Abstract
Today, computer users have trouble in separating malicious and legitimate software. Traditional countermeasures such as anti-virus tools mainly protect against truly malicious programs, but the situation is complicated due to a ”grey-zone” of questionable programs that are difficult to classify. We therefore suggest a software reputation system (SRS) to help computer users in separating legitimate software from its counterparts. In this paper we simulate the usage of a SRS to investigate the effects that malicious users have on the system. Our results show that malicious users will have little impact on the overall system, if kept within 10% of the population. However, a coordinated attack against a selected subset of the applications may distort the reputation of these applications. The results also show that there are ways to detect attack attempts in an early stage. Our conclusion is that a SRS could be used as a decision support system to protect against questionable software.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adamic, L.A., Huberman, B.A.: Zipf’s law and the internet. Glottometrics 3, 143–150 (2002)
Boldt, M., Borg, A., Carlsson, B.: On the simulation of a software reputation system. In: ARES 2010 International Conference on Availability, Reliability, and Security 2010, pp. 333–340 (2010)
Boldt, M., Carlsson, B., Larsson, T., Lindén, N.: Preventing privacy-invasive software using collaborative reputation systems. In: Jonker, W., Petković, M. (eds.) SDM 2007. LNCS, vol. 4721, pp. 142–157. Springer, Heidelberg (2007)
Breslau, L., Cao, P., Fan, L., Phillips, G., Shenker, S.: Web caching and zipf-like distributions: Evidence and implications. In: Proceedings of Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 1999. IEEE, Los Alamitos (January 1999)
Good, N., Dhamija, R., Grossklags, J., Thaw, D., Aronowitz, S., Mulligan, D., Konstan, J.: Stopping spyware at the gate: a user study of privacy, notice and spyware. In: Proceedings of the 2005 Symposium on Usable Privacy and Security, p. 52 (2005)
Hoffman, K., Zage, D., Nita-Rotaru, C.: A survey of attack and defense techniques for reputation systems. ACM Computing Surveys (January 2008)
Horrigan, J.: Pew internet & americal life project: A typology of information and communication technology users (May 2007), http://www.pewinternet.org/Reports/2007/ATypology-of-Information-and-Communication-Technology-Users.aspx
Jøsang, A., Golbeck, J.: Challenges for robust of trust and reputation systems. In: 5th International Workshop on Security and Trust Management (STM 2009) (September 2009)
Josang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems 43(2), 618–644 (2007)
Marmol, F., Pérez, G.: Security threats scenarios in trust and reputation models for distributed systems. Computers & Security (January 2009)
Pitkow, J.: Summary of www characterizations. World Wide Web (January 1999)
Resnick, P., Iacovou, N., Suchak, M.: Grouplens: an open architecture for collaborative filtering of netnews. In: Proceedings of the 1994 ACM Conference on Computer Supported Cooperative Work (January 1994)
Resnick, P., Varian, H.: Recommender systems. Communications of the ACM (January 1997)
Sipior, J., Ward, B., Roselli, G.: A united states perspective on the ethical and legal issues of spyware. In: Kishino, F., Kitamura, Y., Kato, H., Nagata, N. (eds.) ICEC 2005. LNCS, vol. 3711. Springer, Heidelberg (2005)
Walsh, K., Sirer, E.G.: walsh. In: 3rd Symposium on Networked Systems Design & Implementation, pp. 1–14 (April 2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Borg, A., Boldt, M., Carlsson, B. (2011). Simulating Malicious Users in a Software Reputation System. In: Park, J.J., Lopez, J., Yeo, SS., Shon, T., Taniar, D. (eds) Secure and Trust Computing, Data Management and Applications. STA 2011. Communications in Computer and Information Science, vol 186. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22339-6_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-22339-6_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22338-9
Online ISBN: 978-3-642-22339-6
eBook Packages: Computer ScienceComputer Science (R0)