Kazi Mamun Dept. of Computer Science University of Regina Regina, Canada
[email protected]
Abstract Trust is difficult to establish in online auctions since transactions occur among complete strangers. The Internet Fraud Complaint Center shows that auction fraud is the highest rate of crime in online activities. Nowadays, shill bidding is the most severe and persistent fraud for online auction users. Considering the strengths and weaknesses of existing works on , in this paper, we propose a reliable software architecture
Samira Sadaoui Dept. of Computer Science University of Regina Regina, Canada
[email protected]
trading account to commit the fraud. A case study on shill bidding demonstrate that in 2008 online auction users have lost about 250 million dollars because of shilling [5].
to secure and protect auction systems from shill bidders for both forward and reverse auctions. More precisely our auction system monitors and detects shill bidding in run-time as well as takes necessary actions against shill bidding . Keywords- Online Auctions; Trust; Cheating; e-commerce; Software Architecture.
I.
INTRODUCTION
Online auctions are the most popular trading mechanisms in e-commerce. Auctions allow buyers and sellers to purchase and sell products in an efficient way. Among all online crimes, auction frauds are the highest reported crimes [2] as illustrated in Fig. 1, whereas most of the time buyers and sellers do not even realize that they are being cheated. In 2007, the Internet Crime and Complaint Center (IC3) received over 200 thousand complains totalled about 240 million dollars lost [2]. Also, the most recent report shows that in 2011, IC3 received more than 22 thousand complains of auction related frauds [3]. A online auction frauds into six different categories [1]: nondelivery of goods, item misrepresentation, triangulation, fee staking, selling of black-market goods, multiple bidding and shill bidding. Shill bidding is the hardest type of frauds to detect because any user can easily register in an auction system under a false identity to bid on his own selling or buying items, or multiple regulations of online auctions [4, 6]. Shilling is used for a particular auction item to artificially inflate the price in case of forward auctions [4], and deflate the price in case of reverse auctions. The goal of shilling is to generate an interest for the item. The seller or buyer would usually get another bidder to bid on the item to make it looks like that the item is more popular than it actually is, or the seller or buyer uses a second
Figure 1: Auction Frauds among Online Crimes [2]
The emergence of human cheating behavior in online auctions requires secured, reliable and trustworthy auction protocols and architectures. In [4-8, 10-12], the authors argue that the current state of software architectures of online auctions in which a seller can register under many aliases and operate in rings with impunity, such as eBay and uBid, has made shill bidding much more exploitable [4]. In case of auctions where multiple open bids take place, it is not very easy to stop shill bidding since the existing auction houses in the market have no functionality that detects shill bidding in live auctions and most of them do not take any action without any report from auction users [4]. Nevertheless, the proposed solutions have some limitations that we discuss in the next section. To the best of our knowledge, so far no researchers have proposed to solve shill bidding in run time. In this paper, we first examine the strengths and weaknesses of existing solutions for shill behaviour in online auctions. We then examine common patterns as well as several concrete examples of shill bidding. Subsequently, we present a three-tier software architecture to protect the users from the presence of shill bidders. The proposed architecture is applicable for both forward and reverse auctions in which a separate security module monitors and detects shilling during the auction running time by using different bidding behavior detection and IP tracking techniques. In addition, our auction system takes necessary actions against shill bidding in live
auctions, which ensures trust and reliability for online auctions. II.
RELATED WORKS
Researchers have proposed different ways to protect online auctions from shill bidders. In [4], Travathan and Read present an algorithm to determine the degree of shilling for a particular user but for offline auctions. Nevertheless, the algorithm does not work in live auctions and does not focus on some important shill bidding behaviors, for example, multiple consecutive bidding by the same user, bidding with different identities, and Later, in [6] Travathan and Read improve the previous algorithm by detecting collusive shill bidding where multiple shill bidders shill in a group. But the two problems of duplicate identity shill bidding and consecutive multiple bidding are not addressed. Moreover, the algorithm still does not work in live auctions. In [7], Patel et al., introduce a shill monitoring for agentbased online auctions using role-based access control mechanisms. The authors propose a model where a security agent monitors each and every transaction to detect shilling. Even though the authors present an interesting architecture, the proposed security agent depends on the u which can easily be falsified by duplicate identities and group
III.
SHILL BIDDING
A. Common Patterns of Shill Bidding Shill bidding takes place when a seller in forward auction wants to sell his item for more, or a buyer in reverse auction wants to buy the auctioned item for less than the usual price. Shill bidders use some common techniques to achieve their goals, including: P1: a shill bidder bids continuously to outbid his own bid when he is the top bidder in the auction to increase or to decrease the price. P2: a shill bidder bids continuously within a very short time interval of time between to outbid his own bid to give more time to the other bidders. P3: a shill bidder put a high amount of price in the bidding unnecessarily to increase or decrease the price. P4: a shill bidder may create multiple identities and bid on his own item using a single computer with the same IP address [13]. P5: a shill bidder may change both his identity and IP address of the computer. P6: a shill bidder may ask another bidder to help him for shill bidding [13]. P7: a shill bidder may establish a bidding ring composed of multiple sellers or buyers bidding on the
shilling techniques used by auction frauds. In [8], a knowledge-based Dempster-Shafer (DS) theory is used to secure online auctions from shilling. [8] introduces a two-step model: the combined knowledge obtained in the first step is carried out using a model checking method to detect shill behavior, and the mathematical theory of evidences is used in the second step to verify the detected results of shilling. But since the DS theory depends on the gathered knowledge, which is in this case a shill score against a user, it cannot detect shilling activity occurrences of multiple identity shill bidding. Moreover, [8] claims that the technique can detect shilling in real time but the deployed model checker performs a check on only when the auction ends. This indicates that the model is not effective to take action against shill bidding in real-time. To the best of our knowledge, no research has been done in online auction which includes protection against wide open chance of manipulation of the system for shilling using different Internet Protocol (IP) addresses. On the other hand, in the field of network security, [9] discusses the MAC layer security issues for mobile Ad hoc network, which we believe are almost similar with shilling problems. To detect and isolate a malicious node, the authors design a packet forwarding scheme based on a trust value. This value is determined through a trust counter which increases or decreases based on the malicious activities of a particular node. We consider these interesting ideas of MAC layer security and apply them when designing our secure architecture for online auctions. There are also a lot of techniques [10-12, 18-20] on IP tracking that we take into account in our designed architecture.
involvement of the buyer or the seller [13]. P8: a group of shill bidders may form a bidding ring composed of multiple sellers or buyers bidding on [13]. P9: two or more shill bidders work together in same auction to inflate or deflate price [14]. B. Examples of Shill Bidding There are many signs of shill bidding in running auctions; using those we take actions in run time and make the auction system secured and trustworthy. Here, we consider some concrete examples from the popular online auction house eBay [15] where shill bidding occur the most. 1) Example 1: This forward auction took place on February 26th and ended on March 1st, 2012. This example shows a very common sign of shill bidding (pattern P1). In Table I, we can see that at the beginning of the auction, user s***e bids three consecutive times in a row just to increase the price within a short period of time, even though there was no other bidders. The auction started with the price of $50. After three days, there was only one more bid which increased the price by just $2. Then on Feb 29th, user s***e placed bids three times just within a minute and increased the price by $15. But at the end, user s***e did not win the auctioned item, another user bought that item with a higher price because of shill bidding. Now if we look at the bid history and profile of the cheating user in Table II, we see some other facts of shilling. The user s***e has only 7 feedbacks which is considered a new profile in eBay and in the last 30 days he has bids are only on this seller.
TABLE I.
Bidder t***o s***e s***e s***e t***a w***a TABLE II.
EXAMPLE OF SHILL BIDDING (P1)
Bid Amount US $67.00 US $65.00 US $60.00 US $55.00 US $52.00 US $50.00
Bid Time 03:25:57 PST 02:49:11 PST 02:48:47 PST 02:48:20 PST 18:16:15 PST 22:42:15 PST
BIDDING HISTORY OF THE SHILL BIDDER
Bidder Information Bidder ID Bids on this item Total bids Item bids on Bid (%) with this seller Item description Feedback
Data s***e(7) 3 3 1 100% #M Mpro120 LED 100%
2) Example 2: This auction (cf. Table III) took place in 2009. Here we can see that user h***r bid continuously within a short interval of time (pattern P2), even though there is no other bidders. Example of Shill Bidding (P2) Bidder n***a h***r h***r h***r h***r h***r h***r h***r h***r TABLE III.
Bid Amount AU $205.00 AU $200.00 AU $195.00 AU $190.00 AU $18500 AU $180.00 AU $175.00 AU $175.00 AU $125.00
Bid Time 12:19:43AEDST 15:24:38AEDST 15:24:32AEDST 15:24:23AEDST 15:24:15AEDST 15:24:07AEDST 15:24:00AEDST 15:23:53AEDST 15:22:39AEDST
BIDDING HISTORY OF THE SHILL BIDDER
Bidder Information Bidder ID Bids on this item Total bids Item bids on Bid (%) with this seller Item description Feedback
Data h***r(133) 34 190 41 100% Acourt 66 100%
But at the end, he stopped bidding when n***a placed a price and win the auction. Here we can see another pattern of shilling, which is, the shill bidder is biding within a very short time interval between each bids to outbid his own bids. And now if we ta contains other characteristics of shill bidding. He bidded in total 190 times on 41 items in the last 30 days. Interestingly,
Example 3: Another characteristic of shill bidding is putting a very high price (pattern P3) on an item even though a user may put a lower price to bid others. In this auction (cf. Table V), we can see multiple characteristics of shilling where seller himself or other bidders can be a shill bidder. At first the auction started from the price only $1. Then user n***a increased the price by $18 unnecessarily and kept increasing the price up to $201, even though when there was no other bidders. Then all of a sudden, a user i***j came and increased the price suddenly to $3000 and kept bidding up to $3900. But at the end he stopped bidding and did not win the auction only for only $50. It indicates that he intentionally bided up to a certain time or a price to reach his goal of price inflating to benefit the seller not to win the auction and buy the item. TABLE IV.
Bidder s***o i***j s***o i***j n***a n***a n***a n***a e***m
EXAMPLE OF SHILL BIDDING (P3)
Bid Amount AU $3950.00 AU $3900.00 AU $3550.00 AU $3000.00 AU $201.00 AU $176.00 AU $156.00 AU $68.00 AU $1.00
TABLE V.
Bid Time 17:29:53 AEST 21:48:36 AEST 14:44:54 AEST 16:13:39 AEST 16:25:20 AEST 16:25:10 AEST 16:24:53 AEST 21:54:57AEST 22:39:57 AEST
BIDDING HISTORY OF THE SHILL BIDDER
Bidder Information Bidder ID Bids on this item Total bids Item bids on Bid (%) with this seller Item description Feedback
Data i***j(12) 2 2 2 100% c1880s 100%
Also we can see from the table below that he is a shill bidder. User i***j has only 12 feedbacks and has bided only two times in the (Table VI). This shows that this user is only using this user ID to bid on the particular user`s auction to increase the price. This action matches with the Pattern P6. IV.
A RELIABLE SOFTWARE ARCHITECTURE
To make our auction system trustworthy as well as make it easily maintainable in response to any new patterns of shilling, we design it as a three-tier architecture (cf. Fig. 2). The architecture locates the user interface with the application layer, functional logic processes with the business layer, database and storage with the data layer. It is based on the client-server model to support millions of online users. The application layer, i.e. the graphical user interface through which sellers and buyers interact with our auction house, is composed of two components: AuctionDisplay and
Figure 2: Software Architecture for Online Auctions
Registration/SignIn. This module presents all the information regarding running and past auctions, submitted bids (since our system is based on the English protocol) and item description. Any user intending to sell or buy goods has to register first in our system. For registration and sign in, every user has to get approved by the business layer.
the length of time since a user registered to our auction system, UM the number of selling and buying actions of a user for a certain time period which is determined by the auction administrator, and SA the number of shilling attempts made by a user in a certain time period. In our system, users have six different types of status, including:
The data layer keeps all the information and history of users and auctions, such as auction starting and ending time, bidding time, bidding price and bidding history of every user. The business layer handles all the actions in the auction system, monitors, detects and takes necessary actions against shill bidding in run time. It comprises of Status Module (SM), Authorization Module (AM), Auction Controller (AC) and Security Module (ScM) that we describe below.
1) New User (NU): NU is the status of a user who is newly registered to the system, or used the system for less than n number of days (UP), and has not performed any or less than m number of actions (UM), and less than v number of SAs.
A. Auction Controller AC works as the brain of the whole system. Any work through AC to keep the system centralized and convenient. AC is the medium between the three layers, so that it simultaneously handles run-time actions of the other components. AC transmits and processes all the actions made by users in the application layer. This component makes the final decision of acceptance or rejection of the user's registration based on the reports from SM, AM and ScM. In addition, it handles the auction, procurement and bidding data. When a registered user wants to sell or buy a product, he submits auction or procurement data, AC transmits this data to AM for verification. If accepted, AC sends confirmation to the application layer. AC also controls the database for collecting, storing and providing the requested data to SM, AM and ScM. B. Status Module Researchers have proposed to give different ratings and statuses to users based on their shilling activities 6 7, 12 . In our work, SM assigns a wide range of different statuses to any seller and buyer based on three metrics: Using Period (UP), Using Manner (UM) and Shilling Attempt (SA). UP indicates
2) Most Trusted User (MTU): MTU is the status of a user who is registered to the system for more than n number of days (UP), performed more than m number of actions (UM) and have not done any SAs. 3) Trusted User (TU): TU is the status of a user who is registered to the system for more than n number of days (UP) or performed more than n number of actions (UM) and have done less than x but more than v number of SAs; x should be greater than v. 4) Average User (AU): AU is the status of a user who has done more than x but less than y number of SAs; y should be greater than x. 5) Untrusted User (UU): UU is the status of a user who has done more than y but less than z number of SAs; z is greater than y. 6) Most Untrusted User (MUU): MUU is the status of a user who has done more than z number of SAs. We may note that the values of n, m, v, x, y and z are thresholds decided by the auction administrator according to the auction policies. When requested, SM calculates the status for a given user and transmits it to AC for storage. Based on the status, AM increases or decreases the selling or buying limit of the user to shilling activity. AC itself can take any actions against a shill bidder based on the status and the policy decided by the
auction administrator the auction system can be ensured of the shill activities of the running auction. Status of every participant is shown besides every bid in a running auction, so that, any user can realize the safety of the auction.
end of the auction time interval. If an auction runs for t time and represents the last portion of the time interval, the bidding frequency Bf in of a shill bidder is
C. Authorization Module AM deals with registration, sign-in, bidding and procurement of users. Based on the registration information of the user, AM checks for the validity of the data, for example email address validity for registration. AM also checks duplicate data on the system database. If validated, AM
e) Outbidding Time Detection:To give more time to normal bidders, a shill bidder bids shortly or right after being outbid compared to a normal bidder. If the average outbidding time is Bt, then
Similarly, when any registered user tries to access any auction for bidding or request a product for buying or selling, he has to get authorization from AM. AM considers the numerical validity of the input data of the user buying or selling limit w provided by SM. D. Security Module This module performs the most important role to maintain our auction secured and is composed of two sub-modules: Bidding Behavior Tracking and IP Tracking. To increase trust, every live auction is monitored and examined by the sub-modules of ScM for a certain number of times (determined by the auction administrative policy). 1) Bidding Behavior Tracking: According to L. Rousseau 17 tion is not very useful alone, it just indicates a time and date. It does not say what happened clock service to monitor and detect shill bidding in live auctions. To this end, we consider bidding behaviors in different time-patterns. After analyzing typical characteristics of shill bidders in the previous examples and their bidding patterns (P1-P8), we come up with some approaches to identify shilling. The Bidding Behavior Tracking (BBT) module calculates the score, ranging from 0 to 5, from the following five signs. Each sign is assigned a value of 1 for a positive result of shilling behavior and 0 for a negative result. a) Multiple Bids Detection: A shill bidder often uses multiple bids (see Example 1) and outbids his own bids to inflate or deflate a price in a short span of time. We use a threshold for a maximum allowable multiple bids of a user. b) High Bidding Frequency Detection [10]: A shill bidder (Bs) usually has high bidding frequency (Bf) in the auction running time (t) compared to other normal bidders (Bo): Bf(Bs) > Bf(Bo). c) Bidding Time Detection [4]: To inflate the price, a shill bidder usually bids more at the beginning of the auction (Example 3). If an auction runs for t time which is divided into t1 as the first half of the time interval and t 2 as the second half, the bidding frequency Bf of a shill bidder is: Bf(t1) > Bf(t2). d) Bidding Stopping Time Detection [4,6]: To avoid winning, a shill bidder usually bids less or does not bid at the
B f(
2) IP Tracking: A wide range of bidding behavior detection is used by the ScM. However, shill detection of duplicate identity and shill bidding by a user having no previous bidding history might be difficult to deter. The Internet Protocol (IP) address is given to every computer connected to the Internet. ScM considers IP tracking and uses the WebSIM technologies 10-12, 18-20 to make the auctions more secured. ScM gets the IP address of a user and checks if multiple users are using the auction system from the same address. ScM also checks whether different user ids are acting as a buyer or seller on the same auction from the same IP address. Since IP addresses can be faked and can be dynamic, today tracing a user is becoming more difficult. We consider here a combination of three methods to detect a bidding user address: Packet Header Learning Technique, IP Traceback, and DHCP Origin Traceback. In the Internet, we use packet switching network, which uses TCP/IP Packet to communicate with each other. The Packet headers contain destination and source IP address of each packet we send over the Internet [10]. In the first step, IP Tracking (IPT) module uses Packet Header Learning Technique to detect IP addresses of the bidders from the packets they sent to the auction system. But, due to the trusting nature of the IP protocol, sometimes the source IP address of a packet is not reliable [18-20]. IP traceback is applied to our system to determine the origin of a packet on the Internet. The use of Dynamic Host Control Protocol (DHCP) creates a security threat to the Web as users have no static IP addresses to detect after a shill bidding [11]. But proposed DHCP origin traceback technique can help the IPT sub-module to find a shill bidder who is using DHCP. V.
ACTIONS AGAINST SHILL BIDDING
IP Tracking module tracks the IP addresses of auction initiators and bidders. AC stores all the IP addresses of auction initiators (who can be sellers or buyers at the time of item auctioning) provided by the IP Tracking module. During the auction running time, AC again requests the IP addresses of the bidders and match those addresses to check whether an auction initiator himself is bidding on his own auction or not. If any matches are found, AC takes immediate actions. On the other hand, Bidding Behavior Tracking module monitors shill bidding based on a range of shill activities. If any suspicious shill activities are detected, AC reacts immediately. Based on Shilling Behavior Detection and IP user, AC takes necessary actions to stop shill bidding in auction running time to make the system secured from shill
bidders. As shown in Table VII, ScM combines the results sent by the two sub-modules. If the score of BBT ranges from 0 to 2, we consider it as a non-shill bidder as the user may show one or two shilling behavior that are unintentional. But when the score is 3 or more we consider the user as a shill bidder. TABLE VI.
BBT Score (0-2) -> 0 (3-5) -> 1
Combined Result (0,0) (0,1) (1,0) (1,1)
Shill Result of ScM 0 1 1 1
On the other hand IPT returns only binary results. If a user is shilling with different user identity but with the same IP address, IPT considers him as a shilling user. So, if any of the sub-modules provides a positive result of shilling, the user bidding on an auction is considered as shill attempt (SA). In this way, ScM ensures reliable result of shill detection. Auction Controller (AC) transmit the number of SAs, value of Using Manner (UM) and Using Period (UP) of the user to Status Module (SM) to calculate his new status. SM increases the SA value of the shill bidder, and calculates the new status according the procedures given in section 4.2. Based on that result provided by SM which includes history of the user and his current shilling behavior on a running auction, AC may takes the following actions (cf. Table VIII): Action 1: AC may pause an auction temporarily in case of any suspicious shilling activity for further shill measurement. Action 2: AC may stop a running auction permanently in case of a determined shilling activity. Action 3: Based on the status of a shill bidder, AC may give warning to him to act more reliably in the auction. Action 4: AC may limit the selling or buying price limit and limit the number of bids per auction of the shill bidders to control shill bidding. Action 5: Based on the status of users and continuing account temporarily or permanently.
Result of ScM 1
VI.
the system centralized and protects
SHILL DETECTION OF SCM MODULE
IPT Score 0 or 1
TABLE VII.
became a serious problem in e-commerce in terms of security and trust. In this paper, we presented a software architecture to secure auctions from shill bidding in run-time. Our designed three-tier architecture is composed of a business layer which contains four different modules to ensure shill-proof
proper authorization and double layered shill report from a Our system offers a reliable architecture which is secured from the manipulation of the auction system by shill bidders. Our proposed system also contains a list of actions against the detected shill bidding users and auctions which are taken in runour auction system. For future work, we will design the proposed three-tier architecture as a multi-agent auction system and by using the Belief-Desire-Intention model [21]. We will implement the entire auction system with the agent-based simulation environment called Jadex [22]. Another direction of this work is to prevent collusive shill bidding, which is more difficult to detect and design [14].
REFERENCES [1]
[2]
[3]
[4] [5] http://www.ecommercebytes.com/forums/vbulletin/showthread.php?t=2 2659 [Last visited on 25th September, 2012] [6]
EXAMPLE OF SHILL BIDDING (P1)
Status of SM NU MTU TU AU UU MUU
Actions of AC Action 1 and/or Action 3 Action 1 and/or Action 3 Action 1 and/or Action 4 Action 1 and/or Action 4 Action 2 and/or Action 5 Action 2 and/or Action 5
CONCLUSION AND FUTURE WORKS
Fraudulent activities like shill bidding are damaging the reliability and reputation of online auctions, and have already
Mamata Jenamani, YuhuiZhong, Bharat Bhargava, Cheating in online auction Towards explaining the popularity of English auction, Electronic Commerce Research and Applications, Volume 6, Issue 1, Spring 2007, Pages 53-62, ISSN 1567-4223, 10.1016/j.elerap.2005.12.002. SecurePuter, and Web saftey, reviews http://www.secureputer.com/series-do-not-fall-victim-to-internetth auction-fraud [Last Visited on 25 September, 2012] net Crime Report, http://www.ic3.gov/media/annualreport/2011_IC3Report.pdf [Last th Visited on 25 September, 2012]
[7]
Proceedings of the Fourth International Conference on Information Technology: New Generations (ITNG 2007), Las Vegas, Nevada, USA, April 2007, pp. 799-808. -Time Trust Management in Agent th International Conference on Software Engineering and Knowledge -250.
[8] Using Dempsteral Conference on Information Technology: New Generations (ITNG 2009), April 2009 [9] Rajaram,A., Palaniswami,S.: The Trust-Based MAC-Layer Security Protocol for Mobile Ad hoc Networks, International Journal on Computer Science and Engineering, Vol. 2, No. 02, pp. 400-408, 2010 [10] S. Kim, A. L. N. Reddy, and M. Vannucci. Detecting Traffic Anomalies through Aggregate Analysis of Packet Header Data. In Networking, 2004.
[11] Shokri, Reza; A. Varshovi, H. Mohammadi, N. Nazdani, and B. Sadeghian (September 13 15, 2006). "DDPM: Dynamic Deterministic [12] Belenky, Andrey; Nirwan Ansari (2007). "On deterministic packet marking". Computer Networks: the International Journal of Computer and Telecommunications Networking 51 (10): 2677 2700 [13] Wang, W., Hidvegi, Z., and Whinston, A. B., "Shill Bidding in English Auctions," Working paper, Center for Research on E-Commerce, McComb School of Business, University of Texas, Austin, 2001. [14] J. Trevathan, W. Read, "Investigating shill bidding behavior involving colluding bidders", Journal of Computers Vol 2, No 10 (2007), 63-75, Dec 2007 [15] eBay, http://www.ebay.com/ [Last visited on 25th September, 2012] [16] H. Xu, S. M. Shatz -Based
[17]
[18]
[19]
[20]
[21]
[22]
Packet Marking for IP Traceback". IEEE International Conference on Networks. Singapore. pp. 1 6
International Conference on Information Technology: New Generations (ITNG 2008), Las Vegas, NV, April 7-9, 2008, pp. 149-155. L Rousseau - PowL. Rousseau. Secure time in a portable device. Proceedingsof 3rd Gemplus Developer Conference, Paris, France, 2001. Savage, Stefan; D. Wetherall, A. Karlin, and T. Anderson (2000). "Practical Network Support for IP Traceback". ACM SIGCOMM. Stockholm, Sweden. Retrieved 2008-11-18. Song, Dawn; A. Perrig (2001). "Advanced and Authenticated Marking Schemes for IP Traceback". INFOCOM 2001. pp. 878 886. Retrieved 2008-11-23. Snoreren, Alex C.; C. Partridge, L. A. Sanchez, C. E. Jones, F. Tchakountio, B. Schwartz, S. T. Kent, W. T. Strayer (2002). "Singlepacket IP traceback". IEEE/ACM Trans. Netw. 10 (6): 721 734 A. S. Rao and M. P. Georgeff. BDI-agents: From Theory to Practice, In Proceedings of the First International Conference on Multiagent Systems (ICMAS'95), San Francisco, 1995. L. Braubach, A. Pokahr, and W. Lamersdorf. Jadex: A Short Overview. In Net.ObjectDays 2004: AgentExpo, 2004.