对抗共谋及节点行为动态性的P2P信任模型

针对现有P2P信任模型存在的网络开销大、不能很好地处理节点行为的动态性改变及共谋攻击等问题,提出了一种新的信任模型。通过直接交互节点的局部评价加权其评价可信度计算节点的全局信誉值;采用基于局部评价标准差、局部评价集中度的方法识别和抑制共谋攻击;根据节点行为的改变动态更新其信誉值和评价可信度。仿真实验表明,提出的模型较现有模型在网络开销、抑制共谋攻击和节点行为的动态性等方面有较大改进。     

复杂网络环境下基于信任传递的推荐模型研究

针对推荐系统中普遍存在的数据稀疏和冷启动等问题,本文结合用户自身评分与用户的社会信任关系构建推荐模型,提出了一种基于信任关系传递的社会网络推荐算法（Trust transition recommendation model,TTRM）.该方法首先通过计算信任网络中节点的声望值与偏见值来发现信任网络中的不可信节点,并通过对其评分权重进行弱化来减轻其对信任网络产生的负面影响.其次,算法又利用朋友的信任矩阵对用户自身的特征向量进行修正,解决了用户特征向量的精准构建及信任传递问题.同时为了实现修正误差的最小化,算法利用推荐特性进行用户相似度计算并通过带有社会正则化约束的矩阵分解技术实现社会网络推荐.实验结果表明,TTRM算法较传统的社会网络推荐算法在性能上具有显著提高.     

Parameter learning of personalized trust models in broker-based distributed trust management

Distributed trust management addresses the challenges of eliciting, evaluating and propagating trust for service providers on the distributed network. By delegating trust management to brokers, individual users can share their feedbacks for services without the overhead of maintaining their own ratings. This research proposes a two-tier trust hierarchy, in which a user relies on her broker to provide reputation rating about any service provider, while brokers leverage their connected partners in aggregating the reputation of unfamiliar service providers. Each broker collects feedbacks from its users on past transactions. To accommodate individual differences, personalized trust is modeled with a Bayesian network. Training strategies such as the expectation maximization (EM) algorithm can be deployed to estimate both server reputation and user bias. This paper presents the design and implementation of a distributed trust simulator, which supports experiments under different configurations. In addition, we have conducted experiments to show the following. 1) Personal rating error converges to below 5% consistently within 10,000 transactions regardless of the training strategy or bias distribution. 2) The choice of trust model has a significant impact on the performance of reputation prediction. 3) The two-tier trust framework scales well to distributed environments. In summary, parameter learning of trust models in the broker-based framework enables both aggregation of feedbacks and personalized reputation prediction.

一种结合移动IP和SIP实现IP网络移动性管理的优化方案

本文提出了一种网络层和应用层相结合实现IP网络移动性管理的新方案。移动终端的固定IP地址作为数据传输的地址;当终端和所在子网使用的是不同的IP子网前缀时,使用转交地址形成隧道对数据进行收发;SIP地址作为用户帐号,是在应用层使用服务的地址,通过把它动态地和移动终端绑定来使用终端。方案中还提出了以SIP地址域的分级方式进行组织管理的用户数据库系统,定义了为子网中移动终端服务的区域代理。新方案能够对现役设备和协议改动较小的程度下,为下一代网络提供移动性管理。     

基于信任度的P2P信任机制

提出了一种结合上下文对内容进行信任度的评估方法。信任度由内容信任度和节点信任度两方面计算得到。并构建了存放历史信任度的矩阵,进而提出了资源节点及用户节点双向搜索策略,本机制在P2P网络环境下,能很好的解决冒名及作弊等恶意行为,使主体与客体间的信息交互在信任度的控制下能有效进行。     

TruBeRepec: a trust-behavior-based reputation and recommender system for mobile applications

Mobile applications are software packages that can be installed and executed in a mobile device. Which mobile application is trustworthy for a user to purchase, download, install, execute or recommend becomes a crucial issue that impacts its final success. This paper proposes TruBeRepec, a trust-behavior-based reputation and recommender system for mobile applications. We explore a model of trust behavior for mobile applications based on the result of a large-scale user survey. We further develop a number of algorithms that are used to evaluate individual user’s trust in a mobile application through trust behavior observation, generate the application’s reputation by aggregating individual trust and provide application recommendations based on the correlation of trust behaviors. We show the practical significance of TruBeRepec through simulations and analysis with regard to effectiveness, robustness, and usability, as well as privacy.     

无线传感器网络中基于节点行为和身份的可信认证

针对无线传感器网络(WSN)开放性和资源受限导致易受外部和内部攻击以及节点失效等问题,提出了一种高效、安全的可信节点间身份认证方案。方案采用基于身份和双线性对理论实现认证密钥协商与更新,通过基于Beta分布的节点行为信誉的管理计算其信任度,利用信任度识别节点是否可信并采用对称密码体制结合信息认证码实现可信节点间认证。方案不仅能防范窃听、注入、重放、拒绝服务等多种外部攻击,而且能够抵御选择性转发、Wormhole攻击、Sinkhole攻击和女巫攻击等内部威胁。与SPINS方案相比,所提方案在同一网络环境下有较长的网络生命期、较小的认证时延、更高的安全性及可扩展性,在无人值守安全性要求较高的WSN领域具有较好的应用价值。     

基于用户及其行为社会属性的信任测度模型

信任测度是信任机制的核心和基础,现有的信任机制面临着恶意用户操纵信誉的安全威胁。基于用户及其行为社会属性的信任测度模型对传统的信任机制进行了扩充,引入用户及其行为所映射的本质特性即社会属性来描述和分析恶意用户及其行为的特征,在信任测度过程中增加信誉评审过程来修正对信任测度的攻击,从而保证了分布式环境中的信任测度的可信性。模拟实验表明,该信任测度模型能有效地应对恶意用户对信誉的操纵攻击。     

结合信任机制和用户偏好的协同过滤推荐算法

仅凭相似度来定位邻居用户对传统协同过滤算法的性能有严重的负面影响。引入社会网络中的信任机制,从个体在社交圈中的主观信任和全局声誉角度出发建模。分别考虑用户交互、评分差和用户偏好调节生成直接信任度。利用声誉及专家信任优先模型聚合生成间接信任度,将两者动态加权形成用户之间的信任关系。用参数[η]协调信任和相似双属性,使用户关系更加紧密,有效地解决新用户和稀疏性问题。经实证,改良后的模型颇有成效。     

Personalization on a peer-to-peer television system

We introduce personalization on Tribler, a peer-to-peer (P2P) television system. Personalization allows users to browse programs much more efficiently according to their taste. It also enables to build social networks that can improve the performance of current P2P systems considerably, by increasing content availability, trust and the realization of proper incentives to exchange content. This paper presents a novel scheme, called BuddyCast, that builds such a social network for a user by exchanging user interest profiles using exploitation and exploration principles. Additionally, we show how the interest of a user in TV programs can be predicted from the zapping behavior by the introduced user-item relevance models, thereby avoiding the explicit rating of TV programs. Further, we present how the social network of a user can be used to realize a truly distributed recommendation of TV programs. Finally, we demonstrate a novel user interface for the personalized peer-to-peer television system that encompasses a personalized tag-based navigation to browse the available distributed content. The user interface also visualizes the social network of a user, thereby increasing community feeling which increases trust amongst users and within available content and creates incentives of to exchange content within the community.     

基于H指数的网络信任管理模型

网络信任管理是通过对网络节点间的历史交易数据进行收集、分析和处理,通过建立相应的网络信任模型来提高网络的安全性。本文分析了节点信任和节点声誉的区别,给出了节点声誉的定义,并对网络中全局声誉模型进行了研究。给出了网络信任管理中基于H指数理论的全局声誉信任模型,该模型中利用网络节点的全局声誉值作为节点间是否进行交易的决策依据。     

基于中位数的用户信誉度排名算法

针对推荐系统易受Spammer攻击的影响,从而导致对象的实际得分不准确的问题,提出基于中位数的用户信誉度排名算法。通过衡量用户信誉度调整用户打分权重,根据中位数具有不易受极端打分影响的特性,选取用户打分与对象得分差距的中位数作为降低用户信誉度的标准,不断迭代调整用户信誉度以及最终得分直至收敛。在多个真实数据集上的运行结果证明,相比现有排名算法,该算法具有更合理的信誉度分布和更高的排名结果准确度,通过该算法预处理后的数据集在SVD++上运行可以得到更低的均方根误差。     

一种直接评价节点诚信度的分布式信任机制

基于信誉的信任机制能够有效解决P2P网络中病毒泛滥和欺诈行为等问题.现有信任机制大多采用单个信誉值描述节点的诚信度,不能防止恶意节点用诚信买行为掩盖恶意卖行为;而且从信誉值上无法区分初始节点和恶意节点.提出一种新的分布式信任机制,基于交易历史,通过迭代求解,为每个节点计算全局买信誉值和卖信誉值,根据信誉值便能判断节点的善恶.仿真实验对比和性能分析表明,与EigenTrust算法相比,该算法能够迅速降低恶意节点的全局信誉值,抑制合谋攻击,降低恶意交易概率.     

一种对等网中基于相互信任的两层信任模型

在P2P 系统中,声誉模型是建立节点间信任关系的重要方法之一,但现有的P2P 声誉模型几乎都是纯分散式的,具有信任收敛慢、信任管理复杂和网络开销大等缺点.在TLT(two-level trust)中,节点自发组织为信任簇,信任评价以簇为单位.每个簇由簇首和成员节点组成,簇首和成员节点之间是一种相互信任的关系:簇首为了提高自身的簇间服务信任,利用簇内服务信任观察成员节点的服务性能,过滤恶意的成员节点;成员节点为了提高服务声誉和接受更好的服务,利用代理信任考察簇首的管理能力.分析和仿真结果表明:在TLT 中,节点的信任值收敛快,恶意行为能够被快速识别;TLT 可扩展性好,如信任管理简单和网络开销小.     

移动社会网络中基于全局信任模型的用户影响力计算

针对现有算法和模型对于网络中用户影响力计算大多只考虑拓扑结构和贪心算法而较少考虑真实社会网络中信任度对于节点影响力的重要性这一问题, 该文提出一种全局信任模型(global trust model, GTM)用于评估节点的影响力. 首先计算节点与邻居节点间的信任关系作为局部信任度, 其次利用Beta信誉模型在节点局部信...     

Dishonest Behaviors in Online Rating Systems: Cyber Competition,Attack Models,and Attack Generator

Recently, online rating systems are gaining popularity. Dealing with unfair ratings in such systems has been recognized as an important but challenging problem. Many unfair rating detection approaches have been developed and evaluated against simple attack models. However, the lack of unfair rating data from real human users and realistic attack behavior models has become an obstacle toward developing reliable rating systems. To solve this problem, we design and launch a rating challenge to collect unfair rating data from real human users. In order to broaden the scope of the data collection, we also develop a comprehensive signal-based unfair rating detection system. Based on the analysis of real attack data, we discover important features in unfair ratings, build attack models, and develop an unfair rating generator. The models and generator developed in this paper can be directly used to test current rating aggregation systems, as well as to assist the design of future rating systems.     

Securing decentralized reputation management using TrustGuard

Reputation systems have been popular in estimating the trustworthiness and predicting the future behavior of nodes in a large-scale distributed system where nodes may transact with one another without prior knowledge or experience. One of the fundamental challenges in distributed reputation management is to understand vulnerabilities and develop mechanisms that can minimize the potential damages to a system by malicious nodes. In this paper, we identify three vulnerabilities that are detrimental to decentralized reputation management and propose TrustGuard—a safeguard framework for providing a highly dependable and yet efficient reputation system. First, we provide a dependable trust model and a set of formal methods to handle strategic malicious nodes that continuously change their behavior to gain unfair advantages in the system. Second, a transaction-based reputation system must cope with the vulnerability that malicious nodes may misuse the system by flooding feedbacks with fake transactions. Third, but not the least, we identify the importance of filtering out dishonest feedbacks when computing reputation-based trust of a node, including the feedbacks filed by malicious nodes through collusion. Our experiments show that, comparing with existing reputation systems, our framework is highly dependable and effective in countering malicious nodes regarding strategic oscillating behavior, flooding malevolent feedbacks with fake transactions, and dishonest feedbacks.     

Exploring the impact of trust information visualization on mobile application usage

Trust allows people to live in a risky and uncertain situation by providing the means to decrease complexity. It is the key to decision making and engaging in usage. Visualizing trust information could thus leverage usage behavior and decisions. This article explores the impact of trust information visualization on mobile application usage with a three-stage experiment conducted in both Finland and China (1) by studying users’ opinions on the importance of mobile applications, (2) by evaluating the impact of a trust indicator on mobile application usage, and (3) by evaluating the impact of a trust/reputation indicator on mobile application usage. Although the results achieved in this study for Finland and China showed small differences on usage willingness and remarkable difference on trust information check willingness, both countries indicated that visualizing the reputation value of an application and/or the individual trust value of a user can assist in mobile application usage with different importance rates. In addition, the article discusses possible reasons for the difference in impact in Finland and China, other impact factors related to mobile application usage, and implications of our experiments with regard to a trust management system for mobile applications.     

基于反馈相关性的P2P网络信任模型

用户对P2P网络安全性的需求刺激了信任模型的发展。在分析现有信任模型的基础上,提出了基于反馈相关性的动态信任模型—CoDyTrust。其在时间帧的基础上,采用虚假信任过滤机制和信任聚合机制,并在信任值计算中引入信任相关系数、信任遗忘因子、滥用信任值和推荐信任度等,通过反馈控制机制动态调节这些模型因子,在准确评价节点对不同资源信任的同时,实现网络中恶意行为检测。比较分析结果表明,CoDyTrust能够更好地反映网络中节点行为,准确检测恶意节点,有效抵御振荡、撒谎和合谋等攻击。