Elsevier

Computers & Security

Volume 47, November 2014, Pages 3-25
Computers & Security

Analysis on the acceptance of Global Trust Management for unwanted traffic control based on game theory

https://doi.org/10.1016/j.cose.2014.03.010Get rights and content

Abstract

The Internet has witnessed an incredible growth in its pervasive use and brought unprecedented convenience to its users. However, an increasing amount of unwanted traffic, such as spam and malware, severely burdens both users and Internet service providers (ISPs), which arouses wide public concern. A Global Trust Management (GTM) system was proposed and demonstrated to be accurate, robust and effective on unwanted traffic control in our previous work (Yan et al., 2011, Yan et al., 2013). But its acceptance by network entities (ISPs and hosts) is crucial to its practical deployment and final success. In this paper, we investigate the acceptance conditions of the GTM system using game theory. Considering the selfish nature of network entities, we address our problem as a social dilemma. To enhance cooperation among network entities, a public-goods-based GTM game is formulated with a trust-based punishment mechanism that can provide the incentives of behaving cooperatively for network entities. Meanwhile, the conditions of the adoption of GTM system are figured out. We also carry out a number of simulations to illustrate the acceptance conditions of the GTM system in practical deployment, and show the effectiveness of the trust-based punishment mechanism. Furthermore, suggestions for ISPs cooperating with antivirus vendors are put forward.

Introduction

The Internet has witnessed an incredible growth in its pervasive use. People are enjoying unprecedented convenience brought by the Internet boom. However, at the same time when Internet users benefit from the Internet, they are more and more troubled by the increasing amount of unwanted traffic, such as spam, malware, vicious intrusions, and so on. For example, spam accounts for 14.5 billion messages globally per day, i.e., it makes up 45% of all emails (http://www.symantec.com/about/news/release/article.jsp?prid=20120429_01). According to South Korea's National Police Agency, the computer networks of three major South Korea banks and three television networks went offline almost at the same time on 20th March 2013, caused by a malware attack (forum.isvoc.com/43172.htm). The websites and corporate networks at Bank of America, JPMorgan Chase and Citigroup suffered from distributed denial-of-service (DDoS) attacks both in 2011 and 2012, resulting in hundreds of complaints from their customers (www.nbcnews.com/technolog, 1260). Such incidents undoubtedly increase public worries on network security. Thus, working out an efficient solution to control the unwanted traffic in the Internet has become a crucial task that brooks no delay.

To deal with unwanted traffic, technologies like firewalls, network monitoring, and intrusion detection systems (IDS) are widely used, achieving certain positive effects. Quite a number of approaches have been put forward for controlling spam, malware, and DDoS attacks (Zheleva et al., 2008, Vasudevan, 2008, Choi et al., 2010). In our previous work, we proposed a Global Trust Management (GTM) system, which executes accurate, effective and robust unwanted traffic control based on trust evaluation on each network entity (Yan et al., 2011, Yan et al., 2013). But in real practice, whether network entities (e.g., ISPs and their subscribed hosts) have willingness to accept and adopt such a system greatly affects the success of system deployment. There exists a social dilemma that a cost suffered by cooperative entities that adopt GTM would generate a benefit shared by all, so entities involved would prefer to take a free ride (i.e., not adopt GTM) as long as their utilities could be maximized. But this selfish behavior will make everyone worse off and finally degrade the performance of the GTM system.

In this paper, we apply game theory to analyze the acceptance of the GTM system for unwanted traffic control. We respectively analyze the social dilemma in both host layer and ISP layer. A public goods based GTM game is formulated, considering the quality of network environment as public goods. In each layer, we explicitly compare entities' utilities for taking adverse (cooperative/uncooperative) strategies and find out the system weakness. Next, we introduce a trust-based punishment mechanism in order to stimulate network entities to accept and adopt the GTM system by contributing to the system. That is, whether an entity should get punishment depends on its trust value, which is directly related to its contribution to the system. We further put forward suggestions for ISPs on operating strategies to cooperate with antivirus vendors to achieve a win–win situation. Specifically, the contributions of our paper are described as below:

  • 1)

    This paper is one of the first to address the problem of network entities' cooperation on unwanted traffic control as a social dilemma.

  • 2)

    We formulate a mechanism to arouse the network entities' willingness to contribute to the GTM system and analyze it by applying game theory;

  • 3)

    We analyze the acceptance and adoption conditions for the GTM system.

  • 4)

    We conduct a number of simulations to illustrate the acceptance conditions of the GTM system in practical deployment, and show the effectiveness of the trust-based punishment mechanism.

The rest of the paper is organized as follows. Background and related work section gives a brief review of the game theory, social dilemma and related work. System model section describes our system model and research assumptions. Public-goods-based GTM game is formulated to analyze the social dilemma and a trust-based punishment mechanism is proposed to mitigate the dilemma in Public-goods-based GTM game section, followed by simulation and evaluation results in Evaluation: simulation results and analysis section. The suggestion on ISPs' operating strategies is given in Further discussions section. Finally, conclusion is summarized in the last section.

Section snippets

Game theory

Game theory is the study of mathematical models of conflict and cooperation between intelligent rational decision-makers (Myerson, 1991). A rational player tries to take strategic actions in iterations to produce (mostly to maximize) a utility it desires, and the utility is the difference between benefit and cost. Game theory has a wide range of usage in economics, political science, biology, and so on. Nowadays, it has come to play an increasingly important role in modeling and analyzing

Global trust management model

We consider a network N = (H, I) where H is a set of hosts and I is a set of ISPs in the network. We assume that the number of hosts is n and that of ISPs is m. This network adopts the GTM system for unwanted traffic control. A global trust operator (GTO) is introduced to evaluate each system entity's trust. The trust contains two parts: the global trust that indicates if the entity is a source of unwanted traffic and the detection trust that specifies the previous detection performance of the

Public-goods-based GTM game

As mentioned earlier, the performance of GTM on unwanted traffic control is based on the contribution of each network entity. However, the presence of selfish entities that are reluctant to contribute creates a social dilemma. To analyze how the dilemma could be mitigated and how the GTM system could be widely accepted, we propose a public-goods-based GTM game in network N, with the quality of the network environment treated as public goods. In our game, time is divided into slots and the game

Simulation settings

We carried out a number of simulations to illustrate the acceptance conditions of the GTM system in practical deployment, and show the effectiveness of our trust-based punishment mechanism on mitigating the social dilemma. In our simulations, we designed a network society of n = 10,000 hosts in total. The simulations were conducted in two parts: game among hosts and game among ISPs, according to the above game theoretical analysis. In the first part, we assume that all of the hosts are

Further discussions

Hosts choose their strategies whether to purchase the latest antivirus toolkits or not based on comparison between utilities they could obtain under both decisions. Low cost and high-quality Internet experience are what they desire for. Though our trust-based punishment mechanism can effectively mitigate the social dilemma on adopting the GTM system, it would be more preferred by hosts if the cost of toolkits could be reduced. This is very possible in practice since quite a number of antivirus

Conclusion

An increasing amount of unwanted traffic keeps troubling both ISPs and the Internet users, which is a challenging problem that brooks no delay. The GTM system we proposed previously is verified accurate, robust and effective on unwanted traffic control, but the success of system deployment in real practice greatly depends on the acceptance, adoption, and contributions of network entities (ISPs and hosts). In addition, the existence of selfish network entities makes network entities reluctant to

Acknowledgment

This work is sponsored by the PhD grant (JY0300130104) of Chinese Educational Ministry, the initial grant of Chinese Educational Ministry for researchers from abroad (JY0600132901), and the grant of Shaanxi Province for excellent researchers from abroad (680F1303).

Yue Shen received the B.Sc. (Eng.) degree in Electronic and Information Engineering from Dalian University of Technology, Liaoning, in China in 2010. She achieved M.Sc. degree with top score in Communications Engineering—Networking Technology from Aalto University, Espoo, Finland. She has 7 publications in the area of trust management and network security. Contact her at: [email protected].

References (22)

  • Y. Zhang et al.

    Reputation-based incentive protocols in crowdsourcing applications

  • A. Al-Dhanhani et al.

    Game theoretical analysis of collaborative social applications

  • P. Anghelescu et al.

    FPGA implementation of cellular automata based encryption algorithm for internet communications

  • A. Belianin et al.

    Trust, communication and equilibrium behavior in public goods

    (2005)
  • Y.S. Choi et al.

    Integrated DDoS attack defense infrastructure for effective attack prevention

  • ...
  • R.O. Gorman et al.

    Constraining free riding in public goods games: designated solitary punishers can sustain human cooperation

    Proc R Soc B

    (2009)
  • G.W. Greenwood

    Evolving N-person social dilemma strategies to resolve questions on participation in climate change programs

  • ...
  • ...
  • ...
  • Cited by (0)

    Yue Shen received the B.Sc. (Eng.) degree in Electronic and Information Engineering from Dalian University of Technology, Liaoning, in China in 2010. She achieved M.Sc. degree with top score in Communications Engineering—Networking Technology from Aalto University, Espoo, Finland. She has 7 publications in the area of trust management and network security. Contact her at: [email protected].

    Zheng Yan is a computer scientist with interests in trust, security and privacy. She is currently a professor in Xidian University, China and a docent in Aalto University, Finland. Before joining academia in 2011, she worked as a senior researcher at the Nokia Research Center, Helsinki since 2000. She received her Ph.D. in Electrical Engineering from Helsinki University of Technology. She authored more than 80 publications and solely authored two books. She is the inventor of 28 patents and patent applications. She serves as an editor and a guest editor for a number of journals and a committee member for numerous of international conferences. Contact her at: [email protected]; [email protected].

    Raimo Kantola is a professor of Networking Technology at Aalto University. He received the M. Sc. degree in Computer Science in Leningrad Electrotechnical Institute in 1981 and the Doctor of Technology degree from Teknillinen Korkeakoulu in 1995. Dr. Kantola worked for Nokia for more than 15 years on Switching R&D, Product marketing and Research and joined Aalto University as a professor of Telecommunications Technology in 1996. Professor Kantola is the Finnish national representative to TC6 of IFIP. Contact him at: [email protected].

    View full text