Abstract
Mobile agent technology is an evolving paradigm that combines the inherent characteristics of intelligent agents, namely, adaptability, reactivity and autonomy with mobility. These characteristics of mobile agents provide an excellent means of meeting the distributed and heterogeneous requirements for many electronic commerce applications involving low bandwidth and intermittently connected networks. However, the lack of security in the form of code confidentiality renders this paradigm unsuitable for commercial software. In this paper, we address the problem of mobile agent security by proposing a novel method of mobile agent obfuscation using the concept of opaque predicates to prevent adversaries from observing the control flow of agent code. We discuss about the efficiency of our proposed methodology by demonstrating that to an adversary, the problem of determining the outcome of such opaque predicates is often intractable.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Collberg, C., Thomborson, C., Low, D.: Manufacturing Cheap, Resilient, and Stealthy Opaque Constructs. In: Proceedings of 1998 ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 1998 (1998)
Sander, T., Tschudin, C.F.: Protecting mobile agents against malicious hosts. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, p. 44. Springer, Heidelberg (1998)
Hohl, F.: Time limited blackbox security: Protecting mobile agents from malicious hosts. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, Springer, Heidelberg (1998)
Sakabe, Y., Masakazu, S., Miyaji, A.: Java obfuscation with a theoretical basis for building secure mobile agents. In: Lioy, A., Mazzocchi, D. (eds.) CMS 2003. LNCS, vol. 2828, pp. 89–103. Springer, Heidelberg (2003)
Wang, C., Hill, J., Knight, J.C., Davidson, J.W.: Protection of software-based survivability mechanisms. In: Proceedings of the 2001 conference on Dependable Systems and Networks, IEEE Computer Society, Los Alamitos (2001)
Horwitz, S.: Precise Flow-insensitive may-alias in NP-hard. ACM Transactions on Programming Languages and Systems (TOPLAS) 19(1) (1997)
Hind, M., Burke, M., Carini, P., Choi, J.D.: Interprocedural pointer alias analysis. ACM Transactions on Programming Languages and Systems (TOPLAS) 21(4) (1999)
Rugina, R., Rinard, M.: Pointer analysis for multithreaded programs. In: Proceedings of 1999 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 1999), Atlanta, GA, USA (1999)
Salcianu, A., Rinard, M.: Pointer and escape analysis for multithreaded programs. In: Proceedings of the 2001 ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming (PPOPP 2001), Snowbird, UT, USA (2001)
Whaley, J., Rinard, M.: Compositional pointer and escape analysis for Java programs. In: Proceedings of the 1999 ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages & Applications (OOPSLA 1999), Denver, CO, USA (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Majumdar, A., Thomborson, C. (2005). Securing Mobile Agents Control Flow Using Opaque Predicates. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2005. Lecture Notes in Computer Science(), vol 3683. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11553939_149
Download citation
DOI: https://doi.org/10.1007/11553939_149
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28896-1
Online ISBN: 978-3-540-31990-0
eBook Packages: Computer ScienceComputer Science (R0)