Protecting mobile agents against malicious hosts.

by Sau-Koon Ng.Thesis (M.Phil.)--Chinese University of Hong Kong, 2000.Includes bibliographical references (leaves 100-112).Abstracts in English and Chinese.Chapter 1 --- Introduction --- p.1Chapter 1.1 --- Evolution of the mobile agent paradigm --- p.1Chapter 1.2 --- Terminology --- p.5Chapter 1.3 --- Beneficial aspects --- p.7Chapter 1.3.1 --- Autonomy --- p.7Chapter 1.3.2 --- Client customization --- p.8Chapter 1.3.3 --- Attendant and real time interactions --- p.8Chapter 1.4 --- Fundamental deployment bottleneck: security concern --- p.9Chapter 1.4.1 --- Risking the mobile agent hosts --- p.10Chapter 1.4.2 --- Risking the mobile agents --- p.11Chapter 1.4.3 --- The difficult problem --- p.12Chapter 1.5 --- Contribution of this thesis --- p.13Chapter 1.6 --- Structure of the thesis --- p.14Chapter 2 --- Understanding attacks and defense --- p.15Chapter 2.1 --- Introduction --- p.15Chapter 2.2 --- Understanding attacks --- p.16Chapter 2.2.1 --- The meaning of an attack --- p.16Chapter 2.2.2 --- An abstract model of attacks --- p.17Chapter 2.2.3 --- A survey of various attacks --- p.21Chapter 2.3 --- Understanding defense --- p.25Chapter 2.3.1 --- The meaning of defense --- p.25Chapter 2.3.2 --- Security requirements of defense --- p.26Chapter 2.3.3 --- A survey of protection schemes --- p.28Chapter 2.4 --- Concluding remarks --- p.40Chapter 3 --- Confidentiality in mobile agent systems --- p.42Chapter 3.1 --- Introduction --- p.42Chapter 3.2 --- Motivations --- p.43Chapter 3.2.1 --- Program comprehension --- p.44Chapter 3.2.2 --- Black-box testing --- p.45Chapter 3.3 --- Theory --- p.46Chapter 3.3.1 --- Assumptions --- p.46Chapter 3.3.2 --- Entropy of mobile agents --- p.46Chapter 3.3.3 --- Intention spreading by insertion --- p.49Chapter 3.3.4 --- Intention shrinking by splitting --- p.52Chapter 3.3.5 --- Nested spreading and shrinking --- p.55Chapter 3.4 --- Implementation possibilities --- p.55Chapter 3.4.1 --- Addition of irrelevant variables and conditional statements --- p.55Chapter 3.4.2 --- Splitting the cost function --- p.60Chapter 3.5 --- Security analysis --- p.63Chapter 3.5.1 --- Human inspection --- p.63Chapter 3.5.2 --- Automatic program comprehension --- p.64Chapter 3.6 --- Related work --- p.66Chapter 3.6.1 --- Time limited blackbox security --- p.66Chapter 3.6.2 --- Computing with encrypted function --- p.66Chapter 3.7 --- Applicability --- p.67Chapter 3.8 --- Further considerations --- p.68Chapter 3.8.1 --- Weaknesses --- p.68Chapter 3.8.2 --- Relationship with other approaches --- p.69Chapter 3.8.3 --- Further development --- p.71Chapter 3.9 --- Concluding remarks --- p.71Chapter 4 --- Anonymity in mobile agent systems --- p.73Chapter 4.1 --- Introduction --- p.73Chapter 4.2 --- Solutions to anonymity --- p.74Chapter 4.2.1 --- Mixing --- p.75Chapter 4.2.2 --- Group signatures --- p.76Chapter 4.3 --- Anonymous agents --- p.78Chapter 4.3.1 --- Anonymous connection --- p.78Chapter 4.3.2 --- Anonymous communication --- p.79Chapter 4.4 --- Concluding remarks --- p.84Chapter 5 --- Open issues --- p.86Chapter 5.1 --- Introduction --- p.86Chapter 5.2 --- Security issues --- p.86Chapter 5.2.1 --- Reachable problems --- p.87Chapter 5.2.2 --- Difficult problems --- p.88Chapter 5.3 --- Performance issues --- p.88Chapter 5.3.1 --- Complexity and strength --- p.89Chapter 5.3.2 --- An optimizing protocol --- p.90Chapter 5.4 --- Concluding remarks --- p.94Chapter 6 --- Conclusions --- p.9

Securing mobile agent in hostile environment.

by Mo Chun Man.Thesis (M.Phil.)--Chinese University of Hong Kong, 2001.Includes bibliographical references (leaves 72-80).Abstracts in English and Chinese.Chapter 1 --- INTRODUCTION --- p.1Chapter 1.1 --- The Mobile Agents --- p.2Chapter 1.2 --- The Mobile Agent Paradigm --- p.4Chapter 1.2.1 --- Initiatives --- p.5Chapter 1.2.2 --- Applications --- p.7Chapter 1.3 --- The Mobile Agent S ystem --- p.8Chapter 1.4 --- Security in Mobile Agent System --- p.9Chapter 1.5 --- Thesis Organization --- p.11Chapter 2 --- BACKGROUND AND FOUNDATIONS --- p.12Chapter 2.1 --- Encryption/Decryption --- p.12Chapter 2.2 --- One-way Hash Function --- p.13Chapter 2.3 --- Message Authentication Code (MAC) --- p.13Chapter 2.4 --- Homomorphic Encryption Scheme --- p.14Chapter 2.5 --- One-Round Oblivious Transfer --- p.14Chapter 2.6 --- Polynomial-time Algorithms --- p.14Chapter 2.7 --- Circuit --- p.15Chapter 3 --- SURVEY OF PROTECTION SCHEMES ON MOBILE AGENTS --- p.16Chapter 3.1 --- Introduction --- p.16Chapter 3.2 --- Detection Approaches --- p.17Chapter 3.2.1 --- Execution Traces --- p.17Chapter 3.2.2 --- Partial Result Encapsulation --- p.18Chapter 3.2.3 --- State Appraisal --- p.20Chapter 3.3 --- Prevention Approaches --- p.20Chapter 3.3.1 --- Sliding Encryption --- p.20Chapter 3.3.2 --- Tamper-resistant Hardware --- p.21Chapter 3.3.3 --- Multi-agent Cooperation --- p.22Chapter 3.3.4 --- Code Obfuscation --- p.23Chapter 3.3.5 --- Intention Spreading and Shrinking --- p.26Chapter 3.3.6 --- Encrypted Function Evaluation --- p.26Chapter 3.3.7 --- Black Box Test Prevention --- p.27Chapter 3.4 --- Chapter Summary --- p.29Chapter 4 --- TAXONOMY OF ATTACKS --- p.30Chapter 4.1 --- Introduction --- p.30Chapter 4.2 --- Whatis attack? --- p.31Chapter 4.3 --- How can attacks be done? --- p.32Chapter 4.4 --- Taxonomy of Attacks --- p.33Chapter 4.4.1 --- Purposeful Attack --- p.33Chapter 4.4.2 --- Frivolous Attack --- p.36Chapter 4.4.3 --- The Full Taxonomy --- p.38Chapter 4.5 --- Using the Taxonomy --- p.38Chapter 4.5.1 --- Match to Existing Protection Schemes --- p.38Chapter 4.5.2 --- Insight to Potential Protection Schemes --- p.41Chapter 4.6 --- Chapter Summary --- p.42Chapter 5 --- PROTECTION FOR REACTIVE MOBILE AGENTS --- p.43Chapter 5.1 --- Introduction --- p.43Chapter 5.2 --- The Model --- p.45Chapter 5.2.1 --- The Non-reactive and Reactive Mobile Agent Model --- p.45Chapter 5.2.2 --- The Computation Flow --- p.47Chapter 5.2.3 --- An Example --- p.49Chapter 5.3 --- tools --- p.51Chapter 5.3.1 --- Encrypted Circuit Construction --- p.51Chapter 5.3.2 --- Circuit Cascading --- p.53Chapter 5.4 --- Proposed Protection Scheme --- p.54Chapter 5.4.1 --- Two-hop Protocol --- p.55Chapter 5.4.2 --- Multi-hop Protocol --- p.60Chapter 5.5 --- Security Analysis --- p.60Chapter 5.5.1 --- Security under Purposeful Attacks --- p.61Chapter 5.5.2 --- Security under Frivolous Attacks --- p.62Chapter 5.6 --- Improvements --- p.62Chapter 5.6.1 --- Basic Idea --- p.63Chapter 5.6.2 --- Input Retrieval Protocol --- p.63Chapter 5.6.3 --- Combating Frivolous Attacks --- p.65Chapter 5.7 --- Further Considerations --- p.66Chapter 5.8 --- Chapter Summary --- p.67Chapter 6 --- CONCLUSIONS --- p.68APPENDIX --- p.71BIBLIOGRAPHY --- p.7

Mecanismo para evitar ataques por confabulación basados en code passing

Los agentes móviles son entidades software formadas por código, datos, itinerario y estado, que pueden migrar de host en host autónomamente ejecutando su código. A pesar de sus ventajas, los aspectos de seguridad restringen enormemente el uso de código móvil. La protección del agente ante ataques de hosts maliciosos, es el problema de seguridad más difícil de resolver en los sistemas de agentes móviles. En particular, los ataques por confabulación han sido poco estudiados en la literatura. Este paper presenta un mecanismo de protección ante ataques por confabulación basados en code passing. Nuestra propuesta es un Multi-Code Agent que contiene diferentes variantes del código para cada host. Una Trusted Third Party es la responsable de proporcionar la información para extraer cada variante, y de tomar referencias temporales que se usarán para veri car la coherencia temporal

Preemptive mobile code protection using spy agents

This thesis introduces 'spy agents' as a new security paradigm for evaluating trust in remote hosts in mobile code scenarios. In this security paradigm, a spy agent, i.e. a mobile agent which circulates amongst a number of remote hosts, can employ a variety of techniques in order to both appear 'normal' and suggest to a malicious host that it can 'misuse' the agent's data or code without being held accountable. A framework for the operation and deployment of such spy agents is described. Subsequently, a number of aspects of the operation of such agents within this framework are analysed in greater detail. The set of spy agent routes needs to be constructed in a manner that enables hosts to be identified from a set of detectable agent-specific outcomes. The construction of route sets that both reduce the probability of spy agent detection and support identification of the origin of a malicious act is analysed in the context of combinatorial group testing theory. Solutions to the route set design problem are proposed. A number of spy agent application scenarios are introduced and analysed, including: a) the implementation of a mobile code email honeypot system for identifying email privacy infringers, b) the design of sets of agent routes that enable malicious host detection even when hosts collude, and c) the evaluation of the credibility of host classification results in the presence of inconsistent host behaviour. Spy agents can be used in a wide range of applications, and it appears that each application creates challenging new research problems, notably in the design of appropriate agent route sets

Survival in the e-conomy: 2nd Australian information warfare & security conference 2001

This is an international conference for academics and industry specialists in information warfare, security, and other related fields. The conference has drawn participants from national and international organisations

A framework for the protection of mobile agents against malicious hosts

The mobility attribute of a mobile agent implies deployment thereof in untrustworthy environments, which introduces malicious host threats. The research question deals with how a security framework could be constructed to address the mentioned threats without introducing high costs or restraining the mobile agent's autonomy or performance. Available literature have been studied, analysed and discussed. The salient characteristics as well as the drawbacks of current solutions were isolated. Through this knowledge a dynamic mobile agent security framework was defined. The framework is based on the definition of multiple security levels, depending on type of deployment environment and type of application. A prototype was constructed and tested and it was found to be lightweight and efficient, giving developers insight into possible security threats as well as tools for maximum protection against malicious hosts. The framework outperformed other frameworks / models as it provides dynamic solutions without burdening a system with unnecessary security gadgets and hence paying for it in system cost and performanceComputingD.Phil