Distributed pursuit-evasion: some aspects of privacy and security in distributed computing

We propose and study the following pursuit-evation problem in distributed environments: Members of a team of guards (e.g. antivirus programs) traverse the links of a network represented by a graph G, in pursuit of a fugitive (e.g. a worm) which moves along the links of the graph without any other knowledge about the lccations of the quards than whatever it can collect as it moves (e.g. the worm is oblivious to dynamic network behaviour). The fugitive’s purpose is just to read local information at each node and to stay in the net as long as possible. When a guard meets the fugitive, the fugitive is destroyed. We combinatorially characterize and compare such problems, and we present network protocols that allow an eficient (in terms of number of guards and messages) elimination of the fugitive. Note that the problem we study is fundamentally different from distributed graph searching, since the fugitive does not know the locations of the guards. Security of networks has triggered a number of fundamental studies in recent years. [Franklin et al. 93] considered the problem of maintaining privacy in a network that is threatened by mobile eavesdroppers, i.e. by an adversary that can move its bugging equipment within the system. Mobile adversaries in the context of secure computation were introduced by Ostrovsky and Yung ([Ostrovsky, Yung 91]). We also adopt here the notion of a mobile” eavesdropper” which moves in the network without having available to it an instantaneous description of the whole network state. Unlike previous studies, however, our goal here is to describe network protocols which result in the elimination of the mobile adversary. Our assumption is that the network links can be also traversed by mobile guards (e.g. anti-virus software), any of which