|
|
Trust and Reputation in Distributed Systems
Samek, Jan ; Návrat,, Pavol (referee) ; Šafařík,, Jiří (referee) ; Hanáček, Petr (advisor)
This Ph.D. thesis deals with trust modelling for distributed systems especially to multi-context trust modelling for multi-agent distributed systems. There exists many trust and reputation models but most of them do not dealt with the multi-context property of trust or reputation. Therefore, the main focus of this thesis is on analysis of multi-context trust based models and provides main assumptions for new fully multi-contextual trust model on the bases of them. The main part of this thesis is in providing new formal multi-context trust model which are able to build, update and maintain trust value for different aspects (contexts) of the single entity in the multi-agent system. In our proposal, trust value can be built on the bases of direct interactions or on the bases on recommendations and reputation. Moreover we assume that some context of one agent is not fully independent and on the bases of trust about one of them we are able to infer trust to another's. Main contribution of this new model is increasing the efficiency in agent decision making in terms of optimal partner selection for interactions. Proposed model was verified by implementing prototype of multi-agent system when trust was used for agents' decision making and acting.
|
|
|
Multi-Context Reputation System for WWW
Kadlec, Petr ; Zbořil, František (referee) ; Samek, Jan (advisor)
This Diploma Thesis introduces the basic concepts of reputation and trust, reputation systems and problems of multi-contextual models of reputation. It also describes practical aspects of multi-contextual models in web environment. Described contextual models are then used for design and implementation of real web application.
|
|
|
Reputation of Malicious Traffic Sources
Bartoš, Václav ; Lhotka,, Ladislav (referee) ; Vozňák, Miroslav (referee) ; Kořenek, Jan (advisor)
An important part of maintaining network security is collecting and processing information about cyber threats, both from network operator's own detection tools and from third parties. A commonly used type of such information are lists of network entities (IP addresses, domains, URLs, etc.) which were identified as malicious. However, in many cases, the simple binary distinction between malicious and non-malicious entities is not sufficient. It is beneficial to keep other supplementary information for each entity, which describes its malicious activities, and also a summarizing score, which evaluates its reputation numerically. Such a score allows for quick comprehension of the level of threat the entity poses and allows to compare and sort entities. The goal of this work is to design a method for such summarization. The resulting score, called Future Maliciousness Probability (FMP score), is a value between 0 and 1, assigned to each suspicious network entity, expressing the probability that the entity will do some kind of malicious activity in a near future. Therefore, the scoring is based of prediction of future attacks. Advanced machine learning methods are used to perform the prediction. Their input is formed by previously received alerts about security events and other relevant data related to the entity. The method of computing the score is first described in a general way, usable for any kind of entity and input data. Then a more concrete version is presented for scoring IPv4 address by utilizing alerts from an alert sharing system and supplementary data from a reputation database. This variant is then evaluated on a real world dataset. In order to get enough amount and quality of data for this dataset, a part of the work is also dedicated to the area of security analysis of network data. A framework for analysis of flow data, NEMEA, and several new detection methods are designed and implemented. An open reputation database, NERD, is also implemented and described in this work. Data from these systems are then used to evaluate precision of the predictor as well as to evaluate selected use cases of the scoring method.
|
|
|
Multiple-Context Trust Model for a Social Network Using Personality Analysis
Švec, Tomáš ; Zbořil, František (referee) ; Samek, Jan (advisor)
Tato diplomová práce navazuje na bakalářskou práci, ve které byl vytvořen model důvěry pro sociální síť Facebook. Do tohoto modelu jsou zapracovány připomínky z konference UMAP 2013 a ověřena jeho škálovatelnost a flexibilita. V další části práce jsou uvedeny základní termíny z psychologie osobnosti a zkoumána závislost důvěry na osobnosti uživatele. Je vybrán model Big Five k reprezentaci charakteru uživatele a navržen dotazník, u nějž bude zkoumána korelace s modelem důvěry. Tato korelace je na základě sociologických poznatků odhadnuta a později ověřena na reálných uživatelích sociální sítě Facebook.
|
|
|
Central processing and evaluation of security events
Žáček, Dominik ; Malina, Lukáš (referee) ; Paučo, Daniel (advisor)
The work discusses the topic of improving the security of IT networks. The shortcomings of some of the current solutions are revealed and selected facts are highlighted that can be used to improve the security. The main theme and objective was generally to improve the security of Flowmon customers' networks by sharing information about the perpetrators of security incidents detected by Flowmon ADS. The firm's customers include hospitals, for example, which may fall victim one after another to the same attacker or attack. By implementing a mechanism to share this information between customers, the attack could be avoided. A system has been designed and implemented to achieve this goal. At the beginning, there was one application sending security events for central processing. An application acting as a central server was then created to receive these events. A mechanism has been established to normalize the data received, based on which a number is created indicating the severity of the event. This mechanism can be configured with a configuration file for individual event types. Finally, this information is evaluated in one single piece of data, the so-called Future Misbehavior Probability score. Each attacker is therefore rated between 0 and 1, with 1 indicating the most serious attackers. Attackers are then grouped by score and can be shared with customers. This allows customers to take various countermeasures, such as pre-emptively blocking the attackers.
|
|
| |
|
|
Evaluation of Trust or Reputation Based on Social Network Analysis
Švec, Tomáš ; Malačka, Ondřej (referee) ; Samek, Jan (advisor)
This thesis' goal is to apply the terms trust and reputation from the point of view of artificial intelligence to social network analysis methods. It evaluates current available interactions for a model of trust considering various social networks. A mathematical model of trust for Facebook is designed and described in further parts. This model had been implemented in Python programming language. Experiments regarding this thesis are conducted on a sample amount of Facebook users and furthermore analyzed from the perspective of both artificial intelligence and social psychology.
|
|
|
Nation Branding of Middle East Countries: The case of Saudi Arabia
Kolská, Martina ; Soukeník, Štěpán (advisor) ; Shavit, Anna (referee)
Changing a country's image is a complex process requiring long-term strategic effort. Nation brands are influenced by a wide range of external influences possibly causing negative images or stereotyping. Thus, regarding states, rebranding is often used to redefine the generally perceived image. Nonetheless, the image of a state is deeply rooted and cannot be changed by marketing tools and communication alone. Noticeable changes and policy actions are needed to create a strong communication basis for the development of a nation branding strategy. Countries generally having reputation problems are often non-democratic and the growth of their brand tends to be limited. The Middle East frequently faces negative image and stereotyping. At the same time, nation branding receives vast attention, effort and budgets there. Saudi Arabia launched its nation rebranding strategy by presenting the Vision 2030 document. This paper aims to determine the extent of nation branding multidisciplinarity in the Saudi context. A combination of a quantitative analysis of national branding indexes and semi-structured expert interviews is chosen. Nation branding in Saudi Arabia has experienced moderate growth, considerable professionalization, and the first strategic achievements of the Vision 2030 plan. On the contrary,...
|
|
|
Central processing and evaluation of security events
Žáček, Dominik ; Malina, Lukáš (referee) ; Paučo, Daniel (advisor)
The work discusses the topic of improving the security of IT networks. The shortcomings of some of the current solutions are revealed and selected facts are highlighted that can be used to improve the security. The main theme and objective was generally to improve the security of Flowmon customers' networks by sharing information about the perpetrators of security incidents detected by Flowmon ADS. The firm's customers include hospitals, for example, which may fall victim one after another to the same attacker or attack. By implementing a mechanism to share this information between customers, the attack could be avoided. A system has been designed and implemented to achieve this goal. At the beginning, there was one application sending security events for central processing. An application acting as a central server was then created to receive these events. A mechanism has been established to normalize the data received, based on which a number is created indicating the severity of the event. This mechanism can be configured with a configuration file for individual event types. Finally, this information is evaluated in one single piece of data, the so-called Future Misbehavior Probability score. Each attacker is therefore rated between 0 and 1, with 1 indicating the most serious attackers. Attackers are then grouped by score and can be shared with customers. This allows customers to take various countermeasures, such as pre-emptively blocking the attackers.
|
|
| |
guest ::
