Research Article
RepTrap: a novel attack on feedback-based reputation systems
@INPROCEEDINGS{10.1145/1460877.1460888, author={Yafei Yang and Qinyuan Feng and Yan Lindsay Sun and Yafei Dai }, title={RepTrap: a novel attack on feedback-based reputation systems}, proceedings={4th International ICST Conference on Security and Privacy in Communication Networks}, publisher={ACM}, proceedings_a={SECURECOMM}, year={2008}, month={9}, keywords={Reputation System Feedback Trust}, doi={10.1145/1460877.1460888} }- Yafei Yang
Qinyuan Feng
Yan Lindsay Sun
Yafei Dai
Year: 2008
RepTrap: a novel attack on feedback-based reputation systems
SECURECOMM
ACM
DOI: 10.1145/1460877.1460888
Abstract
Reputation systems are playing critical roles in securing today's distributed computing and communication systems. Similar to other security mechanisms, reputation systems can be under attack. In this paper, we report the discovery of a new attack, named RepTrap(Reputation Trap), against feedback-based reputation systems, such as those used in P2P file-sharing systems and E-commerce websites(e.g. Amazon.com). We conduct an in-depth investigation on this new attack, including analysis, case study, and performance evaluation based on real data and realistic user behavior models. We discover that the RepTrap is a strong and destructive attack that can manipulate the reputation scores of users, objects, and even undermine the entire reputation system. Compared with other known attacks that achieve the similar goals, the RepTrap requires less effort from the attackers and causes multi-dimensional damage to the reputation systems.