The Application of Fuzzy Logic Controller to Compute a Trust Level for Mobile Agents in a Smart Home

Agents that travel through many hosts may cause a threat on the security of the visited hosts. Assets, system resources, and the reputation of the host are few possible targets for such an attack. The possibility for multi-hop agents to be malicious is higher compared to the one-hop or two-hop boomerang agents. The travel history is one of the factors that may allow a server to evaluate the trustworthiness of an agent. This paper proposes a technique to define levels of trust for multi-hop agents that are roaming in a smart home environment. These levels of trust are used later to determine actions taken by a host at the arrival of an agent. This technique uses fuzzy logic as a method to calculate levels of trust and to define protective actions in regard to those levels

Contribution to the construction of fingerprinting and watermarking schemes to protect mobile agents and multimedia content

The main characteristic of fingerprinting codes is the need of high error-correction capacity due to the fact that they are designed to avoid collusion attacks which will damage many symbols from the codewords. Moreover, the use of fingerprinting schemes depends on the watermarking system that is used to embed the codeword into the content and how it honors the marking assumption. In this sense, even though fingerprinting codes were mainly used to protect multimedia content, using them on software protection systems seems an option to be considered. This thesis, studies how to use codes which have iterative-decoding algorithms, mainly turbo-codes, to solve the fingerprinting problem. Initially, it studies the effectiveness of current approaches based on concatenating tradicioanal fingerprinting schemes with convolutional codes and turbo-codes. It is shown that these kind of constructions ends up generating a high number of false positives. Even though this thesis contains some proposals to improve these schemes, the direct use of turbo-codes without using any concatenation with a fingerprinting code as inner code has also been considered. It is shown that the performance of turbo-codes using the appropiate constituent codes is a valid alternative for environments with hundreds of users and 2 or 3 traitors. As constituent codes, we have chosen low-rate convolutional codes with maximum free distance. As for how to use fingerprinting codes with watermarking schemes, we have studied the option of using watermarking systems based on informed coding and informed embedding. It has been discovered that, due to different encodings available for the same symbol, its applicability to embed fingerprints is very limited. On this sense, some modifications to these systems have been proposed in order to properly adapt them to fingerprinting applications. Moreover the behavior and impact over a video produced as a collusion of 2 users by the YouTube’s s ervice has been s tudied. We have also studied the optimal parameters for viable tracking of users who have used YouTube and conspired to redistribute copies generated by a collusion attack. Finally, we have studied how to implement fingerprinting schemes and software watermarking to fix the problem of malicious hosts on mobile agents platforms. In this regard, four different alternatives have been proposed to protect the agent depending on whether you want only detect the attack or avoid it in real time. Two of these proposals are focused on the protection of intrusion detection systems based on mobile agents. Moreover, each of these solutions has several implications in terms of infrastructure and complexity.Els codis fingerprinting es caracteritzen per proveir una alta capacitat correctora ja que han de fer front a atacs de confabulació que malmetran una part important dels símbols de la paraula codi. D'atra banda, la utilització de codis de fingerprinting en entorns reals està subjecta a que l'esquema de watermarking que gestiona la incrustació sigui respectuosa amb la marking assumption. De la mateixa manera, tot i que el fingerprinting neix de la protecció de contingut multimèdia, utilitzar-lo en la protecció de software comença a ser una aplicació a avaluar. En aquesta tesi s'ha estudiat com aplicar codis amb des codificació iterativa, concretament turbo-codis, al problema del rastreig de traïdors en el context del fingerprinting digital. Inicialment s'ha qüestionat l'eficàcia dels enfocaments actuals en la utilització de codis convolucionals i turbo-codis que plantegen concatenacions amb esquemes habituals de fingerprinting. S'ha demostrat que aquest tipus de concatenacions portaven, de forma implícita, a una elevada probabilitat d'inculpar un usuari innocent. Tot i que s'han proposat algunes millores sobre aquests esquemes , finalment s'ha plantejat l'ús de turbocodis directament, evitant així la concatenació amb altres esquemes de fingerprinting. S'ha demostrat que, si s'utilitzen els codis constituents apropiats, el rendiment del turbo-descodificador és suficient per a ser una alternativa aplicable en entorns amb varis centenars d'usuaris i 2 o 3 confabuladors . Com a codis constituents s'ha optat pels codis convolucionals de baix ràtio amb distància lliure màxima. Pel que fa a com utilitzar els codis de fingerprinting amb esquemes de watermarking, s'ha estudiat l'opció d'utilitzar sistemes de watermarking basats en la codificació i la incrustació informada. S'ha comprovat que, degut a la múltiple codificació del mateix símbol, la seva aplicabilitat per incrustar fingerprints és molt limitada. En aquest sentit s'ha plantejat algunes modificacions d'aquests sistemes per tal d'adaptar-los correctament a aplicacions de fingerprinting. D'altra banda s'ha avaluat el comportament i l'impacte que el servei de YouTube produeix sobre un vídeo amb un fingerprint incrustat. A més , s'ha estudiat els paràmetres òptims per a fer viable el rastreig d'usuaris que han confabulat i han utilitzat YouTube per a redistribuir la copia fruït de la seva confabulació. Finalment, s'ha estudiat com aplicar els esquemes de fingerprinting i watermarking de software per solucionar el problema de l'amfitrió maliciós en agents mòbils . En aquest sentit s'han proposat quatre alternatives diferents per a protegir l'agent en funció de si és vol només detectar l'atac o evitar-lo en temps real. Dues d'aquestes propostes es centren en la protecció de sistemes de detecció d'intrusions basats en agents mòbils. Cadascuna de les solucions té diverses implicacions a nivell d'infrastructura i de complexitat.Postprint (published version

Security in mobile agent systems: an approach to protect mobile agents from malicious host attacks

Mobile agents are autonomous programs that roam the Internet from machine to machine under their own control on behalf of their users to perform specific pre-defined tasks. In addition to that, a mobile agent can suspend its execution at any point; transfer itself to another machine then resume execution at the new machine without any loss of state. Such a mobile model can perform many possible types of operations, and might carry critical data that has to be protected from possible attacks. The issue of agent security and specially agent protection from host attacks has been a hot topic and no fully comprehensive solution has been found so far. In this thesis, we examine the possible security attacks that hosts and agents suffer from. These attacks can take one of four possible forms: Attacks from host to host, from agents to hosts, from agents to agents (peer to peer) and finally from hosts to agents. Our main concern in this thesis is these attacks from a malicious host on an agent. These attacks can take many forms including rerouting, spying out code, spying out data, spying out control flow, manipulation of code, manipulation of data, manipulation of control flow, incorrect execution of code, masquerading and denial of execution. In an attempt to solve the problem of malicious host attacks on agents, many partial solutions were proposed. These solutions ranged across simple legal protection, hardware solutions, partitioning, replication and voting, components, self-authentication, and migration history. Other solutions also included using audit logs, read-only state, append only logs, encrypted algorithms, digital signatures, partial result authentication codes, and code mess-up, limited life time of code and data as well as time limited black box security. In this thesis, we present a three-tier solution. This solution is a combination of code mess up, encryption and time out. Choosing code mess-up as part of the solution was due to the several strengths of this method that is based on obfuscating the features of the code so that any attacker will find it very difficult to understand the original code. A new algorithm iii was developed in this thesis to implement code mess-up that uses the concept of variable disguising by altering the values of strings and numerical values. Several encryption algorithms were studied to choose the best algorithm to use in the development of the proposed solution. The algorithms studied included DES, LUCIFER, MADRYGA, NEWDES, FEAL, REDOC, LOKI, KHUFU & KHAFRE, IDEA and finally MMB. The algorithm used was the DES algorithm due to several important factors including its key length. Not any language can be used to implement mobile agents. Candidate languages should possess the portability characteristic and should be safe and secure enough to guarantee a protection for the mobile agent. In addition to that the language should be efficient in order to minimize the implementation overhead and the overhead of providing safety and security. Languages used to implement mobile agents include Java, Limbo, Telescript, and Safe TCL. The Java language was chosen as the programming language for this thesis due to its high security, platform independence, and multithreading. This is in addition to several powerful features that characterize the Java language as will be mentioned later on. Implementing a mobile agent requires the assistance of a mobile agent system that helps in launching the agent from one host to another. There are many existing agent launching systems like Telescript, Aglets, Tacoma, Agent TCL and Concordia. Concordia was chosen to be the implementation tool used to launch our mobile agent. It is a software framework for developing, running and administering mobile agents, and it proved to be very efficient, and effective. The results of our proposed solutions showed the strength of the proposed model in terms of fully protecting the mobile agent from possible malicious host attacks. The model could have several points of enhancements. These enhancements include changing the code mess-up algorithm to a more powerful one, using a different encryption technique, and implementing an agent re-charge mechanism to recharge the agent after it is timeout

A survey of security issue in multi-agent systems

Multi-agent systems have attracted the attention of researchers because of agents' automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges. © Springer Science+Business Media B.V 2011

Secure Mobile Agents in Electronic Commerce by Using Undetachable Signatures from Pairings

It is expect that mobile agents technology will bring significant benefits to electronic commerce. But security issues, especially threats from malicious hosts, become a great obstacle of widespread deployment of applications in electronic commerce based on mobile agents technology. Undetachable digital signature is a category of digital signatures to secure mobile agents against malicious hosts. An undetachable signature scheme by using encrypted functions from bilinear pairings was proposed in this paper. The security of this scheme base on the computational intractability of discrete logarithm problem and computational Diffe-Hellman problem on gap Diffle-Hellman group. Furthermore, the scheme satisfies all the requirements of a strong non-designated proxy signature i.e. verifiability, strong unforgeability, strong identifiability, strong undeniability and preventions of misuse. An undetachable threshold signature scheme that enable the customer to provide n mobile agents with ‘shares’ of the undetachable signature function is also provided. It is able to provide more reliability than classical undetachable signatures

Cooperative Trust Framework for Cloud Computing Based on Mobile Agents

Cloud computing opens doors to the multiple, unlimited venues from elastic computing to on demand provisioning to dynamic storage, reduce the potential costs through optimized and efficient computing. To provide secure and reliable services in cloud computing environment is an important issue. One of the security issues is how to reduce the impact of for any type of intrusion in this environment. To counter these kinds of attacks, a framework of cooperative Hybrid intrusion detection system (Hy-IDS) and Mobile Agents is proposed. This framework allows protection against the intrusion attacks. Our Hybrid IDS is based on two types of IDS, the first for the detection of attacks at the level of virtual machines (VMs), the second for the network attack detection and Mobile Agents. Then, this framework unfolds in three phases: the first, detection intrusion in a virtual environment using mobile agents for collected malicious data. The second, generating new signatures from malicious data, which were collected in the first phase. The third, dynamic deployment of updates between clusters in a cloud computing, using the newest signatures previously created. By this type of close-loop control, the collaborative network security management system can identify and address new distributed attacks more quickly and effectively. In this paper, we develop a collaborative approach based on Hy-IDS and Mobile Agents in Cloud Environment, to define a dynamic context which enables the detection of new attacks, with much detail as possible

Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment

Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS) based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA) and network intrusion detection system (NIDS). Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM) under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts, transfer data malicious and transfer update of a database of neighboring IDS in the cloud. With this technique, the neighboring IDS will use these new signatures to protect their area of control against the same type of attack. By this type of close-loop control, the collaborative network security management framework can identify and address new distributed attacks more quickly and effectively