Web User Trust Evaluation: A Novel Approach Using Fuzzy Petri Net and Behavior Analysis
Abstract
:1. Introduction
2. Related Work on Web User Trust Evaluation
- (1)
- We propose a user behavior trust evaluation method that integrates subjective and objective influencing factors, and this method optimizes the subjective and objective weights that affect user behavior evidence. In this way, the network user behavior trust evaluation can satisfy the relative balance of subjective and objective, and the accuracy of the evaluation results will be higher;
- (2)
- For unfamiliar users, we use fuzzy Petri nets to model and analyze such users and obtain their initial trust values through the recommendations of other network users. This provides a solution for solving the “cold start” problem of user trust value. Next, we use the results as the indirect evaluation value and the direct evaluation value of user behavior to optimize the configuration to obtain the comprehensive trust evaluation value of the user. The evaluation process is more complete and more reasonable.
3. Basic Knowledge of Web User Trust Evaluation
3.1. The Basic Principle
- (1)
- In the calculation of the trust value, the importance of evidence is inversely proportional to the interaction time interval;
- (2)
- Trust is a long-term cumulative process;
- (3)
- Overall trust includes direct trust and indirect trust, with direct trust as the mainstay and indirect trust as the supplement;
- (4)
- The trust value should “slowly rise and quickly fall”;
- (5)
- The trust value is a dynamic value, which is constantly updated with time and behavior.
3.2. The Basic Definitions
3.3. The Framework of Trust Evaluation
4. Indirect Trust Evaluation Based on a Fuzzy Petri Net
4.1. Fuzzy Petri Net
4.2. Indirect Trust Value Based on a Fuzzy Petri Net
5. Direct Trust Evaluation Based on User Behavior Analysis
5.1. Obtaining Evidence of User Behavior
- (1)
- Using an intrusion detection system such as Sguil or Tcpdump on PC [28] for network security analysis; this method can collect user real-time event activities, such as the number of user visits, etc.;
- (2)
- Using network traffic anomaly detection tools such as ENTVis [29], various protocols of the gateway can be obtained, and the transmission rate of data packets can be viewed;
- (3)
- Analyzing user behavior through Web logs [30];
- (4)
- Using Ajax-based click stream capture tools such as a series of user operations on the mouse and certain operations on web pages to obtain user action information [31].
5.2. Standardized Processing of User Behavior Evidence
5.3. Weight of User Behavior Evidence
5.3.1. Objective Weight
5.3.2. Subjective Weight
5.3.3. Integration Weight
5.3.4. Direct Trust Value Based on User Behavior
6. Comprehensive Trust Evaluation and Experimental Analysis
6.1. Comprehensive Trust Evaluation
6.2. Experimental Analysis
- (1)
- The historical appearance rate of the version of the user’s login computer system (the rate of the version of the computer operating system such as Windows 7 or Windows XP, etc., used by the user when logging in to the experimental system, appearing in a specified number of consecutive user behaviors);
- (2)
- The historical appearance rate of the user’s browser type such as IE or Chrome, etc. (the ratio of the browser used by the user to log in to the system in a specified number of consecutive user behaviors,);
- (3)
- The IP historical appearance rate (the ratio of the IP address corresponding to the user logging in to the system in this behavior that appeared in the specified consecutive user behaviors);
- (4)
- The historical occurrence rate of geographic location (the rate of the specific geographic location such as school, home, library, etc., where the user logged into the system in a specified number of consecutive user behaviors);
- (5)
- The number of incorrect password inputs;
- (6)
- The number of incorrect usernames entered;
- (7)
- The total purchase value (whether the total purchase value of users exceeded the specified threshold);
- (8)
- The number of purchases of books (whether the number of purchases by the user exceeded the prescribed threshold);
- (9)
- The number of downloads of books (whether the number of downloads by users exceeded the prescribed threshold);
- (10)
- Access to sensitive services (the number of sensitive pages such as the password modification page, etc., that the user passed through during this visit was obtained by recording the URL path).
7. Conclusions and Recommendations
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Ten, C.-W.; Manimaran, G.; Liu, C.-C. Cybersecurity for critical infrastructures: Attack and defense modeling. IEEE Trans. Syst. Man Cybern. Part A Syst. Hum. 2010, 40, 853–865. [Google Scholar] [CrossRef]
- Dang-Pham, D.; Pittayachawan, S.; Bruno, V. Applications of social network analysis in behavioural information security research: Concepts and empirical analysis. Comput. Secur. 2017, 68, 1–15. [Google Scholar] [CrossRef]
- Dang-Pham, D.; Pittayachawan, S.; Bruno, V. Investigation into the formation of information security influence: Network analysis of an emerging organisation. Comput. Secur. 2017, 70, 111–123. [Google Scholar] [CrossRef]
- Wu, X.; Zhu, X.; Wu, G.-Q.; Ding, W. Data mining with big data. IEEE Trans. Knowl. Data Eng. 2013, 26, 97–107. [Google Scholar] [CrossRef]
- Salah, T.A.; Albeshri, A.; Alsubhi, K. Integrating a high-reliability multicriteria trust evaluation model with task role-based access control for cloud services. Symmetry 2021, 13, 492. [Google Scholar]
- Jiang, W.; Wang, G.; Bhuiyan, Z.A.; Wu, J. Understanding graph-based trust evaluation in online social networks. ACM Comput. Surv. 2016, 49, 1–35. [Google Scholar] [CrossRef]
- Xiao, Y.; Pei, Q.; Liu, X.; Yu, S. A novel trust evaluation mechanism for collaborative filtering recommender systems. IEEE Access 2018, 6, 70298–70312. [Google Scholar] [CrossRef]
- Wang, J.; Qiao, K.; Zhang, Z. Trust evaluation based on evidence theory in online social networks. Int. J. Distrib. Sens. Netw. 2018, 14, 1–10. [Google Scholar] [CrossRef]
- Jiang, W.; Wu, J.; Li, F.; Wang, G.; Zheng, H. Trust evaluation in online social networks using generalized network flow. IEEE Trans. Comput. 2015, 65, 952–963. [Google Scholar] [CrossRef]
- Yang, M.; Zhang, S.; Zhang, H.; Xia, J. A new user behavior evaluation method in online social network. J. Inf. Secur. Appl. 2019, 47, 217–222. [Google Scholar] [CrossRef]
- Gong, Y.; Chen, L.; Ma, T. A comprehensive trust model based on social relationship and transaction attributes. Secur. Commun. Netw. 2020, 2020, 1–10. [Google Scholar] [CrossRef]
- Ceolin, D.; Groth, P.; Nottamkandath, A.; Fokkink, W.; van Hage, W.R. Analyzing User Demographics and User Behavior for Trust Assessment; Vrije Universiteit Amsterdam: Amsterdam, The Netherlands, 2014; pp. 219–241. [Google Scholar]
- Ghosh, I.; Chaudhuri, T.D. FEB-stacking and FEB-DNN models for stock trend prediction: A performance analysis for pre and post Covid-19 periods. Decis. Mak. Appl. Manag. Eng. 2021, 4, 51–86. [Google Scholar] [CrossRef]
- Liu, Y.; Wang, Y.; Sun, X.Y. Research on behavior trust evaluation method of cloud services based on membership theory. Appl. Mech. Mater. 2013, 427, 2377–2382. [Google Scholar] [CrossRef]
- Wang, J.; Jing, X.; Yan, Z.; Fu, Y.; Pedrycz, W.; Yang, L.T. A survey on trust evaluation based on machine learning. ACM Comput. Surv. 2020, 53, 1–36. [Google Scholar] [CrossRef]
- Zhou, G.; Wang, K.; Zhao, C.; Zhou, G. A dynamic trust evaluation mechanism based on affective intensity computing. Secur. Commun. Netw. 2016, 9, 3752–3761. [Google Scholar] [CrossRef]
- Li, L.; Feng, J.; Ye, H.; Liu, X. Trust research on behavior evaluation based on fuzzy similarity. IEEE Access 2020, 8, 204203–204213. [Google Scholar] [CrossRef]
- Messinis, S.; Vosniakos, G. An agent-based flexible manufacturing system controller with Petri-net enabled algebraic deadlock avoidance. Rep. Mech. Eng. 2020, 1, 77–92. [Google Scholar] [CrossRef]
- Lin, C.; Tian, L.; Wang, Y. Research on user behavior trust in trustworthy network. J. Comput. Res. Dev. 2008, 45, 2033–2043. [Google Scholar]
- Zhang, S.-B.; Xu, C.-X. Study on the trust evaluation approach based on cloud model. Chin. J. Comput. 2013, 36, 422–431. [Google Scholar] [CrossRef]
- Tian, L.; Lin, C. Evaluation mechanism for user behavior trust based on DSW. J. Tsinghua Univ. 2010, 50, 763–767. [Google Scholar]
- Meng, X.; Ma, J.; Lu, D.; Wang, Y. Comprehensive trust evaluation model in social networks. J. Commun. 2014, 35, 136–143. [Google Scholar] [CrossRef]
- Szpyrka, M.; Jasiul, B. Evaluation of cyber security and modelling of risk propagation with Petri nets. Symmetry 2017, 9, 32. [Google Scholar] [CrossRef]
- Kai-Qing, Z.; Azlan, M.Z.; Li-Ping, M. Dynamic properties of fuzzy Petri net model and related analysis. J. Cent. South Univ. 2015, 22, 4717–4723. [Google Scholar]
- Wai, R.-J.; Lin, Y.-W. Adaptive moving-target tracking control of a vision-based mobile robot via a dynamic Petri recurrent fuzzy neural network. IEEE Trans. Fuzzy Syst. 2012, 21, 688–701. [Google Scholar] [CrossRef]
- Zhou, J.; Reniers, G. Modeling and application of risk assessment considering veto factors using fuzzy Petri nets. J. Loss Prevent. Proc. Ind. 2020, 67, 104216. [Google Scholar] [CrossRef]
- Chen, Z.; Tian, L.; Lin, C. Trust evaluation model of cloud user based on behavior data. Int. J. Distrib. Sens. Netw. 2018, 14, 1–10. [Google Scholar] [CrossRef] [Green Version]
- Buczak, A.L.; Guven, E. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 2015, 18, 1153–1176. [Google Scholar] [CrossRef]
- Zhou, F.; Huang, W.; Zhao, Y.; Shi, Y.; Liang, X.; Fan, X. ENTVis: A visual analytic tool for entropy-based network traffic anomaly detection. IEEE Eng. Med. Biol. Mag. 2015, 35, 42–50. [Google Scholar] [CrossRef] [PubMed]
- Sengottuvelan, P.; Lokeshkumar, R.; Gopalakrishnan, T. An improved session identification approach in web log mining for web personalization. J. Internet Technol. 2017, 18, 723–730. [Google Scholar] [CrossRef]
- Shen, C.; Cai, Z.; Liu, X.; Guan, X.; Maxion, R.A. MouseIdentity: Modeling mouse-interaction behavior for a user verification system. IEEE Trans. Hum. Mach. Syst. 2016, 46, 734–748. [Google Scholar] [CrossRef]
- Luor, D.-C. A comparative assessment of data standardization on support vector machine for classification problems. Intell. Data Anal. 2015, 19, 529–546. [Google Scholar] [CrossRef]
- Mukhametzyanov, I. Specific character of objective methods for determining weights of criteria in MCDM problems: Entropy, CRITIC and SD. Decis. Mak. Appl. Manag. Eng. 2021, 4, 76–105. [Google Scholar] [CrossRef]
- Al-Aomar, R. A combined AHP-entropy method for deriving subjective and objective criteria weights. Int. J. Ind. Eng. Theory 2010, 17, 12–24. [Google Scholar]
- Wen, S.; He, Y.; Li, W.; Yang, R. Evaluation of trademark right based on AHP method and comprehensive fuzzy decision method. In Proceedings of the 2020 International Conference on Urban Engineering and Management Science (ICUEMS), Zhuhai, China, 24–26 April 2020; pp. 460–466. [Google Scholar]
- Kim, D.S.; Son, T.Q. Some new properties of the Lagrange function and its applications. Fixed Point Theory Appl. 2012, 2012, 192. [Google Scholar] [CrossRef] [Green Version]
Scale | Definition and Description |
---|---|
1 | Two elements have the same importance for an attribute. |
3 | Comparing two elements, one element is slightly more important than the other. |
5 | Comparing two elements, one element is obviously more important than the other. |
7 | Comparing two elements, one element is more important than the other. |
9 | Comparing two elements, one element is extremely more important than the other. |
2, 4, 6, 8 | The middle values of the above two judgments (1 and 3, 3 and 5, 5 and 7, 7 and 9) |
Trust Level | Ranges | Evaluation Result |
---|---|---|
H-level | (0.85~1) | Highly trusted user |
M-level | (0.6~0.85) | Medium trusted user |
Low | (0.3~0.6) | Weakly trusted user |
E-low | [0~0.3) | Untrusted user |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Wu, Z.; Tian, L.; Zhang, Y.; Wang, Z. Web User Trust Evaluation: A Novel Approach Using Fuzzy Petri Net and Behavior Analysis. Symmetry 2021, 13, 1487. https://doi.org/10.3390/sym13081487
Wu Z, Tian L, Zhang Y, Wang Z. Web User Trust Evaluation: A Novel Approach Using Fuzzy Petri Net and Behavior Analysis. Symmetry. 2021; 13(8):1487. https://doi.org/10.3390/sym13081487
Chicago/Turabian StyleWu, Zenan, Liqin Tian, Yi Zhang, and Zhigang Wang. 2021. "Web User Trust Evaluation: A Novel Approach Using Fuzzy Petri Net and Behavior Analysis" Symmetry 13, no. 8: 1487. https://doi.org/10.3390/sym13081487
APA StyleWu, Z., Tian, L., Zhang, Y., & Wang, Z. (2021). Web User Trust Evaluation: A Novel Approach Using Fuzzy Petri Net and Behavior Analysis. Symmetry, 13(8), 1487. https://doi.org/10.3390/sym13081487