Trust models for mobile content-sharing applications

Using recent technologies such as Bluetooth, mobile users can share digital content (e.g., photos, videos) with other users in proximity. However, to reduce the cognitive load on mobile users, it is important that only appropriate content is stored and presented to them. This dissertation examines the feasibility of having mobile users filter out irrelevant content by running trust models. A trust model is a piece of software that keeps track of which devices are trusted (for sending quality content) and which are not. Unfortunately, existing trust models are not fit for purpose. Specifically, they lack the ability to: (1) reason about ratings other than binary ratings in a formal way; (2) rely on the trustworthiness of stored third-party recommendations; (3) aggregate recommendations to make accurate predictions of whom to trust; and (4) reason across categories without resorting to ontologies that are shared by all users in the system. We overcome these shortcomings by designing and evaluating algorithms and protocols with which portable devices are able automatically to maintain information about the reputability of sources of content and to learn from each other’s recommendations. More specifically, our contributions are: 1. An algorithm that formally reasons on generic (not necessarily binary) ratings using Bayes’ theorem. 2. A set of security protocols with which devices store ratings in (local) tamper-evident tables and are able to check the integrity of those tables through a gossiping protocol. 3. An algorithm that arranges recommendations in a “Web of Trust” and that makes predictions of trustworthiness that are more accurate than existing approaches by using graph-based learning. 4. An algorithm that learns the similarity between any two categories by extracting similarities between the two categories’ ratings rather than by requiring a universal ontology. It does so automatically by using Singular Value Decomposition. We combine these algorithms and protocols and, using real-world mobility and social network data, we evaluate the effectiveness of our proposal in allowing mobile users to select reputable sources of content. We further examine the feasibility of implementing our proposal on current mobile phones by examining the storage and computational overhead it entails. We conclude that our proposal is both feasible to implement and performs better across a range of parameters than a number of current alternatives.

[1]  S Hailes,et al.  Using Recommendations for Managing Trust in Distributed Systems , 1997 .

[2]  R. Hardin The Street-Level Epistemology of Trust , 1992 .

[3]  Bruce Schneier,et al.  Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[4]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[5]  Elaine B. Barker,et al.  Recommendation for key management: , 2019 .

[6]  S. Hailes,et al.  Risk Aware Decision Framework for Trusted Mobile Interactions , 2005 .

[7]  M. Hansen,et al.  Participatory Sensing , 2019, Internet of Things.

[8]  Sulabh Agarwal,et al.  MoB: a mobile bazaar for wide-area wireless services , 2005, MobiCom '05.

[9]  C. R. Frisch,et al.  Six Memos for the Next Millennium. , 1988 .

[10]  Liam McNamara,et al.  Media sharing based on colocation prediction in urban transport , 2008, MobiCom '08.

[11]  Albert-László Barabási,et al.  Linked - how everything is connected to everything else and what it means for business, science, and everyday life , 2003 .

[12]  Srdjan Capkun,et al.  Mobility helps security in ad hoc networks , 2003, MobiHoc '03.

[13]  Vipul Gupta,et al.  Sizzle: a standards-based end-to-end security architecture for the embedded Internet , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[14]  Peter Szolovits,et al.  Ratings in Distributed Systems: A Bayesian Approach , 2002 .

[15]  Howard Rheingold,et al.  Smart Mobs: The Next Social Revolution , 2002 .

[16]  Gueorgi Kossinets,et al.  Empirical Analysis of an Evolving Social Network , 2006, Science.

[17]  Clifford Stein,et al.  Introduction to Algorithms, 2nd edition. , 2001 .

[18]  Albert-László Barabási,et al.  Error and attack tolerance of complex networks , 2000, Nature.

[19]  Johann Großschädl,et al.  A Survey of Public-Key Cryptography on J2ME-Enabled Mobile Devices , 2004, ISCIS.

[20]  H. Simon Rational Decision Making in Business Organizations , 1978 .

[21]  Michael Kaminsky,et al.  SybilGuard: Defending Against Sybil Attacks via Social Networks , 2008, IEEE/ACM Transactions on Networking.

[22]  Vladimiro Sassone,et al.  A formal model for trust in dynamic networks , 2003, First International Conference onSoftware Engineering and Formal Methods, 2003.Proceedings..

[23]  Christophe Diot,et al.  Impact of Human Mobility on Opportunistic Forwarding Algorithms , 2007, IEEE Transactions on Mobile Computing.

[24]  Daniele Quercia,et al.  MobiRate: making mobile raters stick to their word , 2008, UbiComp.

[25]  Eric Paulos,et al.  The familiar stranger: anxiety, comfort, and play in public places , 2004, CHI.

[26]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[27]  Patrick Wambacq,et al.  Fully adaptive SVD-based noise removal for robust speech recognition , 1999, EUROSPEECH.

[28]  J. Berger Statistical Decision Theory and Bayesian Analysis , 1988 .

[29]  Russ B. Altman,et al.  Missing value estimation methods for DNA microarrays , 2001, Bioinform..

[30]  Joanna L. Y. Ho,et al.  Judgment and Decision Making in Project Continuation: A Study of Students as Surrogates for Experienced Managers , 2004 .

[31]  Michael A. Malcolm,et al.  Computer methods for mathematical computations , 1977 .

[32]  Scott Shenker,et al.  Attested append-only memory: making adversaries stick to their word , 2007, SOSP.

[33]  Stephen Hailes,et al.  MATE: Mobility and Adaptation with Trust and Expected-utility , 2006 .

[34]  Daniele Quercia,et al.  B-Trust: Bayesian Trust Framework for Pervasive Computing , 2006, iTrust.

[35]  Christopher M. Bishop,et al.  Pattern Recognition and Machine Learning (Information Science and Statistics) , 2006 .

[36]  Andrew W. Moore,et al.  Reinforcement Learning: A Survey , 1996, J. Artif. Intell. Res..

[37]  Kurt Rothermel,et al.  Architecture and Algorithms for a Distributed Reputation System , 2003, iTrust.

[38]  Zhu Han,et al.  Defense of trust management vulnerabilities in distributed networks , 2008, IEEE Communications Magazine.

[39]  M. F.,et al.  Bibliography , 1985, Experimental Gerontology.

[40]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[41]  S. Buchegger,et al.  A Robust Reputation System for P2P and Mobile Ad-hoc Networks , 2004 .

[42]  Ramanathan V. Guha,et al.  Propagation of trust and distrust , 2004, WWW '04.

[43]  J. Tenenbaum,et al.  Optimal Predictions in Everyday Cognition , 2006, Psychological science.

[44]  B. Bontempi,et al.  Time-dependent reorganization of brain circuitry underlying long-term memory storage , 1999, Nature.

[45]  Azadeh Iranmehr,et al.  Trust Management for Semantic Web , 2009, 2009 Second International Conference on Computer and Electrical Engineering.

[46]  Daniele Quercia,et al.  Lightweight Distributed Trust Propagation , 2007, Seventh IEEE International Conference on Data Mining (ICDM 2007).

[47]  Alexander Aiken,et al.  Attack-Resistant Trust Metrics for Public Key Certification , 1998, USENIX Security Symposium.

[48]  Chrysanthos Dellarocas,et al.  Immunizing online reputation reporting systems against unfair ratings and discriminatory behavior , 2000, EC '00.

[49]  PentlandAlex,et al.  Reality mining: sensing complex social systems , 2006 .

[50]  Ray Jain,et al.  The art of computer systems performance analysis - techniques for experimental design, measurement, simulation, and modeling , 1991, Wiley professional computing.

[51]  David Garlan,et al.  Context is key , 2005, CACM.

[52]  Liam McNamara,et al.  Content Source Selection in Bluetooth Networks , 2007, 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services (MobiQuitous).

[53]  Albert-László Barabási,et al.  Understanding individual human mobility patterns , 2008, Nature.

[54]  Françoise Sailhan,et al.  Scalable Service Discovery for MANET , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[55]  Daniele Quercia,et al.  TRULLO - local trust bootstrapping for ubiquitous devices , 2007, 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services (MobiQuitous).

[56]  Audun Jøsang,et al.  Analysing the Relationship between Risk and Trust , 2004, iTrust.

[57]  Rajeev Motwani,et al.  The PageRank Citation Ranking : Bringing Order to the Web , 1999, WWW 1999.

[58]  Pan Hui,et al.  BUBBLE Rap: Social-Based Forwarding in Delay-Tolerant Networks , 2008, IEEE Transactions on Mobile Computing.

[59]  Diego Gambetta Can We Trust Trust , 2000 .

[60]  Licia Capra,et al.  Engineering human trust in mobile system collaborations , 2004, SIGSOFT '04/FSE-12.

[61]  E. Friedman,et al.  The Social Cost of Cheap Pseudonyms , 2001 .

[62]  Daniele Quercia,et al.  TATA: Towards Anonymous Trusted Authentication , 2006, iTrust.

[63]  Matteo Dell'Amico Neighbourhood maps: decentralized ranking in small-world P2P networks , 2008 .

[64]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[65]  Eamonn J. Keogh,et al.  A Simple Dimensionality Reduction Technique for Fast Similarity Search in Large Time Series Databases , 2000, PAKDD.

[66]  Haiyun Luo,et al.  UCAN: a unified cellular and ad-hoc network architecture , 2003, MobiCom '03.

[67]  Ross J. Anderson,et al.  On dealing with adversaries fairly , 2004 .

[68]  Nathan Dimmock How much is "enough"? Risk in trust-based access control , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[69]  Xiaojin Zhu,et al.  Seeing stars when there aren’t many stars: Graph-based semi-supervised learning for sentiment categorization , 2006 .

[70]  Alex Pentland,et al.  Reality mining: sensing complex social systems , 2006, Personal and Ubiquitous Computing.

[71]  Zoubin Ghahramani,et al.  Combining active learning and semi-supervised learning using Gaussian fields and harmonic functions , 2003, ICML 2003.

[72]  Mark Herbster,et al.  Online learning over graphs , 2005, ICML.

[73]  L. Capra,et al.  Reasoning about trust groups to coordinate mobile ad-hoc systems , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[74]  Donald B. Johnson,et al.  Elliptic curve DSA (ECSDA): an enhanced DSA , 1998 .

[75]  Stephen Hailes,et al.  Supporting trust in virtual communities , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[76]  Yong Chen,et al.  Risk probability estimating based on clustering , 2003, IEEE Systems, Man and Cybernetics SocietyInformation Assurance Workshop, 2003..

[77]  Valérie Issarny,et al.  Enhanced Reputation Mechanism for Mobile Ad Hoc Networks , 2004, iTrust.

[78]  Daniele Quercia,et al.  Selecting Trustworthy Content using Tags , 2008, SECRYPT.

[79]  Stephen Marsh,et al.  Formalising Trust as a Computational Concept , 1994 .

[80]  Timothy W. Finin,et al.  Toward Distributed service discovery in pervasive computing environments , 2006, IEEE Transactions on Mobile Computing.

[81]  Licia Capra,et al.  Private distributed collaborative filtering using estimated concordance measures , 2007, RecSys '07.

[82]  Paul Dourish,et al.  Underground Aesthetics: Rethinking Urban Computing , 2007, IEEE Pervasive Computing.

[83]  Don Tapscott,et al.  Wikinomics: How Mass Collaboration Changes Everything , 2006 .

[84]  Matteo Dell'Amico Neighbourhood maps: decentralised ranking in small-world P2P networks , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.

[85]  Andreas Haeberlen,et al.  PeerReview: practical accountability for distributed systems , 2007, SOSP.

[86]  Paul Tuson,et al.  Distributed Security for Decentralized Information Sharing , 2008 .

[87]  Georg Lausen,et al.  Spreading activation models for trust propagation , 2004, IEEE International Conference on e-Technology, e-Commerce and e-Service, 2004. EEE '04. 2004.

[88]  James A. Hendler,et al.  Trust Networks on the Semantic Web , 2003, WWW.