Towards time limited secure agent execution on malicious host: A concept paper

Sarosh Hashmi, John Brooke

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Absolute protection of mobile agents from attacks by malicious hosts is an open research problem. We propose a software based paradigm whereby an agent is protected from various static and dynamic attacks from a malicious host of an unknown hardware configuration, for a specific period of time. This time interval is computed by restricting the maximum resources that may be available to the adversary and the time complexity of the critical static and dynamic attacks that it may launch. We employ the technique of oblivious hashing (OH) using overlapped instructions [1], with pointer aliasing to thwart static analysis and instant code modifications. The host is required to obtain the aggregate OH value of the whole agent by executing it in an unobtrusive environment and to send it back to the agent originator within the specified time interval. To provide unobtrusive environment, we employ various x86 platform specific techniques and external timing analysis to thwart major dynamic attack tools like debuggers, virtual machines and emulators. The resulting increase in resilience to static and dynamic attacks compounds the difficulty of a malicious host to manipulate agent's execution, thus increasing the reliability of the agent system. © 2008 IEEE.
Original languageEnglish
Title of host publicationProceedings - 2008 IFIP International Conference on Network and Parallel Computing, NPC 2008|Proc. - IFIP Int. Conf. Netw. Parallel Comput., NPC
Pages155-162
Number of pages7
DOIs
Publication statusPublished - 2008
Event2008 IFIP International Conference on Network and Parallel Computing, NPC 2008 - Shanghai
Duration: 1 Jul 2008 → …

Conference

Conference2008 IFIP International Conference on Network and Parallel Computing, NPC 2008
CityShanghai
Period1/07/08 → …

Keywords

  • agent system reliability
  • external timing analysis
  • malicious host
  • mobile agents protection
  • oblivious hashing
  • static attacks
  • thwart static analysis
  • time limited secure agent execution
  • virtual machines
  • mobile agents
  • multi-agent systems
  • security of data
  • software reliability

Fingerprint

Dive into the research topics of 'Towards time limited secure agent execution on malicious host: A concept paper'. Together they form a unique fingerprint.

Cite this