STARS: A Simple and Efficient Scheme for Providing Transparent Traceability and Anonymity to Reputation Systems

  • Zonghua Zhang
  • Jingwei Liu
  • Youki Kadobayashi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6514)

Abstract

Reputation systems play a vital role in constructing mutual trust relationships between different entities in autonomic computing networks by enforcing them to act as prescribed protocols or specifications. They can be, however, subverted and abused if the association rules between an entity’s identity and its reputation is exploited. While various anonymizating techniques can be used to prevent that, the extent of anonymity is extremely hard to be determined at an appropriate level, potentially allowing sophisticated attackers to correlate a party with its reputation. To manifest and further gain insights into such vulnerabilities, we systematically decompose the reputation system into four components from a functional perspective and use a set of performance metrics to examine them. Specifically, a new attack taxonomy is given, and a simple scheme termed STARS, which is transparent to particular reputation systems, is proposed for achieving both anonymity and traceability. We finally discuss implementation issues and validate performance through case studies, comparative analysis, and simulations.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Androulaki, E., Choi, S., Bellovin, S.M., Malkin, T.: Reputation Systems for Anonymous Networks. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 202–218. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  2. 2.
    Adams, W.J., Hadjichristofi, G.C., Davis, N.J.: Calculating a node’s reputation in a mobile ad hoc network. In: Proc. of Int’l Performance Computing and Communications Conference, AZ (April 2005)Google Scholar
  3. 3.
    Bethencourt, J., Shi, E., Song, D.: Signatures of Reputation: Towards Trust Without Identity. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 400–407. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Buchegger, S., Le Boudec, J.-Y.: Performance analysis of the CONFIDANT protocol. In: Proc. of ACM MobiHoc, Lausanne, Switzerland, pp. 226–236 (2002)Google Scholar
  5. 5.
    Chow, S.M., Hui, L.C.K., Yiu, S.M., Chow, K.P.: Two improved partially blind signature schemes from bilinear pairings. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 316–328. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Dimitriou, T., Karame, G., Christou, I.: SuperTrust: a secure and efficient framework for handling trust in super-peer networks. In: Proc. of ACM PODC, pp. 374–375 (2007)Google Scholar
  7. 7.
    Dingledine, R.: Accountability Measures for Peer-to-Peer Systems. In: Peer-to-Peer: Harnessing the Power of Disruptive Technologies. O’Reilly Publishers, Sebastopol (2000)Google Scholar
  8. 8.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: Proc. of 13th USENIX Security Symposium, pp. 303–320 (2004)Google Scholar
  9. 9.
  10. 10.
    Freedman, M.J., Morris, R.: Tarzan: A peer-to-peer anonymizing network layer. In: Proc. of CCS 2002, Washington, DC, USA, pp. 193–206 (2002)Google Scholar
  11. 11.
    He, Q., Wu, D., Khosla, P.: SORI: A secure and objective reputation-based incentive scheme for ad hoc networks. In: Proc. of Wireless Communications and Networking Conference, pp. 825–830 (2004)Google Scholar
  12. 12.
    Huebscher, M.C., Mccann, J.A.: A survey of autonomic computing-degrees, models, and applications. ACM Computing Surveys 40(3) (August 2008)Google Scholar
  13. 13.
    Hoffman, K., Zage, D., Nita-Rotaru, C.: A Survey of Attack and Defense Techniques for Reputation Systems. ACM Computing Surveys (2008)Google Scholar
  14. 14.
    Josang, A., Ismail, R., Boyd, C.: A Survey of Trust and Reputation Systems for Online Service Provision. Decision Support Systems 43(2), 618–644 (2007)CrossRefGoogle Scholar
  15. 15.
    Kerschbaum, F.: A verificable, Centralized, Coercion-Free Reputation System. In: Proc. of Workshop on Privacy in the Electronic Society (WPES), USA (2009)Google Scholar
  16. 16.
    Liu, Y., Yang, Y.R.: Reputation propagation and agreement in mobile ad-hoc networks. In: Proc. of IEEE Wireless Communications and Networking (WCNC 2003), New Orleans, USA (2003)Google Scholar
  17. 17.
    Liu, J., Sun, R., Kou, W., Wang, X.: Efficient ID-based Signature Without Trusted PKG, http://eprint.iacr.org/2007/135.pdf
  18. 18.
    Marmol, F.G., Perez, G.M.: Security threats scenarios in trust and reputation models for distributed systems. Computers & Security 28(7), 605–614 (2009)CrossRefGoogle Scholar
  19. 19.
    Marti, S., Garcia-Molina, H.: Identity crisis: anonymity vs reputation in P2P systems. In: Proc. of the Third International Conference on Peer-to-Peer Computing (P2P 2003), pp. 134–141 (September 2003)Google Scholar
  20. 20.
    Miranda, H., Rodrigues, L.: A framework to provide anonymity in reputation systems. In: Proc. of MOBIQUITOUS 2006 (2006)Google Scholar
  21. 21.
    Muller, W., Plotz, H., Redlich, J.-P., Shiraki, T.: Sybil proof anonymous reputation management. In: Proc. of ACM SecureComm 2008 (September 2008)Google Scholar
  22. 22.
    Mundinger, J., Le Boudec, J.-Y.: Analysis of a reputation system for mobile ad-hoc networks with liars. In: Proc. of The 3rd International Symposium on Modeling and Optimization, Trento, Italy (April 2005)Google Scholar
  23. 23.
    Nework Simulator, http://www.isi.edu/nsnam/ns/
  24. 24.
    Song, S., Hwang, K., et al.: Trusted P2P transactions with fuzzy reputation aggregation. IEEE Internet Computing 9(6), 24–34 (2005)CrossRefGoogle Scholar
  25. 25.
    Singh, A., Liu, L.: TrustMe: Anonymous Managment of Trust Relationships in Decentralized P2P systems. In: Proc. of 3rd International IEEE Conference on Peer-to-Peer Computing (2003)Google Scholar
  26. 26.
    Steingrecher, S.: Design options for privacy-respecting reputation systems within centralised internet communities. In: Proc. of Int. Information Security Conference, SEC (2006)Google Scholar
  27. 27.
    Kamvar, S.D., Schlosser, M.T., Molina, H.G.: The EigenTrust algorithm for reputation management in P2P networks. In: Proc. of the 12th International Conference on World Wide Web, pp. 640–651 (2003)Google Scholar
  28. 28.
    Yu, B., Singh, M.P.: An evidential model of distributed reputation management. In: Proc. of ACM AAMAS (2002)Google Scholar
  29. 29.
    Zouridaki, C., Mark, B.L., Hejmo, M., Thomas, R.K.: Hermes: A auantitative trust establishment framework for reliable data packet delivery in MANETs. Journal of Computer Security 15(1), 3–38 (2007)CrossRefGoogle Scholar
  30. 30.
    Zhang, Y., Liu, W., Lou, W.: Anonymous communications in mobile ad hoc networks. In: Proc. of IEEE INFOCOM, Miami, USA (2005)Google Scholar
  31. 31.
    Zhang, Z., Nait-Abdesselam, F., Ho, P.-H., Lin, X.: RADAR: a ReputAtion-based scheme for Detecting Anomalous nodes in wiReless mesh networks. In: Proc. of IEEE Wireless Communications and Networking Conference (WCNC 2008), Las Vegas, USA (2008)Google Scholar
  32. 32.
    Zhang, Z., Kadobayashi, Y., Nait-Abdesselam, F.: Towards an Evaluation Framework for Reputation Systems in Autonomic Networks. In: Proc. of ChinaCom 2009, Xi’An, China, August 26-28 (2009)Google Scholar
  33. 33.
    Zhou, L., Haas, Z.: Securing ad hoc networks. IEEE Network 13(6), 24–30 (1999)CrossRefGoogle Scholar
  34. 34.
    Zhong, S., Chen, J., Yang, R.: Sprite: a simple, cheat-proff, credit-based system for mobile ad-hoc networks. In: Proc. of IEEE INFOCOM, San Francisco, USA (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Zonghua Zhang
    • 1
  • Jingwei Liu
    • 2
  • Youki Kadobayashi
    • 3
  1. 1.IT/TELECOM Lille 1France
  2. 2.Xidian UniversityChina
  3. 3.iSRC, NICTJapan

Personalised recommendations