Modeling trust and reputation systems in hostile environments

Abstract

Abstract In many modern network environments, agents of the system have to select optimal service providers who in turn decide to provide different quality of services. This is while maximization of their profits is a concern for both agents and service providers. These environments may also include malicious agents who try to illegally raise up their benefits by deception of honest agents and trampling their benefits. Trust and Reputation Systems (TRSs) are used to control the malicious agents’ behavior and to help honest agents improving their decision making quality. Security analysis and robustness evaluation of TRSs in such hostile environments is an important concern and there are a few works to address this problem. However, most of the works in this regard are not based on a proper formal model. Instead, they normally do ad-hoc or intuitive evaluations on specific case studies. There are also a number of works that do model-based analysis and evaluation on TRSs using either simulation or verification methods. However, the proposed models in these works almost suffer from lack of generality, inexpressive formalism, and/or limited applicability. In this paper, we introduce the Trust and Reputation Interaction Model (TRIM) as a comprehensive and expressive model of an interacting agent environment with malicious agents along with an underlying TRS. TRIM has enough expressive power to cover a wide range of TRSs and is able to define advanced complicated attacks. We show that how the runtime behavior of TRIM can be specified as an infinite state homogeneous Markov Decision Process (MDP) tree through the proposed algorithm. To show the applicability of the model, some famous TRSs along with the number of important trust attacks are specified using the proposed formalism. Furthermore, although the focus of this paper is on modeling, we implemented the TRIM-Checker as a preliminary tool for robustness verification of TRSs against trust attacks. The specified TRSs are then experimentally evaluated and compared against potential attacks through a novel proposed robustness criterion which is based on MDP analysis.