Abstract
The use of mobile agents seems the natural way to improve the network conditions to provide an easy access to future services. Unfortunately, there are some security constraints that avoid a massive use of mobile agents systems. The protection of mobile agents against the attacks of malicious hosts is considered by far the most difficult security problem to solve in mobile agent systems.
This paper introduces some techniques that aim to solve the problem of the malicious hosts. This paper improves some aspects of the most widely known attack detection technique, the cryptographic traces approach. This approach presents some major drawbacks that can be solved by means of a Suspicious Detection Protocol. Additionally, this paper introduces some other protocols that can be used to punish the malicious host by using a Third Trusted Party, the Host Revocation Authority.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abadi, M. and Needham, R., “Prudent Engineering Practice for Cryptographic Protocols,”Research Rreport 125, Digital Equipment Corporation, 1994.
Esparza, O., Soriano, M., Muñoz, J.L. and Forné, J., “A Protocol for Detecting Malicious Hosts Based on Limiting the Execution Time of Mobile Agents,” inIEEE Symposium on Computers and Communications—ISCC 2003, 2003.
Esparza, O., Soriano, M., Muñoz, J.L. and Forné, J., “Host Revocation Authority: A Way of Protecting Mobile Agents from Malicious Hosts,” inInternational Conference on Web Engineering (ICWE 2003), LNCS, 2722, Springer-Verlag, 2003.
Esparza, O., Soriano, M., Muñoz, J.L. and Forné, J., “Implementation and Performance Evaluation of a Protocol for Detecting Suspicious Hosts,” inMobile Agents for Telecommunication Applications (MATA’03), LNCS, 2881, Springer-Verlag, 2003.
Farmer, W.M., Guttman, J.D. and Swarup, V., “Security for Mobile Agents: Issues and Requirements,” in19th National Information Systems Security Conference, 1996.
Hohl, F., “Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts,” inMobile Agents and Security, LNCS, 1419, Springer-Verlag, 1998.
Hohl, F., “A Framework to Protect Malicious Hosts Attacks by Using Reference States,” inInternational Conference on Distributed Computing Systems (ICDCS), 2000.
Jansen, W. and Karygiannis, T., “Mobile Agent Security,”Special Publication, National Institute of Standards and Technology (NIST), pp. 800–819, 1999.
Maña, A., Lopez, J., Ortega, J.J., Pimentel, E. and Troya, J.M., “A Framework for Secure Execution of Software,”International Journal of Information Security, 3, 2, pp. 99–112, 2004.
Minsky, Y., Renesse, R. Schneider, van F. and Stoller, S.D., “Cryptographic Support for Fault-Tolerant Distributed Computing,” inSeventh ACM SIGOPS European Workshop, 1996.
Ordille, J., “When Agents Roam, Who Can You Trust?,”Technical Report, Computing Science Research Center, Bell Labs, 1996.
Roth, V., “Mutual Protection of Cooperating Agents,” inSecure Internet Programming: Security Issues for Mobile and Distributed Objects, LNCS, 1906, Springer-Verlag, 1999.
Roth, V., “On the Robustness of Some Cryptographic Protocols for Mobile Agent Protection,” inInternational Conference on Mobile Agents, LNCS, 2240, Springer-Verlag, 2001.
Sander, T. and Tschudin, C.F., “Protecting Mobile Agents against Malicious Hosts,” inMobile Agents and Security, LNCS, 1419, Springer-Verlag, 1998.
Vigna, G., “Protecting Mobile Agents through Tracing,” inProc. of the Third International Workshop on Mobile Object Systems, 1997.
Vigna, G., “Cryptographic Traces for Mobile Sgents,” inMobile Agents and Security, LNCS, 1419, Springer-Verlag, 1998.
Yee, B.S., “A Sanctuary for Mobile Agents,” inDARPA Workshop on Foundations for Secure Mobile Code, 1997.
Yu, C.M. and Ng, K.W., “A Flexible Tamper-detection Protocol for Mobile Agents on Open Networks,” inInternational Conference of Information and Knowledge Engineering (IKE’02), 2002.
Author information
Authors and Affiliations
Additional information
Oscar Esparza, Ph.D.: He was born in Viladecans (Spain) in 1975. In 1999, he received his M.S. Degree in Telecommunication Engineering in the Technical University of Catalonia (UPC). In the same year he joined the AUNA Switching Engineering Department. Since 2001 he works as Assistant Professor in the Department of Telematics Engineering of the UPC. In 2004, he received the Ph.D. Degree in Mobile Agent Security.
Jose L. Muñoz, Ph.D.: He was born in Terrassa (Spain) in 1975. In 1999, he received the M.S. Degree in Telecommunication Engineering in the Technical University of Catalonia (UPC). In the same year he joined the AUNA Switching Engineering Department. Since 2000 he works as Assistant Professor in the Department of Telematics Engineering of the UPC. In 2003, he received the Ph.D. Degree in Network Security.
Miguel Soriano, Ph.D.: He was born in Barcelona in 1967. He received his M.S. degree in Telecommunications Engineering in the Technical University of Catalonia (UPC) in 1992, and the Ph.D. Degree in 1996. In 1991, he joined the Cryptography and Network Security Group at the Department of Applied Mathematics and Telematics. Currently working as an Associate Professor in the Department of Telematics Engineering of the UPC.
Jordi Forné, Ph.D.: He was born in Barcelona in 1967. He received his M.S. degree in Telecommunications Engineering in the Technical University of Catalonia (UPC) in 1992, and the Ph.D. Degree in 1997. In 1991, he joined the Cryptography and Network Security Group at the Department of Applied Mathematics and Telematics. Currently working as an Associate Professor in the Department of Telematics Engineering of the UPC.
About this article
Cite this article
Esparza, O., Muñoz, J.L., Soriano, M. et al. Punishing malicious hosts with the cryptographic traces approach. New Gener Comput 24, 351–376 (2006). https://doi.org/10.1007/BF03037399
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF03037399