Abstract
Mobile agent is widely used in area such as parallel distributed computing for higher performance. But security issues threaten both the algorithm and data running on mobile agent system. The sensitive information within mobile agent code is inclined to be reverse engineered on a host platform. Obfuscation provides effective protection in this case with little execution time and storage size overhead. In this paper, we propose an obfuscation algorithm based on self-modifying code to prevent mobile agent code from attack at function level. We implement the algorithm and prove the efficacy of the algorithm.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Wang, C., Davidson, J., Hill, J., & Knight, J. (2001). Protection of software-based survivability mechanisms. In Proc. international conference of dependable systems and networks.
Wang, C. (2000). A security architecture for survivability mechanisms. Ph.D. thesis, Department of Computer Science, University of Virginia.
Anckaert, B., Madou, M., De Sutter, B., De Bus, B., De Bosschere, K., & Preneel, B. (2007). Program obfuscation: A quantitative approach. In Proceedings of the 2007 ACM workshop on quality of protection (pp. 15–20). New York: ACM.
Majumdar, A., & Thomborson, C. (2006). Interpreting opacity in the context of information-hiding and obfuscation in distributed systems. In 2006 IEEE region 10 conference TENCON 2006 (pp. 1–4).
Borselius, N. (2002). Mobile agent security. Electronics and Communication Engineering Journal, 14(5), 211–218.
D’Anna, L., Matt, B., Reisse, A., Van Vleck, T., Schwab, S., & LeBlanc, P. (2001). Self-protecting mobile agents obfuscation report (pp. 3–15). Final report, Network Associates Laboratories Report.
Farmer, W., Guttman, J., & Swarup, V. (1996). Security for mobile agents: Issues and requirements. In Proceedings of the 19th national information systems security conference (Vol. 2, pp. 591–597). Citeseer.
Schelderup, K., & Olnes, J. (1999). Mobile agent security-issues and directions. Lecture Notes in Computer Science, 1597, 155–167.
Wang, C., Hill, J., Knight, J., & Davidson, J. (2000). Software tamper resistance: Obstructing static analysis of programs. Charlottesville: University of Virginia.
Bhatkar, S., DuVarney, D., & Sekar, R. (2003). Address obfuscation: An efficient approach to combat a board range of memory error exploits. In Proceedings of the 12th conference on USENIX security symposium (Vol. 12, p. 8). Berkeley: USENIX Association.
Kruegel, C., Robertson, W., Valeur, F., & Vigna, G. (2004). Static disassembly of obfuscated binaries. In Proceedings of the 13th conference on USENIX security symposium (Vol. 13, p. 18). Berkeley: USENIX Association.
Drape, S. (2007). Generalising the array split obfuscation. Information Sciences, 177(1), 202–219.
Sosonkin, M., Naumovich, G., & Memon, N. (2003). Obfuscation of design intent in object-oriented applications. In Proceedings of the 3rd ACM workshop on digital rights management (pp. 142–153). New York: ACM.
Brzozowski, M., & Yarmolik, V. (2007). Obfuscation as intellectual rights protection in VHDL language. In 6th international conference on computer information systems and industrial management applications, 2007. CISIM’07 (pp. 337–340).
Liu, F., Lu, B., & Luo, X. (2006). A chaos-based robust software watermarking. In Information security practice and experience: second international conference, ISPEC 2006, Hangzhou, China, 11–14 April 2006: Proceedings (p. 355). New York: Springer.
Popov, I., Debray, S., & Andrews, G. (2007). Binary obfuscation using signals. In Proceedings of 16th USENIX security symposium on USENIX security symposium table of contents. Berkeley: USENIX Association.
Ge, J., Chaudhuri, S., & Tyagi, A.: Control flow based obfuscation. In Proceedings of the 5th ACM workshop on digital rights management (pp. 83–92). New York: ACM.
Linn, C., & Debray, S. (2003). Obfuscation of executable code to improve resistance to static disassembly. In Proceedings of the 10th ACM conference on computer and communications security (pp. 290–299). New York: ACM.
Majumdar, A., & Thomborson, C. (2006). Manufacturing opaque predicates in distributed systems for code obfuscation. In Proceedings of the 29th Australasian computer science conference (Vol. 48, pp. 187–196). Darlinghurst: Australian Computer Society.
Madou, M., Anckaert, B., Moseley, P., Debray, S., De Sutter, B., & De Bosschere, K. (2006). Software protection through dynamic code mutation. Lecture Notes in Computer Science, 3786, 194.
Shan, L., & Emmanuel, S. (2009). Protection of DRM agent codes. In Proceedings of the 2009 IEEE Pacific-rim conference on multimedia. LNCS (Vol. 5879, pp. 743–754). Berlin: Springer.
Anckaert, B., Madou, M., & De Bosschere, K. (2007). A model for self-modifying code. Lecture Notes in Computer Science, 4437, 232.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Shan, L., Emmanuel, S. Mobile Agent Protection with Self-Modifying Code. J Sign Process Syst 65, 105–116 (2011). https://doi.org/10.1007/s11265-010-0548-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11265-010-0548-8