A survey of security issue in multi-agent systems

Multi-agent systems have attracted the attention of researchers because of agents' automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges. © Springer Science+Business Media B.V 2011

Design and implementation of a multi-agent opportunistic grid computing platform

Opportunistic Grid Computing involves joining idle computing resources in enterprises into a converged high performance commodity infrastructure. The research described in this dissertation investigates the viability of public resource computing in offering a plethora of possibilities through seamless access to shared compute and storage resources. The research proposes and conceptualizes the Multi-Agent Opportunistic Grid (MAOG) solution in an Information and Communication Technologies for Development (ICT4D) initiative to address some limitations prevalent in traditional distributed system implementations. Proof-of-concept software components based on JADE (Java Agent Development Framework) validated Multi-Agent Systems (MAS) as an important tool for provisioning of Opportunistic Grid Computing platforms. Exploration of agent technologies within the research context identified two key components which improve access to extended computer capabilities. The first component is a Mobile Agent (MA) compute component in which a group of agents interact to pool shared processor cycles. The compute component integrates dynamic resource identification and allocation strategies by incorporating the Contract Net Protocol (CNP) and rule based reasoning concepts. The second service is a MAS based storage component realized through disk mirroring and Google file-system’s chunking with atomic append storage techniques. This research provides a candidate Opportunistic Grid Computing platform design and implementation through the use of MAS. Experiments conducted validated the design and implementation of the compute and storage services. From results, support for processing user applications; resource identification and allocation; and rule based reasoning validated the MA compute component. A MAS based file-system that implements chunking optimizations was considered to be optimum based on evaluations. The findings from the undertaken experiments also validated the functional adequacy of the implementation, and show the suitability of MAS for provisioning of robust, autonomous, and intelligent platforms. The context of this research, ICT4D, provides a solution to optimizing and increasing the utilization of computing resources that are usually idle in these contexts

Secure execution of mobile agents on open networks using cooperative agents.

Yu Chiu-Man.Thesis (M.Phil.)--Chinese University of Hong Kong, 2002.Includes bibliographical references (leaves 93-96).Abstracts in English and Chinese.Abstract --- p.iAcknowledgements --- p.iiChapter 1 --- Introduction --- p.1Chapter 1.1 --- Advantages of mobile agents --- p.2Chapter 1.2 --- Security --- p.3Chapter 1.3 --- Contributions --- p.3Chapter 1.4 --- Structure --- p.4Chapter 2 --- The Problem of Execution Tampering Attack --- p.5Chapter 2.1 --- Mobile agent execution model --- p.5Chapter 2.2 --- Tampering attack from malicious hosts --- p.5Chapter 2.3 --- Open network environment --- p.6Chapter 2.4 --- Conclusion --- p.6Chapter 3 --- Existing Approaches to Solve the Execution Tampering Prob- lem --- p.8Chapter 3.1 --- Introduction --- p.8Chapter 3.2 --- Trusted execution environment --- p.9Chapter 3.2.1 --- Closed system --- p.9Chapter 3.2.2 --- Trusted hardware --- p.9Chapter 3.3 --- Tamper-detection --- p.11Chapter 3.3.1 --- Execution tracing --- p.11Chapter 3.4 --- Tamper-prevention --- p.12Chapter 3.4.1 --- Blackbox security --- p.12Chapter 3.4.2 --- Time limited blackbox --- p.13Chapter 3.4.3 --- Agent mess-up --- p.15Chapter 3.4.4 --- Addition of noisy code --- p.15Chapter 3.4.5 --- Co-operating agents --- p.16Chapter 3.5 --- Conclusion --- p.17Chapter 4 --- Tamper-Detection Mechanism of Our Protocol --- p.18Chapter 4.1 --- Introduction --- p.18Chapter 4.2 --- Execution tracing --- p.18Chapter 4.3 --- Code obfuscation --- p.21Chapter 4.3.1 --- Resilience of obfuscating transformation --- p.22Chapter 4.4 --- Execution tracing with obfuscated program --- p.23Chapter 4.5 --- Conclusion --- p.27Chapter 5 --- A Flexible Tamper-Detection Protocol by Using Cooperating Agents --- p.28Chapter 5.1 --- Introduction --- p.28Chapter 5.1.1 --- Agent model --- p.29Chapter 5.1.2 --- Execution model --- p.30Chapter 5.1.3 --- System model --- p.30Chapter 5.1.4 --- Failure model --- p.30Chapter 5.2 --- The tamper-detection protocol --- p.30Chapter 5.3 --- Fault-tolerance policy --- p.38Chapter 5.4 --- Costs of the protocol --- p.38Chapter 5.5 --- Discussion --- p.40Chapter 5.6 --- Conclusion --- p.42Chapter 6 --- Verification of the Protocol by BAN Logic --- p.43Chapter 6.1 --- Introduction --- p.43Chapter 6.2 --- Modifications to BAN logic --- p.44Chapter 6.3 --- Term definitions --- p.45Chapter 6.4 --- Modeling of our tamper-detection protocol --- p.46Chapter 6.5 --- Goals --- p.47Chapter 6.6 --- Sub-goals --- p.48Chapter 6.7 --- Assumptions --- p.48Chapter 6.8 --- Verification --- p.49Chapter 6.9 --- Conclusion --- p.53Chapter 7 --- Experimental Results Related to the Protocol --- p.54Chapter 7.1 --- Introduction --- p.54Chapter 7.2 --- Experiment environment --- p.54Chapter 7.3 --- Experiment procedures --- p.55Chapter 7.4 --- Experiment implementation --- p.56Chapter 7.5 --- Experimental results --- p.61Chapter 7.6 --- Conclusion --- p.65Chapter 8 --- Extension to Solve the ´حFake Honest Host´ح Problem --- p.68Chapter 8.1 --- Introduction --- p.68Chapter 8.2 --- "The method to solve the ""fake honest host"" problem" --- p.69Chapter 8.2.1 --- Basic idea --- p.69Chapter 8.2.2 --- Description of the method --- p.69Chapter 8.3 --- Conclusion --- p.71Chapter 9 --- Performance Improvement by Program Slicing --- p.73Chapter 9.1 --- Introduction --- p.73Chapter 9.2 --- Deployment of program slicing --- p.73Chapter 9.3 --- Conclusion --- p.75Chapter 10 --- Increase Scalability by Supporting Multiple Mobile Agents --- p.76Chapter 10.1 --- Introduction --- p.76Chapter 10.2 --- Supporting multiple mobile agents --- p.76Chapter 10.3 --- Conclusion --- p.78Chapter 11 --- Deployment of Trust Relationship in the Protocol --- p.79Chapter 11.1 --- Introduction --- p.79Chapter 11.2 --- Deployment of trust relationship --- p.79Chapter 11.3 --- Conclusion --- p.82Chapter 12 --- Conclusions and Future Work --- p.83A Data of Experimental Results --- p.86Publication --- p.92Bibliography --- p.9

Design and implementation of a multi-agent opportunistic grid computing platform

Opportunistic Grid Computing involves joining idle computing resources in enterprises into a converged high performance commodity infrastructure. The research described in this dissertation investigates the viability of public resource computing in offering a plethora of possibilities through seamless access to shared compute and storage resources. The research proposes and conceptualizes the Multi-Agent Opportunistic Grid (MAOG) solution in an Information and Communication Technologies for Development (ICT4D) initiative to address some limitations prevalent in traditional distributed system implementations. Proof-of-concept software components based on JADE (Java Agent Development Framework) validated Multi-Agent Systems (MAS) as an important tool for provisioning of Opportunistic Grid Computing platforms. Exploration of agent technologies within the research context identified two key components which improve access to extended computer capabilities. The first component is a Mobile Agent (MA) compute component in which a group of agents interact to pool shared processor cycles. The compute component integrates dynamic resource identification and allocation strategies by incorporating the Contract Net Protocol (CNP) and rule based reasoning concepts. The second service is a MAS based storage component realized through disk mirroring and Google file-system’s chunking with atomic append storage techniques. This research provides a candidate Opportunistic Grid Computing platform design and implementation through the use of MAS. Experiments conducted validated the design and implementation of the compute and storage services. From results, support for processing user applications; resource identification and allocation; and rule based reasoning validated the MA compute component. A MAS based file-system that implements chunking optimizations was considered to be optimum based on evaluations. The findings from the undertaken experiments also validated the functional adequacy of the implementation, and show the suitability of MAS for provisioning of robust, autonomous, and intelligent platforms. The context of this research, ICT4D, provides a solution to optimizing and increasing the utilization of computing resources that are usually idle in these contexts

A Methodology for Modelling Mobile Agent-Based Systems (Mobile agent Mobility Methodology - MaMM)

Mobile agents are a particular type of agents that have all the characteristics of an agent and also demonstrate the ability to move or migrate from one node to another in a network environment. Mobile agents have received considerable attention from industry and the research community in recent times due to the fact that their special characteristic of migration help address issues such as network overload, network latency and protocol encapsulation. Due to the current focus in exploiting agent technology mainly in a research environment, there has been an influx of software engineering methodologies for developing multi-agent systems. However, little attention has been given to modelling mobile agents. For mobile agent-based systems to become more widely accepted there is a critical need for a methodology to be developed to address various issues related to modelling mobility of agent . This research study provides an overview of the current approaches, methodologies and modelling languages that can be used for developing multi-agent systems. The overview indicates extensive research on methodologies for modelling multi-agent systems and little on mobility in mobile agent-based systems. An original contribution in this research known as Mobile agent-based Mobility Methodology (MaMM) is the methodology for modelling mobility in mobile agent-based systems using underlying principles of Genetic Algorithms (GA) with emphasis on fitness functions and genetic representation. Delphi study and case studies were employed in carrying out this research

Evaluating the security of three java-based mobile agent systems

Abstract. The goal of mobile agent systems is to provide a distributed computing infrastructure supporting applications whose components can move between different execution environments. The design and implementation of mechanisms to relocate computations requires a careful assessment of security issues. If these issues are not addressed properly, mobile agent technology cannot be used to implement real-world applications. This paper describes the initial steps of a research effort to design and implement security middleware for mobile code systems in general and mobile agent systems in particular. This initial phase focused on understanding and evaluating the security mechanisms of existing mobile agent systems. The evaluation was performed by deploying several mobile agents systems in a testbed network, implementing attacks on the systems, and evaluating the results. The long term goal for this research is to develop guidelines for the security analysis of mobile agent systems and to determine if existing systems provide the security abstractions and mechanisms needed to develop real-world applications

MARIAN: A hybrid, metric-driven, agent-based routing protocol for multihop ad-hoc networks

Recent advances in technology provided the ground for highly dynamic, mobile, infrastructure-less networks, namely, ad-hoc networks. Despite their enormous benefits, the full potential cannot be reached unless certain issues are resolved. These mainly involve routing, as the lack of an infrastructure imposes a heavy burden on mobile devices that must maintain location information and route data packets in a multi-hop fashion. Specifically, typical adhoc routing devices, such as Personal Digital Assistants (PDAs), are limited in respect to the available throughput, life-time, and performance, that these may provide, as routing elements. Thus, there is a need for metric-driven ad-hoc routing, that is, devices should be utilised for routing according to their fitness, as different device types significantly vary in terms of routing fitness. In addition, a concrete agent-based approach can provide a set of advantages over a non-agent-based one, which includes: better design practice; and automatic reconfigurability.This research work aims to investigate the applicability of stationary and mobile agent technology in multi-hop ad-hoc routing. Specifically, this research proposes a novel hybrid, metric-driven, agent-based routing protocol for multi-hop ad-hoc networks that will enhance current routing schemes. The novelties that are expected to be achieved include: maximum network performance, increased scalability, dynamic adaptation, Quality of Service (QoS), energy conservation, reconfigurability, and security. The underlying idea is based on the fact that stationary and mobile agents can be ideal candidates for such dynamic environments due to their advanced characteristics, and thus offer state of the art support in terms of organising the otherwise disoriented network into an efficient and flexible hierarchical structure, classifying the routing fitness of participating devices, and therefore allow intelligent routing decisions to be taken on that basis

MARIAN: A hybrid, metric-driven, agent-based routing protocol for multihop ad-hoc networks

Recent advances in technology provided the ground for highly dynamic, mobile, infrastructure-less networks, namely, ad-hoc networks. Despite their enormous benefits, the full potential cannot be reached unless certain issues are resolved. These mainly involve routing, as the lack of an infrastructure imposes a heavy burden on mobile devices that must maintain location information and route data packets in a multi-hop fashion. Specifically, typical adhoc routing devices, such as Personal Digital Assistants (PDAs), are limited in respect to the available throughput, life-time, and performance, that these may provide, as routing elements. Thus, there is a need for metric-driven ad-hoc routing, that is, devices should be utilised for routing according to their fitness, as different device types significantly vary in terms of routing fitness. In addition, a concrete agent-based approach can provide a set of advantages over a non-agent-based one, which includes: better design practice; and automatic reconfigurability.This research work aims to investigate the applicability of stationary and mobile agent technology in multi-hop ad-hoc routing. Specifically, this research proposes a novel hybrid, metric-driven, agent-based routing protocol for multi-hop ad-hoc networks that will enhance current routing schemes. The novelties that are expected to be achieved include: maximum network performance, increased scalability, dynamic adaptation, Quality of Service (QoS), energy conservation, reconfigurability, and security. The underlying idea is based on the fact that stationary and mobile agents can be ideal candidates for such dynamic environments due to their advanced characteristics, and thus offer state of the art support in terms of organising the otherwise disoriented network into an efficient and flexible hierarchical structure, classifying the routing fitness of participating devices, and therefore allow intelligent routing decisions to be taken on that basis