Performance modelling and evaluation of an e-voting system with misbehaving voters

Abstract

The widespread usage of internet-connected smart digital devices made accessing and consuming internet-based electronic services a pervasive phenomenon. One essential and emerging service is electronic voting, which many countries have used to increase the participation and turnout of voters in political elections. Investigating the impact of the intervention of misbehaving voters on the performance of e-voting systems will help in designing more scalable and reliable e-voting systems. In this thesis, we investigated the modelling and evaluation of the performance of a secure and large-scale e-voting system with the existence of misbehaving voters. To address this issue in this thesis, we used a formal modelling language known as PEPA (Performance Evaluation Process Algebra) to formally represent four scenarios of a chosen electronic voting system and evaluated the performance of the system model using Continuous Time Markov Chain (CTMC) and Ordinary Differential Equations (ODEs) approaches. We also addressed two resource allocation schemes that could be employed by the e-voting system to mitigate the bad influence of the misbehaving voters on the performance of the system. The bad influence of the misbehaving voters that we liked to mitigate was the throughput generated by misbehaving voters that could speed up the appearance of bottlenecks in the system. The thesis starts with a literature review of the performance evaluation of the well-known secure and scalable e-voting systems and performance evaluation formalisms used to model such large and secure systems. We selected the DRE-i (Direct Recording Electronic with Integrity) e-voting system to model using the PEPA formalism, and identified four scenarios that the DRE-i system may experience. In this thesis, we focus on modelling the vote-casting stage of the e-voting system and evaluating the performance of the system at that stage. Vote casting is the crucial stage from the performance perspective that could be targeted by malicious users to affect the performance of the e-voting system. A formal model for the typical behaviour of the selected voting protocol was constructed. We conducted a live experiment using a real implementation of the DRE-i scheme to derive some average rates for the DRE-i PEPA model. Using a scalable performance evaluation technique, we evaluated the PEPA model and calculated the average response time for voters when they use the DRE-i e-voting system. We mainly investigated some of the possible misbehaviours that may affect the e-voting system. We constructed the PEPA models for three misbehaviours and their interactions with the DRE-i system. We evaluated the models and calculated the impact of the three misbehaviours on the throughput of the DRE-i system. We also analysed the influence of the intensity and complexity of the misbehaviours on the performance of the DRE-i system. Additionally, we varied the number of the servers of the DRE-i system for the four scenarios and evaluated the throughput of the server actions. To get an insight into the impact of having different resource allocation schemes for the server of the DRE-i system on the performance, we used the CMDL (Chemical Modelling Definition Language) formalism to model two new resource allocation schemes for the DRE-i server. We converted the previously constructed PEPA models into their equivalent CMDL models. CMDL formalism has more flexibility than PEPA in defining the rates of the processes of the formal models. Then, we evaluated the CMDL models using Dizzy tool to have an insight into the performance of the DRE-i server actions when the system has different types of misbehaving voters and different resource allocation schemes. The throughput of the server actions was evaluated under different resource allocation schemes using a deterministic simulation algorithm of the Dizzy tool. Finally, the transient stability analysis of the clients’ populations and server actions’ throughput were carried out to have an insight into the transient disturbance of the clients’ populations and server actions’ throughput. The formal performance modelling and evaluation of the four scenarios of the DRE-i system when the system uses three different resource sharing schemes show that the less complex misbehaviour has less bad impact on the performance of the DRE-i system than the more complex misbehaviours. Also, the formal performance modelling and evaluation of the system show that two resource allocation schemes reduced the impact of the three misbehaviours on the performance of the system compared to the third resource sharing scheme.