Probabilistic trust models in network security

FACULTY OF ENGINEERING AND APPLIED SCIENCE DEPARTMENT OF ELECTRONICS AND COMPUTER SCIENCE Doctor of Philosophy by Ehab M. ElSalamouny One of the dominant properties of a global computing network is the incomplete information available to principals about each other. This was the motivation of using the notion of probabilistic trust as an approach to security sensitive decision making in modern open and global computing systems. In such systems any principal A uses the outcomes of past interactions with another principal B to construct a probabilistic model approximating the behaviour of B. Using this model, the principal A can take decisions regarding interactions with B by estimating its future actions. Many existing frameworks adopt the so-called ‘Beta model’. The main limitation of these frameworks is that they assume the behaviour of any principal to be fixed, which is not realistic in many cases. In this thesis, we first address the application of probabilistic trust to optimise security protocols, and specifically give an example where the Crowds anonymity protocol is extended to use trust information. We then address the problem of evaluating probabilistic trust in principals exhibiting dynamic behaviours. In this respect, we formally analyse the ‘exponential decay’ technique as an approach to coping with principals’ dynamic behaviours. Given the identified limitations of this technique, a more general framework for trust and reputation is introduced. In this framework, Hidden Markov Models (HMMs) are used for modelling the dynamic behaviours of principals. This framework is formally analysed in terms of a notion of ‘estimation error’. Using an experimental approach based on Monte-Carlo methods to evaluate the expected estimation error, the introduced HMM-based framework for trust and reputation is compared to the existing Beta framework. The results show in general that the latter is getting more promising in evaluating trust in principals (‘trustees’) having dynamic behaviours as longer sequences of observations are available about such trustees.