skip to main content
research-article

Vulnerabilities and countermeasures in context-aware social rating services

Authors Info & Claims
Published:03 February 2012Publication History
Skip Abstract Section

Abstract

Social trust and recommendation services are the most popular social rating systems today for service providers to learn about the social opinion or popularity of a product, item, or service, such as a book on Amazon, a seller on eBay, a story on Digg or a movie on Netflix. Such social rating systems are very convenient and offer alternative learning environments for decision makers, but they open the door for attackers to manipulate the social rating systems by selfishly promoting or maliciously demoting certain items. Although a fair amount of effort has been made to understand various risks and possible defense mechanisms to counter such attacks, most of the existing work to date has been devoted to studying specific types of attacks and their countermeasures. In this article, we argue that vulnerabilities in social rating systems and their countermeasures should be examined and analyzed in a systematic manner. We first give an overview of the common vulnerabilities and attacks observed in some popular social rating services. Next, we describe three types of attack strategies in two types of social rating systems, including a comprehensive theoretical analysis of their attack effectiveness and attack costs. Three context-aware countermeasures are then presented: (i) hiding user-item relationships, (ii) using confidence weight to distinguish popular and unpopular items, and (iii) incorporating time windows in trust establishment. We also provide an in-depth discussion on how these countermeasures can be used effectively to improve the robustness and trustworthiness of the social rating services.

References

  1. Adomavicius, G. and Tuzhilin, A. 2005. Toward the next generation of recommender systems: A survey of the state-of-the-art and possible extensions. IEEE Trans. Know. Data Eng. 17, 6, 734--749. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Amatriain, X., Lathia, N. M., Pujol, J., Kwak, H., and Oliver, N. 2009. The wisdom of the few: A collaborative filtering approach based on expert opinions from the web. In Proceedings of the 32nd International ACM SIGIR Conference on Research and Development in Information Retrieval. ACM Press, New York, NY, 532--539. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Badger, D. 2010. Amazon's top reviewers: The bookstore that corrupted hadleyburg. http://www. dancingbadger.com/amareview.htm.Google ScholarGoogle Scholar
  4. Brown, J. and Morgan, J. 2006. Reputation in online markets: Some negative feedback. IBER Working Paper, University of California Berkeley, CA.Google ScholarGoogle Scholar
  5. Caverlee, J., Liu, L., and Webb, S. 2010. The social trust framework for trusted social information management. Arch. Algorith. Inf. Sci. 180, 1, 95--112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Dellarocas, C. 2003. The digitization of word-of-mouth: Promise and challenges of online feedback mechanisms. Manage. Sci. 49, 10, 1407--1424. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Douceur, J. R. 2002. The sybil attack. In Proceedings of the International Workshop as Peer-to-Peer Systems. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Faloutsos, M., Faloutsos, P., and Faloutsos, C. 1999. On power-law relationships of the Internet topology. SIGCOMM Comp. Comm. Rev. 29, 4, 251--262. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Feng, Q., Sun, Y., Liu, L., Yang, Y., and Dai, Y. 2010. Voting systems with trust mechanisms in cyberspace: Vulnerabilities and defenses. IEEE Trans. Knowl. Data Eng. 1766--1780. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Feng, Q. 2011. Research on malicious and multi-attribute problems in recommender systems, Ph.D. dissertation.Google ScholarGoogle Scholar
  11. Harmon, A. 2004. Report: Glitch IDs anonymous Amazon reviewers. http://web.archive.org/web/2008030905 1211/http://www.cnn.com/2004/TECH/internet/02/14/glitch.reveals.ap/index.html.CNN.com.Google ScholarGoogle Scholar
  12. Hines, M. 2007. Scammers gaming YouTube ratings for profit. InfoWorld. http://www.infoworld.com/article/07/05/16/cybercrooks_gaming google_1.html.Google ScholarGoogle Scholar
  13. Hoffman, K., Zage, D., and Nita-Rotaru, C. 2007. A survey of attack and defense techniques for reputation systems. Tech. repo. CSD TR # 07-013, Purdue University.Google ScholarGoogle Scholar
  14. Josang, A. and Ismail, R. 2002. The beta reputation system. In Proceedings of the 15th Electronic Commerce Conference.Google ScholarGoogle Scholar
  15. Kasneci, G., Gael, J. V., Stern, D., and Graepel, T. 2011. CoBayes: Bayesian knowledge corroboration with assessors of unknown areas of expertise. In Proceedings of the 4th ACM International Conference on Web Search and Data Mining. 465--474. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Kuter, U. and Golbeck, J. 2010. Using probabilistic confidence models for trust inference in Web-based social networks. ACM Trans. Int. Tech. 10, 2, Article 8. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Lam, S. K. and Riedl, J. 2004. Shilling recommender systems for fun and profit. In Proceedings of the 13th International World Wide Web Conference. 393--402. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Mobasher, B., Burke, R., Bhaumik, R., and Williams, C. 2007. Toward trustworthy recommender systems: An analysis of attack models and algorithm robustness. ACM Trans. Int. Tech. 7, 4, Article 23. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Parsa, A. 2009. Belkin's development rep is hiring people to write fake positive amazon reviews. http://www.thedailybackground.com/2009/01/16/exclusive-belkins-development-rep-is-hiringpeople-to-write-fake-positive-amazon-reviews/2009.Google ScholarGoogle Scholar
  20. Resnick, P. and Varian, H. R. 1997. Recommender systems. Comm. ACM 40, 3, 56--58. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Resnick, P., Zeckhauser, R., Swansonand, J., and Lockwood, K. 2006. The value of reputation on eBay: A controlled experiment, Experim. Econ. l9, 2, 79--101.Google ScholarGoogle ScholarCross RefCross Ref
  22. Saleh, K. 2008. An interview with Digg top user. http://www.invesp.com/blog/social-media/an-interview-with-digg-top-user.html. Social Media.Google ScholarGoogle Scholar
  23. Sciretta, P. 2008. IMDb watch, are dark knight fanboys burying the godfather? http://www.slashfilm.com/2008/07/28/imdb-watch-are-dark-knight-fanboys-burying-the-godfather/.Google ScholarGoogle Scholar
  24. Srivatsa, M. and Liu, L. 2006. Securing decentralized reputation management using TrustGuard. J. Parall. Dist. Comp. 66, 9, 1217--1232. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Stern, D. H., Herbrich, R., and Graepel, T. 2009. Matchbox: Large scale online bayesian recommendations. In Proceedings of the 18th International World Wide Web Conference. 111--120. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Sun, Y. L., Han, Z., Yu, W., Liu, and K. J. R. 2006. A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks. In Proceedings of IEEE INFOCOM.Google ScholarGoogle ScholarCross RefCross Ref
  27. Taobaozuan. 2010. http://www.taobaozuan.com.Google ScholarGoogle Scholar
  28. Tran, N., Min, B., Li, J., and Subramanian, L. 2009. Sybil-resilient online content voting. In Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation. USENIX Association, Berkeley, CA, 15--28. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Von Ahn, L., Maurer, B., McMillen, C., Abraham, D., and Blum, M. 2008. reCAPTCHA: Human-based character Recognition via web security measures. Science, 321, 5895, 1465--1468.Google ScholarGoogle Scholar
  30. Vu, L., Papaioannou, T., and Aberer, K. 2010. Impact of trust management and information sharing to adversarial cost in ranking systems. In IFIP Advances in Information and Communication Technology, Trust Management IV, 321, 108--124.Google ScholarGoogle Scholar
  31. Walter, F. E., Battiston, S., and Schweitzer, F. 2009. Personalized and dynamic trust in social networks. In Proceedings of the 3rd ACM Conference on Recommender Systems. ACM Press, New York, NY, 197--204. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Xiong, L. and Liu, L. 2004. PeerTrust: Supporting reputation-based trust for peer-to-peer electronic communities, IEEE Trans. Knowl. Data Eng. 16, 7, 843--857. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Yang, Y., Feng, Q., Sun, Y., and Dai, Y. 2009. Dishonest behaviors in online rating systems: Cyber competition, attack models, and attack generator. J. Comp. Sci. Tech. 24, 5, 855--867. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Yu, H., Kaminsky, M., Gibbons, P. B., and Flaxman, A. 2006. SybilGuard: Defending against sybil attacks via social networks. SIGCOMM Comp. Comm. Rev. 36, 4, 267--278. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Zarrella, D. 2009. Not everything that can be counted counts. http://pistachioconsulting.com/shortyawards-gaming/.Google ScholarGoogle Scholar

Recommendations

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Sign in

Full Access

  • Published in

    cover image ACM Transactions on Internet Technology
    ACM Transactions on Internet Technology  Volume 11, Issue 3
    January 2012
    130 pages
    ISSN:1533-5399
    EISSN:1557-6051
    DOI:10.1145/2078316
    Issue’s Table of Contents

    Copyright © 2012 ACM

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    • Published: 3 February 2012
    • Accepted: 1 September 2011
    • Revised: 1 June 2011
    • Received: 1 December 2010
    Published in toit Volume 11, Issue 3

    Permissions

    Request permissions about this article.

    Request Permissions

    Check for updates

    Qualifiers

    • research-article
    • Research
    • Refereed

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader
About Cookies On This Site

We use cookies to ensure that we give you the best experience on our website.

Learn more

Got it!