Presentation is loading. Please wait.

Presentation is loading. Please wait.

Self-Protecting Mobile Agents Lee Badger Brian Matt Steven Kiernan Funded by both ITS and Active Networks Programs NAI Labs, Network Associates, Inc. 17.

Published byCollin McDowell Modified over 9 years ago

Similar presentations

Presentation on theme: "Self-Protecting Mobile Agents Lee Badger Brian Matt Steven Kiernan Funded by both ITS and Active Networks Programs NAI Labs, Network Associates, Inc. 17."— Presentation transcript:

1 Self-Protecting Mobile Agents Lee Badger Brian Matt Steven Kiernan Funded by both ITS and Active Networks Programs NAI Labs, Network Associates, Inc. 17 July 2000

2 Trusted Bases and Itinerant Programs Protect the host: enforce least privilege –Type-safety, SFI, access control, Wrappers, IRM, PCC. –(BTW: policy definition is the hardest part) Protect the mobile program Mobile MobileProgram Host Program Host

3 Malicious Hosts Problem Mobile agents will need to execute on unfriendly hosts, but a host may: non-randomly modify an agent’s behavior steal an agent’s secrets (if any) –deny execution –execute improperly crash the agent –lie to an agent

4 Technical Objectives Protect software agents from tampering while allowing: –High mobility. –Detached operation. –Extended deployment periods. –Realistic infrastructure requirements.

5 Existing Practice Limit Mobility to Trusted Places –hardware peripherals, trusted hosts Detect Malicious Execution After it Happens –state appraisal (Farmer), detection objects (Meadows), cryptographic traces (Vigna), partial result authentication codes (Yee), fault-tolerance techniques (Schneider) Prevent Malicious Execution –encrypted functions (Sander, Bazzi), code/data obfuscation (Collberg, Low, Hohl)

6 Technical Approach (in a Nutshell) Spread agents across multiple, unrelated hosts. Spread agents across multiple, unrelated hosts. Force hosts to collude for their attacks to be effective. Force hosts to collude for their attacks to be effective.

7 Applications of Obfuscation “Security through obscurity.” NOT! Long-lived resistance to analysis. NOT! –1999 DVD copy protection break. Protection of algorithms from theft. –DashO-Pro (www.preemptive.com)www.preemptive.com –Jcloak (www.force5.com)www.force5.com –Elixir (www.elixirtech.com)www.elixirtech.com –RetroGuard (www.retrologic.com) Temporary resistance to analysis. –E.g., IA experiment 9907 (dynamic IP numbers)

8 Obfuscation (trivial to not-so-trivial) Kinds of Obfuscation LayoutObfuscationDataObfuscation ControlObfuscation PreventiveObfuscation Language-BreakingObfuscation

9 Obfuscation Data Obfuscation –variable splitting –scalar/object conversion –static data to procedure –change variable lifetime –add variable distance –split/fold/merge arrays –change encoding –merge scalar variables Control Obfuscation –break basic blocks –inline methods –outline statements –unroll loops –reorder statements –reorder loops –reducible to non- reducible flow graphs –table interpretation

10 Opaque Predicates Opaque predicate: A fact about a program’s state known at obfuscation time that is hard to determine from the code. Two basic manufacture techniques –Exploit difficulty in alias analysis. E.g., embed graph operations –Exploit difficulty in concurrency. E.g., embed threading

11 Obfuscation “Strength” Potency: Difficulty for a human to reverse engineer. !(software engineering practices) Resilience: Difficulty of writing a tool to reverse the obfuscation. Cost: Space/time costs. Stealth: Ease of spotting obfuscation mechanisms. Ease of spying out the policy. From Douglas Low’s thesis.

12 Time-limited Black Box Hohl, Fritz, “An Approach to Solve the Problem of Malicious Hosts” A host can deny execution, or lie, but it can’t disrupt the programs’ internal consistency for n seconds. Can this temporary protection be leveraged into ongoing protection?SourceCodePolicyA ObfuscationTransform Run for n seconds Stop. Obfuscated Source code

13 Our Approach

14 What “Policy” Means Here Obfuscation potency, resilience, stealth, cost. Self-monitoring granularity. Replication level. Non-collusion itinerary rules. Obfuscation refresh rate. Distribution of sensitive state. Phone-home flee-home thresholds. And More!

15 Threats (Evaluation, too) (Quickly) defeat obfuscation. Track down sibling agents and implement coordinated attack. Black-box testing revealing secrets. Deny execution. Inject bogus agents. Analysis of long-lived agents. Prohibitive cost.

16 What We’ve Done So Far Surveyed obfuscation tools. Surveyed agent systems. –Choose a system (Kaariboga, ANTS) Weak mobility Java Multi-hop Open source –Created a build environment. Formulated a technology transfer strategy.

17 Task Schedule Architecture Report Distributed Agents Prototype Obfuscation Agents Report Obfuscation Prototype Self-healing Agents Prototype Final Report 010203

18 Technology Transfer Active Networks, systems such as ALP. Open Source distribution. Java. Tool-based approach. –Start with Kaariboga, move to other systems. Explore application to NAI products that employ agents.

Download ppt "Self-Protecting Mobile Agents Lee Badger Brian Matt Steven Kiernan Funded by both ITS and Active Networks Programs NAI Labs, Network Associates, Inc. 17."

Similar presentations

Addressing the Trust Asymmetry Problem In Grid Computing with Encrypted Computation Peter A. Dinda Prescience Lab Department of Computer Science Northwestern.

Addressing the Trust Asymmetry Problem In Grid Computing with Encrypted Computation Peter A. Dinda Prescience Lab Department of Computer Science Northwestern.
NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.

NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies.

Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies.
Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.

Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.
The Mobile Code Paradigm and Its Security Issues Anthony Chan and Michael Lyu September 27, 1999.

The Mobile Code Paradigm and Its Security Issues Anthony Chan and Michael Lyu September 27, 1999.
JavaScript Obfuscation Facts and Fiction Pedro Fortuna, Co-Founder and CTO AuditMark.

JavaScript Obfuscation Facts and Fiction Pedro Fortuna, Co-Founder and CTO AuditMark.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
Wmobf.1 1/5/00 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer.

Wmobf.1 1/5/00 Clark Thomborson Watermarking, Tamper-Proofing and Obfuscation – Tools for Software Protection Christian Collberg & Clark Thomborson Computer.
Preventing Reverse Engineering by Obfuscating Bharath Kumar.

Preventing Reverse Engineering by Obfuscating Bharath Kumar.
Impeding Malware Analysis Using Conditional Code Obfuscation Paper by: Monirul Sharif, Andrea Lanzi, Jonathon Giffin, and Wenke Lee Conference: Network.

Impeding Malware Analysis Using Conditional Code Obfuscation Paper by: Monirul Sharif, Andrea Lanzi, Jonathon Giffin, and Wenke Lee Conference: Network.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Name: Hao Yuan Supervisor: Len Hamey ITEC810 ProjectTransformations for Obfuscating Object-Oriented Programs1.

Name: Hao Yuan Supervisor: Len Hamey ITEC810 ProjectTransformations for Obfuscating Object-Oriented Programs1.
Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.

Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.
Obfuscation techniques in Java Therese Berge Jonas Ringedal.

Obfuscation techniques in Java Therese Berge Jonas Ringedal.
The Mobile Code Paradigm and Its Security Issues Anthony Chan September 13, 1999.

The Mobile Code Paradigm and Its Security Issues Anthony Chan September 13, 1999.
Concepts of Database Management Seventh Edition

Concepts of Database Management Seventh Edition
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
2  Problem Definition  Project Purpose – Building Obfuscator  Obfuscation Quality  Obfuscation Using Opaque Predicates  Future Planning.

2  Problem Definition  Project Purpose – Building Obfuscator  Obfuscation Quality  Obfuscation Using Opaque Predicates  Future Planning.

Similar presentations

Ads by Google