Abstract
This thesis introduces 'spy agents' as a new security paradigm for evaluating trust in remote hosts in mobile code scenarios. In this security paradigm, a spy agent, i.e. a mobile agent which circulates amongst a number of remote hosts, can employ a variety of techniques in order to both appear 'normal' and suggest to a malicious host that it can 'misuse' the agent's data or code without being held accountable.
A framework for the operation and deployment of such spy agents is described. Subsequently, a number of aspects of the operation of
such agents within this framework are analysed in greater detail.
The set of spy agent routes needs to be constructed in a manner that
enables hosts to be identified from a set of detectable agent-specific outcomes.
The construction of route sets that both reduce the probability of spy agent
detection and support identification of the origin of a malicious
act is analysed in the context of combinatorial group testing
theory. Solutions to the route set design problem are proposed.
A number of spy agent application scenarios are introduced and
analysed, including: a) the implementation of a mobile code email honeypot system for identifying email privacy infringers, b)
the design of sets of agent routes that enable malicious host
detection even when hosts collude, and c) the evaluation
of the credibility of host classification results
in the presence of inconsistent host behaviour. Spy agents can be used in a
wide range of applications, and it appears that each application
creates challenging new research problems, notably in the design of
appropriate agent route sets.
A framework for the operation and deployment of such spy agents is described. Subsequently, a number of aspects of the operation of
such agents within this framework are analysed in greater detail.
The set of spy agent routes needs to be constructed in a manner that
enables hosts to be identified from a set of detectable agent-specific outcomes.
The construction of route sets that both reduce the probability of spy agent
detection and support identification of the origin of a malicious
act is analysed in the context of combinatorial group testing
theory. Solutions to the route set design problem are proposed.
A number of spy agent application scenarios are introduced and
analysed, including: a) the implementation of a mobile code email honeypot system for identifying email privacy infringers, b)
the design of sets of agent routes that enable malicious host
detection even when hosts collude, and c) the evaluation
of the credibility of host classification results
in the presence of inconsistent host behaviour. Spy agents can be used in a
wide range of applications, and it appears that each application
creates challenging new research problems, notably in the design of
appropriate agent route sets.
Original language | English |
---|---|
Qualification | Ph.D. |
Awarding Institution |
|
Supervisors/Advisors |
|
Thesis sponsors | |
Award date | 1 Feb 2012 |
Publication status | Unpublished - 2011 |
Keywords
- Spy agents
- Group testing
- Combinatorial designs
- Kalogridis