluation and design of online cooperative feedback mechanisms for reputation management. IEEE Transactions on Knowledge and Data Engineering, 17:244--254, 2005. Google ScholarDigital Library
- J. Feng, Y. Zhang, S. Chen, and A. Fu. Rephi: A novel attack against p2p reputation systems. In Computer Communications Workshops (INFOCOM WKSHPS), 2011 IEEE Conference on, pages 1088--1092. IEEE, 2011.Google ScholarCross Ref
- K. K. Fullam, T. Klos, G. Muller, J. Sabater-Mir, K. S. Barber, and L. Vercouter. The agent reputation and trust (art) testbed. In Trust Management, pages 439--442. Springer, 2006. Google ScholarDigital Library
- C. J. Hazard and M. P. Singh. Reputation dynamics and convergence: A basis for evaluating reputation systems. 2009.Google Scholar
- K. Hoffman, D. Zage, and C. Nita-Rotaru. A survey of attack and defense techniques for reputation systems. ACM.Google Scholar
Index Terms
- COMPARS: toward an empirical approach for comparing the resilience of reputation systems
Recommendations
Reputation systems
In our increasingly interconnected world, the need for reputation is becoming more important as larger numbers of people and services interact online. Reputation is a tool to facilitate trust between entities, as it increases the efficiency and ...
Properties of Reputation Lag Attack Strategies
AAMAS '22: Proceedings of the 21st International Conference on Autonomous Agents and Multiagent SystemsThe trustors in a reputation system share trust-relevant information about trustees; their reputation. The presence of lag in the sharing mechanism can be exploited by malicious trustees to perform otherwise impermissible additional bad actions. This is ...
Poster: on trust evaluation with missing information in reputation systems
CCS '11: Proceedings of the 18th ACM conference on Computer and communications securityReputation plays a critical role in managing trust in decentralized systems. Quite a few reputation-based trust functions have been proposed in the literature for many different application domains. However, one cannot always obtain all information ...
Comments