Protecting mobile agents by using traceability techniques

Mobile agents are software entities consisting of code and data that can migrate autonomously from host to host executing their code. Despite its benefits, security issues strongly restrict the use of code mobility. The protection of mobile agents against the attacks of malicious hosts is considered the most difficult security problem to solve in mobile agent systems. The approach that is presented detects manipulation attacks performed during the agent's execution. This approach also traces the malicious hosts responsible for the manipulation attacks. Software watermarking techniques are used in order to embed a mark into the agent. The agent's execution creates marked results. When the agent returns to the origin host, these results are examined in order to find the embedded mark. If the mark has changed, this means that the executing host has modified the agent.

[1]  Joe Kilian,et al.  One-Round Secure Computation and Secure Autonomous Mobile Agents , 2000, ICALP.

[2]  Jean-Jacques Quisquater,et al.  Robust Object Watermarking: Application to Code , 1999, Information Hiding.

[3]  Joann J. Ordille,et al.  When agents roam, who can you trust? , 1996, Proceedings of COM'96. First Annual Conference on Emerging Technologies and Applications in Communications.

[4]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[5]  Jan Camenisch,et al.  Cryptographic security for mobile code , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[6]  Jean-Jacques Quisquater,et al.  Towards a Practical Secure Framework for Mobile Code Commerce , 2000, ISW.

[7]  Fritz Hohl,et al.  Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts , 1998, Mobile Agents and Security.

[8]  Robbert van Renesse,et al.  Cryptographic support for fault-tolerant distributed computing , 1996, EW 7.

[9]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[10]  Christian S. Collberg,et al.  Software watermarking: models and dynamic embeddings , 1999, POPL '99.

[11]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[12]  Bruce Schneier,et al.  Environmental Key Generation Towards Clueless Agents , 1998, Mobile Agents and Security.