elektronická verzia publikácie - FIIT STU - Slovenská technická ...

264 Selected Studies on Software and Information Systems
The presence of subjective feedback inherently generates problems. In the remainder
of this section we examine the vulnerabilities of reputation systems and methods that were
proposed to tackle them.
First problem, so-called whitewashing (Lai, 2003), arises when an entity can start over
with a new pseudonym that is not associated with the interaction history of the previous
pseudonym, effectively disposing of the evidence of past (possibly malicious) activities.
Unbounded whitewashing can effectively disable any reputation system, while having
a sufficiently high starting fee does indeed prevent this behavior, collecting fees is not always
viable.
Therefore, indirect payments in the form of degraded service for newcomers were
proposed (Resnik, 2001). In their model, the pay-your-dues (PYD) strategy distinguishes
between newcomers and veterans, veterans being the users that have interacted positively
at least once. Analogous to mistrust to newcomers in common social situations, in PYD
veterans do not collaborate with newcomers until they have proved themselves enough to
allow for a mutually beneficial interaction. Authors further proved that an extended stochastic
version of this algorithm executes the highest fraction of cooperative outcomes and
therefore is the socially most efficient strategy (in game-theoretical terms) in the presence
of whitewashing.
Second major problem of reputation systems is dealing with the lack of objective
feedback or so-called phantom feedback generated using false pseudonyms (sybils) created
for the sole purpose of providing this phantom feedback. This problem can be modeled in
systems based on transitive trust, i.e. the input is represented as a trust graph whose vertices
are the entities, and directed (one-way) edges have associated trust value – nonnegative
real value summarizing the feedback that one edge’s vertex (entity) reports on the other
one. Aggregation mechanism computes the reputations of the vertices based on the trust
values. Entities are not directly affected by the feedback they provide, only from the ratings
they receive from others, and therefore an entity has no incentive to provide relevant
feedback.
On the contrary, a less credible entity has every reason to provide dishonest feedback so
as to undermine the credibility of (possibly negative) incoming feedback. Thus, a robust
reputation mechanism must ensure that an entity cannot increase its reputation by manipulating
its own feedbacks. In the second major class of attacks studied, the Sybil attacks
(Douceur, 2002), malicious entity creates fake pseudonyms to boost the reputation of its
primary pseudonym. In the trust graph model, the attacker can specify arbitrary trust values
originating from sybil nodes, and can divide incoming trust edges among the sybils
provided that the total sum of trusts is preserved.
Several methods were proposed. The simple version of PageRank algorithm (Brin,
1998) as described below can be applied:
where R(u) is the reputation of web page u, directed edge (v,u) corresponds to the hyperlink
from page v to page u, and trust values are t(v,u) = 1/OutDegree(v). Analogously, u V
can be an entity, directed edge (v,u) shows that entity v has interacted with u, and
t(v,u) is the degree of trust that v has in u. This simple version of PageRank is symmetric
and therefore is prone to dishonest feedback; it is also prone to Sybil attacks (Cheng, 2006).