A phenotype reputation estimation function and its study of resilience to social attacks

https://doi.org/10.1016/j.jnca.2008.12.003Get rights and content

Abstract

A reputation function and associated reputation management system (RMS) seem to be at the heart of all online transactional activities that require trust. However, most of the first generation RMS used are yet very basic, ad hoc and often vulnerable to various attacks. In this research, we take a holistic approach to this interesting problem of RMS design. We propose a generalized set-theoretic phenotype reputation function where its specific components can be customized to meet the reputation requirements of wide variety of reputation assessment needs encountered in today's online activities. We show the construction of canonical classes of reputation functions built on this framework. We then analyze their attack tolerance against various socio-communal reputation attacks such as gang attacks, vendetta and Dr. Jekyll & Mr. Hyde.

Introduction

Reputation—a form of collective opinion about a subject by the community is part of a larger socio-cognitive mechanism (Winsborough et al., 2000) that has been shown to facilitate social transactions and to promote order in social systems. Trust and reputation are believed to be essential conditions for reciprocity, and consequently for social co-operation and collective action (Engert, 2006; Zacharia and Maes, 2000a, Zacharia and Maes, 2000b; Conte et al., 2002). Social scientists have long observed it to be especially important in explaining co-operation in social settings where institutions, social monitoring and control are distributed (Winsborough and Li, 2002).

Internet today is also seeing the emergence of distributed virtual communities (Khan and Shaikh, 2007). In the recent past like-minded people have started coming together to form virtual communities on the World Wide Web. The communities thus formed indulge in diverse cooperative activities ranging from simple friendly networking to ecommerce involving millions of dollars. Today's web is sprawling with online groups, ecommerce websites and peer-to-peer systems (Xiong and Liu, 2003). A large magnitude of data, information and money is daily changing hands. The basis of all these systems was a sense of community living and a mutual trust between its members. As a community grows, it becomes impossible for every member to have a direct relation with every other member. Thus, community members are exposed to the risk of dealing with people with whom they have had no prior experience and have no knowledge about their reputation. The situation becomes scarier when financial transactions are involved. This uncertainty problem can be addressed by developing strategies for establishing trust and designing a system that can assist peers in answering the question Can I trust him? Almost all the online communities—ranging from buyers, sellers, or auctioneers of e-commerce-sites, millions of peer-to-peer file sharers, to the brigade of editors in wiki-sites—all need a reputation function and a reputation management system (RMS) to help building trust. Online reputation is attached to all kinds of virtual and real objects, which are in some way dealt with in the Internet including movies, books, activities, services. In the real world, we notice that trust and reputation (Zacharia and Maes, 2000b) are related to each other. In the absence of direct experience in dealing with a person, normally a person tends to compute trust with serious consideration about the reputation of that person in the community. One instinctively avoids dealing with people having bad reputations. This kind of behavior is intrinsic to the way humans interact within and outside their community. Most reputation management systems proposed to-date utilize information such as community-based opinions about experience of peers gained from past transactions. However, a simplistic community-based reputation system that merely aggregates the positive and negative opinions that peers receive for their transaction and cannot accurately capture the reputation of a peer. It can also be compromised. Reputation carries serious economic implications. Falling reputation has caused massive economic damages to corporations. Social economists have identified that reputation capital is a strategic asset1 (Jacobs, 1961). Recently, online reputation has been shown to have financial implication even at individual level. An experiment on Ebay auction showed that a seller with higher reputation earned 7.6% for the same items in otherwise identical situation (Resnick et al., 2000). It seems online reputation will be increasingly high stack asset. In the corporate world there are too many examples where millions have been lost due to loss of reputation. Large stake holders will aggressively guard their online reputations. Also attempt will intensify to compromise it. A reasonable reputation system should be robust enough to absorb potential attacks and ensure that there is minimum or no permanent damage done to the reputation. Another desirable property for a reputation function is that it should be customizable to cater to the diverse estimation scenarios. People use different factors to evaluate reputation in various scenarios. While there is some degree of universality in the way these factors contribute to the evaluation of reputation across scenarios and communities but still there are sufficient variations.

Online reputation systems will play a significant role in the next evolution stages of the Internet/Web-based systems. In this backdrop, in this research we examine a generic framework for quantifying the reputation of a peer in any community-like environment. Our main goal is to have a generic system which is dynamic, customizable and stands its ground in face of different types of attack. We also provide a survey of potential attacks on various reputation functions. Then we present experimental evaluation of the behavior of the function when subjected to various attacks.

Section snippets

Related works

Although, the computer science community has used reputation only recently, but reputation has long been identified as a social mechanism behind social cooperation. Reputation has been observed as one of the fundamental instruments in building stable social order as early as sixteenth century in works. A very interesting work on reputation is by McElreath (2003), where it's role in the evolution of social conflict has been analytically modeled. Clausen (2004) shows how multiple identity-based

Reputation model based on transaction accounting

In this section, we present a social-transactional model of a generalized reputation management system framework. Our goal is to develop a reputation estimation function, which is generic and yet offers customization. It can mimic various models of local reputation estimation those are encountered in real life. This is followed by a discussion of the various factors that influencing the reputation of a peer and towards the end we present a mathematical formulation for quantifying reputation.

Socio-communal threats to the model

There are very few works that lists the possible attacks on a reputation function. Such as Marsh (1994) has shown in their work two types of attacks. Nevertheless, the stake of online reputation and transactions that depend on is dramatically increasing. Like its classical counterpart—online reputation system is also expected to face various forms of deliberate distortions.

Accordingly, in this work before the vulnerability analysis we will attempt to describe various attacks that are possible

Experimental evaluation

We have performed four sets of selected experiments to evaluate the behavior the proposed functions. Through these experiments, we demonstrate the impact on the reputation assessment in the face of different attacks. There will not be any kind of attacks on the “Memory Less Summation Function” and the “Fading Memory Averaging Function” since the opinion providers are the producers and they would not want to malign their product's reputation on purpose.

Resilience strategies

Naturally, full attack tolerance cannot be achieved just in estimation function. It will require an integrated approach involving other components of the online system—particularly involving identity management, authentication, and non-repudiation processes of the overall system. A good reputation function should help detection.

Through simulations we have shown the behavior of the functions under various attacks or attack signatures. The signature can provide important guidance towards the

Conclusions

We have presented a generic reputation function, which can be customized to be used in various reputation scenarios. We identified the core factors that can affect the reputation of an individual. In most of the other reputation functions, the core factors are static whereas in our function they can be changed according to the demands of the environment. Thus, we have a single function, which can serve in an ecommerce website or any online group activity or in a peer-to-peer system by just

References (21)

  • J.I. Khan et al.

    Computing in social networks with relationship Algebra

    Journal of Network and Computer Application

    (2008)
  • R. McElreath

    Reputation and the evolution of conflict

    Journal of Theoretical Biology

    (2003)
  • Burke R, Mobasher B, Williams C, Bhaumik R. Classification features for attack detection in collaborative recommender...
  • Clausen A. The cost of attack of PageRank. Honors thesis, UPENN. In: Proceedings of the International Conference on...
  • Conte et al.

    Reputation in artificial societies: social beliefs for social order

    (2002)
  • Ernesto Damiani et al.

    A reputation-based approach for choosing reliable resources in peer-to-peer networks

    (2002)
  • E. Damiani et al.

    Managing and sharing servents’ reputations in P2P systems

    IEEE Transactions on Data and Knowledge Engineering

    (2003)
  • Engert A. 2006. Norms, rationality, and communication: a reputation theory of social norms, University of...
  • Gupta M, Judge P, Ammar, M. A reputation system for peer-to-peer networks. In: ACM 13th international workshop on...
  • J. Jacobs

    The death and life of great American cities

    (1961)
There are more references available in the full text version of this article.

Cited by (0)

View full text