Traders in electronic marketplaces may behave dishonestly, cheating other agents. A multitude of trust and reputation systems have been proposed to try to cope with the problem of cheating. These systems are often evaluated by measuring their performance against simple agents that cheat randomly. Unfortunately, these systems are not often evaluated from the perspective of security---can a motivated attacker defeat the protection? Previously, it was argued that existing systems may suffer from vulnerabilities that permit effective, profitable cheating despite the use of the system. In this work, we experimentally substantiate the presence of these vulnerabilities by successfully implementing and testing a number of such 'attacks', which consist only of sequences of sales (honest and dishonest) that can be executed in the system. This investigation also reveals two new, previously-unnoted cheating techniques. Our success in executing these attacks compellingly makes a key point: security must be a central design goal for developers of trust and reputation systems.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	M. Bowling, B. Browning, and M. Veloso. Plays as effective multiagent plans enabling opponent-adaptive play selection. In Proceedings of International Conference on Automated Planning and Scheduling (ICAPS'04), 2004.
	2	Karen K. Fullam , Tomas B. Klos , Guillaume Muller , Jordi Sabater , Andreas Schlosser , Zvi Topol , K. Suzanne Barber , Jeffrey S. Rosenschein , Laurent Vercouter , Marco Voss, A specification of the Agent Reputation and Trust (ART) testbed: experimentation and competition for trust in agent societies, Proceedings of the fourth international joint conference on Autonomous agents and multiagent systems, July 25-29, 2005, The Netherlands  [doi>10.1145/1082473.1082551]
	3	A. Jøsang and R. Ismail. The Beta Reputation System. In Proceedings of the 15th Bled Electronic Commerce Conference e-Reality: Constructing the e-Economy, 2002.
	4	Reid Kerr , Robin Cohen, Modeling trust using transactional, numerical units, Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services, October 30-November 01, 2006, Markham, Ontario, Canada  [doi>10.1145/1501434.1501460]
	5	Reid Kerr , Robin Cohen, Towards provably secure trust and reputation systems in e-marketplaces, Proceedings of the 6th international joint conference on Autonomous agents and multiagent systems, May 14-18, 2007, Honolulu, Hawaii  [doi>10.1145/1329125.1329334]
	6	R. Ros, M. Veloso, R. L. de Màntaras, C. Sierra, and J. L. Arcos. Retrieving and reusing game plays for robot soccer. In 8th European Conference on Case-Based Reasoning (ECCBR-06), Fethiye, Turkey, 2006, 2006.
	7	W. T. Teacy , Jigar Patel , Nicholas R. Jennings , Michael Luck, TRAVOS: Trust and Reputation in the Context of Inaccurate Information Sources, Autonomous Agents and Multi-Agent Systems, v.12 n.2, p.183-198, March 2006  [doi>10.1007/s10458-006-5952-x]
	8	Thomas Tran , Robin Cohen, Improving User Satisfaction in Agent-Based Electronic Marketplaces by Reputation Modelling and Adjustable Product Quality, Proceedings of the Third International Joint Conference on Autonomous Agents and Multiagent Systems, p.828-835, July 19-23, 2004, New York, New York  [doi>10.1109/AAMAS.2004.145]
	9	A. Whitby, A. Josang, and J. Indulska. Filtering out unfair ratings in bayesian reputation systems. In Proceedings of the 7th Int Workshop on Trust in Agent Societies, 2004.
	10	B. Yu and M. P. Singh. Distributed reputation management for electronic commerce. Computational Intelligence, 18(4):535--549, 2002.