Real Time Trustworthy Auction System

1

Real-time Trust Management for Agent Based Online Auction System

Master’s Thesis Presentation

By: Rinkesh Patel

Advisor: Dr. Haiping Xu

Date: February 2007

2

Outline

• Introduction• Agent Based Online Auction System• Real-Time Trust Management Module• Conclusion• Future Work• Questions

3

Part I: Introduction

• Motivation• Online Auctions• Multi Agent System• Trust Management• Objective

References[TM] Murata T., “Petri Nets: Properties, Analysis and Applications”, 1989[WA2] W.M.P. van der Aalst, “The Application of Petri Nets to Workflow Management”, 1998[WA4] W.M.P. van der Aalst, “Process-oriented architecture for electronic commerce and inter-organizational workflow”, 2000

4

Motivation

• Online auction systems are becoming a commonplace for sellers to cheat customers and extract high sums of money by any means necessary. [Ref:”The Sunday Times”,UK Jan 07]

• To cope up with such problems, existing systems analyze closed auctions to resolve issues initiated by their customers.

• Existing online auction systems lack a mechanism to avoid such behaviors in real-time.

5

Motivation

• With the number of users and auctions increasing, people are spending more time on their systems bidding and monitoring the auctions.

• As more fraud cases come to light, the need for an online auction system, that looks out for the best interests of the buyers and sellers, becomes increasingly important.

6

Online Auctions

• Most Online Auctions specialize in person-to-person activity where individual sellers or small businesses sell their items directly to consumers.

• In these auctions, the seller — not the site — has the merchandise, and often, the site will not take responsibility for any problems that may arise between buyers and sellers.

• EBay, Yahoo Auctions, uBid…

7

Multi Agent System

• Multi-Agent System– An intelligent agent is an autonomous computer program

capable of carrying out one or more tasks on behalf of (human) user.

• Agent Properties includes– Autonomy : agents operate autonomously, having a control

over their actions and internal state– Sociability : agents interact with other agents using some

communication language– Reactivity : agents perceive their environment, and respond in a

timely fashion to environment changes.– Pro- Activeness : agents do not simply act in response to their

environment, they are able to exhibit goal-directed behavior by taking the initiative.

8

Trust Management

9

Objective

• Provide an agent system that facilitates online auctions on behalf of users.

• Provide agents to the users with different strategies for the bidding on items.

• Design and develop a real-time Trust Management Module in agent based online auction system

• Develop a Security Agent to monitor ongoing transactions performed by bidding agents

• Modularize policies developed to make run-time decisions.

10

Outline

• Introduction• Agent Based Online Auction System• Real-Time Trust Management Module• Conclusion• Future Work• Questions

11

Agent Based Online Auction System

– Is a multi-agent system that facilitates online auctions on behalf of users.

– Provides users with different default bidding strategies.

– Allows users to customize their bidding strategies

12

Implementation of Agents

• (Introduce Jade and Agent Code)• Description of JADE

– JADE stands for Java Agent Development Framework (www.jade.tilab.com).

– Open source platform implemented in Java (ubiquity, portability).

– Complies with the FIPA specification.– Supports asynchronous message passing communication.

• Features of JADE– Agents can be distributed across machines.– Supports agent migration.– Includes graphical tools to monitor the agents.

13

Agent Code

15

Architecture of ABOAS

Client(s)

Server

Database

Security AgentMain Agent

Auction Agent

GUI Agent

Selling/Bidding Agent

Search Agent

GUI

Decision Tree

Responsible for creating a new accounts and new auctions

Controls a particular auctions

Provide safe and secure auctions

Detects Shilling

Search for auction on behalf

of user

GUI for interaction with

user

Interacts with other Agents

Bid/Sell on behalf of user.

17

Auction Server

• Main Agent– Responsible to create new users, login, create auctions

and get the list of auctions.– Creates the Auction Agent when a new auction is added

to the system.– Responds to the queries for items or auctions.

• Auction Agent– In charge of the control of a particular auction.– Users register to the auction and then send bids to the

Auction Agent. The Auction Agent notifies the registered users of the price changes of the item.

– At the end of the auction, this agent notifies the winner and the seller and passes control to the Main Agent.

– When the auction is over, this agent is deleted.

18

Auction Server

• GUI Server– Receives commands from the clients and acts correspondingly.– Provides list of agents and related information. – Updates the auction information when messages are received

from the other agents.

• Security Agent– Provides Safe and Secure Environment.

19

Auction Client

• GUI Agent– Receives commands from the user and acts correspondingly. It

doesn’t have pro-active behavior.– It does all the actions available in the user interface.

• Search Agent– Responsible for searching for items on behalf of the user.– Notifies the user when auctions of his/her desired items are

available.

• Seller Agent– Is responsible of placing auctions on behalf of the user.

• Buyer Agent– Join the auctions on behalf of the User.

20

Auction Client

• Bidding Agent– Is responsible of placing bids automatically on

behalf of the user.– Can be configured by the user using one of the

available strategies (OneShotBid, PeriodicBid,…) or using Custom strategies to bid on particular auction.

– Custom Strategies provide a better way to configure bidding agents.

– User can developed any strategy on which bidding agent will configured to work.

22

JADE Strategies

23

Bidding Strategies• How it works

– Every strategy (BidConfiguration) contains an object behavior that extends one of the JADE Behaviors.

– Actual Bidding process happens when the action method of the JADE behavior.

– The BidConfiguration object contains a JPanel where the user enters the parameters for the bidding.

– The JPanel is displayed inside a Dialog where the user chooses the strategy with a combo box.

– Auction System Provides,– Normal Strategy : OneShotBehavior– Incremental Strategy : PeriodicBehaviour

27

Bidding Procedure • When the user enters the information for the

automatic bidding:– The BidConfiguration object is populated with the data

and passed to the BiddingAgent.– The BiddingAgent calls the setupBehaviour method

that registers the behaviour object contained in the BidConfiguration.

– When the event that the behaviour is listening to happens, the method action is called and the bidding happens.

30

Outline

• Part 1: Agent Based Online Auction System– Is a multi-agent system that facilitates online auctions on

behalf of users.

– Provides users with different default bidding strategies.

– Allows users to customize their bidding strategies

• Part 2: Trustworthy Agent Based Online Auction System– Introduces a Security Agent that detects real-time Shilling

Behaviors and inform to bidding agents.

– Provides a Secure Online Auction System

• Conclusions and Future Work

31

Issues in Agent based Online Auctions

• Not Trustable– Agent-based online auction have not yet become

popular because they are not trustable. • e.g. one of the big concerns in online auctions is the shilling

behavior problem.

• Not Real Time– E-Bay, the world’s leading and widely used Auction

site does not have any real time software tools to detect shilling behaviors.

• Shill Hunter : Software used in E-Bay to check closed auctions.

32

Shill Bidding

• Shill bidding is the deliberate placing of bids to artificially raise the price of an item and is not allowed.

• Shill bidding occurs when the seller disguises himself as a legitimate bidder by using a second identity or account solely for the purpose of pushing up the sale price.

33

Shill Bidding Examples

• Example #

• John lists 2 boats (#1 and #2), both with a $10,000 reserve price at the same time.On boat #1, Alison bids $6,000 on the boat, but the Reserve Price is not met. To get the bidding higher, John places a bid himself at $7,000, using a different user name. Another bidder, Marlon, then bids $8000. The item doesn’t sell successfully.On boat #2, Dave bids $8000. John then bids $9000, using a different user name. Dave bids $10,000 and wins the boat.

34

How to do Shill Bidding

• Bidding on own Item• Dummy Bidder• Devoted Bidder

– With Reserve Price– Without Reserve Price

• Bidder-to-Seller Feedback• Short Term Bidder

• Using Bidding Agent Strategies it is possible to replicate same behavior.

35

Real-time TMM

36

Real-time Trust Management

History Module

Authentication Module

Role Assignment

Access Control

RA Policy AC Policy

State Module

Security Agent

Transactions

SA Policy

Authorization Module

Agent

Request

Initial Pass

Feedback

37

How to Spot Shilling

• Security Agent:– Shill bidding is one of the major problems in

real time auctions– Security agent detects patterns in ongoing

auctions which resembles shilling behaviors, and using a concept of decision tree, agent takes decision for degree of shilling behaviors.

– Shilling Patterns:• Devoted Bidder• Shotgun Feedback• Numerous Retraction• Concurrent Bidding

38

How to Spot Shilling…

• Many bids on an auction from different users who has 0 feedback are probable suspect.

• High bidder retracts bid after pumping up the bidding.

• Background Check– Bidder has same country/server/location/terms/

registration date as auction seller.• An account that has won auctions, but never

received any feedback.• An even stronger indication is an account that

has received feedback from only this seller.• Bidders all sign up within a short period of time.• The first bid is received minutes after the

auction was listed. Usually bidder took their time to check auction item and bidding for that.

39

Decision Tree

Same Account

Yes

No

Shill Bidding First bid Right after bid placement

Regular

Same IP No of Feedback

… Cross Feedback

More

Yes

Same IP

Probable Shill Bidding

Yes

No

No

Less

…

…

…

…

40

Security Agent

• Monitors bidding behaviors in ongoing auctions• Detects possible shilling behaviors.• If founds any such behaviors, then informs all current

bidding agents of that auction.• On the basis of degree of shilling behavior, Security

agent informs that agent about unfair and biased behavior and takes possible actions.

• Upon receiving shilling behavior information in online auctions, the bidding agent can take appropriate actions accordingly in order to protect the users’ interests.

41

Security Agent

42

43

Conclusions & Future work

• Proposed a general architecture for agent-based online auction system.

• Designed a security agent that supports detection of shilling behaviors.

• Developed a prototype of trustworthy agent-based online auction system.

• Will design a language that supports flexible configuration of bidding strategies.

• Will develop a more sophisticated security agent that can effectively and efficiently detect shilling behaviors.