Tamper-Resilient Methods for Web-Based Open Systems

Caverlee, James

05 July 2007

The Web and Web-based open systems are characterized by their massive amount of data and services for leveraging this data. These systems are noted for their open and unregulated nature, self-supervision, and high degree of dynamism, which are key features in supporting a rich set of opportunities for information sharing, discovery, and commerce. But these open and self-managing features also carry risks and raise growing concerns over the security and privacy of these systems, including issues like spam, denial-of-service, and impersonated digital identities. Our focus in this thesis is on the design, implementation, and analysis of large-scale Web-based open systems, with an eye toward enabling new avenues of information discovery and ensuring robustness in the presence of malicious participants. We identify three classes of vulnerabilities that threaten these systems: vulnerabilities in link-based search services, vulnerabilities in reputation-based trust services over online communities, and vulnerabilities in Web categorization and integration services. This thesis introduces a suite of methods for increasing the tamper-resilience of Web-based open systems in the face of a large and growing number of threats. We make three unique contributions: First, we present a source-centric architecture and a set of techniques for providing tamper-resilient link analysis of the World Wide Web. We propose the concept of link credibility and present a credibility-based link analysis model. We show that these approaches significantly reduce the impact of malicious spammers on Web rankings. Second, we develop a social network trust aggregation framework for supporting tamper-resilient trust establishment in online social networks. These community-based social networking systems are already extremely important and growing rapidly. We show that our trust framework support high quality information discovery and is robust to the presence of malicious participants in the social network. Finally, we introduce a set of techniques for reducing the opportunities of attackers to corrupt Web-based categorization and integration services, which are especially important for organizing and making accessible the large body of Web-enabled databases on the Deep Web that are beyond the reach of traditional Web search engines. We show that these techniques reduce the impact of poor quality or intentionally misleading resources and support personalized Web resource discovery.

Spam

Pagerank

Social networks

Resistance

Risks

Vulnerabilities

Eigentrust

Trust and Reputation Algorithms for Hierarchically Structured Peer-to-Peer Systems

Kalala, Kalonji

January 2017

This research focuses on the redesign of trust and reputation algorithms in the context of hierarchically structured Peer-to-Peer (P2P) networks with Chord, a scalable P2P lookup service for Internet applications. Chord, which is an open source project, is an overlay network based on a distributed hash table(DHT), and all peers in Chord are arranged around a circle. In this work, we propose four adapted trust and reputation algorithms for hierarchically structured P2P networks: EigenTrust, PowerTrust, Absolute Trust and NodeRanking. EigenTrust is one of the most well-known trust and reputation algorithms, as well as the most simple. To calculate the reputation, EigenTrust needs to normalize trust and rely on pre-trusted peers. Like EigenTrust, PowerTrust relies on feedback and the use of a distributed ranking mechanism. It chooses a limited number of power nodes with a high reputation. By combining a random walk strategy and the power nodes, it improves accuracy of global reputation. AbsoluteTrust does not require normalization of trust, pretrusted peers or any centralized authority. Weighted average combined with feedback from peers is employed to determine trust. NodeRanking relies on both individual reputation and social relationship to compute the trust value. NodeRanking evaluates reputation using local information. A node's reputation value can be readily determined by the number of references from other nodes in the network. These adapted algorithms are capable of handling a huge number of nodes disseminated in different rings, which improves complexity and reduces the number of malicious nodes in a hierarchical context. Furthermore, we describe the components of the hierarchical model architecture and present and discuss the results from the experiments. These experiments are employed to verify and compare reduction of downloads from malicious peers, load distribution and residual curl in at structured networks and in hierarchically structured networks.

Hierarchical P2P Network

EigenTrust

Absolute Trust

NodeRanking

PowerTrust

Hierarchical Chord

DHT

Trust

Reputation