Networks and trust: systems for understanding and supporting internet security

Includes bibliographical references.2022 Fall.This dissertation takes a systems-level view of the multitude of existing trust management systems to make sense of when, where and how (or, in some cases, if) each is best utilized. Trust is a belief by one person that by transacting with another person (or organization) within a specific context, a positive outcome will result. Trust serves as a heuristic that enables us to simplify the dozens decisions we make each day about whom we will transact with. In today's hyperconnected world, in which for many people a bulk of their daily transactions related to business, entertainment, news, and even critical services like healthcare take place online, we tend to rely even more on heuristics like trust to help us simplify complex decisions. Thus, trust plays a critical role in online transactions. For this reason, over the past several decades researchers have developed a plethora of trust metrics and trust management systems for use in online systems. These systems have been most frequently applied to improve recommender systems and reputation systems. They have been designed for and applied to varied online systems including peer-to-peer (P2P) filesharing networks, e-commerce platforms, online social networks, messaging and communication networks, sensor networks, distributed computing networks, and others. However, comparatively little research has examined the effects on individuals, organizations or society of the presence or absence of trust in online sociotechnical systems. Using these existing trust metrics and trust management systems, we design a set of experiments to benchmark the performance of these existing systems, which rely heavily on network analysis methods. Drawing on the experiments' results, we propose a heuristic decision-making framework for selecting a trust management system for use in online systems. In this dissertation we also investigate several related but distinct aspects of trust in online sociotechnical systems. Using network/graph analysis methods, we examine how trust (or lack of trust) affects the performance of online networks in terms of security and quality of service. We explore the structure and behavior of online networks including Twitter, GitHub, and Reddit through the lens of trust. We find that higher levels of trust within a network are associated with more spread of misinformation (a form of cybersecurity threat, according to the US CISA) on Twitter. We also find that higher levels of trust in open source developer networks on GitHub are associated with more frequent incidences of cybersecurity vulnerabilities. Using our experimental and empirical findings previously described, we apply the Systems Engineering Process to design and prototype a trust management tool for use on Reddit, which we dub Coni the Trust Moderating Bot. Coni is, to the best of our knowledge, the first trust management tool designed specifically for use on the Reddit platform. Through our work with Coni, we develop and present a blueprint for constructing a Reddit trust tool which not only measures trust levels, but can use these trust levels to take actions on Reddit to improve the quality of submissions within the community (a subreddit)

Calculating trust using multiple heterogeneous social networks

In today’s internet, a web user becomes members of multiple social networks due to different types of services provided by each of these networks. This creates an opportunity to make trust decisions that go beyond individual social networks, since these networks provide single perspective of trust. To make trust inference over multiple social networks, these networks needs to be consolidated. It is non-trivial as these networks are of heterogeneous nature due to different naming conventions used in these networks. Furthermore, trust metrics extracted from these networks are also varied in nature due to different trust evaluation algorithms used in each of these networks. Heterogeneity of these social networks can be overcome by using semantic technologies as it allows us to represent knowledge using ontologies. Trust data can be consolidated by using such data fusion techniques which not only provide but also preserves trust data integrity from each of the individual social network profiles. The proposed semantic framework is evaluated using two sets of experiments. Through simulations in this work we analysed various techniques for data fusion. For identifying suitable technique which preserves the integrity of trust consolidated from each of the individual networks. Analysis revealed that Weighted Ordered Weighted Averaging parameter best aggregated trust data, and unlike other techniques, it preserved the integrity of trust from each individual network for varying Participant Overlap and Tie Overlap (p ≤ 0.05). Similarly, for experimental analysis we used findings of the simulation study about the best trust aggregation technique and applied the proposed framework on real- life trust data between participants which we extracted from pairs of professional social networks. Analysis partially proved our hypothesis that generating better trust values from consolidated Multiple Heterogeneous networks. We witnessed an improvement in overall results for all the participants who were part of multiple social networks (p ≤ 0.05), while disproving the claim for those existing in non-overlapping regions of the social networks