Resilience of multi-robot systems to physical masquerade attacks

The advent of autonomous mobile multi-robot systems has driven innovation in both the industrial and defense sectors. The integration of such systems in safety-and security-critical applications has raised concern over their resilience to attack. In this work, we investigate the security problem of a stealthy adversary masquerading as a properly functioning agent. We show that conventional multi-agent pathfinding solutions are vulnerable to these physical masquerade attacks. Furthermore, we provide a constraint-based formulation of multi-agent pathfinding that yields multi-agent plans that are provably resilient to physical masquerade attacks. This formalization leverages inter-agent observations to facilitate introspective monitoring to guarantee resilience.Accepted manuscrip

Masquerade attack detection through observation planning for multi-robot systems

The increasing adoption of autonomous mobile robots comes with a rising concern over the security of these systems. In this work, we examine the dangers that an adversary could pose in a multi-agent robot system. We show that conventional multi-agent plans are vulnerable to strong attackers masquerading as a properly functioning agent. We propose a novel technique to incorporate attack detection into the multi-agent path-finding problem through the simultaneous synthesis of observation plans. We show that by specially crafting the multi-agent plan, the induced inter-agent observations can provide introspective monitoring guarantees; we achieve guarantees that any adversarial agent that plans to break the system-wide security specification must necessarily violate the induced observation plan.Accepted manuscrip

On the Relationship between Strand Spaces and Multi-Agent Systems

Strand spaces are a popular framework for the analysis of security protocols. Strand spaces have some similarities to a formalism used successfully to model protocols for distributed systems, namely multi-agent systems. We explore the exact relationship between these two frameworks here. It turns out that a key difference is the handling of agents, which are unspecified in strand spaces and explicit in multi-agent systems. We provide a family of translations from strand spaces to multi-agent systems parameterized by the choice of agents in the strand space. We also show that not every multi-agent system of interest can be expressed as a strand space. This reveals a lack of expressiveness in the strand-space framework that can be characterized by our translation. To highlight this lack of expressiveness, we show one simple way in which strand spaces can be extended to model more systems.Comment: A preliminary version of this paper appears in the Proceedings of the 8th ACM Conference on Computer and Communications Security,200

Adding X-security to Carrel: security for agent-based healthcare applications

The high growth of Multi-Agent Systems (MAS) in Open Networks with initiatives such as Agentcities1 requires development in many different areas such as scalable and secure agent platforms, location services, directory services, and systems management. In our case we have focused our effort on security for agent systems. The driving force of this paper is provide a practical vision of how security mechanisms could be introduced for multi-agent applications. Our case study for this experiment is Carrel [9]: an Agent-based application in the Organ and Tissue transplant domain. The selection of this application is due to its characteristics as a real scenario and use of high-risk data for example, a study of the 21 most visited health-related web sites on the Internet discovered that personal information provided at many of the sites was being inadvertently leaked for unauthorized persons. These factors indicate to us that Carrel would be a suitable environment in order to test existing security safeguards. Furthermore, we believe that the experience gathered will be useful for other MAS. In order to achieve our purpose we describe the design, architecture and implementation of security elements on MAS for the Carrel System.Postprint (published version

Developing a security mechanism for software agents

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2006Includes bibliographical references (leaves: 73-76)Text in English; Abstract: Turkish and Englishx 76 leavesThis thesis proposes a message security solution on multi-agent systems. A general security analysis based on properties of software agents is presented along with an overview of security measures applicable to multi-agent systems. A security design and implementation has been developed to protect communication among agents. And this implementation scheme has been applied to Seagent, a semantic web enabled multi-agent framework. Hence, a set of agent security mechanisms have been adapted for Seagent and have been implemented for message confidentiality, integrity, authentication and nonrepudiation. Then these mechanisms have been tested for communication performance on Seagent

How Physicality Enables Trust: A New Era of Trust-Centered Cyberphysical Systems

Multi-agent cyberphysical systems enable new capabilities in efficiency, resilience, and security. The unique characteristics of these systems prompt a reevaluation of their security concepts, including their vulnerabilities, and mechanisms to mitigate these vulnerabilities. This survey paper examines how advancement in wireless networking, coupled with the sensing and computing in cyberphysical systems, can foster novel security capabilities. This study delves into three main themes related to securing multi-agent cyberphysical systems. First, we discuss the threats that are particularly relevant to multi-agent cyberphysical systems given the potential lack of trust between agents. Second, we present prospects for sensing, contextual awareness, and authentication, enabling the inference and measurement of ``inter-agent trust" for these systems. Third, we elaborate on the application of quantifiable trust notions to enable ``resilient coordination," where ``resilient" signifies sustained functionality amid attacks on multiagent cyberphysical systems. We refer to the capability of cyberphysical systems to self-organize, and coordinate to achieve a task as autonomy. This survey unveils the cyberphysical character of future interconnected systems as a pivotal catalyst for realizing robust, trust-centered autonomy in tomorrow's world

A survey of security issue in multi-agent systems

Multi-agent systems have attracted the attention of researchers because of agents' automatic, pro-active, and dynamic problem solving behaviors. Consequently, there has been a rapid development in agent technology which has enabled us to provide or receive useful and convenient services in a variety of areas such as banking, transportation, e-business, and healthcare. In many of these services, it is, however, necessary that security is guaranteed. Unless we guarantee the security services based on agent-based systems, these services will face significant deployment problems. In this paper, we survey existing work related to security in multi-agent systems, especially focused on access control and trust/reputation, and then present our analyses. We also present existing problems and discuss future research challenges. © Springer Science+Business Media B.V 2011

Agent fabrication and its implementation for agent-based electronic commerce

In the last decade, agent-based e-commerce has emerged as a potential role for the next generation of e-commerce. How to create agents for e-commerce applications has become a serious consideration in this field. This paper proposes a new scheme named agent fabrication and elaborates its implementation in multi-agent systems based on the SAFER (Secure Agent Fabrication, Evolution & Roaming) architecture. First, a conceptual structure is proposed for software agents carrying out e-commerce activities. Furthermore, agent module suitcase is defined to facilitate agent fabrication. With these definitions and facilities in the SAFER architecture, the formalities of agent fabrication are elaborated. In order to enhance the security of agent-based e-commerce, an infrastructure of agent authorization and authentication is integrated in agent fabrication. Our implementation and prototype applications show that the proposed agent fabrication scheme brings forth a potential solution for creating agents in agent-based e-commerce applications