Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

6-2020

Abstract

Sometimes a security-critical decision must be made using information provided by peers. Think of routing messages, user reports, sensor data, navigational information, blockchain updates. Attackers manifest as peers that strategically report fake information. Trust models use the provided information, and attempt to suggest the correct decision. A model that appears accurate by empirical evaluation of attacks may still be susceptible to manipulation. For a security-critical decision, it is important to take the entire attack space into account. Therefore, we define the property of robustness: the probability of deciding correctly, regardless of what information attackers provide. We introduce the notion of realisations of honesty, which allow us to bypass reasoning about specific feedback. We present two schemes that are optimally robust under the right assumptions. The 'majority-rule' principle is a special case of the other scheme which is more general, named 'most plausible realisations'.

Keywords

malicious reporting, Provable robustness, trust-based security

Discipline

Information Security

Research Areas

Cybersecurity

Publication

2020 IEEE 33rd Computer Security Foundations Symposium (CSF): Virtual, June 22-25: Proceedings

First Page

411

Last Page

424

ISBN

9781728165721

Identifier

10.1109/CSF49147.2020.00036

Publisher

IEEE Computer Society

City or Country

Los Alamitos, CA

Embargo Period

5-24-2021

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/CSF49147.2020.00036

Download

Share

COinS