Visible to the public Agents 2015

SoS Newsletter- Advanced Book Block


SoS Logo



In computer science, a software agent is a computer program that acts on behalf of a user or other program. Specific types of agents include intelligent agents, autonomous agents, distributed agents, multi-agent systems, and mobile agents. Because of the variety of agents and the privileges agents have to represent the user or program, they are of significant cybersecurity community research interest. The works cited here look at those related to privacy, cyberphysical systems, and other hard problem areas. They were published in 2015.

Vegh, L.; Miclea, L., “A Simple Scheme for Security and Access Control in Cyber-Physical Systems,” in Control Systems and Computer Science (CSCS), 2015 20th International Conference on, vol., no., pp. 294-299, 27-29 May 2015. doi:10.1109/CSCS.2015.13
Abstract: In a time when technology changes continuously, where things you need today to run a certain system, might not be needed tomorrow anymore, security is a constant requirement. No matter what systems we have, or how we structure them, no matter what means of digital communication we use, we are always interested in aspects like security, safety, privacy. An example of the ever-advancing technology are cyber-physical systems. We propose a complex security architecture that integrates several consecrated methods such as cryptography, steganography and digital signatures. This architecture is designed to not only ensure security of communication by transforming data into secret code, it is also designed to control access to the system and detect and prevent cyber attacks.
Keywords: authorisation; cryptography; digital signatures; steganography; access control; cyber attacks; cyber-physical system; security architecture; security requirement; system security; Computer architecture; Digital signatures; Encryption; Public key; cyber-physical systems; multi-agent systems (ID#: 15-7166)


Vegh, L.; Miclea, L., “Access Control in Cyber-Physical Systems Using Steganography and Digital Signatures,” in Industrial Technology (ICIT), 2015 IEEE International Conference on, vol., no., pp. 1504-1509, 17-19 March 2015. doi:10.1109/ICIT.2015.7125309
Abstract: In a world in which technology has an essential role, security of the systems we use is a crucial aspect. Most of the time this means ensuring communications' security, protecting data and it automatically makes us think of cryptography, changing the form of the data so no one can view it without authorization. Cyber-physical systems are more and more present in critical applications in which security is of the utmost importance. In the present paper, we propose a look on security not by encrypting data but by controlling the access to the system. For this we combine digital signatures with an encryption algorithm with divided private key in order to control access to the system and to define roles for each user. We also add steganography, to increase the level of security of the system.
Keywords: authorisation; data protection; digital signatures; private key cryptography; steganography; access control; authorization; communication security; cryptography; cyber-physical systems; data protection; divided private key; encryption algorithm; Access control; Digital signatures; Encryption; Multi-agent systems; Public key; digital signature; hierarchical access; multi-agent systems; (ID#: 15-7167)


Leitao, P.; Barbosa, J.; Papadopoulou, M.-E.C.; Venieris, I.S., “Standardization in Cyber-Physical Systems: The ARUM Case,” in Industrial Technology (ICIT), 2015 IEEE International Conference on, vol., no., pp. 2988-2993, 17-19 March 2015. doi:10.1109/ICIT.2015.7125539
Abstract: Cyber-physical systems concept supports the realization of the Industrie 4.0 vision towards the computerization of traditional industries, aiming to achieve intelligent and reconfigurable factories. Standardization assumes a critical role in the industrial adoption of cyber-physical systems, namely in the integration of legacy systems as well as the smooth migration from existing running systems to the new ones. This paper analyses some existing standards in related fields and presents identified limitations and efforts for a wider acceptance of such systems by industry. Special attention is devoted to the efforts to develop a standard-compliant service-oriented multi-agent system solution within the ARUM project.
Keywords: Internet; multi-agent systems; production engineering computing; production facilities; production management; service-oriented architecture; software maintenance; ARUM project; Industrie 4.0 vision; adaptive production management project; cyberphysical systems; industry computerization; intelligent factories; legacy systems; reconfigurable factories; standard-compliant service-oriented multiagent system solution; Industries; Interoperability; Protocols; Real-time systems; Security; Standards
(ID#: 15-7168)


Tsigkanos, C.; Pasquale, L.; Ghezzi, C.; Nuseibeh, B., “Ariadne: Topology Aware Adaptive Security for Cyber-Physical Systems,” in Software Engineering (ICSE), 2015 IEEE/ACM 37th IEEE International Conference on, vol. 2, no., pp. 729-732, 16-24 May 2015. doi:10.1109/ICSE.2015.234
Abstract: This paper presents Ariadne, a tool for engineering topology aware adaptive security for cyber-physical systems. It allows security software engineers to model security requirements together with the topology of the operational environment. This model is then used at runtime to perform speculative threat analysis to reason about the consequences that topological changes arising from the movement of agents and assets can have on the satisfaction of security requirements. Our tool also identifies an adaptation strategy that applies security controls when necessary to prevent potential security requirements violations.
Keywords: security of data; software tools; Ariadne tool; adaptation strategy; cyber-physical systems; engineering topology aware adaptive security; security software engineers; speculative threat analysis; Adaptation models; Mobile handsets; Ports (Computers); Runtime; Security; Servers; Topology; Adaptive Systems; Verification (ID#: 15-7169)


Xiaofan He; Huaiyu Dai; Peng Ning, “Improving Learning and Adaptation in Security Games by Exploiting Information Asymmetry,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 1787-1795, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218560
Abstract: With the advancement of modern technologies, the security battle between a legitimate system (LS) and an adversary is becoming increasingly sophisticated, involving complex interactions in unknown dynamic environments. Stochastic game (SG), together with multi-agent reinforcement learning (MARL), offers a systematic framework for the study of information warfare in current and emerging cyber-physical systems. In practical security games, each player usually has only incomplete information about the opponent, which induces information asymmetry. This work exploits information asymmetry from a new angle, considering how to exploit local information unknown to the opponent to the player’s advantage. Two new MARL algorithms, termed minimax-PDS and WoLF-PDS, are proposed, which enable the LS to learn and adapt faster in dynamic environments by exploiting its private local information. The proposed algorithms are provably convergent and rational, respectively. Also, numerical results are presented to show their effectiveness through two concrete anti-jamming examples.
Keywords: learning (artificial intelligence); multi-agent systems; security of data; stochastic games; LS; MARL; SG; WoLF-PDS; adaptation; concrete anti-jamming; cyber-physical systems; information asymmetry; information warfare; legitimate system; minimax-PDS; multiagent reinforcement learning; security games; stochastic game; unknown dynamic environments; Computers; Conferences; Games; Heuristic algorithms; Jamming; Security; Sensors (ID#: 15-7170)


Weina Ma; Sartipi, K.; Sharghigoorabi, M., “Security Middleware Infrastructure for Medical Imaging System Integration,” in Advanced Communication Technology (ICACT), 2015 17th International Conference on, vol., no., pp. 353-357, 1-3 July 2015. doi:10.1109/ICACT.2015.7224818
Abstract: With the increasing demand of electronic medical records sharing, it is a challenge for medical imaging service providers to protect the patient privacy and secure their IT infrastructure in an integrated environment. In this paper, we present a novel security middleware infrastructure for seamlessly and securely linking legacy medical imaging systems, diagnostic imaging web applications as well as mobile applications. Software agent such as user agent and security agent have been integrated into medical imaging domains that can be trained to perform tasks. The proposed security middleware utilizes both online security technologies such as authentication, authorization and accounting, and post security procedures to discover system security vulnerability. By integrating with the proposed security middleware, both legacy system users and Internet users can be uniformly identified and authenticated; access to patient diagnostic images can be controlled based on patient’s consent directives and other access control polices defined at a central point; relevant user access activities can be audited at a central repository; user access behaviour patterns are mined to refine existing security policies. A case study is presented based on the proposed infrastructure.
Keywords: authorisation; data privacy; medical image processing; middleware; software agents; IT infrastructure security; accounting technology; authentication technology; authorization technology; diagnostic imaging Web applications; electronic medical records; information technology; legacy medical imaging systems; medical imaging service providers; medical imaging system integration; mobile applications; patient privacy; security agent; security middleware infrastructure; software agent; system security vulnerability; user agent; Authentication; Authorization; Biomedical imaging; Middleware; Picture archiving and communication systems; Access Control; Agent; Behaviour Pattern; Medical Imaging; Middleware; Security (ID#: 15-7171)


Salih, R.M.; Lilien, L.T., “Protecting Users’ Privacy in Healthcare Cloud Computing with APB-TTP,” in Pervasive Computing and Communication Workshops (PerCom Workshops), 2015 IEEE International Conference on, vol., no., pp. 236-238, 23-27 March 2015. doi:10.1109/PERCOMW.2015.7134034
Abstract: We report on use of Active Privacy Bundles using a Trusted Third Party (APB-TTP) for protecting privacy of users’ healthcare data (incl. patients’ Electronic Health Records). APB-TTP protects data that are being disseminated among different authorized parties within a healthcare cloud. We are nearing completion of the pilot APB-TTP for healthcare applications, and commencing work on its extension, named Active Privacy Bundles with Multi Agents (APB-MA).
Keywords: cloud computing; data privacy; data protection; electronic health records; health care; information dissemination; multi-agent systems; trusted computing; APB-TTP; active privacy bundle with multiagents; healthcare applications; healthcare cloud computing; patient electronic health records; trusted third party; user privacy protection; Cloud computing; Data privacy; Electronic medical records; Medical services; Pervasive computing; Privacy; Security; active privacy bundle; confidentiality; privacy; trust; virtual machine (ID#: 15-7172)


Shunrong Jiang; Xiaoyan Zhu; Ripei Hao; Haotian Chi; Hui Li; Liangmin Wang, “Lightweight and Privacy-Preserving Agent Data Transmission for Mobile Healthcare,” in Communications (ICC), 2015 IEEE International Conference on, vol., no., pp. 7322-7327, 8-12 June 2015. doi:10.1109/ICC.2015.7249496
Abstract: With the pervasiveness of smartphones and the advance of wireless body sensor networks (WBSNs), mobile healthcare (m-healthcare) has attracted considerable interest recently. In m-Healthcare, users’ smartphones serve as bridges connecting their WBSNs and the healthcare center (HCC), i.e., send users' personal health information (PHI) collected by WBSNs to the HCC and receive the feedback. However, users’ smartphones are not always available (e.g., left at home or out of power), resulting in an unexpected interruption of medical services sometimes, which are not considered in most existing schemes for m-healthcare. In this paper, we propose a lightweight and privacy-preserving agent data transmission scheme for m-healthcare in opportunistic social networks on condition that the smartphone is not available. By using the proposed protocol, we can provide uninterrupted healthcare while keeping the user’s identity and PHI private during the agent transmitting of PHI. Security and performance analysis show that the proposed scheme can realize privacy-preservation and achieve secure end-to-end communication for m-healthcare, and is suitable for resource-limited WBSNs.
Keywords: body sensor networks; data communication; data privacy; health care; medical information systems; mobile computing; smart phones; social networking (online); telecommunication security; HCC; PHI; healthcare center; lightweight agent data transmission scheme; m-healthcare; medical services; mobile healthcare; opportunistic social networks; personal health information; privacy preserving agent data transmission; protocol; resource limited WBSN; secure end-to-end communication; security analysis; smartphone; wireless body sensor networks; Cryptography; Data communication; Data privacy; Medical services; Privacy; Smart phones (ID#: 15-7173)


Chih Hung Wang; Hsiao Chien Sung, “Delegation-Based Roaming Payment Protocol with Location and Purchasing Privacy Protection,” in Information Security (AsiaJCIS), 2015 10th Asia Joint Conference on, vol., no., pp. 97-103, 24-26 May 2015. doi:10.1109/AsiaJCIS.2015.25
Abstract: We proposed a new delegation-based roaming payment protocol for portable communication systems (PCS), by leveraging the good performance of blind signature in the regard of user privacy, which can provide unlink ability between PCS and service providers. However, the ability to discover the malicious user's identification is still remained. Home agents can detect the misbehavior and identify the mobile user if she/he doubly spends the e-cash in roaming. Due to the delegation-based authentication, the foreign agent can validate the communication without needing to reveal the real identity of the mobile user. Moreover, the computational cost can be reduced by using elliptic curve operations.
Keywords: cryptographic protocols; data privacy; electronic money; mobile commerce; public key cryptography; purchasing; blind signature; delegation based roaming payment protocol; e-cash; electronic cash; elliptic curve operation; location protection; malicious user identification; portable communication systems; purchasing privacy protection; user privacy; Authentication; Ciphers; Mobile communication; Privacy; Protocols; Public key; Delegation; blind signature; network security; payment protocol; roaming authentication (ID#: 15-7174)


Falcone, R.; Sapienza, A.; Castelfranchi, C., “Recommendation of Categories in an Agents World: The Role of (Not) Local Communicative Environments,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 7-13, 21-23 July 2015. doi:10.1109/PST.2015.7232948
Abstract: Due to Internet and social media web, the world as we know it is deeply changing integrating two different aspects of the social interaction: the one that develop in the real world and the one that develop in web society. In this paper we focus on the importance of generalized knowledge (agents' categories) in order to understand how much it is crucial in these two worlds. The cognitive advantage of generalized knowledge can be synthesized in this claim: "It allows us to know a lot about something/somebody we do not directly know". At a social level this means that I can know a lot of things on people that I never met; it is social "prejudice" with its good side and fundamental contribution to social exchange. In this study we will analyse and present some differences between the social relationships in the two worlds and how they influence categories' reputation. On this basis, we will experimentally inquire the role played by categories' reputation with respect to the reputation and opinion on single agents: when it is better to rely on the first ones and when are more reliable the second ones. We will consider these simulations for both the two kind of world, investigating how the parameters defining the specific environment (number of agents, their interactions, transfer of reputation, and so on) determine the use of categories' reputation and trying to understand how the role played by categories will be important in the new digital worlds.
Keywords: Internet; cognition; multi-agent systems; social networking (online); trusted computing; Internet; Web society; agents world; categories reputation; cognitive advantage; generalized knowledge; local communicative environment; recommendation; social interaction; social media Web; Context; Dogs; Organizations; Reliability; Sociology; Statistics; Uncertainty; cognitive analysis; social simulations; trust (ID#: 15-7175)


Fadaraliki, D.I.; Rajendran, S., “Process Offloading from Android Device to Cloud Using JADE,” in Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on, vol., no., pp. 1-5, 19-20 March 2015. doi:10.1109/ICCPCT.2015.7159260
Abstract: Offloading of data, applications, processes and services in mobile devices is done to reduce the power consumption by the mobile device and also to allow high end complex processes to run on a mobile interface utilizing the processing capabilities and storage mechanism of the cloud (not the mobile devices). Due to the fact that processing and management data in distributed or remote locations (cloud), security and privacy is dependent upon the cloud providers. Data, instructions and code is transmitted between nodes (service provider and mobile device) as plain code. In this research, we propose the use of a mobile agent based framework that allows capabilities to transmit data between remote nodes. The agents' responsibilities include automatically migrating the bundled state and code from one authenticated mobile user to execute at a remote location (cloud environment) and return the results to the mobile device without the knowledge and involvement of the user. The agents can also be equipped with intelligent behaviours to check for tampering by malicious host on the code or bundled data. This framework is to be developed using a java based platform called JADE.
Keywords: Java; cloud computing; data privacy; mobile computing; security of data; smart phones; user interfaces; Android device; JADE; Java based platform; cloud storage mechanism; data security; mobile agent based framework; mobile cloud computing; mobile interface; process offloading; Containers; Java; Mobile agents; Mobile communication; Mobile handsets; Security; Virtual machining; cloud environment; mobile agent; offloading (ID#: 15-7176)


Dali, L.; Abouelmehdi, K.; Bentajer, A.; Elsayed, H.; Abdelmajid, E.; Abderahim, B., “A Survey of Intrusion Detection System,” in Web Applications and Networking (WSWAN), 2015 2nd World Symposium on, vol., no., pp. 1-6, 21-23 March 2015. doi:10.1109/WSWAN.2015.7210351
Abstract: In this paper, we presented a survey on intrusion detection systems (IDS). First, we referred to different mechanisms of intrusion detection. Furthermore, we detailed the types of IDS. We have focused on the application IDS, specifically on the IDS Network, and the IDS in the cloud computing environment. Finally, the contribution of every single type of IDS is described.
Keywords: cloud computing; security of data; IDS network; cloud computing environment; intrusion detection system; Cloud computing; Computer science; Computers; Intrusion detection; Monitoring; Privacy; Cloud Computing; Intrusion Detection System; Multi Agents; Web Security (ID#: 15-7177)


Jemel, M.; Ben Azzouna, N.; Ghedira, K., “ECA Rules for Controlling Authorisation Plan to Satisfy Dynamic Constraints,” in Privacy, Security and Trust (PST), 2015 13th Annual Conference on, vol., no., pp. 133-138, 21-23 July 2015. doi:10.1109/PST.2015.7232964
Abstract: The workflow satisfiability problem has been studied by researchers in the security community using various approaches. The goal is to ensure that the user/role is authorised to execute the current task and that this permission doesn't prevent the remaining tasks in the workflow instance to be achieved. A valid authorisation plan consists in affecting authorised roles and users to workflow tasks in such a way that all the authorisation constraints are satisfied. Previous works are interested in workflow satisfiability problem by considering intra-instance constraints, i.e. constraints which are applied to a single instance. However, inter-instance constraints which are specified over multiple workflow instances are also paramount to mitigate the security frauds. In this paper, we present how ECA (Event-Condition-Action) paradigm and agent technology can be exploited to control authorisation plan in order to meet dynamic constraints, namely intra-instance and inter-instance constraints. We present a specification of a set of ECA rules that aim to achieve this goal. A prototype implementation of our proposed approach is also provided in this paper.
Keywords: authorisation; software agents; ECA rules; agent technology; authorisation constraints; authorisation plan control; dynamic constraints; event-condition-action paradigm; interinstance constraints; intrainstance constraints; security community; security frauds; workflow satisfiability problem; Authorization; Complexity theory; Context; Engines; Planning; Receivers (ID#: 15-7178)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.