Game-Theoretic Foundations for Forming Trusted Coalitions of Multi-Cloud Services in the Presence of Active and Passive Attacks

The prominence of cloud computing as a common paradigm for offering Web-based services has led to an unprecedented proliferation in the number of services that are deployed in cloud data centers. In parallel, services' communities and cloud federations have gained an increasing interest in the recent past years due to their ability to facilitate the discovery, composition, and resource scaling issues in large-scale services' markets. The problem is that the existing community and federation formation solutions deal with services as traditional software systems and overlook the fact that these services are often being offered as part of the cloud computing technology, which poses additional challenges at the architectural, business, and security levels. The motivation of this thesis stems from four main observations/research gaps that we have drawn through our literature reviews and/or experiments, which are: (1) leading cloud services such as Google and Amazon do not have incentives to group themselves into communities/federations using the existing community/federation formation solutions; (2) it is quite difficult to find a central entity that can manage the community/federation formation process in a multi-cloud environment; (3) if we allow services to rationally select their communities/federations without considering their trust relationships, these services might have incentives to structure themselves into communities/federations consisting of a large number of malicious services; and (4) the existing intrusion detection solutions in the domain of cloud computing are still ineffective in capturing advanced multi-type distributed attacks initiated by communities/federations of attackers since they overlook the attacker's strategies in their design and ignore the cloud system's resource constraints. This thesis aims to address these gaps by (1) proposing a business-oriented community formation model that accounts for the business potential of the services in the formation process to motivate the participation of services of all business capabilities, (2) introducing an inter-cloud trust framework that allows services deployed in one or disparate cloud centers to build credible trust relationships toward each other, while overcoming the collusion attacks that occur to mislead trust results even in extreme cases wherein attackers form the majority, (3) designing a trust-based game theoretical model that enables services to distributively form trustworthy multi-cloud communities wherein the number of malicious services is minimal, (4) proposing an intra-cloud trust framework that allows the cloud system to build credible trust relationships toward the guest Virtual Machines (VMs) running cloud-based services using objective and subjective trust sources, (5) designing and solving a trust-based maxmin game theoretical model that allows the cloud system to optimally distribute the detection load among VMs within a limited budget of resources, while considering Distributed Denial of Service (DDoS) attacks as a practical scenario, and (6) putting forward a resource-aware comprehensive detection and prevention system that is able to capture and prevent advanced simultaneous multi-type attacks within a limited amount of resources. We conclude the thesis by uncovering some persisting research gaps that need further study and investigation in the future

A Trust Management Framework for Decision Support Systems

In the era of information explosion, it is critical to develop a framework which can extract useful information and help people to make “educated” decisions. In our lives, whether we are aware of it, trust has turned out to be very helpful for us to make decisions. At the same time, cognitive trust, especially in large systems, such as Facebook, Twitter, and so on, needs support from computer systems. Therefore, we need a framework that can effectively, but also intuitively, let people express their trust, and enable the system to automatically and securely summarize the massive amounts of trust information, so that a user of the system can make “educated” decisions, or at least not blind decisions. Inspired by the similarities between human trust and physical measurements, this dissertation proposes a measurement theory based trust management framework. It consists of three phases: trust modeling, trust inference, and decision making. Instead of proposing specific trust inference formulas, this dissertation proposes a fundamental framework which is flexible and can be adapted by many different inference formulas. Validation experiments are done on two data sets: the Epinions.com data set and the Twitter data set. This dissertation also adapts the measurement theory based trust management framework for two decision support applications. In the first application, the real stock market data is used as ground truth for the measurement theory based trust management framework. Basically, the correlation between the sentiment expressed on Twitter and stock market data is measured. Compared with existing works which do not differentiate tweets’ authors, this dissertation analyzes trust among stock investors on Twitter and uses the trust network to differentiate tweets’ authors. The results show that by using the measurement theory based trust framework, Twitter sentiment valence is able to reflect abnormal stock returns better than treating all the authors as equally important or weighting them by their number of followers. In the second application, the measurement theory based trust management framework is used to help to detect and prevent from being attacked in cloud computing scenarios. In this application, each single flow is treated as a measurement. The simulation results show that the measurement theory based trust management framework is able to provide guidance for cloud administrators and customers to make decisions, e.g. migrating tasks from suspect nodes to trustworthy nodes, dynamically allocating resources according to trust information, and managing the trade-off between the degree of redundancy and the cost of resources

A multi-dimensional trust-model for dynamic, scalable and resources-efficient trust-management in social internet of things

L'internet des Objets (IoT) est un paradigme qui a rendu les objets du quotidien, intelligents en leur offrant la possibilité de se connecter à Internet, de communiquer et d'interagir. L'intégration de la composante sociale dans l'IoT a donné naissance à l'Internet des Objets Social (SIoT), qui a permis de surmonter diverse problématiques telles que l'interopérabilité et la découverte de ressources. Dans ce type d'environnement, les participants rivalisent afin d'offrir une variété de services attrayants. Certains d'entre eux ont recours à des comportements malveillants afin de propager des services de mauvaise qualité. Ils lancent des attaques, dites de confiance, et brisent les fonctionnalités de base du système. Plusieurs travaux de la littérature ont abordé ce problème et ont proposé différents modèles de confiance. La majorité d'entre eux ont tenté de réappliquer des modèles de confiance conçus pour les réseaux sociaux ou les réseaux pair-à-pair. Malgré les similitudes entre ces types de réseaux, les réseaux SIoT présentent des particularités spécifiques. Dans les SIoT, nous avons différents types d'entités qui collaborent, à savoir des humains, des dispositifs et des services. Les dispositifs peuvent présenter des capacités de calcul et de stockage très limitées et leur nombre peut atteindre des millions. Le réseau qui en résulte est complexe et très dynamique et les répercussions des attaques de confiance peuvent être plus importantes. Nous proposons un nouveau modèle de confiance, multidimensionnel, dynamique et scalable, spécifiquement conçu pour les environnements SIoT. Nous proposons, en premier lieu, des facteurs permettant de décrire le comportement des trois types de nœuds impliqués dans les réseaux SIoT et de quantifier le degré de confiance selon les trois dimensions de confiance résultantes. Nous proposons, ensuite, une méthode d'agrégation basée sur l'apprentissage automatique et l'apprentissage profond qui permet d'une part d'agréger les facteurs proposés pour obtenir un score de confiance permettant de classer les nœuds, mais aussi de détecter les types d'attaques de confiance et de les contrer. Nous proposons, ensuite, une méthode de propagation hybride qui permet de diffuser les valeurs de confiance dans le réseau, tout en remédiant aux inconvénients des méthodes centralisée et distribuée. Cette méthode permet d'une part d'assurer la scalabilité et le dynamisme et d'autre part, de minimiser la consommation des ressources. Les expérimentations appliquées sur des de données synthétiques nous ont permis de valider le modèle proposé.The Internet of Things (IoT) is a paradigm that has made everyday objects intelligent by giving them the ability to connect to the Internet, communicate and interact. The integration of the social component in the IoT has given rise to the Social Internet of Things (SIoT), which has overcome various issues such as interoperability, navigability and resource/service discovery. In this type of environment, participants compete to offer a variety of attractive services. Some of them resort to malicious behavior to propagate poor quality services. They launch so-called Trust-Attacks (TA) and break the basic functionality of the system. Several works in the literature have addressed this problem and have proposed different trust-models. Most of them have attempted to adapt and reapply trust models designed for traditional social networks or peer-to-peer networks. Despite the similarities between these types of networks, SIoT ones have specific particularities. In SIoT, there are different types of entities that collaborate: humans, devices, and services. Devices can have very limited computing and storage capacities, and their number can be as high as a few million. The resulting network is complex and highly dynamic, and the impact of Trust-Attacks can be more compromising. In this work, we propose a Multidimensional, Dynamic, Resources-efficient and Scalable trust-model that is specifically designed for SIoT environments. We, first, propose features to describe the behavior of the three types of nodes involved in SIoT networks and to quantify the degree of trust according to the three resulting Trust-Dimensions. We propose, secondly, an aggregation method based on Supervised Machine-Learning and Deep Learning that allows, on the one hand, to aggregate the proposed features to obtain a trust score allowing to rank the nodes, but also to detect the different types of Trust-Attacks and to counter them. We then propose a hybrid propagation method that allows spreading trust values in the network, while overcoming the drawbacks of centralized and distributed methods. The proposed method ensures scalability and dynamism on the one hand, and minimizes resource consumption (computing and storage), on the other. Experiments applied to synthetic data have enabled us to validate the resilience and performance of the proposed model

Empirical Findings in Need of a Theory—in Defense of Institutional Investors

In recent years theorists have argued that institutional investors’ diversification harms competition. The theory is that when portfolio firms are cross-owned by institutional investors, managements compete less vigorously than they would have but for the cross ownership. The theory was bolstered by several empirical studies. The supporting empirical studies have been contested on methodological grounds, and some recent empirical studies make contradicting findings. But the theory of competitive harm itself is still considered persuasive. The federal antitrust agencies and competition agencies across the globe have begun to take action against instances of cross ownership based on this theory, in what has been described as an attack on the entire system of mutual fund holdings. This Article resolves the mismatch between theory and the most recent empirical findings. The Article develops an understanding of cross ownership and its effects on portfolio firms’ conduct. It challenges the theory of competitive harm, and shows that institutional investors’ common ownership cannot adversely affect portfolio firms’ competitive conduct. Moreover, the Article shows that cross ownership actually safeguards against competitive harm of the kind envisioned in the literature. The theory developed in this Article suggests that enforcement measures taken against instances of cross ownership are socially harmful. They unduly deny investors the long-acknowledged benefits of diversification and disrupt the functioning of capital markets. These enforcement efforts should be abandoned as swiftly as they were initiated

Networks and trust: systems for understanding and supporting internet security

Includes bibliographical references.2022 Fall.This dissertation takes a systems-level view of the multitude of existing trust management systems to make sense of when, where and how (or, in some cases, if) each is best utilized. Trust is a belief by one person that by transacting with another person (or organization) within a specific context, a positive outcome will result. Trust serves as a heuristic that enables us to simplify the dozens decisions we make each day about whom we will transact with. In today's hyperconnected world, in which for many people a bulk of their daily transactions related to business, entertainment, news, and even critical services like healthcare take place online, we tend to rely even more on heuristics like trust to help us simplify complex decisions. Thus, trust plays a critical role in online transactions. For this reason, over the past several decades researchers have developed a plethora of trust metrics and trust management systems for use in online systems. These systems have been most frequently applied to improve recommender systems and reputation systems. They have been designed for and applied to varied online systems including peer-to-peer (P2P) filesharing networks, e-commerce platforms, online social networks, messaging and communication networks, sensor networks, distributed computing networks, and others. However, comparatively little research has examined the effects on individuals, organizations or society of the presence or absence of trust in online sociotechnical systems. Using these existing trust metrics and trust management systems, we design a set of experiments to benchmark the performance of these existing systems, which rely heavily on network analysis methods. Drawing on the experiments' results, we propose a heuristic decision-making framework for selecting a trust management system for use in online systems. In this dissertation we also investigate several related but distinct aspects of trust in online sociotechnical systems. Using network/graph analysis methods, we examine how trust (or lack of trust) affects the performance of online networks in terms of security and quality of service. We explore the structure and behavior of online networks including Twitter, GitHub, and Reddit through the lens of trust. We find that higher levels of trust within a network are associated with more spread of misinformation (a form of cybersecurity threat, according to the US CISA) on Twitter. We also find that higher levels of trust in open source developer networks on GitHub are associated with more frequent incidences of cybersecurity vulnerabilities. Using our experimental and empirical findings previously described, we apply the Systems Engineering Process to design and prototype a trust management tool for use on Reddit, which we dub Coni the Trust Moderating Bot. Coni is, to the best of our knowledge, the first trust management tool designed specifically for use on the Reddit platform. Through our work with Coni, we develop and present a blueprint for constructing a Reddit trust tool which not only measures trust levels, but can use these trust levels to take actions on Reddit to improve the quality of submissions within the community (a subreddit)

Fraud detection in the banking sector : a multi-agent approach

Fraud is an increasing phenomenon as shown in many surveys carried out by leading international consulting companies in the last years. Despite the evolution of electronic payments and hacking techniques there is still a strong human component in fraud schemes. Conflict of interest in particular is the main contributing factor to the success of internal fraud. In such cases anomaly detection tools are not always the best instruments, since the fraud schemes are based on faking documents in a context dominated by lack of controls, and the perpetrators are those ones who should control possible irregularities. In the banking sector audit team experts can count only on their experience, whistle blowing and the reports sent by their inspectors. The Fraud Interactive Decision Expert System (FIDES), which is the core of this research, is a multi-agent system built to support auditors in evaluating suspicious behaviours and to speed up the evaluation process in order to detect or prevent fraud schemes. The system combines Think-map, Delphi method and Attack trees and it has been built around audit team experts and their needs. The output of FIDES is an attack tree, a tree-based diagram to ”systematically categorize the different ways in which a system can be attacked”. Once the attack tree is built, auditors can choose the path they perceive as more suitable and decide whether or not to start the investigation. The system is meant for use in the future to retrieve old cases in order to match them with new ones and find similarities. The retrieving features of the system will be useful to simplify the risk management phase, since similar countermeasures adopted for past cases might be useful for present ones. Even though FIDES has been built with the banking sector in mind, it can be applied in all those organisations, like insurance companies or public organizations, where anti-fraud activity is based on a central anti-fraud unit and a reporting system

High Quality P2P Service Provisioning via Decentralized Trust Management

Trust management is essential to fostering cooperation and high quality service provisioning in several peer-to-peer (P2P) applications. Among those applications are customer-to-customer (C2C) trading sites and markets of services implemented on top of centralized infrastructures, P2P systems, or online social networks. Under these application contexts, existing work does not adequately address the heterogeneity of the problem settings in practice. This heterogeneity includes the different approaches employed by the participants to evaluate trustworthiness of their partners, the diversity in contextual factors that influence service provisioning quality, as well as the variety of possible behavioral patterns of the participants. This thesis presents the design and usage of appropriate computational trust models to enforce cooperation and ensure high quality P2P service provisioning, considering the above heterogeneity issues. In this thesis, first I will propose a graphical probabilistic framework for peers to model and evaluate trustworthiness of the others in a highly heterogeneous setting. The framework targets many important issues in trust research literature: the multi-dimensionality of trust, the reliability of different rating sources, and the personalized modeling and computation of trust in a participant based on the quality of services it provides. Next, an analysis on the effective usage of computational trust models in environments where participants exhibit various behaviors, e.g., honest, rational, and malicious, will be presented. I provide theoretical results showing the conditions under which cooperation emerges when using trust learning models with a given detecting accuracy and how cooperation can still be sustained while reducing the cost and accuracy of those models. As another contribution, I also design and implement a general prototyping and simulation framework for reputation-based trust systems. The developed simulator can be used for many purposes, such as to discover new trust-related phenomena or to evaluate performance of a trust learning algorithm in complex settings. Two potential applications of computational trust models are then discussed: (1) the selection and ranking of (Web) services based on quality ratings from reputable users, and (2) the use of a trust model to choose reliable delegates in a key recovery scenario in a distributed online social network. Finally, I will identify a number of various issues in building next-generation, open reputation-based trust management systems as well as propose several future research directions starting from the work in this thesis

Proceedings of the 18th Irish Conference on Artificial Intelligence and Cognitive Science

These proceedings contain the papers that were accepted for publication at AICS-2007, the 18th Annual Conference on Artificial Intelligence and Cognitive Science, which was held in the Technological University Dublin; Dublin, Ireland; on the 29th to the 31st August 2007. AICS is the annual conference of the Artificial Intelligence Association of Ireland (AIAI)