Mobile agent watermarking and fingerprinting: Tracing malicious hosts

Abstract

Mobile agents are software entities consisting of code and data that can migrate autonomously from host to host executing their code. Despite its benefits, security issues strongly restrict the use of code mobility. The protection of mobile agents against the attacks of malicious hosts is considered the most difficult security problem to solve in mobile agent systems. The approach that is presented here detects manipulation attacks performed during the agent's execution. Software watermarking techniques are used in order to embed a mark into the agent. The agent's execution creates marked results. When the agent returns to the origin host, these results are examined in order to find the embedded mark. If the mark has changed, this means that the executing host has modified the agent. Colluding hosts can also be identified by using codes with the identifiable parent property (IPP) as marks, i.e. mobile agent fingerprinting. © Springer-Verlag Berlin Heidelberg 2003.