TREF : A Threat-centric Comparison Framework for Decentralized Reputation Models

In a decentralized system, entities, also known as peers, directly interact with each other and make local autonomous decisions towards their individual goals. In an open decentralized system, there is no single centralized authority that can regulate the entry of peers in the system. As a result, the system may contain malicious peers that try to disrupt the system and carry out attacks on other peers. In the absence of a centralized authority that can help guard against such attacks, each peer must incorporate suitable measures to protect itself from such attacks. Trust management mechanisms serve to provide effective countermeasures against the attacks perpetrated by malicious peers. Reputation-based trust models allow peers to determine the trustworthiness of other peers in the system based on their perceived reputations. While a number of decentralized reputation-based trust models exist in the research literature, little effort has been directed towards their systematic evaluation and comparison. In this paper, we present TREF, a threat-centric framework for evaluating and comparing different reputation-based trust models as an initial step towards addressing this need. We also discuss how we validated the TREF framework in the context of four reputation-based trust models. Our evaluation reveals several key benefits of using the TREF framework.

[1]  Ion Stoica,et al.  Incentives for Cooperation in Peer-to-Peer Networks , 2003 .

[2]  Boi Faltings,et al.  An incentive compatible reputation mechanism , 2003, AAMAS '03.

[3]  C. Sierra,et al.  REGRET: A reputation model for gregarious societies , 2001 .

[4]  Jordi Sabater-Mir,et al.  Reputation and social network analysis in multi-agent systems , 2002, AAMAS '02.

[5]  Ramon Sangüesa,et al.  Extracting reputation in multi agent systems by means of social network topology , 2002, AAMAS '02.

[6]  Kurt Rothermel,et al.  Architecture and Algorithms for a Distributed Reputation System , 2003, iTrust.

[7]  Timothy W. Finin,et al.  A Framework for Distributed Trust Management , 2001 .

[8]  Munindar P. Singh,et al.  A Social Mechanism of Reputation Management in Electronic Communities , 2000, CIA.

[9]  Hector Garcia-Molina,et al.  Limited reputation sharing in P2P systems , 2004, EC '04.

[10]  Walt Yao,et al.  Fidelis: A Policy-Driven Trust Management Framework , 2003, iTrust.

[11]  Richard N. Taylor,et al.  PACE: an architectural style for trust management in decentralized applications , 2004, Proceedings. Fourth Working IEEE/IFIP Conference on Software Architecture (WICSA 2004).

[12]  Hector Garcia-Molina,et al.  The Eigentrust algorithm for reputation management in P2P networks , 2003, WWW '03.

[13]  Yao-Hua Tan,et al.  Toward a Generic Model of Trust for Electronic Commerce , 2000, Int. J. Electron. Commer..

[14]  Marianne Winslett,et al.  Interoperable strategies in automated trust negotiation , 2001, CCS '01.

[15]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[16]  Giovanni Vigna,et al.  NetSTAT: a network-based intrusion detection approach , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[17]  Ling Liu,et al.  A reputation-based trust model for peer-to-peer ecommerce communities , 2003, EC.