Detecting Intrusions in Mobile Agents

This research identifies and analyzes ways that ensure the secure operation of a multi-agent system (MAS) on an untrusted host. Because of the propensity of the malicious host to spy and leak usage patterns, block useful work and feed false or misleading information, it becomes necessary for the software agent to detect intrusions and protect its security. While enabling secure transactions on a malicious host is considered one of the most challenging problems in mobile agent security, ideas such as mess-up code, time-limited black-box security, and alternating usage of secure hardware can be found in literature. The goal of this project is to design a simple protocol that utilizes a combination of the aforementioned ideas in conjunction with some novel ideas in code/data separation, trust-establishment and a probabilistic method to mask legitimate data transmission and interaction patterns to demonstrate certain levels of security can be achieved in a malicious environment.