Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Modeling and Evaluation for Mobile Agents Anthony Chan and Michael Lyu The Chinese University of Hong Kong.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Modeling and Evaluation for Mobile Agents Anthony Chan and Michael Lyu The Chinese University of Hong Kong."— Presentation transcript:

1 Security Modeling and Evaluation for Mobile Agents Anthony Chan and Michael Lyu The Chinese University of Hong Kong

2 Classification of Mobile Code Ghezzi and Vigna’s classification of mobile code paradigms Know-how: the code to execute Resources: input/output for code execution Processor: abstract machine that holds the state of computation

3 Attack model of malicious hosts against mobile agents (Other agents) Environment Malicious Host Agent System call Read/manipulate properties; control execution Read/manipulate Model proposed by Fritz Hohl: Attacks scenarios that can be described: spy out and modify the whole data part of an agent spy out and modify the code part of an agent manipulate the code execution sequence of an agent manipulate the execution environment of an agent

4 Mobile agent application zAdvantages of developing the application using mobile agents over conventional client/server: yreduced network traffic for client: client (handheld PC) needs to handle only two network transmissions (agent sending and receiving) ynon-interactivity of client: client can be plugged to network, send agent, disconnect from network; then after a while reconnect at another physical location, and receive agent

5 Mobile Agent Security: A Closer Look zTwo facets of mobile agent security: yhost security xprotect hosts from malicious agents (code/data) xsimilar to remote evaluation and code on demand approaches yagent security xprotect agents from malicious hosts xa relatively new area in security research

6 Possible solutions zAn open research question zTwo cases: yclosed network: malicious hosts are identifiable xagent integrity checking xencrypted transmission xtime limiting techniques yopen network: malicious hosts are not identifiable

7 Open network zEncryption yneed to hide the code (algorithm) and data of agents so that any malicious hosts would not be able to tamper yone possible way would be “mobile cryptography” using probabilistic encryption zTime-limiting techniques ylimit the time for an agent to survive ysecurity modeling

8 Security Modeling Agent Host 1Host 2Host n … Assume: the time to breach the agent on host i is inversely exponential to the number of instructions carried out by host i the number of instructions carried out by a host is directly proportional to time

9 Security modeling Let an agent stays at host i for time T i, P(breach at host i) = 1 - exp(- i T i ), i is a constant Then the agent security, i.e., probability of no breach at all host, We may use this to measure the time we allow an agent to stay on a host, so that the agent is still safe up to a certain probability

Download ppt "Security Modeling and Evaluation for Mobile Agents Anthony Chan and Michael Lyu The Chinese University of Hong Kong."

Similar presentations

1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler

1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler
Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
A Fast Data Protection Technique for Mobile Agents to Avoid Attacks in Malicious Hosts Jesús Arturo Pérez Díaz Darío Álvarez Gutiérrez Department of Informatics.

A Fast Data Protection Technique for Mobile Agents to Avoid Attacks in Malicious Hosts Jesús Arturo Pérez Díaz Darío Álvarez Gutiérrez Department of Informatics.
Denial of Service in Sensor Networks Szymon Olesiak.

Denial of Service in Sensor Networks Szymon Olesiak.
Mobile Agents Integrity in E-commerce Applications Antonio Corradi, Rebecca Montanari {acorradi, University of Bologna - Italy.

Mobile Agents Integrity in E-commerce Applications Antonio Corradi, Rebecca Montanari {acorradi, University of Bologna - Italy.
The Mobile Code Paradigm and Its Security Issues Anthony Chan and Michael Lyu September 27, 1999.

The Mobile Code Paradigm and Its Security Issues Anthony Chan and Michael Lyu September 27, 1999.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee 2007. 04. 23.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
Software Certification and Attestation Rajat Moona Director General, C-DAC.

Software Certification and Attestation Rajat Moona Director General, C-DAC.
By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)

By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)
Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1
18/03/2007Obfuscation 1 Software protection Mariano Ceccato FBK - Fondazione Bruno Kessler

18/03/2007Obfuscation 1 Software protection Mariano Ceccato FBK - Fondazione Bruno Kessler
LYU9905 Security in Mobile Agent E- Commerce Systems Prepared by : Wong Ka Ming, Caris Wong Tsz Yeung, Ah Mole Supervisor : LYU Rung Tsong Michael.

LYU9905 Security in Mobile Agent E- Commerce Systems Prepared by : Wong Ka Ming, Caris Wong Tsz Yeung, Ah Mole Supervisor : LYU Rung Tsong Michael.
Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.

Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
LYU9905 Security in Mobile Agent E-Commerce Systems Prepared by : Wong Ka Ming, Caris Wong Tsz Yeung, Ah Mole Supervisor :LYU Rung Tsong Michael.

LYU9905 Security in Mobile Agent E-Commerce Systems Prepared by : Wong Ka Ming, Caris Wong Tsz Yeung, Ah Mole Supervisor :LYU Rung Tsong Michael.
Design, Implementation, and Experimentation on Mobile Agent Security for Electronic Commerce Applications Anthony H. W. Chan, Caris K. M. Wong, T. Y. Wong,

Design, Implementation, and Experimentation on Mobile Agent Security for Electronic Commerce Applications Anthony H. W. Chan, Caris K. M. Wong, T. Y. Wong,
Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (http://www.cs.umn.edu/Ajanta/publications.html)http://www.cs.umn.edu/Ajanta/publications.html.

Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (
LYU9905 Security in Mobile Agent E-Commerce Systems Prepared by : Wong Ka Ming, Caris Wong Tsz Yeung, Ah Mole Supervisor :LYU Rung Tsong Michael Date :

LYU9905 Security in Mobile Agent E-Commerce Systems Prepared by : Wong Ka Ming, Caris Wong Tsz Yeung, Ah Mole Supervisor :LYU Rung Tsong Michael Date :
The Mobile Code Paradigm and Its Security Issues Anthony Chan September 13, 1999.

The Mobile Code Paradigm and Its Security Issues Anthony Chan September 13, 1999.

Similar presentations

Ads by Google