Download presentation
Presentation is loading. Please wait.
1
Protection of Agent Teamwork By Jeremy Hall
2
Agent Teamwork Overview ● Mobile agent framework AgentTeamwork 2 is a mobile-agent based middleware system for coordinating distributed jobs in a computational community of computer owners. ● Java
3
Protection Scenarios ● Memory Scans ● Memory dumps
4
Project Goals ● Professor Fukuda Protect actual code: per-method encryption Never allow entirety of program to be unencrypted Implement just-in-time decryption. ● Myself Agent teamwork is a big project. ● Impact the implementation of encrypted Java classes as little as possible. ● Impact users of encrypted Java classes as little as possible.
5
Solution Overview ● Step 0: Compile normal Java class. ● Step 1: Create encrypted class by using a custom class loader. ● Step 2: Running the encrypted class.
6
Step 1: Creation ● Start from compiled.class file ● Use Javassist 1 library to manipulate Java bytecode. ● Generate a proxy of the original class Create a new class at run-time. Copy original class's inherited class, interfaces, fields, and constructors onto the new class. Create shell methods to replace original methods. Encrypt the real methods, and store inside of child proxies. Create and add a method at runtime to handle incoming method requests, decrypt the encrypted methods, and return value.
7
Step 2: Method Execution ● Proxy's Method is called in Java code.
8
Method Execution cont.. ● Shell method is actually executed, and forwards parameters, parameter types, and method name to Invoke() method.
9
Method Execution cont.. ● Inside Invoke(), ClassServer is asked to return a Class based on the method name.
10
Method Execution cont.. ● An instance of the Class is created, and all class variables are copied from the current proxy object, and given to the newly created instance.
11
Method Execution cont.. Using reflection, the desired method is executed on the child proxy.
12
Method Execution cont.. Any return object is returned, and the class variables are now passed back from the child proxy to the original proxy.
13
Method Execution cont.. Return object is returned to the shell method which called invoke.
14
Method Execution cont.. Shell method returns the return object to the caller of the shell method.
15
Limitations, and differences ● Creating new instance not so simple Class object ClassServer ● Key Distribution needed ● Functions may not be referenced in constructor (yet). ● Not threadsafe (yet).
16
References 1. Javassist – http://www.jboss.org/products/javassist 2. Agent Teamwork - http://depts.washington.edu/dslab/AgentTeamwo rk/index.html
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.