DARPA ISO Sponsored Research

2000 Project Summary
Self Protecting Mobile Agents
NAI Labs
Project Website:  http://dev.nai.com/nai_labs/asp_set/environments/self-protecting.asp 
Quad Chart:  Link to Quad Chart   provided by the performing organization
Objective: Develop and Prototype practical and effective techniques that allow mobile agents to protect themselves from malicious host computers.  Such self-protecting agents will perform their missions with confidence even though they sometimes roam through unknown and possibley-hostile territory.
Approach: Develop tools that translate an individual software agent into a distributed set of tamper-resistant agentlets that is never entirely vulnerable to a single host, and that can detect and recover from compromise of a subset of its elements. Provide strong protection by combining three core techniques: 
  • Distributed Agent State. Each agent will be partitioned into a set of communicating programs (agentlets) executing on independent hosts. Critical information will be spread across the agentlets, thus limiting vulnerability to any proper subset of the hosts. 
  • Obfuscation with Periodic Regeneration. Executable code and data of each agentlet will be obfuscated using a variety of  techniques (e.g., randomly selected, but equivalent, algorithms and data representations). Obfuscation will delay, but not prevent, brainwashing of agents via reverse engineering. Consequently, agentlets will periodically expire and be replaced by differently obfuscated versions so that a successful attack on an agentlet cannot be accomplished before the agentlet expires. Regeneration will use information from multiple agentlets (hosts), and hence will not be vulnerable to reverse engineering by any single host. 
  • Monitoring and Recovery. Agentlets will be self-monitoring and will also monitor other agentlets. Using       challenge/response techniques, agents will automatically exclude compromised agentlets, report the identities of tampering nodes, and replace lost agentlets. 
This research will be conducted in three phases: 
 
  • Phase 1: Develop source-code translation tools to convert an individual software agent into a set of replicated communicating agentlets that collectively manage their navigation to avoid dependence on possibly-colluding hosts. In addition to agent source code, our tools will read an agent security specification that determines a variety of agentlet protection policies, and will possibly accept manual guidance as well. A key goal of this work will be to minimize or avoid manual guidance of the tools. To maximize technology transfer, we will base our work on a freely-available agent system such as the open-source Kaariboga system. Our tools will extend the functionality of agents to encompass group navigation (through the information fabric), protection of secrets, and coordinated state management (between members of a distributed agent). To maximize flexibility, develop a simple policy specification language and use specifications to guide the behavior of the new functional areas generated by our tools, and make appropriate tradeoffs between security, performance, and functionality. Using these techniques, this task will reduce the vulnerability of agents to individual hosts, and will allow agents to carry secrets with relative safety. 
  • Phase 2: Augment our agentlet-generation tools to produce agentlets that dynamically obfuscate one another as they migrate through the network. Leverage this capability into ongoing protection by time-limiting the execution of individual obfuscated agentlets, and dynamically generating and running new, differently-obfuscated, versions so that a successful attack on an agentlet cannot be accomplished before the agentlet is replaced. Using distributed and dynamically-refreshed obfuscation, prevent reverse engineering and ensure that the obfuscation process itself is protected from tampering.  Ensure that any progress that an attacker makes in reverse-engineering an old version of an agentlet confers no useful     information about attacking a subsequent version of the agentlet.
  • Phase 3: Extend agentlets to employ fine-grained monitoring for tamper detection, and mutually-suspicious agreement protocols to identify and exclude potentially-subverted agentlets. Because agentlets will be obfuscated, it will be infeasible for a host to remove or disable monitoring. Agentlets will both monitor themselves by probing their state for integrity, and also monitor each other via protocols that are obfuscated and hence impractical to spoof by hosts. Because of this external monitoring, expired agentlets will be incompatible with newer versions running on other hosts, and hosts will therefore be unable to refuse execution to newly-generated agentlets, or to continue using expired versions without detection. This task will provide self-healing and group integrity to sets of agentlets. 
Recent FY-99/FY-00 Accomplishments: This is a new project and has started with a small amount of initial funding.  Our recent accomplishments focus on initial   investigations and the establishment of a source-code build environment for conducting the research. 
  • Survey of agent systems. This work will be based on an existing (although possibly extended) agent system. We surveyed a large number of agent systems available from the Web. To speed the project and to maximize technology transfer, we established four core criteria for selecting an agent system: 1) Open Source, 2) Java-based, 3) multi-hop code/state distribution, and 4) simple. We will release Self-Protecting Mobile Agents technology under the GPL, and hence an open source technology base is of great value for easing technology transfer. Although Java is not a technical necessity for constructing mobile agents, it is a useful standard, relatively mature, freely available, and its cross-platform feature will assist with technology transfer. The multi-hop distribution requirement rules out systems, which are merely central code servers that send code (in one hop) straight to executing nodes. Multi-hop systems provide the scalability and generality that mobile agents require, and that our techniques assume. Our final requirement is simplicity. Simplicity in the base technology greatly facilitates experimentation. Surprisingly, only one non-trivial system satisfied all of these goals simultaneously, Kaariboga.   (http://www.physik.uni-bielefeld.de/experi/d3/persons/struve/kaariboga)  We have downloaded, built, and performed some initial tests with Kaariboga, and it appears to be a suitable base for our experiments. 
  • In addition to surveying generic mobile agent systems, we have begun to track technology being developed under  DARPA’s Active Networks program. Active Networks are mobile agent systems with a specific application domain (network infrastructure). Lee Badger attended the Active Nets Principal Investigator’s meeting in Portland OR in June, 2000. We are examining the ANTS active networks system from MIT and are considering which Active Networks Pis to work with in migrating self-protection techniques into the Active Networks program. 
  •  Survey of obfuscation tools. We have begun surveying available Java obfuscation tools. Most of the current tools are too basic, and are commercial products. Even so, we may be able to build upon some of the existing tools and add the sophisticated features we require. For example, Retroguard (http://www.retrologic.com) has been released under the GPL and could be a suitable base for extension. 
FY-00 Plans: Analyze the structure of mobile agents in Kaariboga, and formulate techniques for partitioning agents into separate, replicated, agentlets. To the extent possible, formulate the techniques to be portable to other agent systems. Design tools for performing the partitioning. Set up a mobile agent testbed for running partitioned agents. 
Continue surveying available obfuscation tools. Select a tool upon which to base our work. As with the agent system selection criteria, the tool will be Open Source and Java-based. 
Begin exploration of how to perform the obfuscation task consistently with the structure and requirements of Phase 1 distributed agentlets. 
Continue to track the Active Networks program, and perform an initial analysis of how to port self-protection techniques into the ANTS Active Network system. 
Technology Transition: In November, 1999, Lee Badger briefed the commercial divisions of Network Associates on the problem of protecting mobile agents and on solution strategies we are now exploring. This was prior to the start of the contract, but was a useful opportunity raise awareness within the company. 
In March 2000, Lee Badger briefed the ISAT study group on Mobility and Security on the problem of protecting agents from malicious hosts, and on possible solutions. 
In May 2000, Lee Badger attended the DARPA Dynamic Coalitions Policy Workshop and discussed aspects of security policy in various domains. Self-protecting agents will have their own specialized view of security policy, and hence are relevant to the general area of policy specification. 
Principal Investigator: PI Name:             Lee Badger
Organization:        NAI Labs
Address:              Network Associates
                            3060 Washington Road (Rt. 97)
City, State, ZIP:   Glenwood, MD  21738
Phone:                 (443)259-2300
Fax:                     (301)854-4731
email:                   lbadger@nai.com

Admin Contact 
Name:                 Dick Matthew
Organization:       NAI Labs
Address:             Network Associates
                           3060 Washington Rd. (Rt. 97)
                           Glenwood, MD  21738
Phone:                 (443)259-2300
Fax:                     (301)854-4731
email:                   matthew_dick@nai.com