Privacy-Preserving Trust Management for Unwanted Traffic Control

The pervasive use of the Internet has caused an incredible growth of unwanted traffic, such as spam, malware and malicious intrusions. Unwanted traffic must be controlled because it intrudes user devices, occupies driver memory, irritates users and burdens the network. Controlling unwanted traffic based on trust and reputation mechanisms has invited significant and rigorous research in recent years. However, few of the existing solutions consider and preserve the privacy of Internet hosts that report suspicious attacks. They cannot fulfill legal requirements, and are therefore impractical. This thesis proposes a privacy-preserving trust management system for unwanted traffic control by applying a homomorphic cryptosystem. The proposed system protects privacy, which is proved to be one-way and semantically secure against chosen-plaintext (IND-CPA) attacks if the Computational Composite Residuosity Assumption (CCRA) holds. The system is implemented and its performance is extensively examined in terms of computation complexity, communication overhead and storage consumption. The result shows the effectiveness and practicality of our system to preserve the privacy of Internet hosts in the detection and control of unwanted traffic. Possible methods to improve the performance have also been discussed in the thesis