Information Technology Reference
In-Depth Information
as well. The aim of these experiments is to show that no constraints on training data
exist and that the approach is capable of detecting 100% of the malicious entities even
in the cases they make a significant part of the network.
The scenario is based on 50 entities that can take one of the possible 300 positions.
In the experiments we fix the number of the entities that take part in the bad mouthing
attack, where each entity gives false accusations about 10% of the entities in its clos-
est neighborhood.
In the first experiment the attack starts after the end of training, so the training is per-
formed with so-called clean data. In Fig. 1.a. we present the reputation evolution of the
situation of the most aggressive attack that can be detected with 100% detection rate
with 0% false positive rate, which is the case when the bad nodes make 28.6% of all the
nodes. In Fig.1.b. the dependence of both detection rate (DR) and false positive rate
(FPR) on the number of bad nodes is presented. As expected, as the number of bad
nodes increases, detection rate decreases, while false positive rate increases. The simula-
tion stops at the moment the total number of bad entities makes 61.5% of total, when the
undetected bad entities make the majority of non-isolated entities. In this case the repu-
tation system becomes compromised and stops providing correct reputation values.
(a) Bad nodes - 28.6% of all
(b) DR and FPR vs. Num. of Bad Nodes
Fig. 1.
Experiments with different number of bad nodes after training with clean data
Search WWH ::
Custom Search