上海交通大学学报(自然版) ›› 2014, Vol. 48 ›› Issue (07): 899-906.

• 自动化技术、计算机技术 • 上一篇    下一篇

一种识别和追踪恶意匿名评价者的信任模型

张柯丽1,李忠献1,2,杨义先1
  

  1. (1.北京邮电大学 信息安全中心, 北京 100876;  2.国瑞数码安全系统有限公司, 北京 100080)
     
     
  • 收稿日期:2013-10-09 出版日期:2014-07-28 发布日期:2014-07-28
  • 基金资助:

    国家自然科学基金(61121061,61140320),国家科技支撑计划(2012BAH37B05)资助项目

A Trust Model for Identifying and Tracing Malicious Anonymous Feedback Providers

ZHANG Keli1,LI Zhongxian1,2,YANG Yixian1
  

  1. (1.Information Security Center, Beijing University of Posts and Telecommunications, Beijing 1000876, China; 2. National Cybernet Security Co. Ltd., Beijing 100088, China)
  • Received:2013-10-09 Online:2014-07-28 Published:2014-07-28

摘要:

针对现有信誉系统中为了激励和保护节点提供诚实可靠的信誉反馈值,而引入的匿名评价机制存在难以识别恶意节点的诋毁和共谋等攻击问题,提出了一种保护诚实评价者并能识别和追踪恶意节点的匿名评价信任模型. 该模型中节点基于可验证随机函数生成的评价标签对交易对象进行匿名评价,隐藏了交易过程中真实身份;模型引入贝叶斯评价信息过滤算法识别恶意评价标签,对超过恶意评价次数门限值的评价标签,模型基于可验证密钥共享机制自动暴露其真实身份并对其所有评价进行追踪. 仿真试验及分析表明,该信任模型能够有效抵御匿名恶意节点攻击,相比已有的同类型的信任模型较大程度地提高了节点信任累加值的准确度.
 
 

关键词: 信誉系统, 网络安全, 隐私, 信任模型, 匿名, 女巫攻击

Abstract:

In reputation systems, the anonymous evaluation mechanisms introduced for preserving privacy of honest feedback providers brings about the difficulty in identifying slandering, ballot stuffing and Sybil attacks. A trust model which protects honest feedback providers and identifies and traces the malicious peer was proposed in this paper to deal with this problem. Peers in this trust model use a verifiable random function to generate tags, so as to anonymously evaluate the transaction objects and hide the true identity of the transaction process. In this model, the Bayesian filtering algorithm was introduced to identify malicious tags; when the tags exceed the threshold malicious number, the trust model can automatically expose true identities and track all of the providing feedbacks based on the verifiable secret sharing mechanism. The simulation results show that the proposed trust model can efficiently resist attacks of anonymous malicious peers and evidently improve the accuracy of trust accumulated value compared with two existing trust models.
 

Key words: reputation system, network security, privacy; , trust model, anonymity; , Sybil attack

中图分类号: