Jimmy McGibney

A Trust Overlay Architecture and Protocol for Enhanced Protection against Spam

The effectiveness of current anti-spam systems is limited by the ability of spammers to adapt to new filtering techniques and the lack of incentive for mail domains to filter outgoing spam. This paper describes a new approach to spam protection based on distributed trust management. This is motivated by the fact that the SMTP mail infrastructure is managed in a distributed way by a community of mail domain administrators. A trust overlay architecture and a new protocol is presented. The TOP AS protocol specifies how experiences and recommendations are communicated between a spam filter at each mail domain and its associated trust manager, and between trust managers of different mail servers. A technique for improving mail filtering using these trust measures is also described. Initial simulations indicate the potential of this approach to improve rates of false positives and false negatives in anti-spam systems

A service-centric model for intrusion detection in next-generation networks

In this paper we argue for a new service-centric model for developing and implementing intrusion detection systems. This new approach is influenced by the convergence of computer networking and telecommunications systems, and ways that the telecoms industry manages issues of fraud. Interoperability of intrusion detection components with the rest of the system, in particular logging and billing subsystems, requires standardisation of usage data representation formats and development of a standard ontology for intrusion detection.

Establishing trust between mail servers to improve spam filtering

This paper proposes a new way to improve spam filtering based on the establishment and maintenance of trust between mail domains. An architecture is presented where each mail domain has an associated trust manager that dynamically records trust measures pertaining to other domains. Trust by one mail domain in another is influenced by direct experience as well as recommendations issued by collaborators. Each trust manager interacts with local spam filtering and peer trust managers to continuously update trust. These trust measures are used to tune filter sensitivity. A simulation set-up is described with multiple nodes that send and receive mail, some of which is spam. Rogue mail servers that produce spam are also introduced. Results of these simulations demonstrate the potential of trust based spam filtering, and are assessed in terms of improvements in rates of false positives and false negatives.

Integrating players, reputation and ranking to manage cheating in MMOGs

In this paper, we propose an approach that uses in-game reputation as a solution to the problem of cheating in massively multiplayer online games. What constitutes cheating is however quite context-specific and subjective, and there is no universal view. Thus our approach aims to adjust to the particular forms of cheating to which players object rather than deciding a priori which forms of cheating should be controlled. The main feature of our approach is an architecture and model for maintaining player-based and context-appropriate trust and reputation measures, with the integration of these into the games ranking system. When an avatar loses reputation, our approach intervenes to reduce its ranking. It is envisaged that players will come to attach value to reputation in its own right. We also present the results of relatively large-scale simulations of various scenarios involving sequences of encounters between players, with an initial implementation of our reputation and ranking model in place, to observe the impact on cheaters (and non-cheaters).

Distributed dynamic protection of services on ad hoc and peer to peer networks

A collaborative system for dynamic refinement of security in peer-to-peer and mobile ad hoc networks is described in this paper. This is based on a closed loop system where live distributed trust measures are used to modify access control settings in a changing threat environment. A service oriented trust overlay architecture and model underlies this system. In this model, services have associated trust thresholds - the more sensitive the service, the higher the threshold. The results of simulations of the dynamics of this kind of system are presented and a variety of algorithmic approaches to managing trust are analysed and discussed. It is demonstrated that this dynamic system has the potential to enhance security and access control efficiency and that it displays properties of robustness when faced with malicious entities that attempt to corrupt the system.

Trustworthiness monitoring of dynamic service compositions

In Web service compositions the number of component services that need to be aggregated may be large and dynamically changing. Web service (WS) compositions require the capability to dynamically adapt to changes that may occur at runtime, including changes in the environment and in the component services themselves. Service composers must be able to respond swiftly to changed trustworthiness (TW) requirements and capabilities of service compositions, where those changes may not be easily predictable. With the availability of alternative services providing the same functionality as those already integrated in a service composition, service composers can take advantage of this by dynamically replacing degrading or unsatisfactory components. This paper provides techniques and an approach to dynamically detect and replace component services based on their trustworthiness.

A Combined Biologically and Socially Inspired Approach to Mitigating Ad Hoc Network Threats

This paper describes a collaborative approach to handling dynamic attack threats in mobile ad hoc networks. Our approach is biologically and socially motivated. Each network node maintains a trust score for each other node of which it is aware and distributes these to its neighbourhood. Services have associated trust thresholds - the more sensitive the service, the higher the threshold. We define a robust decentralised dynamic system involving nodes, services and trust scores that helps to quickly and reliably locate potential sources of attacks and their threat level. The paper presents results of simulations of the behaviour of the systems dynamics and its interpretation in the context of ad hoc networks.

Trust and Privacy

In this chapter we demonstrate how to increase the value of shared information by providing context on its quality via trust metrics. In order to evaluate the achieved level of trust, a trust evaluation system is described. This system assesses the quality of information based on past behaviour, direct experience, recommendation, referral, and roles. This management process filters and prioritises information provided by Semantic Room (SR) members while dynamically adjusting the trust level of members.

Implementing a Trust Overlay Framework for Digital Ecosystems

Digital Ecosystems, being decentralised in nature, are inherently untrustworthy environments. This is due to the fact that these environments lack a centralised gatekeeper and identity provider. In order for businesses to operate in these environments there is a need for security measures to support accountability and traceability. This paper describes a trust overlay network developed in the OPAALS project to allow entities participating in digital ecosystems to share experience through the exchange of trust values and to leverage on this network to determine reputation based trustworthiness of unknown and initially untrusted entities. An overlay network is described together with sample algorithms and a discussion on implementation.

A service-centric approach to access control and monitoring based on distributed trust

A service-oriented approach to dynamic refinement of security enforcement is described in this paper. This is based on a closed loop feedback system where live distributed trust measures are used to adapt access control settings in a changing threat environment. A general trust overlay architecture and model are presented. Some specific application scenarios are discussed, in particular spam filtering and distributed intrusion detection in mobile ad hoc networks. It is shown using simulations of some specific scenarios that this dynamic system is robust and has the potential to enhance security and access control efficiency.