A Survey of Security Issues in Trust and Reputation Systems for E-Commerce

Trust and reputation systems are always subject to attacks if an adversary can gain a benefit in doing so. The list of different attacks against them is extensive. Attacks like bad mouthing, newcomer, sybil, collusion and many more are subject to current research. Some of them present methods that allow to detect adversarial behaviour, hence providing protection against attacks. However, smart adversaries will adapt their behaviour strategies to the existing protection mechanisms and bypass some of the security methods. In this paper, we discuss the options available to adversaries for achieving their goal: Gaining a benefit. For this, we analyse the wellknown attacks and propose security methods which provide resistance or immunity against them at any time, hence independently from the cleverness or strategy of adversaries. Our second focus is to elaborate on the problem of reliably identifying an adversary amongst transacting participants and its influence on possible security methods.

[1]  Chrysanthos Dellarocas,et al.  Immunizing online reputation reporting systems against unfair ratings and discriminatory behavior , 2000, EC '00.

[2]  Sebastian Ries,et al.  Extending Bayesian trust models regarding context-dependence and user friendly representation , 2009, SAC '09.

[3]  Julita Vassileva,et al.  Bayesian network-based trust model , 2003, Proceedings IEEE/WIC International Conference on Web Intelligence (WI 2003).

[4]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[5]  Stefan Spitz,et al.  A Trust Model Considering the Aspects of Time , 2009, 2009 Second International Conference on Computer and Electrical Engineering.

[6]  Steven Kay,et al.  Defending online reputation systems against collaborative unfair raters through signal modeling and trust , 2009, SAC '09.

[7]  R. Kerr Toward Secure Trust and Reputation Systems for Electronic Marketplaces , 2007 .

[8]  Violina P. Rindova,et al.  Reputation Building and Performance: An Empirical Analysis of the Top-50 Pure Internet Firms , 2001 .

[9]  A. Jøsang,et al.  Filtering Out Unfair Ratings in Bayesian Reputation Systems , 2004 .

[10]  Zhu Han,et al.  A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[11]  Peter Druschel,et al.  Peer-to-peer systems , 2010, Commun. ACM.

[12]  Robin Cohen,et al.  Towards provably secure trust and reputation systems in e-marketplaces , 2007, AAMAS '07.

[13]  S. Buchegger,et al.  A Robust Reputation System for Mobile Ad-hoc Networks , 2003 .

[14]  Audun Jøsang,et al.  AIS Electronic Library (AISeL) , 2017 .

[15]  M. Melnik,et al.  Does a Seller's Ecommerce Reputation Matter? Evidence from Ebay Auctions , 2003 .

[16]  Steven T. Anderson,et al.  Seller Strategies on eBay , 2004 .