Reputation is the aggregated opinion that people in general have about someone or something based on past behaviour.


3::Sybil Attack
1::Phishing Attack
1::Denial of Service Attack

This is the correct answer. In the Sybil attack the attacker creates multiple identities (i.e. multiple accounts/profile) in an online service and exploits them in order to manipulate a reputation score. For example, these multiple accounts can be used to provide positive reputation feedback to a fraudulent seller designated account, which results in increasing his reputation in an untruthful way. This untruthful reputation can later be used by the fraudulent seller to exploit or fraud other users. See for more information the ENISA Report: https://www.enisa.europa.eu/publications/archive/reputation-based-systems-a-security-analysis:

and also the Wikipedia article:

https://en.wikipedia.org/wiki/Sybil_attack

 

This answer is not correct. With Phishing an attacker tries to collect user personal data (such as passwords and credit card numbers) by means of fake apps, fake SMS or fake email messages that seem genuine. This attack has nothing to do with reputation systems. The correct answer among those provided is the Sybil attack when the attacker creates multiple identities (i.e. multiple accounts/profile) in an online service and exploits them in order to manipulate a reputation score. For example, these multiple accounts can be used to provide positive reputation feedback to a fraudulent seller designated account, which results in increasing his reputation in an untruthful way. This untruthful reputation can later be used by the fraudulent seller to exploit or fraud other users. See for more information the ENISA Report: https://www.enisa.europa.eu/publications/archive/reputation-based-systems-a-security-analysis

and also the Wikipedia article: https://en.wikipedia.org/wiki/Sybil_attack

 

This answer is not correct. A Denial of Service (DoS) is an attack in which a resource in a network (e.g. a website) is made unavailable for the user. This is not an example of manipulation of online reputation. The correct answer among those provided is the Sybil attack, when the attacker creates multiple identities (i.e. multiple accounts/profile) in an online service and exploits them in order to manipulate a reputation score. For example, these multiple accounts can be used to provide positive reputation feedback to a fraudulent seller designated account, which results in increasing his reputation in an untruthful way. This untruthful reputation can later be used by the fraudulent seller to exploit or fraud other users. See for more information the ENISA Report:

https://www.enisa.europa.eu/publications/archive/reputation-based-systems-a-security-analysis

and also the Wikipedia article: https://en.wikipedia.org/wiki/Sybil_attack

 


Online reputation systems make it possible to use reputation online. Internet users may join these systems to gain trust in the individuals they interact with online, for example a seller on an e-commerce website. An online market is the most common application for online reputation systems. Reputation systems may be target of attacks by malicious entities willing to exploit trust relationships.

Which of the following is a common attack to online reputation systems?