Living in an age when services are often rated, people are increasingly depending on reputation of sellers or products/apps when making purchases online. This puts pressure on people to gain and maintain a high reputation by offering reliable and high-quality services and/or products, which benefits the society at large. Unfortunately, due to extremely high competition in e-commerce or app stores, recently reputation manipulation related services have quickly developed into a sizable business, which is termed Reputation-Escalation-as-a-Service (REaaS). As REaaS attacks grow in scale, effective countermeasures must be designed to detect and defend against them.
This research addresses REaaS from two aspects. First, it aims to understand the economics of REaaS by conducting empirical studies of e-markets. Second, it aims to develop defensive measures, which involve both technical approaches and market intervention. The technical approaches focus on detection of REaaS from e-markets, and novel detection techniques will be developed using content analysis, machine learning, social ties, and graph theory. For market invention, after a holistic analysis of REaaS, this research aims to identify its bottleneck (the weakest link) and also measure the efficacy of intervention. The outcome of this data-driven security research will enhance security education with labs based on social-economic data analysis. The success of this research will attract more attention of industry practitioners, government sectors, and academia to jointly tackle the REaaS problem.