Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Addressing Mobile Agent Security through Agent Collaboration

  • Jean, Evens (Computer Science & Engineering, The Pennsylvania State University) ;
  • Jiao, Yu (Computational Sciences and Engineering Division, Oak Ridge National Laboratory Oak Ridge) ;
  • Hurson, Ali-R. (Computer Science & Engineering, The Pennsylvania State University)
  • Published : 2007.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

The use of agent paradigm in today's applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

Keywords

References

  1. R. Becker, D. D. Corkill, "Determining Confidence When Integrating Contributions from Multiple Agents" In Sixth International Joint Conference on Autonomous Agents and Multi-Agent Systems (AAMAS 2007), Honolulu, Hawaii, May 2007
  2. E. Bierman, E. Cloete, "Classification of Malicious Host Threats in Mobile Agent Computing" In Proceedings of SAICSIT, 2002, pp.141-148
  3. P.-C. Chen, X. Fan, S. Zhu, J. Yen. "Boosting-based learning agents for experience classification" In Proceedings of the 2006 IEEE/WIC/ACM International Conference on Intelligent Agent Technology, pp. 385-388, 2006
  4. J. Claessens, B. Preneel, J. Vandewalle, "(How) Can Mobile Agents Do Secure Electronic Transactions on Untrusted Hosts? A Survey of the Security Issues and the Current Solutions" In ACM Transactions on Internet Technology, 3(1): 28-48, 2003 https://doi.org/10.1145/643477.643479
  5. K. Deeter, K. Singh, S. Wilson, L. Filipozzi, S Vuong. "APHIDS: A Mobile Agent-Based Programmable Hybrid Intrusion Detection System" MATA 2004, LNCS 3284, pp. 244-253, 2004. (c) Springer-Verlag Berlin Heidelberg 2004 https://doi.org/10.1007/b101423
  6. W. Diffie, M. E. Hellman. "New Directions in Cryptography" In IEEE Transactions on Information Theory, vol. IT-22: 644-654, 1976 https://doi.org/10.1109/TIT.1976.1055638
  7. O. Esparz, M. Fernandez, M. Soriano, "Protecting mobile agents by using traceability techniques" In IEEE (c) 2003
  8. Y. Freund. Boosting a weak learning algorithm by majority. In Information and Computation, 121: 256-285, 1995 https://doi.org/10.1006/inco.1995.1136
  9. M. S. Greenberg, J. C. Byington, T. Holding, D. G. Harper "Mobile Agents and Security" In IEEE Communications Magazine, 1998
  10. T. Hastie, R. Tibshirani, J. H. Friedman. The Elements of Statistical Learning. Springer, 2001
  11. K. E. B. Hickman "Secure Socket Library" Netscape Communications Corp., Internet Draft RFC (1995)
  12. W. Jansen, T. Karygiannis, "NIST Special Publication 800-19 - Mobile Agent Security" National Institute of Standards and Technology, 2000
  13. JCE Internet Reference Guide. (n.d). Retrieved December 5th 2006, from http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html
  14. E. Jean, Y. Jiao, A. R. Hurson, T. E. Potok "SAS: A secure aglet server" In Proceedings of Computer Security Conference 2007
  15. E. Jean, Y. Jiao, A. R. Hurson, T. E. Potok "Boosting-based Distributed Adaptive Security-Monitoring through Agent Collaboration" In Second International Workshop on Agent and Data Mining Interaction ADMI 2007
  16. Y. Jiao, A. R. Hurson, "Application of mobile agents in mobile data access systems: A prototype" In Journal of Database Management, 15(4): 1-24, 2004
  17. JSSE Internet Reference Guide. (n.d). Retrieved December 5th 2006, from http://java.sun.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html
  18. D. B. Lange, M. Oshima. Programming and deploying Java mobile agents with Aglets. Addison-Wesley, 1998
  19. A. Patcha, J.-M. Park. "An overview of anomaly detection techniques: Existing solutions and latest technological trends" In Computer Networks: The International Journal of Computer and Telecommunications Networking. Vol. 51, Issue 12 (August 2007) pp. 3448-3470
  20. R. E. Schapire. The strength of weak learnability. Machine Learning, 5(2):197-227, 1990 https://doi.org/10.1007/BF00116037
  21. C. F. Tschudin. "Mobile Agent Security" In Intelligent Information Agents: Agent-Based Information Discovery and Management on the Internet, M. Klusch, Ed., Springer-Verlagu, New York, 1999, Chapter 18 pp. 431-446
  22. I. H. Witten, E. Frank. Data Mining: Practical machine learning tools and techniques 2nd Edition, Morgan Kaufmann, San Francisco, 2005
  23. Y.-S. Wu, B. Foo, Y. Mei, S. Bagchi. "Collaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS" In Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003) (c) 2003 IEEE

Cited by

  1. PERCEPOLIS: Pervasive Cyberinfrastructure for Personalized Learning and Instructional Support vol.02, pp.10, 2010, https://doi.org/10.4236/iim.2010.210067