一种直接评价节点诚信度的分布式信任机制

基于信誉的信任机制能够有效解决P2P网络中病毒泛滥和欺诈行为等问题.现有信任机制大多采用单个信誉值描述节点的诚信度,不能防止恶意节点用诚信买行为掩盖恶意卖行为;而且从信誉值上无法区分初始节点和恶意节点.提出一种新的分布式信任机制,基于交易历史,通过迭代求解,为每个节点计算全局买信誉值和卖信誉值,根据信誉值便能判断节点的善恶.仿真实验对比和性能分析表明,与EigenTrust算法相比,该算法能够迅速降低恶意节点的全局信誉值,抑制合谋攻击,降低恶意交易概率.     

基于C2C的可信信用评价模型

提出一个基于C2C的可信信用评价模型。该模型根据历史交易记录,在综合考虑交易金额、买卖双方信誉度、交易次数、差评次数、未评价交易的基础上,采用动态计算的方式,为交易的成功进行提供可靠的依据。该模型可以有效甄别恶意用户和诚信用户,从而减少信誉诋毁行为,并可减少信誉榨取行为,提高C2C电子交易的安全性。     

P2P文件共享系统中的分组信誉驱动机制

在P2P文件共享系统中,常会出现许多有策略的欺骗行为,而现有的信任模型并不能完全消除交易的风险。综合局部信任机制和全局信任机制,根据节点间相关的共享记录数据提出一种新的信誉计算方法,并进一步提出受信誉驱动的分组组织管理和节点搜索算法。仿真结果证明该信誉驱动机制能搜索到信誉值高的节点作为交易对象,并能有效降低系统面对合谋恶意节点和具有交易策略的恶意节点攻击时的交易风险。     

基于反馈相关性的P2P网络信任模型

用户对P2P网络安全性的需求刺激了信任模型的发展。在分析现有信任模型的基础上,提出了基于反馈相关性的动态信任模型—CoDyTrust。其在时间帧的基础上,采用虚假信任过滤机制和信任聚合机制,并在信任值计算中引入信任相关系数、信任遗忘因子、滥用信任值和推荐信任度等,通过反馈控制机制动态调节这些模型因子,在准确评价节点对不同资源信任的同时,实现网络中恶意行为检测。比较分析结果表明,CoDyTrust能够更好地反映网络中节点行为,准确检测恶意节点,有效抵御振荡、撒谎和合谋等攻击。     

一种基于反馈可信度的分布式P2P信任模型

开放、共享与匿名的Peer-to-Peer(简称P2P)网络已经取得了越来越多的应用,无中心对等的特性也吸引了越来越多的用户.但由于其网络中的节点不受约束,资源的共享是用户自愿的行为,因此节点间的信任很难通过传统的信任机制建立.一种可行的解决方案是借鉴人际网络中的信任关系,建立一种基于信誉的全局信任模型.已有的工作基本建立在信任度高的节点其反馈也更可信这个假设的基础上,将节点的反馈质量简单地等同于服务质量.针对这一问题,提出了一种基于节点反馈可信度的分布式P2P全局信任模型(简称FCTrust),用于量化和评估节点的可信程度,并给出了模型的数学表述和分布式实现方法.分析及仿真实验结果表明,FCTrust较已有的全局信任模型在遏制更广泛类型的恶意节点攻击的有效性、迭代计算的收敛性及消息成本上有较大提高.     

WTR: A Reputation Metric for Distributed Hash Tables Based on a Risk and Credibility Factor

The growing number of popular peer to peer applications during the last five years has implied for researchers to focus on how to build trust in such very large scale distributed systems. Reputation systems have shown to be a very good solution to build trust in presence of malicious nodes. We propose in this paper a new metric for reputation systems on top of a Distributed Hash Table that uses a notion of risk to make the applications aware of certain behaviours of malicious nodes. We show that our metric is able to significantly reduce the number of malicious transactions, and that it also provides very strong resistance to several traditional attacks of reputations systems. We also show that our solution can easily scale, and can be adapted to various Distributed Hash Tables.     

The importance of considering unauthentic transactions in trust management systems

In peer-to-peer (P2P) networks, trust management is a key tool to minimize the impact of malicious nodes. EigenTrust is claimed to be one of the most powerful distributed reputation management systems focused on P2P file-sharing applications. It is the theoretical base of other systems, and it has also been directly modified in an attempt to improve its performance. However, none of them give appropriate importance to all the information about transactions. This paper proposes an enhancement of EigenTrust, which considers unsatisfactory transactions in greater depth. Pos&Neg EigenTrust is able to obtain a blacklist of the identities of the malicious nodes. Therefore, it is able to significantly reduce the number of unsatisfactory transactions in the network.     

Parameter learning of personalized trust models in broker-based distributed trust management

Distributed trust management addresses the challenges of eliciting, evaluating and propagating trust for service providers on the distributed network. By delegating trust management to brokers, individual users can share their feedbacks for services without the overhead of maintaining their own ratings. This research proposes a two-tier trust hierarchy, in which a user relies on her broker to provide reputation rating about any service provider, while brokers leverage their connected partners in aggregating the reputation of unfamiliar service providers. Each broker collects feedbacks from its users on past transactions. To accommodate individual differences, personalized trust is modeled with a Bayesian network. Training strategies such as the expectation maximization (EM) algorithm can be deployed to estimate both server reputation and user bias. This paper presents the design and implementation of a distributed trust simulator, which supports experiments under different configurations. In addition, we have conducted experiments to show the following. 1) Personal rating error converges to below 5% consistently within 10,000 transactions regardless of the training strategy or bias distribution. 2) The choice of trust model has a significant impact on the performance of reputation prediction. 3) The two-tier trust framework scales well to distributed environments. In summary, parameter learning of trust models in the broker-based framework enables both aggregation of feedbacks and personalized reputation prediction.

基于分布式信任管理的时延容忍网络数据转发方案

为解决时延容忍网络中恶意或自私节点严重影响网络性能的问题,提出一种基于分布式信任管理的时延容忍网络数据转发方案.通过计算节点信任值先滤除网络中的恶意节点,再执行数据转发行为.根据节点的转发行为以及它们的能量消耗信息计算出直接信任;邻居节点推荐的信息融合间接信任和推荐信誉计算出推荐信任;融合直接信任和推荐信任得到节点总体...     

一种自约束信誉更新模型

在分析信誉计算模型的基础上,提出了一种自约束的信誉更新模型,由于节点的信誉主要反映历史信誉,信誉变化主要表现在新的评价分与以前信誉的变化上,因此通过自约束因子来表达这种变化。对该模型与Bayesian模型作了仿真分析比较。结果显示：信誉评估模型体现恶意行为的惩罚思想,当一个可信节点连续出现交易失败或不可信行为时,信誉值会指数级下降,恢复其信誉则是缓慢上升。     

User‐centric trust and reputation model for personal and trusted service selection

Improving quality of services (QoS) through applying trust and reputation management technology is increasingly popular in the literature and industry. Most existing trust and reputation systems calculate a general trust value or vector based on the gathered feedback without regard to trust's locality and subjectivity; therefore, they cannot effectively support a personal selection with consumer preferences. Our goal is to build a trust and reputation mechanism for facilitating a trustworthy and personal service selection in a service‐oriented Web, where service peers can act as a service provider and/or a service consumer. A user‐centric trust and reputation mechanism distinguishing the different trust context and content to enable a personal service selection with regard to trust preference in a service‐oriented Web is represented in detail. It is widely recognized that reputation‐based trust methods must face the challenge of malicious behaviors. To deal with the malicious feedback behaviors, we introduce a “bidirectional'' feedback mechanism based on QoS experience similarity in our trust and reputation framework. The test run demonstrates that our method can significantly increase the success rate of service transactions and is effective in resisting various malicious behaviors of service peers, when it is compared to other similar methods. © 2011 Wiley Periodicals, Inc.     

P2P系统中基于声誉的信任评估机制

P2P系统能够使陌生节点之间进行在线交易,但安全问题越来越受到人们的关注。因此,如何在P2P系统中构建一个有效的信任机制来帮助在节点之间建立信任是目前P2P技术研究的一个热点。提出了一种新的P2P系统中基于声誉的信任评估机制,该机制较全面地考虑了影响信任度的因素,改进了局部声誉与全局声誉的计算方法,降低了信任度的计算负载,并且引入了黑名单机制。实验结果表明,该机制能有效地评估节点的信任度,识别和隔离恶意节点,提高系统交易成功率,并能有效地应用于P2P系统中。     

一种具有检测机制的P2P网络动态信任模型

P2P网络目前存在诋毁、夸大、协同作弊、策略性欺骗等恶意交易问题,而且恶意节点比例增加导致系统交易成功率下降速度过快。提出了一种具有检测机制的动态信任模型,该模型具有良好的收敛性。在模型中引入了服务广泛度评价机制、周期性策略相似度检测机制和评价相似度检测机制,较好地抑制了恶意节点的不良服务。通过与目前几个典型的全局信任模型的对比仿真实验,表明该模型在交易成功率方面有较大提高。     

基于用户及其行为社会属性的信任测度模型

信任测度是信任机制的核心和基础,现有的信任机制面临着恶意用户操纵信誉的安全威胁。基于用户及其行为社会属性的信任测度模型对传统的信任机制进行了扩充,引入用户及其行为所映射的本质特性即社会属性来描述和分析恶意用户及其行为的特征,在信任测度过程中增加信誉评审过程来修正对信任测度的攻击,从而保证了分布式环境中的信任测度的可信性。模拟实验表明,该信任测度模型能有效地应对恶意用户对信誉的操纵攻击。     

speedTrust: a super peer-guaranteed trust model in hybrid P2P networks

To curb malicious behavior, researchers have proposed a lot of trust models for P2P networks, most of which, however, suffer from the problems of high complexity, bad scalability and huge overhead due to the iterative trust calculations and the global search for feedbacks. In this paper, we propose a super peer-guaranteed trust model, speedTrust, for hybrid P2P networks. Considering the fact that the quality of services and feedbacks is the most important factor directly impacting on a trust model’s availability, we establish a feedback guarantee relationship between the service requester and its super peer, as well as a service guarantee relationship between the service provider and its super peer before a transaction begins. Moreover, a peer’s reputations are calculated using its pledged reputations for its involved transactions without any iterative operations. These features largely reduce the trust model’s complexity while discouraging peers from behaving maliciously for fear of being punished. The simulation results show that the speedTrust model is effective and efficient in terms of the successful transaction rate, the ability in curbing malicious behavior and the complexity.     

基于交易节点分类管理的网络安全模型

为确保对等网络节点交互的安全性,提出一种基于交易节点分类管理的网络安全模型。将失败的交易分为严重失败与一般不满意进行分类统计,以便更准确及时地检测恶意节点。在节点的直接交易过程中,根据交易历史记录,使用支持向量机分类器将网络中的节点划分为可信任节点、陌生节点和恶意节点,分别建立可信任节点列表与恶意节点列表,限制恶意节点的交易及反馈推荐行为。在反馈推荐意见统计表的基础上,利用Bayesian分类器对被评价节点进行分类,根据不同的可信度将可信任节点和陌生节点的反馈意见进行综合,再通过Bayesian估计调整节点的可信度。实验结果表明,与已有的安全模型相比,该模型对恶意行为具有更高的检测率,且交易成功率更高。     

基于不满意度的网络安全模型

提出了一种基于不满意度的网络安全模型,主要功能是帮助用户在网络环境中正确地选择交易对象,屏蔽恶意节点,基于不满意度(degree of dissatisfaction,DoD)对交易节点进行分类控制.节点的不满意度定义为该节点属于恶意节点集的概率.a)使用粗糙集(rough set)模块与Bayesian学习器计算节点的不满意度,依据节点的交易历史记录计算节点的本地不满意度(local DoD,LDoD),依据反馈推荐意见计算推荐不满意度(recom-mended DoD,RDoD),基于不满意度将节点划分为可信任节点、陌生节点、恶意节点等不同的类型;b)基于推荐意见的信息熵(information entropy)计算其可信度,对反馈推荐意见进行综合.实验表明,与已有的安全模型相比,提出的安全管理模型对恶意节点具有更高的检测率,具有更满意的交易成功率.     

基于信誉和风险评估的动态信任模型研究

网格环境中的信任问题是网格计算发展过程中必须解决的一个重要问题。网格节点间的行为信任具有动态性和不确定性。文章综合考虑了信任度评估的动态性和风险性,提出一种新的基于信誉和风险评估的动态信任模型。该模型引入惩罚机制、风险机制和推荐节点信任度更新机制,以评估信任关系的复杂性。仿真结果表明,该模型在有效抑制恶意节点上较已有模型有一定的改进。     

一种基于概率统计方法的P2P系统信任评价模型

现有的P2P系统信任评价模型正面临着两种恶意节点的攻击行为--策略性欺骗和不诚实推荐,严重影响了模型计算节点信任评价的准确性和有效性.针对现有模型存在的不足,提出了一种基于概率统计方法的信任评价模型.该模型借鉴人类社会中主观信任关系的概念,依据直接经验和反馈信息,利用概率统计方法分别计算节点的直接信任和推荐信任,并通过区分直接经验的重要程度,区分反馈信息及其推荐者的可信度,提高信任评价模型的有效性.仿真实验分析说明,与已有的信任评价模型相比,该模型能够更有效地抑制策略性欺骗和不诚实推荐的威胁,特别是复杂的协同作弊方式对系统的攻击.     

DART: A DISTRIBUTED ANALYSIS OF REPUTATION AND TRUST FRAMEWORK

Artificial societies—distributed systems of autonomous agents—are becoming increasingly important in open distributed environments, especially in e‐commerce. Agents require trust and reputation concepts to identify communities of agents with which to interact reliably. We have noted in real environments that adversaries tend to focus on exploitation of the trust and reputation model. These vulnerabilities reinforce the need for new evaluation criteria for trust and reputation models called exploitation resistance which reflects the ability of a trust model to be unaffected by agents who try to manipulate the trust model. To examine whether a given trust and reputation model is exploitation‐resistant, the researchers require a flexible, easy‐to‐use, and general framework. This framework should provide the facility to specify heterogeneous agents with different trust models and behaviors. This paper introduces a Distributed Analysis of Reputation and Trust (DART) framework. The environment of DART is decentralized and game‐theoretic. Not only is the proposed environment model compatible with the characteristics of open distributed systems, but it also allows agents to have different types of interactions in this environment model. Besides direct, witness, and introduction interactions, agents in our environment model can have a type of interaction called a reporting interaction, which represents a decentralized reporting mechanism in distributed environments. The proposed environment model provides various metrics at both micro and macro levels for analyzing the implemented trust and reputation models. Using DART, researchers have empirically demonstrated the vulnerability of well‐known trust models against both individual and group attacks.