Trust in the Virtual World
By: Sadegh Dorri Nogoorani
http://ce.sharif.edu/~dorri
1390/8/2 – 2011/10/24
(ISC Monthly Seminar)
In the Name of Allah
Who Knows on the Net...?
A notion of trust similar to
real world trust is
needed in the virtual
world…
Coordinating Agent
Interactions without
Strict Control
Mechanisms
Fig. by Peter Steiner (The New Yorker, 5 July 1993)
1390/8/2 - 2011/10/24 2Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Outline
ConceptsDefinitions and basic terminology
Trust and Reputation in ActionApplications
Attacks
Trust EnginesProbabilistic, logic, …
Trust in CROWDS
A detailed example
1390/8/2 - 2011/10/24 3Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
CONCEPTS
4
Trust (اعتماد)
Definition [CF10]The expectation/belief that…… trustee will perform actions designed to produce
positive results in the future for the trustor…… in situations of consistent perceived risk.
PropertiesSubjective, context dependent, asymmetric, transitive,
dynamic
CalculationStructural: organizational, category-membershipRelational: history-based, using trust transitivityCognitive: dispositional, trustee attributes
1390/8/2 - 2011/10/24 5Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Trust Scenario
Trustor(اعتمادگر)
Trustee(معتمد)
Direct Trust (اعتماد مستقیم)
Functional(عملکردی)
Referential(ارجاعی)
FunctionalFunctional
Indirect Trust (Inference)(استنتاج)اعتماد غیر مستقیم
1390/8/2 - 2011/10/24 6Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Recommenders (توصیه گران)
Reputation ( وجهه/شهرت )
Definition (Concise Oxford Dictionary)
A widespread belief that someone or something has a particular characteristic.
Common belief
Relationship with Trust
Trust is subjective and has more weight
“I trust you because of your good reputation”
“I trust you despite your bad reputation”
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 7
TRUST AND REPUTATIONIN ACTION
8
Aspects of a Trust System [HZN09]
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 9
Applications of Trust
Soft Security Mechanism againstLow quality services
Misrepresentation of services
Incorrect information
Fraud
OthersRecommender and filtering systems
TargetsContent, services, people
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 10
Attacks on a Trust-Based System
Self-Promotion
Falsely increase the trust on the attacker(s)
Whitewashing (الپوشانی)
Restoring the broken trust
Slandering (الغر کردن)
Falsely reduce the trust on other nodes
Other
Hybrid of the above attacks, DoS, …
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 11
Example: Reputation in a P2P System
● Nodes have no information about most others
● Fake or virus infected content
● Free riders
● Challenges
● Anonymity -> selfish users
● Highly distributed
● Unreliable network connections
● Partial information (in unstructured topologies)
● Untrustworthiness of storage peers
1390/8/2 - 2011/10/24 12Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Example: Email Filtering
● Blind delivery of messages
● In Jan.of 2008, 75% of Internet email was spam.
● Detecting spam after delivery wastes a lot of resources and is error-prone.
● KarmaNET [SXMW09]
● Messages are routed through social paths
● Trust is defined in three aspects:
– Routing (against free-riders)
– Forwarding (distinguish malicious nodes from careless forwarders)
– Initiation
● Bad messages penalize all related peers, so they (automatically) tune their behavior
1390/8/2 - 2011/10/24 13Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Example: Social Routing
● Blind routing
● Has inherent security problems such as DDoSand Spam
● No separation between routing addr. & identity
● Lack of msg. receiver control
● Solutions are not scalable and/or inefficient
● DSL [BYHW09]
● Messages are routed through social paths between sender and receiver, and based on the keywords describing the intention of the message.
1390/8/2 - 2011/10/24 14Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Example: Security and Privacy with Trust Probabilistic Security
Security is not definite in many cases
Hard-to-break security: birthday attack
Trust can be used to tune the desired security
Access control
User levels are determined using trust metrics (Advogato, StackExchange)
Hybrid security policy: super computer example
Privacy in Anonymity Networks
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 15
Other Applications
● News syndication
● Using trust in order to resolve contradictions in information
● Discard the statements from the least trusted sources
● Recommender systems
● To use trust in place of similarity
● Users are significantly more similar to their trusted peers than to the population as a whole
1390/8/2 - 2011/10/24 16Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
TRUST ENGINES
17
Simple Summation or Average of Ratings
● More advanced: weighted average
● Trustworthiness/reputation
● Age of the rating
● Distance between rating and current
score
1390/8/2 - 2011/10/24 18Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
i
ii
w
wr
Probabilistic Engines
Trust: Expected Probability of Success
Bayesian Approach [JI02]Use the Bayes rule to update p
HMM Approach [ElS10]Use a Hidden Markov Model to calculate p
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 19
},{ xxR
),,|Pr( ,,
1
,, tetr
tn
tetr
t
tetr
t
tetr
t OOxOp
][ ,, tetr
t
tetr
t pE
2
1
sr
r
Trust Inference
● Trust in an unknown peer can be
inferred according to paths in social
networks
● Strongest path
● Weighted paths
● BFS-like (TidalTrust)
● Probabilistic and Bayesian methods
● Subjective logic operators
1390/8/2 - 2011/10/24 20Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
Subjective Logic [JHP06]
1390/8/2 - 2011/10/24 21Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
),,,( audbA
B B
C
A
B
BA
C : B
C
A
B
BA
C
Other Engines
Fuzzy Inference Engines
Direct trust: multi-criteria decision making
Trust inference: fuzzy aggregation operators
Game Theoretic Approaches
Try to defend strategic attacks
Many Proposals: or ?
Evaluation: human-based vs. utility-based
Must be related to human notion of trust
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 22
A DETAILED EXAMPLETrust in CROWDS
23
The CROWDS Protocol [RR98]
Provides Anonymous Web TransactionsA user is either completely honest or dishonest
The originator passes the message to a randomly selected path of users to reach destination (the reverse for reply).
Probability of Forwarding1-pf: forward to the end server
pf: forward to a random user
Privacy (Anonymity) Level: Probable Innocence… the sender appears no more likely to be the
originator than to not be.
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 24
CROWDS + Trust
Extended Protocol [SEH10]The users may switch between honest and
dishonest.
Trust (reputation) info + forwarding policy
ti (in [0,1]): The Reputation of a UserRobustness of user i to becoming corrupt
(probability)
{q1,…,qn}: The Forwarding PolicyCommon to all users
qi: The probability of forwarding to user i
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 25
Anonymity in CROWDS + Trust
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 26
Guaranteeing Probable Innocence
Idea: adjust the forwarding policy according to reputation values
Solve the following system of linear inequalities to find the desired forwarding policy(ies):
2
1
Anonymity in CROWDS + Trust (cont.)
Example with Three Principles
The equations yield two solutions:
A possible choice:
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 27
Comparing with the Original CROWDS
Forwarding Policy of the original protocol:
Does not satisfy the innocence inequalities
Consequence:
If the users are partially honest, the CROWDS
may not provide probable innocence.
Trust information can be used to provide the required anonymity.
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 28
Conclusions
● Trust in the VW
● Translating social concepts to computational methods
● Many applications
● Sound mathematical basis
● Trust as a Soft Security Mechanism
● Access control
● Probabilistic security
● …
● A Long Way in Front!
1390/8/2 - 2011/10/24 29Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
THANKS!
More Info. on My Homepage:
http://ce.sharif.edu/~dorri
30
References[BYHW09] L. Banks, S. Ye, Y. Huang, and S. F. Wu, “Davis social links: integrating
social networks with internet routing,” in Proceedings of the 2007 Workshop on Large Scale Attack Defense (LSAD’07), New York, NY, USA, 2007, pp. 121–128.
[CF10] C. Castelfranchi and R. Falcone, Trust theory: a socio-cognitive and computational model. Chichester, West Sussex, England: Wiley, 2010.
[ElS10] E. ElSalamouny, “HMM-based trust model,” Revised Selected Papers of the 6th International Workshop on Formal Aspects in Security and Trust (FAST), Eindhoven, The Netherlands, Nov. 2009, vol. 5983, pp. 21-35, 2010.
[Gol06] J. Golbeck, “Trust on the World Wide Web: A Survey”, Foundation and Trends in Web Science, vol. 1, no. 2, pp. 131–197, 2006.
[HZN09] K. Hoffman, D. Zage, and C. Nita-Rotaru, “A survey of attack and defense techniques for reputation systems,” ACM Computing Surveys, vol. 42, no. 1, pp. 1-31, Dec. 2009.
[JHP06] A. Jøsang, R. Hayward, and S. Pope, “Trust network analysis with subjective logic,” in Proceedings of the 29th Australasian Computer Science Conference -Volume 48, Hobart, Australia, 2006, pp. 85-94.
[JI02] A. Jøsang and R. Ismail, “The Beta Reputation System,” in Proceedings of the 15th Bled Conference on Electronic Commerce, Bled, Slovenia, 2002.
1390/8/2 - 2011/10/24 31Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri)
References (cont’d)[SEH10] V. Sassone, E. ElSalamouny, and S. Hamadou, “Trust in Crowds:
Probabilistic Behaviour in Anonymity Protocols,” in Trustworthly Global Computing, vol. 6084, M. Wirsing, M. Hofmann, and A. Rauschmayer, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 88-102.
[SXMW09] M. Spear, Xiaoming Lu, N. Matloff, and S. F. Wu, “KarmaNET: Leveraging trusted social paths to create judicious forwarders,” in Proceedings of the 1st International Conference on Future Information Networks (ICFIN), Beinjin, China, 2009, pp. 218-223.
[RR98] M. K. Reiter and A. D. Rubin, “Crowds: anonymity for Web transactions,” ACM Transactions on Information Systems Security, vol. 1, no. 1, pp. 66–92, Nov. 1998.
1390/8/2 - 2011/10/24 Trust in the Virtual World - Sadegh Dorri N. (http://ce.sharif.edu/~dorri) 32