Abstract
The Social Internet of Things (SIoT) combines social networks and the Internet of Things, enabling closer interaction between devices, users, and services. However, this interaction brings risks of trust attacks. These trust attacks not only affect the stability of SIoT systems but also threaten personal privacy and data security. This paper provides a decade-long review of SIoT trust attack research. First, it outlines the SIoT architecture, social relationship types, concept of trust, and trust management processes. It maps seven attacks-bad mouthing attack (BMA), ballot stuffing attack (BSA), self-promoting attack (SPA), discriminatory attack (DA), whitewashing attack (WWA), on-off attack (OOA), and opportunistic service attack (OSA)-clarifying their mechanisms and traits. Next, we synthesize the literature on SIoT trust models, enumerate which attack types they address, and classify defense strategies. It then conducts simulation-based comparative experiments on trust attacks to reveal their impact on node trust and transaction processing, compares attack capabilities along disruption speed, attack strength, and stealthiness, and summarizes attack surfaces with corresponding defense recommendations to better guide the design of SIoT trust management schemes. Finally, we identify open challenges and future research directions, to support the development of new trust management models better equipped to address evolving trust attacks.