Agenda
Motivation & Goals
Background
Bio-inspired trust models
Trust models simulator
Conclusions & future work
Security threats
Trust models taxonomy
Motivation• Internet and WWW have changed our lives
• Despite their several advantages, there are also many security risks
• Traditional security solutions are very effective but not always applicable
• Trust and reputation management has been proposed as an accurate alternative
• Oneself can make his/her own opinion about how trustworthy or reputable another member of the community is
• Increases the probability of a successful transaction while reducing the opportunities of being defrauded
• European Union supported this research field in several projects
Goals
• Analyse the current state of the art
• Identify possible deficiencies
• Design and suggest innovative and original alternatives
• Make an analysis of the intrinsic nature of these models
• Study those threats specifically applicable in these systems
• Develop a tool to implement trust and reputation models
• Survey some real and final scenarios
• Compare our alternatives with other representative models
• Propose and develop our own trust models
Background
Fuzzy BayesianBio-
inspiredAnalytic
AgentPATROL-F
AFRAS
MTrust
BNBTMAntRep
ATRM
ATSN
Sporas
Regret
P2PPATROL-F
PTM
BNBTM
PTM
RRS
AntRep
TDTM
DWTrust
TPOD
GroupRep
EigenTrust
Ad-hocPTM
RRSATRM
WSN RFSN
ATRM
DRBTS
ATSN
• Lack of mature bio-inspired approaches
• Lack of taxonomy analysis
• Lack of security threats study
• Lack of generic testing tools
Trust and Reputation Management in Distributed and Heterogeneous Systems
SimulatorSimulator
Bio-inspired Bio-inspired TRMTRM
Trust ModelsTrust ModelsTaxonomy Taxonomy
Security Security ThreatsThreats
Application Application ScenariosScenarios
Bio-inspired Trust and Reputation Models
SimulatorSimulator
Bio-inspired Bio-inspired TRMTRM
Trust ModelsTrust ModelsTaxonomy Taxonomy
Security Security ThreatsThreats
Application Application ScenariosScenarios
• TACSTACS• META-TACSMETA-TACS• BTRM-WSNBTRM-WSN
Ant Colony System
• Optimisation algorithm• Problems represented as graphs (like TSP)• Quite accurate and efficient
Stop condition
Ants transition Pheromone updating
Path quality evaluation
Reward/punish
TACS, Trust Model for P2P Networks
• Aimed to work in P2P networks• A client applies for a certain service• There are benevolent and malicious service providers• Ants find the most trustworthy server offering the requested service• Pheromone traces represent the credibility of finding such server
TACS, Trust Model for P2P Networks
• TACS adaptation• Pheromone updating
• Path quality evaluation
• Punishment
• Ants transition and stop condition
• Reward
• Experiments carried out• Over static networks• Over dynamic networks• Over oscillating networks
• Capability of managing multi-service networks• Sourceforge project
TACS, Trust Model for P2P Networks
Static networks Oscillating networksDynamic networks
META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm
• TACS had several parameters• Was it too complex?• Was it too dependent?
META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm
• Search for the optimal parameters configuration• Genetic algorithm CHC
META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm
• Not one unique optimal parameters configuration• Each parameter had a wide range of values• Demonstration of robustness against parameters initialisation
BTRM-WSN, Bio-inspired Trust and Reputation Model for Wireless Sensor Networks
• Application to WSNs• Enhancements with regard to TACS
• Several clients management• Enhanced pheromone updating• Enhanced punish & reward
• Two proposed models• Multi-service• Not multi-service
BTRM-WSN, Bio-inspired Trust and Reputation Model for Wireless Sensor Networks
• Experiments
Static Networks Dynamic Networks Oscillating Networks Collusion Networks
Accu
racy
Path
leng
th
Trust Models Taxonomy
SimulatorSimulator
Bio-inspired Bio-inspired TRMTRM
Trust ModelsTrust ModelsTaxonomyTaxonomy
Security Security ThreatsThreats
Application Application ScenariosScenarios
Trust Models Taxonomy
• Generic steps• Generic interfaces• Generic data structures
Trust Models Taxonomy
• 10 design advices• Anonymous recommendations• Higher weight to more recent transactions• Recommendations subjectivity• Redemption of past malicious entities• Opportunity to participate for benevolent newcomers• Avoid abuse of a high achieved reputation• Benevolent nodes should have more opportunities than newcomers• Different trust/reputation scores for different services• Take into account bandwidth, energy consumption, scalability...• Consider the importance or associated risk of a transaction
Trust Models Security Threats
SimulatorSimulator
Bio-inspired Bio-inspired TRMTRM
Trust ModelsTrust ModelsTaxonomyTaxonomy
Security Security ThreatsThreats
Application Application ScenariosScenarios
Trust Models Security Threats
Malicious collectives with camouflage• Resilience mostly depends on malicious peers behavioral patterns• Not always considered as a threat• Manage recommenders reliability• Keep a transactions history to detect and punish variable behavior
• Commonly neglected issue• Lack of a comprehensive
analysis• 9 studied threats
Malicious spies• Spies may achieve a high reputation• Manage recommenders reliability• More difficult to distinguish malicious
peers and malicious spies
Sybil attack• Underestimated but great risk• One single entity generates a disproportionate number of identities• Associate a cost to the generation of new identities
• Security threats taxonomy• Attack intent• Targets• Required knowledge• Cost• Algorithm dependence• Detectability
Trust Models Security Threats
• Tackling summary• EigenTrust• PeerTrust• BTRM-WSN• PowerTrust• ATSN• DWTrust
Simulator
SimulatorSimulator
Bio-inspired Bio-inspired TRMTRM
Trust ModelsTrust ModelsTaxonomyTaxonomy
Security Security ThreatsThreats
Application Application ScenariosScenarios
Simulator
• Generic tool• Easy to implement and add
new models• V0.4 includes 5 models
• BTRM-WSN• EigenTrust• PeerTrust• PowerTrust• LFTM
• Sourceforge project• + 2300 downloads
• World wide interest• Models comparison
Conclusions
• Distributed and heterogeneous systems are nowadays developing very quickly, leading to new unresolved security risks
• Trust and reputation management has been proposed in this PhD Thesis as an effective solution in certain environments
• Our original bio-inspired trust and reputation models have been proved to have a high performance, while solving some of the previous issues
• Taxonomy and design advices & security threats analysis might be quite helpful for future researchers
• Appealing field with much more to do
• Extensible and easy to use simulator, enabling models comparison
Future Work
• Ongoing work• Trust and reputation models comparison• Real scenarios
• Identity Management Systems• Wireless Sensors and Actuators Networks
• Fuzzy logic, fuzzy sets and linguistic labels
• Future work• Improve TRMSim-WSN
• New Trust & Reputation models• New security threats
• Vehicular-to-Vehicular (V2V)• Internet of Things (IoT)
Publications derived from the PhD Thesis
Publications derived from the PhD Thesis
1.Félix Gómez Mármol, Gregorio Martínez Pérez, “State of the art in trust and reputation models in P2P networks”, Handbook of Peer-to-Peer Networking, Eds: X. Shen, H. Yu, J. Buford, M. Akon, Publisher: Springer, ISBN: 978-0-387-09750-3, pp 761-784, 2010 http://dx.doi.org/10.1007/978-0-387-09751-0 26
• Book chapters
Publications derived from the PhD Thesis
1.Félix Gómez Mármol, Gregorio Martínez Pérez, Antonio F. Gómez Skarmeta, “TACS, a Trust Model for P2P Networks”, Wireless Personal Communications, vol. 51, no. 1, pp 153-164, 2009 http://dx.doi.org/10.1007/s11277-008-9596-9
2.Félix Gómez Mármol, Gregorio Martínez Pérez, Javier Gómez Marín-Blázquez, “META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm”, Intelligent Automation and Soft Computing (Autosoft) Journal, 2010 (in press)
3.Félix Gómez Mármol, Gregorio Martínez Pérez, “Providing Trust in Wireless Sensor Networks using a Bio-Inspired Technique”, Telecommunication Systems Journal, vol. 46, no. 2, 2010 (in press) http://dx.doi.org/10.1007/s11235-010-9281-7
• Journals with impact factor (included in the JCR)
1.Félix Gómez Mármol, Gregorio Martínez Pérez, "Providing Trust in Wireless Sensor Networks using a Bio-inspired Technique", Networking and Electronic Commerce Research Conference (NAEC 08), pp. 415-430, ISBN: 978-0-9820958-0-5, Lake Garda, Italy, 25-28 September 2008
• International conferences
Publications derived from the PhD Thesis
1.Félix Gómez Mármol, Gregorio Martínez Pérez, “Towards Pre-Standardization of Trust and Reputation Models for Distributed and Heterogeneous Systems”, Computer Standards & Interfaces, Special Issue on Information and Communications Security, Privacy and Trust: Standards and Regulations, vol. 32, no. 4, pp. 185-196, 2010 http://dx.doi.org/10.1016/j.csi.2010.01.003
• Journals with impact factor (included in the JCR)
Publications derived from the PhD Thesis
1.Félix Gómez Mármol, Gregorio Martínez Pérez, “Security Threats Scenarios in Trust and Reputation Models for Distributed Systems”, Elsevier Computers & Security, vol. 28, no. 7, pp. 545-556, 2009 http://dx.doi.org/10.1016/j.cose.2009.05.005
• Journals with impact factor (included in the JCR)
1.Félix Gómez Mármol, Gregorio Martínez Pérez, “TRMSim-WSN, Trust and Reputation Models Simulator for Wireless Sensor Networks”, IEEE International Conference on Communications (IEEE ICC 2009), Communication and Information Systems Security Symposium, Dresden, Germany, 14-18 June 2009 http://dx.doi.org/10.1109/ICC.2009.5199545
• International conferences
Publications derived from the PhD Thesis
1.Félix Gómez Mármol, Javier Gómez Marín-Blázquez, Gregorio Martínez Pérez, "Linguistic Fuzzy Logic Enhancement of a Trust Mechanism for Distributed Networks", Third IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-10), Bradford, UK, June 29-July 1, 2010
1.Félix Gómez Mármol, Gregorio Martínez Pérez, “Trust and Reputation Models Comparison”, submitted to Emerald Internet Research on the 16th of August, 2009
2.Félix Gómez Mármol, Joao Girao , Gregorio Martínez Pérez, “TRIMS, a Privacy-aware Trust and Reputation Model for Identity Management Systems”, submitted to Elsevier Computer Networks on the 15th of December, 2009 (currently in a 2nd revision)
3.Félix Gómez Mármol, Joao Girao , Gregorio Martínez Pérez, “Identity Management: In privacy we trust”, submitted to IEEE Internet Computing Magazine on the 15th of February, 2010
4.Félix Gómez Mármol, Christoph Sorge, Osman Ugus, Gregorio Martínez Pérez, “WSANRep, WSAN Reputation-Based Selection in Open Environments”, submitted to IEEE Wireless Communications Magazine on the 21st of January, 2010
• International conferences
• Journals with impact factor (included in the JCR), under review
Publications derived from the PhD Thesis
Publications derived from the PhD Thesis
•Summary• Book chapters: 1• Journals with impact factor: 9 (5 published and 4 under current review)• International conferences: 3• Open-source software projects protected with IPR: 2• Patent applications: 1
• Experiments carried out• Over static networks• Over dynamic networks• Over oscillating networks
• Capability of managing multi-service networks
TACS, Trust Model for P2P Networks
Static networks Oscillating networksDynamic networks
)ln()ln(
1.00.1
1.01.0
98.01 0
NANI
cs
NNNN
q
TACS, Trust Model for P2P Networks
1. Client C executes TACS in order to find the most trustworthy server S offering the service s2. TACS launches the ACS algorithm and ants modify the pheromone traces of the network3. TACS finishes, having selected the “optimum” path to server S'4. TACS informs the client C that the most trustworthy server found is S'5. Client C requests service s to the server S'6. Server S' provides service s' to the client C7. Client C evaluates his satisfaction with the received service s'8. If client C is not satisfied with the received service s', he punishes the server S' evaporating the pheromone of the
edges that lead from C to S'
Trust Models Taxonomy
• Anonymous recommendations• Hiding real-world identities behind pseudonyms• Cryptographically generated unique identifiers• Secure hardware modules
• Higher weight to more recent transactions
• Recommendations subjectivity
• Redemption of past malicious entities
Trust Models Taxonomy
• Opportunity to participate for benevolent newcomers
• Benevolent nodes should have more opportunities than newcomers
• Avoid abuse of a high achieved reputation
Trust Models Taxonomy
• Different trust/reputation scores for different services
• Take into account bandwidth, energy consumption, scalability...• Wireless Sensor Networks
• Consider the importance or associated risk of a transaction• Transaction importance Punish/Reward
Trust Models Security Threats
• Individual malicious peers• Simplest threat• Decrease trust in malicious peers
• Malicious collectives• Collusion is often an important risk• Manage recommenders reliability
• Malicious collectives with camouflage• Resilience mostly depends on malicious peers behavioral patterns• Not always considered as a threat• Manage recommenders reliability• Keep a transactions history to detect and punish variable behavior
Trust Models Security Threats
• Malicious spies• Spies may achieve a high reputation• Manage recommenders reliability• More difficult to distinguish malicious peers and malicious spies
• Sybil attack• Underestimated but great risk• One single entity generates a disproportionate number of identities• Associate a cost to the generation of new identities
• Man in the middle attack• Traditionally not associated with trust and reputation management• Authenticate each peer through cryptographic mechanisms• Solution not always feasible
Trust Models Security Threats
• Driving down the reputation of a reliable peer• A benevolent peer may be isolated forever• Manage recommenders reliability
• Partially malicious collectives• One peer might be benevolent providing a certain service, but malicious
provisioning a different service• Different trust scores for different services
• Malicious pre-trusted peers• Only applicable in some trust models• Not always easy to find peers to be pre-trusted• Dynamically select the set of pre-trusted peers
Trust models comparison
Static networks Dynamic networks
Oscillating networks Collusion networks
TRIMS, a Privacy-aware Trust and Reputation Model for Identity Management Systems
• Several domains• Users identity information exchange• Application of a reputation mechanism• Preservation of recommenders privacy
• WSC provides the requested service• WSP provides user identity information• IdPs act as recommendation aggregators
• Developed during 1st NEC internship• Led to an international patent
WSANRep, WSAN Reputation-Based Selection in Open Environments
• Mobile users looking for services• Several WSAN offering such services• Application of a reputation mechanism• Users form groups to preserve their privacy• FP acts as recommendations aggregator• One RP per group storing recommendations• Developed during 2nd NEC internship
Linguistic Fuzzy Logic Enhancement of a Trust Mechanism for Distributed Networks
• Fuzzy sets, fuzzy logic and linguistic labels
• Enhanced interpretability• Improved accuracy