Upload File

from weak online reputation metrics to standardized … weak online reputation metrics to...

  • Home
  • Documents
  • From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online
26
ITU Workshop on “Future Trust and Knowledge Infrastructure”, Phase 2 Geneva, Switzerland 1 July 2016 From weak online reputation metrics to standardized attack-resistant trust metrics Dr. Jean-Marc Seigneur President at Réputaction SAS, Chief Reputation Officer at GLOBCOIN Senior Lecturer and Research Manager at Medi@LAB, CUI ISS, G3S, University of Geneva Jean-Marc [email protected]

Upload: lecong

Post on 20-Mar-2018

227 views

Category:

Documents


3 download

Report

TRANSCRIPT

Page 1: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

ITUWorkshopon“FutureTrustandKnowledgeInfrastructure”,Phase2

Geneva,Switzerland1July2016

Fromweakonlinereputationmetricstostandardizedattack-resistanttrustmetrics

Dr.Jean-MarcSeigneurPresidentatRéputaction SAS,ChiefReputationOfficeratGLOBCOINSeniorLecturerandResearchManageratMedi@LAB,CUIISS,G3S,

[email protected]

Page 2: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Agenda• Introduction• Today’sWeakOnlineReputationMetrics• ComputationalTrustEngines• TowardsStandardizedAttack-ResistantTrustMetrics

• Conclusion• Q&A

Page 3: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Onlinereputationeconomy

• By2026,thankstoonlineratings– “amoresuccessfulhospitalityandleisuresectorhasthe

potentialtoaddanextra£2bntotheUKeconomywiththeimpactonthesector’slargesupplychaincontributingafurther£1.2bn.”[Barclays,2016]

Page 4: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Mainonlinee-reputation ratingsservices forthegeneral public

• Especiallyinthetourismindustry– Around60%ofthehotelratingsby2providersonly[TCIResearchFrench,2015]• Booking,whoseratingsareverifiedbecausebasedafterpaymenthasbeenmade,takingaround25%ofthenightcost

• TripAdvisor,whoseratingsarenotverified

• Somehow:eBay,Yelp,Klout,TrustPilot,TrustYou,FacebookReviews,GoogleReviews…

Page 5: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

RatingsforGoogleSEO

Page 6: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Amajorpitfall:trustinonlineratingsdecreases

• RepresentativesurveysofFrenchpeople– [Testntrust,2013]

• 89%trustonlineratingsin2010• 76%trustonlineratingsin2013

– [NielsenInstitute,2013]• 71%trustonlineratingsin2007• 51%trustonlineratingsin2013

Page 7: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Issuesofonlinereputationmetrics• eBay

– firsttoproposeanonline reputationsolution in1995– easierbecause

• centralized• focusedononecontextonly:onlineauctions• withrealmoneytransactionstraces

– Issues• same pointsforsuccessfully selling aFerrarioraUSBkey• changein2008:sellers cannot ratebuyers inorder to increase negative ratingsofsellers

• aggressivemarketing(Naymz/Visible.me spam,Reputation.comoveralarmingemails)

• resellingofprivatedatawithoutuserconsent(Rapleaf 1.0/Trustfuse)• difficultandincompletecollection,verificationandmanagementofratings• TripAdvisor

– Guiltyof falseratingsorsuccessfullyattacked• UK,2009:suedby2000hotelsassociation,changeofslogan“reviewsyoucantrust”to

“reviewsfromourcommunity”• France,2011:non-partnerhotelslistedasfullybookedevenifstillavailable inreal• Italy,2014and2015:

– feeof500kEurosbytheItaliananti-trustbodyduetounclearexplanationregardingthevalidityoftheirratings

– ghostrestaurantrankedasbestrestaurantofatouristiccity• Tunisia,2016:traveler's choiceawardgiventothehotelinTunisiawherean

Islamistterroristattackleft30Britishholidaymakersdeadlastsummer

Page 8: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

e-Reputationratingsmainaspects

• Ratingsverifiedornot• Closedoropenalgorithmsinordertoevaluatetheirattack-

resistancebytheresearchcommunity– securitybyobscurityisbelievedtobelesssecurebythe

researchcommunity• Open,restrictedornoAPItoaccess/managethem• Theirvisualizationordigitalrepresentation

– Quantitativeonly• Scaleofstarsbetween1to5…

– Qualitativeaswell• Needofautomatedlanguagesentiment analysis

Page 9: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Howtovisualizetrusteffectively?

• Trustvisualizationhasarealbusinessimpact:+8%pricepremium[Johnston,1996]

Page 10: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

TrustPlus• 2006to2012,decentralized,closedalgorithm,notverifiedratings,interestingtrustvisualization

Page 11: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

• Scorebetween0and100• Startedin2008– focusingone-reputationinfluence– boughtforaround100millions$in2014– closedalgorithm– basedondetectedevidencesuchasnumberoffollowers/fansandtheirownscoreengagementofposts

– knowntobeeasilyattackedduetotheeasysetupoffakeaccounts

Page 12: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

FakeAccounts,Clicks,RatingsandReviews

Page 13: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Agenda• Introduction• Today’sWeakOnlineReputationMetrics• ComputationalTrustEngines• TowardsStandardizedAttack-ResistantTrustMetrics

• Conclusion• Q&A

Page 14: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

ComputationalTrust• Oneofitsmaingoalistoachieveattack-resistanttrustmetrics• Atrustmetricconsistsofthedifferentcomputationsandcommunications

whicharecarriedoutbythetrustor(andhis/hernetwork)tocomputeatrustvalueinthetrustee

• Atrustvalueisthedigitalrepresentationofthetrustworthinessorleveloftrustintheentityunderconsiderationandisanon-enforceableestimateoftheentity’sfuturebehaviorinagivencontextbasedonpastevidence,mainly:– directobservations,– recommendations fromanidentified recommender,– reputationasanaggregatedvaluefromnotclearlyidentified recommender(s).

• 3maintypesoftrustareconsideredinsocialresearch:– interpersonal trust,– dispositional trust,– systemtrust.

• Interpersonaltrustiscrucialwhensystemtrustcannotbeenforced,forexample,intheubiquitouscomputingworldoftheInternetofThings(IoT).

[Seigneur,2005]

Page 15: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

McKnight&ChevernyTrustSocialModel

Page 16: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

TrustEngineandTrustMetricsAttacks

• Thetrustmetricsareattackedbymeansof:– Identityusurpationattacks– Identitymultiplicityattacks

• Douceur’sSybilAttackisthemostwell-known– Coalitionsofmotivateduserscomparedtootherlazyuserswhodonotrate

Trust Engine’s Security Perimeter

Decision-making

ER

VirtualIdentities

Trust ValueComputation

Risk Analysis

Decision

RequestEvidenceManager

EvidenceStore

Page 17: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

ResearchRepresentationsofTrustValues

[Marsh,2016]

[SECURE,2005]

[WangandVassileva,2003]

Page 18: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Agenda• Introduction• Today’sWeakOnlineReputationMetrics• ComputationalTrustEngines• TowardsStandardizedAttack-ResistantTrustMetrics

• Conclusion• Q&A

Page 19: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

RandomAttack

4 randomly attacked9 directly compromised20 not compromised

Page 20: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

NetworkTopologyEngineeredAttack

4 most connected attacked20 compromised9 not compromised

Page 21: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

TrustTransfer:Sybil-attackResistantTrustMetric

(100,2)

(60,5)(180,0)(90,3)

(48,1)

(70,0)(12,0) (12,0)

à (36,1)

(100,2)

(60,5)(180,0)(90,3)

(48,1)

(70,0)

(12,0)

12fakedeventsmayhavebeenintroducedinthenetwork

[Seigneur, 2005]

Page 22: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

TrustTransferExample

RecommenderSearchPolicy(RSP)

RecommendationPolicy(RP)

Thesearchforrecommendersmaybeextendedtocontactsofrecommenders.

?

Thetotalamountoftrusttransferredmaybesharedbetweenseveralrecommenders.

R

TS

10positiveoutcomesneeded

Start:R(22,2)

Start:S(32,2)

End:R(12,2)S(10,0)

End:S(22,2)

S(10)?T(10)?

YesYes

[Seigneur, 2005]

Page 23: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Conclusion

• Caremustbetakenwhenstandardizingtrustinordertonotdeceivetheusersandkeeptheirtrustinthetruststandard

• Attack-resistanttrustmetricsshouldbeopenandeasytobereviewedbytheresearchcommunity

• Ideally,themostattack-resistanttrustmetricsshouldbestandardized

Page 24: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Q&A

• Thanksforyourattention!• Jointhethe290+Trustcompcommunitymembers– http://www.trustcomp.org/group-mailing-list– ACMSACtrust/reputationTRECKtrackCFP• Deadline:15th September2016

[email protected]

Page 25: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online
Page 26: From weak online reputation metrics to standardized … weak online reputation metrics to standardized attack-resistant trust metrics ... • Q&A. Online reputation ... Issues of online

Safe Online Reputation

Redefining Reputation, Online

Online reputation - #elsoc13

Vertrieb & online reputation

New Metrics for Reputation Management in P2P Networks

Online Reputation Management - Future Point Of View...Online Reputation Management Steps Towards Managing Your Online Reputation Discussion of Online Reputation Management Step-by-step

New Metrics for Reputation Management in P2P Networksairweb.cse.lehigh.edu › 2007 › presentations › papers › donato.pdf · Reputation Management Metrics Donato et al. P2P

Sony - Online Reputation

Reputation Management - Monitor Your Online Reputation

Online PR & Online Reputation

Online Reputation @ BTO2010

Comparing and Evaluating Metrics for Reputation …sistemas-humano-computacionais.wdfiles.com/local--files...Comparing and Evaluating Metrics for Reputation Systems by Simulation Andreas

Online Reputation Management:

10. online reputation management - resources.quirk.bizresources.quirk.biz/ebookv2/CaseStudies/Quirk_10_ORM_CS.pdf · online reputation management › case study online reputation

Online identity & reputation

Online reputation management

Managing Online reputation

Reputation Local Traffic Metrics System PowerPoint

Klout online reputation

Local Reputation Advisor Online Reputation Smart Guide

Online Reputation

Online Reputation Attacks Against Companies: Response Strategies …media.straffordpub.com/products/online-reputation... · 2014-09-24 · Online Reputation Attacks Against Companies:

Online Reputation Management and Tinder, Recover Reputation

Tension between researchers' reputation driven metrics and ...knowescape.org/.../10/Altmetrics-workshop_pl_-V2.pdf · Tension between researchers' reputation driven metrics and the

Online PR & Online Reputation Management

Reputation Combat: Protecting Your Company's Online Reputation

Online reputation guide

Agbar in 2013 - Communication/Brand/PublicAffairs/Metrics/Reputation

Online Reputation Management - How To Manage Your Reputation Online

Online Reputation Management Workbook V2stockiexchange.com/.../Online-Reputation-Management... · This Online Reputation Management (ORM) Workbook provides basic instructions on kick

Online reputation tools