Real Time Trustworthy Auction System


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Real Time Trustworthy Auction System

  1. 1. Real-time Trust Management for Agent Based Online Auction System Master’s Thesis Presentation By: Rinkesh Patel Advisor: Dr. Haiping Xu Date: February 2007
  2. 2. Outline <ul><li>Introduction </li></ul><ul><li>Agent Based Online Auction System </li></ul><ul><li>Real-Time Trust Management Module </li></ul><ul><li>Conclusion </li></ul><ul><li>Future Work </li></ul><ul><li>Questions </li></ul>
  3. 3. Part I: Introduction <ul><li>Motivation </li></ul><ul><li>Online Auctions </li></ul><ul><li>Multi Agent System </li></ul><ul><li>Trust Management </li></ul><ul><li>Objective </li></ul>References [TM] Murata T., “Petri Nets: Properties, Analysis and Applications”, 1989 [WA2] W.M.P. van der Aalst, “The Application of Petri Nets to Workflow Management”, 1998 [WA4] W.M.P. van der Aalst, “Process-oriented architecture for electronic commerce and inter-organizational workflow”, 2000
  4. 4. Motivation <ul><li>Online auction systems are becoming a commonplace for sellers to cheat customers and extract high sums of money by any means necessary. [ Ref:”The Sunday Times”,UK Jan 07 ] </li></ul><ul><li>To cope up with such problems, existing systems analyze closed auctions to resolve issues initiated by their customers. </li></ul><ul><li>Existing online auction systems lack a mechanism to avoid such behaviors in real-time. </li></ul>
  5. 5. Motivation <ul><li>With the number of users and auctions increasing, people are spending more time on their systems bidding and monitoring the auctions. </li></ul><ul><li>As more fraud cases come to light, the need for an online auction system, that looks out for the best interests of the buyers and sellers, becomes increasingly important. </li></ul>
  6. 6. Online Auctions <ul><li>Most Online Auctions specialize in person-to-person activity where individual sellers or small businesses sell their items directly to consumers. </li></ul><ul><li>In these auctions, the seller — not the site — has the merchandise, and often, the site will not take responsibility for any problems that may arise between buyers and sellers. </li></ul><ul><li>EBay, Yahoo Auctions, uBid… </li></ul>
  7. 7. Multi Agent System <ul><li>Multi-Agent System </li></ul><ul><ul><li>An intelligent agent is an autonomous computer program capable of carrying out one or more tasks on behalf of (human) user . </li></ul></ul><ul><li>Agent Properties includes </li></ul><ul><ul><li>Autonomy : agents operate autonomously, having a control over their actions and internal state </li></ul></ul><ul><ul><li>Sociability : agents interact with other agents using some communication language </li></ul></ul><ul><ul><li>Reactivity : agents perceive their environment, and respond in a timely fashion to environment changes. </li></ul></ul><ul><ul><li>Pro- Activeness : agents do not simply act in response to their environment, they are able to exhibit goal-directed behavior by taking the initiative. </li></ul></ul>
  8. 8. Trust Management
  9. 9. Objective <ul><li>Provide an agent system that facilitates online auctions on behalf of users. </li></ul><ul><li>Provide agents to the users with different strategies for the bidding on items. </li></ul><ul><li>Design and develop a real-time Trust Management Module in agent based online auction system </li></ul><ul><li>Develop a Security Agent to monitor ongoing transactions performed by bidding agents </li></ul><ul><li>Modularize policies developed to make run-time decisions. </li></ul>
  10. 10. Outline <ul><li>Introduction </li></ul><ul><li>Agent Based Online Auction System </li></ul><ul><li>Real-Time Trust Management Module </li></ul><ul><li>Conclusion </li></ul><ul><li>Future Work </li></ul><ul><li>Questions </li></ul>
  11. 11. Agent Based Online Auction System <ul><ul><li>Is a multi-agent system that facilitates online auctions on behalf of users. </li></ul></ul><ul><ul><li>Provides users with different default bidding strategies. </li></ul></ul><ul><ul><li>Allows users to customize their bidding strategies </li></ul></ul>
  12. 12. Implementation of Agents <ul><li>(Introduce Jade and Agent Code) </li></ul><ul><li>Description of JADE </li></ul><ul><ul><li>JADE stands for Java Agent Development Framework ( ). </li></ul></ul><ul><ul><li>Open source platform implemented in Java (ubiquity , portability). </li></ul></ul><ul><ul><li>Complies with the FIPA specification. </li></ul></ul><ul><ul><li>Supports asynchronous m essage passing communication. </li></ul></ul><ul><li>Features of JADE </li></ul><ul><ul><li>Agents can be distributed across machines. </li></ul></ul><ul><ul><li>Supports agent migration . </li></ul></ul><ul><ul><li>Includes graphical tools to monitor the agents. </li></ul></ul>
  13. 13. Agent Code
  14. 14. JADE Behaviors <ul><ul><li>A behavior is basically an Event Handler , a method which describes how an agent reacts to an event : the reception of a message or a Timer interrupt. </li></ul></ul><ul><ul><li>The Event Handler code is placed in a method called action . </li></ul></ul><ul><ul><li>Methods of the agents involving behaviours: addBehaviour , removeBehaviour . </li></ul></ul><ul><ul><li>Examples of Behaviours already included in JADE: </li></ul></ul><ul><ul><ul><li>SimpleBehaviour CyclicBehaviour </li></ul></ul></ul><ul><ul><ul><li>TickerBehaviour WakerBehaviour </li></ul></ul></ul><ul><ul><ul><li>ReceiverBehaviour </li></ul></ul></ul><ul><ul><ul><li>ParallelBehaviour SequentialBehaviour </li></ul></ul></ul>
  15. 15. Architecture of ABOAS Client(s ) Server Database Security Agent Main Agent Auction Agent GUI Agent Selling/Bidding Agent Search Agent GUI Decision Tree Responsible for creating a new accounts and new auctions Controls a particular auctions Provide safe and secure auctions Detects Shilling Search for auction on behalf of user GUI for interaction with user Interacts with other Agents Bid/Sell on behalf of user.
  16. 16. Architecture Database Security Agent Main Agent Auction Agent GUI Agent Bidding Agent Search Agent GUI Decision Tree Search Agent Bidding Agent GUI GUI Agent Auction Agent Server Client#1 Client#2
  17. 17. Auction Server <ul><li>Main Agent </li></ul><ul><ul><li>Responsible to creat e new users, login, creat e auctions and get the list of auctions. </li></ul></ul><ul><ul><li>Creat es the Auction Agent when a new auction is added to the system. </li></ul></ul><ul><ul><li>Responds to the queries for items or auctions. </li></ul></ul><ul><li>Auction Agent </li></ul><ul><ul><li>In charge of the control of a particular auction. </li></ul></ul><ul><ul><li>Users register to the auction and then send bids to the Auction Agent. The Auction Agent notifies the registered users of the price changes of the item. </li></ul></ul><ul><ul><li>At the end of the auction , this agent notifies the winner and the seller and passes control to the Main Agent. </li></ul></ul><ul><ul><li>When the auction is over , this agent is deleted. </li></ul></ul>
  18. 18. Auction Server <ul><li>G UI Server </li></ul><ul><ul><li>Receives command s from the clients and acts correspondingly . </li></ul></ul><ul><ul><li>Provides list of agents and related information. </li></ul></ul><ul><ul><li>Updates the auction information when messages are received from the other agents. </li></ul></ul><ul><li>Security Agent </li></ul><ul><ul><li>Provides Safe and Secure Environment. </li></ul></ul>
  19. 19. Auction Client <ul><li>GUI Agent </li></ul><ul><ul><li>Receives command s from the user and acts correspondingly . It doesn’t have pro-active behavior. </li></ul></ul><ul><ul><li>It does all the actions available in the user interface. </li></ul></ul><ul><li>Search Agent </li></ul><ul><ul><li>Responsible for searching for items on behalf of the user. </li></ul></ul><ul><ul><li>Notifies the user when auctions of his/her desired items are available. </li></ul></ul><ul><li>Seller Agent </li></ul><ul><ul><li>Is responsible of placing auctions on behalf of the user. </li></ul></ul><ul><li>Buyer Agent </li></ul><ul><ul><li>Join the auctions on behalf of the User. </li></ul></ul>
  20. 20. Auction Client <ul><li>Bidding Agent </li></ul><ul><ul><li>Is responsible of placing bids automatically on behalf of the user. </li></ul></ul><ul><ul><li>Can be configured by the user us ing one of the available strategies (OneShotBid, PeriodicBid,…) or using Custom strategies to bid on particular auction. </li></ul></ul><ul><ul><li>Custom Strategies provide a better way to configure bidding agents. </li></ul></ul><ul><ul><li>User can developed any strategy on which bidding agent will configured to work. </li></ul></ul>
  21. 21. Class Diagram
  22. 22. JADE Strategies
  23. 23. Bidding Strategies <ul><li>How it works </li></ul><ul><ul><li>Every strategy (BidConfiguration) contains an object behavior that extends one of the JADE Behaviors. </li></ul></ul><ul><ul><li>Actual Bidding process happens when the action method of the JADE behavior. </li></ul></ul><ul><ul><li>The BidConfiguration object contains a JPanel where the user enters the parameters for the bidding. </li></ul></ul><ul><ul><li>The JPanel is displayed inside a Dialog where the user chooses the strategy with a combo box. </li></ul></ul><ul><ul><li>Auction System Provides, </li></ul></ul><ul><ul><ul><ul><li>Normal Strategy : OneShotBehavior </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Incremental Strategy : PeriodicBehaviour </li></ul></ul></ul></ul>
  24. 24. Bidding Strategy
  25. 25. Custom Strategies <ul><li>We propose an option to create and apply bidding strategies for bidding agent by users. </li></ul><ul><li>Extends “Simple Behavior”. </li></ul><ul><li>Bidding Template: </li></ul><ul><ul><li>We have provided a standard template for custom strategies. </li></ul></ul><ul><ul><ul><li>IF < Condition > THEN < Action > </li></ul></ul></ul><ul><ul><ul><ul><li>AND, OR, <,>,<=,>= </li></ul></ul></ul></ul><ul><ul><ul><li>e.g.: </li></ul></ul></ul><ul><ul><ul><ul><li>IF Start_Bid < = CURRENT_BID AND Max_Bid < MAX_BID THEN CURRENT_BID = CURRENT_BID + FIX_BID </li></ul></ul></ul></ul>
  26. 26. Customize Bidding Strategy
  27. 27. Bidding Procedure <ul><li>When the user enters the information for the automatic bidding: </li></ul><ul><ul><li>The BidConfiguration object is populated with the data and passed to the BiddingAgent. </li></ul></ul><ul><ul><li>The BiddingAgent calls the setupBehaviour method that registers the behaviour object contained in the BidConfiguration. </li></ul></ul><ul><ul><li>When the event that the behaviour is listening to happens, the method action is called and the bidding happens. </li></ul></ul>
  28. 28. Trustworthy Auction Client
  29. 29. Trustworthy Auction Server
  30. 30. Outline <ul><li>Part 1: Agent Based Online Auction System </li></ul><ul><ul><li>Is a multi-agent system that facilitates online auctions on behalf of users. </li></ul></ul><ul><ul><li>Provides users with different default bidding strategies. </li></ul></ul><ul><ul><li>Allows users to customize their bidding strategies </li></ul></ul><ul><li>Part 2: Trustworthy Agent Based Online Auction System </li></ul><ul><ul><li>Introduces a Security Agent that detects real-time Shilling Behaviors and inform to bidding agents. </li></ul></ul><ul><ul><li>Provides a Secure Online Auction System </li></ul></ul><ul><li>Conclusions and Future Work </li></ul>
  31. 31. Issues in Agent based Online Auctions <ul><li>Not Trustable </li></ul><ul><ul><li>Agent-based online auction have not yet become popular because they are not trustable. </li></ul></ul><ul><ul><ul><li>e.g. one of the big concerns in online auctions is the shilling behavior problem. </li></ul></ul></ul><ul><li>Not Real Time </li></ul><ul><ul><li>E-Bay, the world’s leading and widely used Auction site does not have any real time software tools to detect shilling behaviors. </li></ul></ul><ul><ul><ul><li>Shill Hunter : Software used in E-Bay to check closed auctions . </li></ul></ul></ul>
  32. 32. Shill Bidding <ul><li>Shill bidding is the deliberate placing of bids to artificially raise the price of an item and is not allowed. </li></ul><ul><li>Shill bidding occurs when the seller disguises himself as a legitimate bidder by using a second identity or account solely for the purpose of pushing up the sale price. </li></ul>
  33. 33. Shill Bidding Examples <ul><li>Example # </li></ul><ul><li>John lists 2 boats (#1 and #2), both with a $10,000 reserve price at the same time. </li></ul><ul><li>On boat #1, Alison bids $6,000 on the boat, but the Reserve Price is not met. To get the bidding higher, John places a bid himself at $7,000, using a different user name. Another bidder, Marlon, then bids $8000. The item doesn’t sell successfully. </li></ul><ul><li>On boat #2, Dave bids $8000. John then bids $9000, using a different user name. Dave bids $10,000 and wins the boat. </li></ul>
  34. 34. How to do Shill Bidding <ul><li>Bidding on own Item </li></ul><ul><li>Dummy Bidder </li></ul><ul><li>Devoted Bidder </li></ul><ul><ul><li>With Reserve Price </li></ul></ul><ul><ul><li>Without Reserve Price </li></ul></ul><ul><li>Bidder-to-Seller Feedback </li></ul><ul><li>Short Term Bidder </li></ul><ul><li>Using Bidding Agent Strategies it is possible to replicate same behavior. </li></ul>
  35. 35. Real-time TMM
  36. 36. Real-time Trust Management History Module Authentication Module Role Assignment Access Control RA Policy AC Policy State Module Security Agent Transactions SA Policy Authorization Module Agent Request Initial Pass Feedback
  37. 37. How to Spot Shilling <ul><li>Security Agent: </li></ul><ul><ul><li>Shill bidding is one of the major problems in real time auctions </li></ul></ul><ul><ul><li>Security agent detects patterns in ongoing auctions which resembles shilling behaviors, and using a concept of decision tree, agent takes decision for degree of shilling behaviors. </li></ul></ul><ul><ul><li>Shilling Patterns: </li></ul></ul><ul><ul><ul><li>Devoted Bidder </li></ul></ul></ul><ul><ul><ul><li>Shotgun Feedback </li></ul></ul></ul><ul><ul><ul><li>Numerous Retraction </li></ul></ul></ul><ul><ul><ul><li>Concurrent Bidding </li></ul></ul></ul>
  38. 38. How to Spot Shilling… <ul><li>Many bids on an auction from different users who has 0 feedback are probable suspect. </li></ul><ul><li>High bidder retracts bid after pumping up the bidding. </li></ul><ul><li>Background Check </li></ul><ul><ul><li>Bidder has same country/server/location/terms/ </li></ul></ul><ul><li>registration date as auction seller. </li></ul><ul><li>An account that has won auctions, but never received any feedback. </li></ul><ul><li>An even stronger indication is an account that has received feedback from only this seller. </li></ul><ul><li>Bidders all sign up within a short period of time. </li></ul><ul><li>The first bid is received minutes after the auction was listed. Usually bidder took their time to check auction item and bidding for that. </li></ul>
  39. 39. Decision Tree Same Account Yes No Shill Bidding First bid Right after bid placement Regular Same IP No of Feedback … Cross Feedback More Yes Same IP Probable Shill Bidding Yes No No Less … … … …
  40. 40. Security Agent <ul><li>Monitors bidding behaviors in ongoing auctions </li></ul><ul><li>Detects possible shilling behaviors. </li></ul><ul><li>If founds any such behaviors, then informs all current bidding agents of that auction. </li></ul><ul><li>On the basis of degree of shilling behavior, Security agent informs that agent about unfair and biased behavior and takes possible actions. </li></ul><ul><li>Upon receiving shilling behavior information in online auctions, the bidding agent can take appropriate actions accordingly in order to protect the users’ interests. </li></ul>
  41. 41. Security Agent
  42. 43. Conclusions & Future work <ul><li>Proposed a general architecture for agent-based online auction system. </li></ul><ul><li>Designed a security agent that supports detection of shilling behaviors. </li></ul><ul><li>Developed a prototype of trustworthy agent-based online auction system. </li></ul><ul><li>Will design a language that supports flexible configuration of bidding strategies. </li></ul><ul><li>Will develop a more sophisticated security agent that can effectively and efficiently detect shilling behaviors. </li></ul>