Abstract
Online communities use trust and reputation systems to assist their users in evaluating other parties. Due to the preponderance of these systems,
malicious entities have a strong incentive to attempt
to influence them, and strategies employed are increasingly sophisticated. Current practice is to
evaluate trust and reputation systems against known
attacks, and hence are heavily reliant on expert analysts. We present a novel method for automatically
identifying vulnerabilities in such systems by formulating the problem as a derivative-free optimisation problem and applying efficient sampling methods. We illustrate the application of this method for
attacks that involve the injection of false evidence,
and identify vulnerabilities in existing trust models. In this way, we provide reliable and objective
means to assess how robust trust and reputation systems are to different kinds of attacks