Skip to main content
SpringerLink
Log in

Simulating Malicious Users in a Software Reputation System

  • Conference paper
Secure and Trust Computing, Data Management and Applications (STA 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 186))

Abstract

Today, computer users have trouble in separating malicious and legitimate software. Traditional countermeasures such as anti-virus tools mainly protect against truly malicious programs, but the situation is complicated due to a ”grey-zone” of questionable programs that are difficult to classify. We therefore suggest a software reputation system (SRS) to help computer users in separating legitimate software from its counterparts. In this paper we simulate the usage of a SRS to investigate the effects that malicious users have on the system. Our results show that malicious users will have little impact on the overall system, if kept within 10% of the population. However, a coordinated attack against a selected subset of the applications may distort the reputation of these applications. The results also show that there are ways to detect attack attempts in an early stage. Our conclusion is that a SRS could be used as a decision support system to protect against questionable software.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adamic, L.A., Huberman, B.A.: Zipf’s law and the internet. Glottometrics 3, 143–150 (2002)

    Google Scholar 

  2. Boldt, M., Borg, A., Carlsson, B.: On the simulation of a software reputation system. In: ARES 2010 International Conference on Availability, Reliability, and Security 2010, pp. 333–340 (2010)

    Google Scholar 

  3. Boldt, M., Carlsson, B., Larsson, T., Lindén, N.: Preventing privacy-invasive software using collaborative reputation systems. In: Jonker, W., Petković, M. (eds.) SDM 2007. LNCS, vol. 4721, pp. 142–157. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Breslau, L., Cao, P., Fan, L., Phillips, G., Shenker, S.: Web caching and zipf-like distributions: Evidence and implications. In: Proceedings of Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 1999. IEEE, Los Alamitos (January 1999)

    Google Scholar 

  5. Good, N., Dhamija, R., Grossklags, J., Thaw, D., Aronowitz, S., Mulligan, D., Konstan, J.: Stopping spyware at the gate: a user study of privacy, notice and spyware. In: Proceedings of the 2005 Symposium on Usable Privacy and Security, p. 52 (2005)

    Google Scholar 

  6. Hoffman, K., Zage, D., Nita-Rotaru, C.: A survey of attack and defense techniques for reputation systems. ACM Computing Surveys (January 2008)

    Google Scholar 

  7. Horrigan, J.: Pew internet & americal life project: A typology of information and communication technology users (May 2007), http://www.pewinternet.org/Reports/2007/ATypology-of-Information-and-Communication-Technology-Users.aspx

  8. Jøsang, A., Golbeck, J.: Challenges for robust of trust and reputation systems. In: 5th International Workshop on Security and Trust Management (STM 2009) (September 2009)

    Google Scholar 

  9. Josang, A., Ismail, R., Boyd, C.: A survey of trust and reputation systems for online service provision. Decision Support Systems 43(2), 618–644 (2007)

    Article  Google Scholar 

  10. Marmol, F., Pérez, G.: Security threats scenarios in trust and reputation models for distributed systems. Computers & Security (January 2009)

    Google Scholar 

  11. Pitkow, J.: Summary of www characterizations. World Wide Web (January 1999)

    Google Scholar 

  12. Resnick, P., Iacovou, N., Suchak, M.: Grouplens: an open architecture for collaborative filtering of netnews. In: Proceedings of the 1994 ACM Conference on Computer Supported Cooperative Work (January 1994)

    Google Scholar 

  13. Resnick, P., Varian, H.: Recommender systems. Communications of the ACM (January 1997)

    Google Scholar 

  14. Sipior, J., Ward, B., Roselli, G.: A united states perspective on the ethical and legal issues of spyware. In: Kishino, F., Kitamura, Y., Kato, H., Nagata, N. (eds.) ICEC 2005. LNCS, vol. 3711. Springer, Heidelberg (2005)

    Google Scholar 

  15. Walsh, K., Sirer, E.G.: walsh. In: 3rd Symposium on Networked Systems Design & Implementation, pp. 1–14 (April 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Blekinge Institute of Technology, 37141, Karlskrona, Sweden

    Anton Borg, Martin Boldt & Bengt Carlsson

Authors
  1. Anton Borg
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Boldt
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bengt Carlsson
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Seoul National University of Science and Technology, 172 Gongreung 2-dong, Nowon-gu, 139-742, Seoul, Korea

    James J. Park

  2. Computer Science Department, E.T.S.I. Informatica, University of Malaga, Campus de Teatinos, 29071, Malaga, Spain

    Javier Lopez

  3. Division of Computer Engineering, Mokwon University, Daejeon, South Korea

    Sang-Soo Yeo

  4. College of Information Technology, Division of Information and Computer Engineering, Ajou University, San 5, Woncheon-Dong, Yeongton-Gu, Suwon, 443-749, Korea

    Taeshik Shon

  5. Clayton School of Information Technology, Monash University, Campus: Clayton Building/Room 63/130, Clayton, 3800, Victoria, Australia

    David Taniar

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Borg, A., Boldt, M., Carlsson, B. (2011). Simulating Malicious Users in a Software Reputation System. In: Park, J.J., Lopez, J., Yeo, SS., Shon, T., Taniar, D. (eds) Secure and Trust Computing, Data Management and Applications. STA 2011. Communications in Computer and Information Science, vol 186. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22339-6_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-22339-6_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-22338-9

  • Online ISBN: 978-3-642-22339-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation