Dmitri Botvich

A Trust Overlay Architecture and Protocol for Enhanced Protection against Spam

The effectiveness of current anti-spam systems is limited by the ability of spammers to adapt to new filtering techniques and the lack of incentive for mail domains to filter outgoing spam. This paper describes a new approach to spam protection based on distributed trust management. This is motivated by the fact that the SMTP mail infrastructure is managed in a distributed way by a community of mail domain administrators. A trust overlay architecture and a new protocol is presented. The TOP AS protocol specifies how experiences and recommendations are communicated between a spam filter at each mail domain and its associated trust manager, and between trust managers of different mail servers. A technique for improving mail filtering using these trust measures is also described. Initial simulations indicate the potential of this approach to improve rates of false positives and false negatives in anti-spam systems

Trustworthiness monitoring and prediction of composite services

This paper presents an approach to monitoring and predicting the trustworthiness of services that are assembled from component services. In service compositions the number of component services that need to be aggregated may be large and dynamically changing. Additionally, the component services may vary in their importance to the value of the composite service and in their trustworthiness and resource capacity. Service compositions require the capability to dynamically adapt to changes that may occur at runtime. Those changes can occur in supply and demand, in the environment or in the component services properties and behaviour. Service composers need to be able to respond swiftly to changed trustworthiness requirements and capabilities of service compositions, where those changes may not be easily predictable. With the availability of alternatives providing the same functionality as those already integrated in a composition, service composers can take advantage of this by replacing degrading or unsatisfactory components.

Integrating players, reputation and ranking to manage cheating in MMOGs

In this paper, we propose an approach that uses in-game reputation as a solution to the problem of cheating in massively multiplayer online games. What constitutes cheating is however quite context-specific and subjective, and there is no universal view. Thus our approach aims to adjust to the particular forms of cheating to which players object rather than deciding a priori which forms of cheating should be controlled.n The main feature of our approach is an architecture and model for maintaining player-based and context-appropriate trust and reputation measures, with the integration of these into the games ranking system. When an avatar loses reputation, our approach intervenes to reduce its ranking. It is envisaged that players will come to attach value to reputation in its own right. We also present the results of relatively large-scale simulations of various scenarios involving sequences of encounters between players, with an initial implementation of our reputation and ranking model in place, to observe the impact on cheaters (and non-cheaters).

Trustworthiness monitoring of dynamic service compositions

In Web service compositions the number of component services that need to be aggregated may be large and dynamically changing. Web service (WS) compositions require the capability to dynamically adapt to changes that may occur at runtime, including changes in the environment and in the component services themselves. Service composers must be able to respond swiftly to changed trustworthiness (TW) requirements and capabilities of service compositions, where those changes may not be easily predictable. With the availability of alternative services providing the same functionality as those already integrated in a service composition, service composers can take advantage of this by dynamically replacing degrading or unsatisfactory components. This paper provides techniques and an approach to dynamically detect and replace component services based on their trustworthiness.

A Combined Biologically and Socially Inspired Approach to Mitigating Ad Hoc Network Threats

This paper describes a collaborative approach to handling dynamic attack threats in mobile ad hoc networks. Our approach is biologically and socially motivated. Each network node maintains a trust score for each other node of which it is aware and distributes these to its neighbourhood. Services have associated trust thresholds - the more sensitive the service, the higher the threshold. We define a robust decentralised dynamic system involving nodes, services and trust scores that helps to quickly and reliably locate potential sources of attacks and their threat level. The paper presents results of simulations of the behaviour of the systems dynamics and its interpretation in the context of ad hoc networks.

Implementing a Trust Overlay Framework for Digital Ecosystems

Digital Ecosystems, being decentralised in nature, are inherently untrustworthy environments. This is due to the fact that these environments lack a centralised gatekeeper and identity provider. In order for businesses to operate in these environments there is a need for security measures to support accountability and traceability. This paper describes a trust overlay network developed in the OPAALS project to allow entities participating in digital ecosystems to share experience through the exchange of trust values and to leverage on this network to determine reputation based trustworthiness of unknown and initially untrusted entities. An overlay network is described together with sample algorithms and a discussion on implementation.

A service-centric approach to access control and monitoring based on distributed trust

A service-oriented approach to dynamic refinement of security enforcement is described in this paper. This is based on a closed loop feedback system where live distributed trust measures are used to adapt access control settings in a changing threat environment. A general trust overlay architecture and model are presented. Some specific application scenarios are discussed, in particular spam filtering and distributed intrusion detection in mobile ad hoc networks. It is shown using simulations of some specific scenarios that this dynamic system is robust and has the potential to enhance security and access control efficiency.

Enhancement of Critical Financial Infrastructure Protection Using Trust Management

Providing protection to the financial infrastructure in the face of faults and malevolent attacks is vital to the stability, availability, and continuity of key financial markets and businesses worldwide. Traditional protection approaches have focused on protecting individual financial institutions (FIs) while ignoring the threats arising from cross-domain interactions as well as those originating from other critical infrastructures. With the growing complexity of inter-organisational boundaries and their increasing interdependence, such isolated approaches are no longer adequate. However, sharing information between FIs relating to critical events and the reliance on others’ quality of service attributes such as security requires varying levels of trust between them depending on the requirements of each individual FI and the sensitivity of exchanged information. This paper describes a trust management system developed to allow the evaluation, monitoring, and management of trustworthiness levels of FIs exchanging critical events and information. Trustworthiness levels are used to assure FIs of the reliability of each other and to filter events and data being processed. The system introduces a novel reusable architecture that allows flexibility and extensibility of trust metrics and trust algorithms.

Collaborative Strategies for Reducing Attacks on Ad Hoc Network Nodes

This paper is focused on the integration of strategies for managing trust in ad hoc and other unstructured networks and services. A general trust overlay architecture and model are provided, and the integration of a range of strategies is discussed. These include strategies for efficient exchange of trust information as well as for individual nodes to capture and use this information in making security decisions. Results are presented of simulations that assess the effectiveness of these strategies in ad hoc networks. Of particular interest is the robustness of the trust system when faced with malicious nodes that attempt to corrupt the system, possibly in collusion with each other.