security issues in mobile agents
play

Security Issues in Mobile Agents E C Vijil School of Information - PowerPoint PPT Presentation

Sep 18, 2023 •342 likes •587 views

Security Issues in Mobile Agents E C Vijil School of Information Technology vijil@it.iitb.ac.in 16 January 2002 Security Issues in Mobile Agents 1 Overview of the Talk The Mobile Agent Paradigm Security Threats and Counter Measures

  1. Security Issues in Mobile Agents E C Vijil School of Information Technology vijil@it.iitb.ac.in 16 January 2002

  2. Security Issues in Mobile Agents 1 Overview of the Talk • The Mobile Agent Paradigm • Security Threats and Counter Measures • Security in Data Collection Agents • Our Proposals • Conclusion and Future Work

  3. Security Issues in Mobile Agents 2 The Mobile Agent Paradigm • An executing program that can migrate from machine to machine in a heterogeneous network • Execution environment provided by supporting hosts • Follows either a pre-assigned path or determines its itinerary dynamically

  4. Security Issues in Mobile Agents 3 Client/Server vs Mobile Agents • Client/Server ⋆ Data resides on the server ⋆ Services provided by the server ⋆ Interaction through the UI provided by the Server ⋆ Network Connection retained for the entire duration of the transaction

  5. Security Issues in Mobile Agents 3 Client/Server vs Mobile Agents • Client/Server ⋆ Data resides on the server ⋆ Services provided by the server ⋆ Interaction through the UI provided by the Server ⋆ Network Connection retained for the entire duration of the transaction • What if ⋆ The user has very specific requirements? ∗ Give me the list of books published this year by last year’s best selling author? ⋆ Application is data intensive? ∗ Give me all postings referring to my paper in sci.crypt newsgroup ⋆ You cannot remain online for the entire duration of the transaction? ⋆ Dynamic Deployment of Software

  6. Security Issues in Mobile Agents 4 Where are Mobile Agents useful? • Everything that can be done using mobile agents can also be done using CS • No ‘killer application’ for mobile agents • Mobile Agents more efficient for some applications ⋆ Data Intensive Operations ⋆ Disconnected Operations ⋆ Dynamic Deployment of Software ⋆ Highly user specific applications

  7. Security Issues in Mobile Agents 5 Security Threats • Agent can attack the platform ⋆ Denial of Service ⋆ Unauthorized access ⋆ Masquerading • Platform can attack the agent ⋆ Most difficult to tackle ⋆ Eavesdropping ∗ Could be exposing proprietary algorithms ∗ Privacy concerns ⋆ Alteration of data and code ⋆ Masquerading ∗ Lowest price finding agent

  8. Security Issues in Mobile Agents 6 Problem Scope • Data Collection Agents ⋆ Problem of Malicious Hosts ∗ Idenitifying the malicious host making deletions ∗ Detecting attacks by Colluding Malicious hosts

  9. Security Issues in Mobile Agents 7 Data Collection Agents • Visit multiple sites to collect data ⋆ Typical Example: Shopping agents • Security Issues ⋆ Modification of Data ⋆ Deletion of Data ⋆ Colluding Malicious hosts • Ajanta Mobile Agent System ⋆ A mobile agent framework designed with security in mind • Assumptions ⋆ There exists a reliable Public Key Infrastructure (PKI) ⋆ There are no intruders in the medium

  10. Security Issues in Mobile Agents 8 Modification of Data by Malicious Hosts • A Malicious host modifies the data added by other hosts • Solution - ReadOnlyContainer ⋆ Array of data items collected from each host ⋆ Sign each data item using the host’s private key ⋆ Encrypt using the initiator’s public key if necessary ⋆ Data structures ∗ V: item1, item2, item3 ∗ S: sign1, sign2, sign3 ⋆ Owner verifies the signature of each data item

  11. Security Issues in Mobile Agents 9 Deletion of Data by Malicious Hosts • A Malicious host deletes the data added by other hosts • Solution - AppendOnlyContainer • Notation ⋆ E A : Encryption using public key of A ⋆ D A : Encryption using private key of A ⋆ Sig A ( X ) : Signing of data X using private key of A

  12. Security Issues in Mobile Agents 10 AppendOnlyContainer • Initialization at the Owner’s site ⋆ checkSum = E owner ( N a ) • Updation of checksum by a host C adding dataitem X ⋆ checkSum = E owner ( checkSum + Sig C ( X ) + C ) • Verification at the Owner’s site ⋆ The owner decrypts and separates the fields in the checksum ∗ D A ( checkSum ) ⇒ checkSum + Sig C ( X ) + C ⋆ And verifies the signature ∗ E C ( Sig C ( X )) == hash ( X ) ∗ This is repeated for all data items ∗ If verification succeeds we will be able to recover the original random nonce

  13. Security Issues in Mobile Agents 11 AppendOnlyContainer - An Example • Hosts A, B, C adds items X, Y, Z respectively - Vector V contains the individual data items. • Initialization ⋆ checkSum = E O ( nonce ) • Updation of checksum by host A adding dataitem X ⋆ checkSum = E O ( E O ( nonce ) + Sig A ( X ) + A ) ⋆ V contains : X • Updation of checksum by host B adding dataitem Y checksum after the addition of X � �� � ⋆ checkSum = E O ( E O ( E O ( nonce ) + Sig A ( X ) + A ) + Sig B ( Y ) + B ) ⋆ V contains : X, Y

  14. Security Issues in Mobile Agents 12 AppendOnlyContainer - An Example (Contd...) • Updation of checksum by host C adding dataitem Z ⋆ checkSum = checksum after the addition of Y � �� � E O ( E O ( E O ( E O ( nonce ) + Sig A ( X ) + A ) + Sig B ( Y ) + B ) + Sig C ( Z ) + C ) ⋆ V contains : X, Y, Z

  15. Security Issues in Mobile Agents 13 Problems with AppendOnly Container • Can only detect that a modification/deletion has taken place • Cannot identify the host doing the modification deletion • Identification of the malicious host is important to prevent future modifications

  16. Security Issues in Mobile Agents 14 Identifying malicious hosts - Proposed solution • Main idea ⋆ AppendOnlyContainer signs each data item separately ⋆ Instead sign all the data carried by the agent together • The checksum update procedure is modified as follows ⋆ Original : checkSum = E owner ( checkSum + Sig C ( X ) + C ) ⋆ Our Proposal : checkSum = E owner ( checkSum + Sig C ( data ) + C ) • If verification fails while decrypting the data added by Host i ⋆ Either Host i or Host i +1 is the malicious host.

  17. Security Issues in Mobile Agents 15 SecureContainer - An Example • Hosts A, B, C adds items X, Y, Z respectively - Vector V contains the individual data items. • Initialization ⋆ checkSum = E O ( nonce ) • Updation of checksum by host A adding dataitem X ⋆ checkSum = E O ( E O ( nonce ) + Sig A ( X ) + A ) ⋆ V contains : X • Updation of checksum by host B adding dataitem Y checksum after the addition of X � �� � ⋆ checkSum = E O ( E O ( E O ( nonce ) + Sig A ( X ) + A ) + Sig B ( X, Y ) + B ) ⋆ V contains : X, Y

  18. Security Issues in Mobile Agents 16 SecureContainer - An Example (Contd...) • Updation of checksum by host C adding dataitem Z ⋆ checkSum = checksum after the addition of Y � �� � E O ( E O ( E O ( E O ( nonce ) + Sig A ( X ) + A ) + Sig B ( X, Y ) + B ) + Sig C ( X, Y, Z )+ C ) ⋆ V contains : X, Y, Z

  19. Security Issues in Mobile Agents 17 Collusion in Data Collection Agents • Two or more hosts jointly attacking an agent • The colluding hosts can share information • Can they do better than hosts acting individually?

  20. Security Issues in Mobile Agents 18 Deletion of data by colluding malicious hosts • Two or more hosts can collude to delete data items from the AppendOnlyContainer • Itinerary H 1 , H 2 , H 3 , · · · , H i , H i +1 , · · · , H j , H j +1 , · · · , H n • H i does the following: 1. It adds its own data D i , to the AppendOnlyContainer . 2. It recomputes the checksum. We shall denote this checksum by checkSum i . 3. It sends checkSum i to H j +1 . • H j +1 on receiving the agent does the following: 1. It adds its own data D j +1 , to the AppendOnlyContainer . 2. It recomputes the checksum. But, instead of using the current value of checksum carried by the agent, it uses checkSum i . 3. It removes data items D i , · · · , D j from the AppendOnlyContainer

  21. Security Issues in Mobile Agents 19 Detecting Collusions • Static Itinerary • Dynamic Itinerary ⋆ Notification by hosts ∗ Prevents disconnected operations ⋆ Querying by the agent initiator ∗ Allows disconnected operations ∗ Higher message overhead

  22. Security Issues in Mobile Agents 20 Our Approach • Both these solutions involves message overhead which can be avoided • Expected Number of Deleted Hosts (ENDH) • Owner assumes k out of n hosts are malicious • P ( i ) is the probability that exactly i hosts are deleted • ENDH = � n − 2 i =0 i.P ( i ) • Notification by Proactive Hosts • Querying by the Agent Initiator

  23. Security Issues in Mobile Agents 21 Our Approach (Contd...) • Notification by Proactive Hosts ⋆ Each host notifies the initiator with probability ENDH n • Querying by the Agent Initiator ⋆ Agent initiator queries with probability ENDH n • Experimentation ⋆ Notification by Proactive Hosts ∗ Accuracy of more than 90% with about 67% reduction in the number of messages ⋆ Querying by the Agent Initiator ∗ Accuracy of more than 90% with about 25% reduction in the number of messages

  24. Security Issues in Mobile Agents 22 Conclusions • Mobile Agents are a useful programming paradigm • Its utitility is limited if security threats are not mitigated • Problem of Malicious hosts - Difficult to tackle • Our solutions ⋆ Identify the malicious host in data collection agents ⋆ A probabilistic scheme for detecting collusions

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues.

Mobile network security issues A very short overview of some mobile security issues. Mobile access is expected to become the main access method. Services and mobile commerce (mCommerce) are expected to become a major business.

818 views • 20 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Mobile Security Issues Introduction So many cool mobile apps Access to web, personal information, social media, etc

1.05k views • 55 slides
Mobile Software Agents: an Overview Authors : Vu Anh Pham and Ahmed Karmouch From: University

Mobile Software Agents: an Overview Authors : Vu Anh Pham and Ahmed Karmouch From: University

Mobile Software Agents: an Overview Authors : Vu Anh Pham and Ahmed Karmouch From: University of Ottawa, Ontario Luba Sakharuk Presented by: Agenda for the Overview of Mobile Agents Abstract The Mobile Agent in Telecommunications

702 views • 27 slides
Security & Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security & Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik,

Security & Privacy Issues in Mobile Cloud Computing Manmohan Chaturvedi ,1 , Sapna Malik, Preeti Aggarwal and Shilpa Bahl Ansal University, Gurgaon- 122011, India 1 mmchaturvedi@ansaluniversity.edu.in Indian Context The potential uptake

1.27k views • 28 slides
What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017

What, exactly, is different or new about MOBILE mobile security? SECURITY TECHNOLOGIES 2017 Dan S. Wallach , Rice University tl;dr The computers inside the computer Every chip has one or more CPUs inside; they have exploitable bugs

1.23k views • 87 slides
Black Hat Europe 2009 Hijacking Mobile Data Connections 1 Mobile Security Lab Provisioning

Black Hat Europe 2009 Hijacking Mobile Data Connections 1 Mobile Security Lab Provisioning

Black Hat Europe 2009 Hijacking Mobile Data Connections 1 Mobile Security Lab Provisioning & WAP primer Forging Messages Demo: Remote provisioning Provisioning: Process and Issues Attack scenario and exploiting Final

713 views • 59 slides
Protecting Mobile Agents Anna Suen suen@cs.fsu.edu January 22, 2003 Preview Review:

Protecting Mobile Agents Anna Suen suen@cs.fsu.edu January 22, 2003 Preview Review:

Protecting Mobile Agents January 22, 2003 Protecting Mobile Agents Anna Suen suen@cs.fsu.edu January 22, 2003 Preview Review: Mobile Agent System Model Types of Attacks Agent Threats Techniques for protecting agents 2

230 views • 10 slides
Applying Trust Policies for Protecting Applying Trust Policies for Protecting Mobile Agents

Applying Trust Policies for Protecting Applying Trust Policies for Protecting Mobile Agents

Applying Trust Policies for Protecting Applying Trust Policies for Protecting Mobile Agents Against DoS Mobile Agents Against DoS Biljana Cubaleska 1 , Markus Schneider 2 1 University of Hagen, Dept. Of Communication Systems, Germany 2

511 views • 21 slides
Efficient Delivery with Mobile Agents Andreas B artschi NSEC/CNLS, baertschi@lanl.gov CNLS

Efficient Delivery with Mobile Agents Andreas B artschi NSEC/CNLS, baertschi@lanl.gov CNLS

Los Alamos National Laboratory LA-UR-19-24756 Efficient Delivery with Mobile Agents Andreas B artschi NSEC/CNLS, baertschi@lanl.gov CNLS Postdoc Seminar April 18, 2019 Managed by Triad National Security, LLC for the U.S. Department of

875 views • 26 slides
Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction

Latest Trends in Mobile Security By M K Chaithanya C-DAC Hyderabad Outline Introduction Statistics of Mobile Usage Current State of Mobile Security Recent Attacks Various Mobile Threats Security & Privacy

1.03k views • 57 slides
Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till

Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till

Foundations Security in MAS Conclusion Why Protection against Viruses, Bots, and Worms is so hard Malware seen as Mobile Agents Till Drges td@pre-secure.de PRESECURE Consulting GmbH June 20, 2007 Till Drges Protection Malware seen

739 views • 57 slides
Mobile Agents for Database Applications Ludwig Klug Database Agents 1 Ludwig Klug Ludwig

Mobile Agents for Database Applications Ludwig Klug Database Agents 1 Ludwig Klug Ludwig

DBagents dbagents@scch.at +43 7236 3343 837 www.scch.at Mobile Agents for Database Applications Ludwig Klug Database Agents 1 Ludwig Klug Ludwig works with Agents for more than 1.5 years Technical consultant for Grasshopper

395 views • 21 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 9a: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Announcement Course Evaluations Now online Will be available from Friday, Dec 7 Will also allow students to do

864 views • 50 slides
Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

CS 155 Spring 2018 Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories Physical, platform malware, malicious apps Defense

1.17k views • 93 slides
Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006

Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006

Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006 Ray Hunt, Associate Professor Dept. of Computer Science and Software Engineering University of Canterbury, New Zealand 1 Security Issues in Wireless

1.52k views • 131 slides
Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction:

Spring 2018 CS 155 Mobile Device and Platform Security John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories n Physical, platform malware, malicious apps Defense against physical theft Thurs

1.28k views • 64 slides
SSL / TLS How broken is it? Interesting times Introduction I'm Hanno Bck, freelance

SSL / TLS How broken is it? Interesting times Introduction I'm Hanno Bck, freelance

SSL / TLS How broken is it? Interesting times Introduction I'm Hanno Bck, freelance Journalist, administrator at schokokeks.org (webhosting) Long-time interest in crypto, diploma thesis on RSA-PSS This talk was planned before the

648 views • 37 slides
$Q(PSLULFDO6WXG\RI5HDO9LGHR %DQGZLGWKDQGUHVSRQVHWLPHQRWHQRXJK

$Q(PSLULFDO6WXG\RI5HDO9LGHR %DQGZLGWKDQGUHVSRQVHWLPHQRWHQRXJK

,QWURGXFWLRQ 6WUHDPLQJ$XGLRDQG9LGHRLVJURZLQJ 7UDGLWLRQDO,QWHUQHWVWXGLHVEXW YLGHRLVGLIIHUHQW $Q(PSLULFDO6WXG\RI5HDO9LGHR %DQGZLGWKDQGUHVSRQVHWLPHQRWHQRXJK

452 views • 7 slides
Correlation Clustering Bounding and Comparing Methods Beyond ILP Micha Elsner and Warren Schudy

Correlation Clustering Bounding and Comparing Methods Beyond ILP Micha Elsner and Warren Schudy

Correlation Clustering Bounding and Comparing Methods Beyond ILP Micha Elsner and Warren Schudy Department of Computer Science Brown University May 26, 2009 Document clustering rec.motorcycles soc.religion.christian 2 Document clustering:

802 views • 59 slides
Course Organization Sofuware Architecture KU (706.707) Sran Dombi 2020-10-07 Institute

Course Organization Sofuware Architecture KU (706.707) Sran Dombi 2020-10-07 Institute

Course Organization Sofuware Architecture KU (706.707) Sran Dombi 2020-10-07 Institute for Interactive Systems and Data Science, Graz University of Technology 1 Introduction Course Elective course for Sofuware Engineering

335 views • 15 slides
Introduction to Cryptography Helger Lipmaa Laboratory for Theoretical Computer Science Helsinki

Introduction to Cryptography Helger Lipmaa Laboratory for Theoretical Computer Science Helsinki

T-79.159 Cryptography and Data Security Introduction to Cryptography Helger Lipmaa Laboratory for Theoretical Computer Science Helsinki University of Technology helger@tcs.hut.fi http://www.tcs.hut.fi/helger T-79.159 Cryptography and Data

946 views • 56 slides
Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University

Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University

Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University March 4, 2015 Today: Readings: Bishop chapter 8 Graphical models Mitchell chapter 6 Bayes Nets: EM Mixture of Gaussian

331 views • 32 slides
Current Status NNTPEXT Working Group Stan Barber, Co-Chair 12/11/2000 Status Summary

Current Status NNTPEXT Working Group Stan Barber, Co-Chair 12/11/2000 Status Summary

Current Status NNTPEXT Working Group Stan Barber, Co-Chair 12/11/2000 Status Summary Current Practices Draft became RFC 2980 (Thanks, Ned!) RFC977bis is in 12 th release since it became draft-ietf-nntp-base-XX.txt There have

418 views • 13 slides
Welcome to CS440 / ECE 448 Introduction to Artificial Intelligence Prof.

Welcome to CS440 / ECE 448 Introduction to Artificial Intelligence Prof.

Welcome to CS440 / ECE 448 Introduction to Artificial Intelligence Prof. Julia Hockenmaier Lecture 1: Introduction CS440/ECE448 Introduction to Artificial Intelligence Prof. Julia Hockenmaier

522 views • 34 slides

More recommend