Abstract
Mobile agents are software entities consisting of code, data and state that can migrate autonomously from host to host executing their code. Unfortunately, security issues restrict the use of mobile agents despite its benefits. The protection of mobile agents against the attacks of malicious hosts is considered the most difficult security problem to solve in mobile agent systems. In a previous work, the Mobile Agent Watermarking approach (MAW) was presented as a new attack detection technique based on embedding a fixed watermark into the agent’s code. In this paper, some improvements are introduced in MAW. Instead of a fixed watermark, the origin host embeds a watermark that can change dynamically during execution. In each host, the marked code creates a data container where the watermark will be transferred and the results will be hidden. When the agent returns home, the origin host applies a set of integrity rules that the containers must fulfill. These rules can be inferred from the modifications performed in the agent’s code during the watermark embedding. If a container does not fulfill the rules, this means that the corresponding host is malicious. This paper also presents how these containers can be used as a proof to demonstrate that a manipulation attack has been performed.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Collberg, C., Thomborson, C.: Software watermarking: Models and dynamic embeddings. In: Principles of Programming Languages 1999, POPL 1999 (1999)
Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscating transformations. Technical Report 148, The University of Auckland (1997)
Esparza, O., Fernandez, M., Soriano, M., Muñoz, J.L., Forné, J.: Mobile agent watermarking and fingerprinting: tracing malicious hosts. In: Mařík, V., Štěpánková, O., Retschitzegger, W. (eds.) DEXA 2003. LNCS, vol. 2736, pp. 927–936. Springer, Heidelberg (2003)
Esparza, O., Soriano, M., Muñoz, J.L., Forné, J.: Host Revocation Authority: a Way of Protecting Mobile Agents from Malicious Hosts. In: Cueva Lovelle, J.M., Rodríguez, B.M.G., Gayo, J.E.L., Ruiz, M.d.P.P., Aguilar, L.J. (eds.) ICWE 2003. LNCS, vol. 2722, Springer, Heidelberg (2003)
Esparza, O., Soriano, M., Muñoz, J.L., Forné, J.: Implementation and Performance Evaluation of a Protocol for Detecting Suspicious Hosts. In: Horlait, E., Magedanz, T., Glitho, R.H. (eds.) MATA 2003. LNCS, vol. 2881, pp. 286–295. Springer, Heidelberg (2003)
Hohl, F.: Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, p. 92. Springer, Heidelberg (1998)
Minsky, Y., van Renesse, R., Schneider, F., Stoller, S.D.: Cryptographic Support for Fault-Tolerant Distributed Computing. In: Seventh ACM SIGOPS European Workshop (1996)
Mir, J., Borrell, J.: Protecting Mobile Agent Itineraries. In: Horlait, E., Magedanz, T., Glitho, R.H. (eds.) MATA 2003. LNCS, vol. 2881, pp. 275–285. Springer, Heidelberg (2003)
Roth, V.: Mutual protection of cooperating agents. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, Springer, Heidelberg (1999)
Sander, T., Tschudin, C.F.: Protecting mobile agents against malicious hosts. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, p. 44. Springer, Heidelberg (1998)
Vigna, G.: Cryptographic traces for mobile agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, p. 137. Springer, Heidelberg (1998)
Yee, B.S.: A sanctuary for mobile agents. In: DARPA workshop on foundations for secure mobile code (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Esparza, O., Soriano, M., Muñoz, J.L., Forné, J. (2004). Detecting and Proving Manipulation Attacks in Mobile Agent Systems. In: Karmouch, A., Korba, L., Madeira, E.R.M. (eds) Mobility Aware Technologies and Applications. MATA 2004. Lecture Notes in Computer Science, vol 3284. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30178-3_21
Download citation
DOI: https://doi.org/10.1007/978-3-540-30178-3_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23423-4
Online ISBN: 978-3-540-30178-3
eBook Packages: Springer Book Archive