trust in the virtual world

Trust in the Virtual World

By: Sadegh Dorri Nogoorani

http://ce.sharif.edu/~dorri

1390/8/2 – 2011/10/24

(ISC Monthly Seminar)

In the Name of Allah

Who Knows on the Net...?

A notion of trust similar to

real world trust is

needed in the virtual

world…

Coordinating Agent

Interactions without

Strict Control

Mechanisms

Fig. by Peter Steiner (The New Yorker, 5 July 1993)

1390/8/2 - 2011/10/24 2Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)

Outline

ConceptsDefinitions and basic terminology

Trust and Reputation in ActionApplications

Attacks

Trust EnginesProbabilistic, logic, …

Trust in CROWDS

A detailed example


CONCEPTS

4

Trust (اعتماد)

Definition [CF10]The expectation/belief that…… trustee will perform actions designed to produce

positive results in the future for the trustor…… in situations of consistent perceived risk.

PropertiesSubjective, context dependent, asymmetric, transitive,

dynamic

CalculationStructural: organizational, category-membershipRelational: history-based, using trust transitivityCognitive: dispositional, trustee attributes


Trust Scenario

Trustor(اعتمادگر)

Trustee(معتمد)

Direct Trust (اعتماد مستقیم)

Functional(عملکردی)

Referential(ارجاعی)

FunctionalFunctional

Indirect Trust (Inference)(استنتاج)اعتماد غیر مستقیم


Recommenders (توصیه گران)

Reputation ( وجهه/شهرت )

Definition (Concise Oxford Dictionary)

A widespread belief that someone or something has a particular characteristic.

Common belief

Relationship with Trust

Trust is subjective and has more weight

“I trust you because of your good reputation”

“I trust you despite your bad reputation”

1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 7

TRUST AND REPUTATIONIN ACTION

8

Aspects of a Trust System [HZN09]


Applications of Trust

Soft Security Mechanism againstLow quality services

Misrepresentation of services

Incorrect information

Fraud

OthersRecommender and filtering systems

TargetsContent, services, people


Attacks on a Trust-Based System

Self-Promotion

Falsely increase the trust on the attacker(s)

Whitewashing (الپوشانی)

Restoring the broken trust

Slandering (الغر کردن)

Falsely reduce the trust on other nodes

Other

Hybrid of the above attacks, DoS, …


Example: Reputation in a P2P System

● Nodes have no information about most others

● Fake or virus infected content

● Free riders

● Challenges

● Anonymity -> selfish users

● Highly distributed

● Unreliable network connections

● Partial information (in unstructured topologies)

● Untrustworthiness of storage peers


Example: Email Filtering

● Blind delivery of messages

● In Jan.of 2008, 75% of Internet email was spam.

● Detecting spam after delivery wastes a lot of resources and is error-prone.

● KarmaNET [SXMW09]

● Messages are routed through social paths

● Trust is defined in three aspects:

– Routing (against free-riders)

– Forwarding (distinguish malicious nodes from careless forwarders)

– Initiation

● Bad messages penalize all related peers, so they (automatically) tune their behavior


Example: Social Routing

● Blind routing

● Has inherent security problems such as DDoSand Spam

● No separation between routing addr. & identity

● Lack of msg. receiver control

● Solutions are not scalable and/or inefficient

● DSL [BYHW09]

● Messages are routed through social paths between sender and receiver, and based on the keywords describing the intention of the message.


Example: Security and Privacy with Trust Probabilistic Security

Security is not definite in many cases

Hard-to-break security: birthday attack

Trust can be used to tune the desired security

Access control

User levels are determined using trust metrics (Advogato, StackExchange)

Hybrid security policy: super computer example

Privacy in Anonymity Networks


Other Applications

● News syndication

● Using trust in order to resolve contradictions in information

● Discard the statements from the least trusted sources

● Recommender systems

● To use trust in place of similarity

● Users are significantly more similar to their trusted peers than to the population as a whole


TRUST ENGINES

17

Simple Summation or Average of Ratings

● More advanced: weighted average

● Trustworthiness/reputation

● Age of the rating

● Distance between rating and current

score


i

ii

w

wr

Probabilistic Engines

Trust: Expected Probability of Success

Bayesian Approach [JI02]Use the Bayes rule to update p

HMM Approach [ElS10]Use a Hidden Markov Model to calculate p


},{ xxR

),,|Pr( ,,

1

,, tetr

tn

tetr

t

tetr

t

tetr

t OOxOp

][ ,, tetr

t

tetr

t pE

2

1

sr

r

Trust Inference

● Trust in an unknown peer can be

inferred according to paths in social

networks

● Strongest path

● Weighted paths

● BFS-like (TidalTrust)

● Probabilistic and Bayesian methods

● Subjective logic operators


Subjective Logic [JHP06]


),,,( audbA

B B

C

A

B

BA

C : B

C

A

B

BA

C

Other Engines

Fuzzy Inference Engines

Direct trust: multi-criteria decision making

Trust inference: fuzzy aggregation operators

Game Theoretic Approaches

Try to defend strategic attacks

Many Proposals: or ?

Evaluation: human-based vs. utility-based

Must be related to human notion of trust


A DETAILED EXAMPLETrust in CROWDS

23

The CROWDS Protocol [RR98]

Provides Anonymous Web TransactionsA user is either completely honest or dishonest

The originator passes the message to a randomly selected path of users to reach destination (the reverse for reply).

Probability of Forwarding1-pf: forward to the end server

pf: forward to a random user

Privacy (Anonymity) Level: Probable Innocence… the sender appears no more likely to be the

originator than to not be.


CROWDS + Trust

Extended Protocol [SEH10]The users may switch between honest and

dishonest.

Trust (reputation) info + forwarding policy

ti (in [0,1]): The Reputation of a UserRobustness of user i to becoming corrupt

(probability)

{q1,…,qn}: The Forwarding PolicyCommon to all users

qi: The probability of forwarding to user i


Anonymity in CROWDS + Trust


Guaranteeing Probable Innocence

Idea: adjust the forwarding policy according to reputation values

Solve the following system of linear inequalities to find the desired forwarding policy(ies):

2

1

Anonymity in CROWDS + Trust (cont.)

Example with Three Principles

The equations yield two solutions:

A possible choice:


Comparing with the Original CROWDS

Forwarding Policy of the original protocol:

Does not satisfy the innocence inequalities

Consequence:

If the users are partially honest, the CROWDS

may not provide probable innocence.

Trust information can be used to provide the required anonymity.


Conclusions

● Trust in the VW

● Translating social concepts to computational methods

● Many applications

● Sound mathematical basis

● Trust as a Soft Security Mechanism

● Access control

● Probabilistic security

● …

● A Long Way in Front!


THANKS!

More Info. on My Homepage:

http://ce.sharif.edu/~dorri

30

References[BYHW09] L. Banks, S. Ye, Y. Huang, and S. F. Wu, “Davis social links: integrating

social networks with internet routing,” in Proceedings of the 2007 Workshop on Large Scale Attack Defense (LSAD’07), New York, NY, USA, 2007, pp. 121–128.

[CF10] C. Castelfranchi and R. Falcone, Trust theory: a socio-cognitive and computational model. Chichester, West Sussex, England: Wiley, 2010.

[ElS10] E. ElSalamouny, “HMM-based trust model,” Revised Selected Papers of the 6th International Workshop on Formal Aspects in Security and Trust (FAST), Eindhoven, The Netherlands, Nov. 2009, vol. 5983, pp. 21-35, 2010.

[Gol06] J. Golbeck, “Trust on the World Wide Web: A Survey”, Foundation and Trends in Web Science, vol. 1, no. 2, pp. 131–197, 2006.

[HZN09] K. Hoffman, D. Zage, and C. Nita-Rotaru, “A survey of attack and defense techniques for reputation systems,” ACM Computing Surveys, vol. 42, no. 1, pp. 1-31, Dec. 2009.

[JHP06] A. Jøsang, R. Hayward, and S. Pope, “Trust network analysis with subjective logic,” in Proceedings of the 29th Australasian Computer Science Conference -Volume 48, Hobart, Australia, 2006, pp. 85-94.

[JI02] A. Jøsang and R. Ismail, “The Beta Reputation System,” in Proceedings of the 15th Bled Conference on Electronic Commerce, Bled, Slovenia, 2002.


References (cont’d)[SEH10] V. Sassone, E. ElSalamouny, and S. Hamadou, “Trust in Crowds:

Probabilistic Behaviour in Anonymity Protocols,” in Trustworthly Global Computing, vol. 6084, M. Wirsing, M. Hofmann, and A. Rauschmayer, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 88-102.

[SXMW09] M. Spear, Xiaoming Lu, N. Matloff, and S. F. Wu, “KarmaNET: Leveraging trusted social paths to create judicious forwarders,” in Proceedings of the 1st International Conference on Future Information Networks (ICFIN), Beinjin, China, 2009, pp. 218-223.

[RR98] M. K. Reiter and A. D. Rubin, “Crowds: anonymity for Web transactions,” ACM Transactions on Information Systems Security, vol. 1, no. 1, pp. 66–92, Nov. 1998.


trust in the virtual world

Engineering