Abstract
Absolute protection of mobile agents from attacks by malicious hosts is an open research problem. We propose a software based paradigm whereby an agent is protected from various static and dynamic attacks from a malicious host of an unknown hardware configuration, for a specific period of time. This time interval is computed by restricting the maximum resources that may be available to the adversary and the time complexity of the critical static and dynamic attacks that it may launch. We employ the technique of oblivious hashing (OH) using overlapped instructions [1]. with pointer aliasing to thwart static analysis and instant code modifications. The host is required to obtain the aggregate OH value of the whole agent by executing it in an unobstrusive environment and to send it back to the agent originator within the specified time interval. To provide unobtrusive environment, we employ various x86 platform specific techniques and external timing analysis to thwart major dynamic attack tools like debuggers virtual machines and emulators. The resulting increase in resilience to static and dynamic attacks compounds the difficulty of a malicious host to manipulate agent's execution, thus increasing the reliabilty of the agent system.