A Protocol Preventing Blackbox Tests of Mobile Agents
For protecting mobile agents from attacks by malicious hosts, some current approaches try to create a blackbox out of an unprotected agent. A blackbox is a special mobile agent whose internals - code and data - are principally “invisible“ for attackers. Although allowing a high degree of security, even blackboxes can be attacked by means of testing attacks. A blackbox testing attack executes an agent several times with different input parameters. After each execution, the attacker observes the effect, either explicit results like output values or characteristic “activity patterns“. This paper presents a protocol that prevents testing attacks against blackbox protected mobile agents. The protocol exploits the fact that input data can be used as a sort of challenge. It uses registries, i.e. services on other, trusted nodes. It is shown that the presented protocol has a reasonable overhead compared to a non-migrating alternative.
Unable to display preview. Download preview PDF.
- 1.[Fri98]Fritz, Andreas: Realisierung eines vorgegebenen Mechanismus zur Verhinderung von “Testing“-Angriffen gegen “Blackbox“-geschützte Agenten, Diplomarbeit Nr. 1696, Fakultät Informatik, Universität Stuttgart Germany, 1998Google Scholar
- 2.[Hoh98]Hohl, Fritz: Time Limited Blackbox Security: Protecting Mobile Agents From Malicious Hosts, in: Vigna, Giovanni (Ed.): Mobile Agents and Security, LNCS Nr. 1419, Springer-Verlag, 1998.Google Scholar
- 3.[ST98a]Sander, Tomas; Tschudin, Christian: Protecting Mobile Agents Against Malicious Hosts, in: Vigna, Giovanni (Ed.): Mobile Agents and Security, Springer- Verlag, 1998.Google Scholar