Towards Time Limited Secure Agent Execution on Malicious Host: A Concept Paper

Absolute protection of mobile agents from attacks by malicious hosts is an open research problem. We propose a software based paradigm whereby an agent is protected from various static and dynamic attacks from a malicious host of an unknown hardware configuration, for a specific period of time. This time interval is computed by restricting the maximum resources that may be available to the adversary and the time complexity of the critical static and dynamic attacks that it may launch. We employ the technique of oblivious hashing (OH) using overlapped instructions, with pointer aliasing to thwart static analysis and instant code modifications. The host is required to obtain the aggregate OH value of the whole agent by executing it in an unobtrusive environment and to send it back to the agent originator within the specified time interval. To provide unobtrusive environment, we employ various x86 platform specific techniques and external timing analysis to thwart major dynamic attack tools like debuggers, virtual machines and emulators. The resulting increase in resilience to static and dynamic attacks compounds the difficulty of a malicious host to manipulate agent's execution, thus increasing the reliability of the agent system.

[1]  Peter Ferrie Attacks on Virtual Machine Emulators , 2007 .

[2]  Juan A. Garay,et al.  Software integrity protection using timed executable agents , 2006, ASIACCS '06.

[3]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[4]  William Landi,et al.  Undecidability of static analysis , 1992, LOPL.

[5]  Hyunsoo Yoon,et al.  Tamper Resistant Software by Integrity-Based Encryption , 2004, PDCAT.

[6]  Christopher Krügel,et al.  Detecting System Emulators , 2007, ISC.

[7]  Atsuko Miyaji,et al.  Software Obfuscation on a Theoretical Basis and Its Implementation , 2003, IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences.

[8]  Ramarathnam Venkatesan,et al.  Oblivious Hashing: A Stealthy Software Integrity Verification Primitive , 2002, Information Hiding.

[9]  Barbara G. Ryder,et al.  Pointer-induced aliasing: a problem classification , 1991, POPL '91.

[10]  Michael K. Reiter,et al.  Minimal TCB Code Execution , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[11]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[12]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[13]  Leah H. Jamieson,et al.  Establishing the Genuinity of Remote Computer Systems , 2003, USENIX Security Symposium.

[14]  Jim Alves-Foss,et al.  The use of encrypted functions for mobile agent security , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[15]  Danny Quist Valsmith Covert Debugging Circumventing Software Armoring Techniques , 2007 .

[16]  Evan R. Sparks A Security Assessment of Trusted Platform Modules , 2007 .

[17]  Stephen Taylor,et al.  Software Protection through Anti-Debugging , 2007, IEEE Security & Privacy.

[18]  Jack W. Davidson,et al.  Protection of software-based survivability mechanisms , 2001, 2001 International Conference on Dependable Systems and Networks.

[19]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[20]  Eldad Eilam,et al.  Reversing: Secrets of Reverse Engineering , 2005 .

[21]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[22]  Paul C. van Oorschot,et al.  A generic attack on checksumming-based software tamper resistance , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[23]  G. Ramalingam,et al.  The undecidability of aliasing , 1994, TOPL.

[24]  Ramarathnam Venkatesan,et al.  Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings , 2007, MM&Sec.

[25]  Amit Vasudevan,et al.  Stealth breakpoints , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[26]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.