Critical systems are progressively abandoning the traditional isolated and closed architectures, and adopting more federated solutions, in order to deal with orchestrated decision making within large-scale infrastructures. Such an increasing connectivity and the possibility of dynamically integrate constituents in a seamless manner by means of a decoupling middleware solution are causing the flouring of novel and previously unseen security threats, such as internal attacks conducted by camouflaged and/or compromised federated systems. Trust management is the most efficient way for dealing with such attacks, so that each constituent computes a trust degree of the other interacting ones based on the direct experiences and of collected reputation scores. An adversary may negatively affect the overall process with false reputations, which must not be considered when estimating a trust degree. Our work combines a multi-criteria linguistic fuzzy term formulation of the trust degree with the concept of entropy for measuring the divergence of certain scores from the other ones and to avoid to consider them during reputation aggregation. A set of experiments have been conducted in order to measure the quality and effectiveness of the presented approach.
Information theoretic-based detection and removal of slander and/or false-praise attacks for robust trust management with Dempster-Shafer combination of linguistic fuzzy terms
Castiglione, Aniello;PALMIERI, Francesco;ESPOSITO, CHRISTIANCARMINE
2018-01-01
Abstract
Critical systems are progressively abandoning the traditional isolated and closed architectures, and adopting more federated solutions, in order to deal with orchestrated decision making within large-scale infrastructures. Such an increasing connectivity and the possibility of dynamically integrate constituents in a seamless manner by means of a decoupling middleware solution are causing the flouring of novel and previously unseen security threats, such as internal attacks conducted by camouflaged and/or compromised federated systems. Trust management is the most efficient way for dealing with such attacks, so that each constituent computes a trust degree of the other interacting ones based on the direct experiences and of collected reputation scores. An adversary may negatively affect the overall process with false reputations, which must not be considered when estimating a trust degree. Our work combines a multi-criteria linguistic fuzzy term formulation of the trust degree with the concept of entropy for measuring the divergence of certain scores from the other ones and to avoid to consider them during reputation aggregation. A set of experiments have been conducted in order to measure the quality and effectiveness of the presented approach.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.