Reusable component oriented agents: a new architecture

Boshoff, Willem Hendrik

13 May 2008

Researchers in artificial intelligence and agent technologies are presented with a massive array of various technologies that they might use for their research projects. It is difficult for researchers to test their theories effectively in the field. It takes a great deal of time to develop the platform on which the newly created agent will be tested, with little or no time left for troubleshooting and the investigation of further solutions. Every time a new technique or agent is researched, the agent has to be redeveloped from the ground up. This makes it difficult for researchers to compare their own theories with previously developed components. With the wide range of technologies and techniques available, there is no easy way to effectively make use of the various components, as each tool uses different technologies that cannot be combined easily. This dissertation outlines the new plug-in oriented agent architecture (POAA) and describes the agents that use the POAA. POAA agents make extensive use of functional and controller-based plug-ins in order to extend the functionality and behaviour of the agent. The architecture was designed to facilitate machine learning and agent mobility techniques. POAA agents are created by mounting newly created dynamic plug-in components into the static structure of the agent. The static structure of the agent serves as the basis of agent functionality and as the controller for the agent’s life cycle. The static and dynamic components of the POAA agent interact with each other in order to perform the agent’s required tasks. The use of plug-ins will greatly improve the effectiveness of researchers, as only a single, standard architecture will exist. Researchers only need design and develop the plug-in required for their specific agent to function as desired. This will also facilitate the comparison of various tools and methods, as only the components being reviewed need to be interchanged to measure system performance. The use of different plug-in architectures is also investigated. This includes deciding if the plug-in base will be configured at application run-time or at the time of application compilation. This dissertation focuses on techniques that will facilitate machine learning and agent mobility. For these purposes, extensive use is made of the machine learning tool WEKA developed by University of Waikato in New Zealand [Wi00]. The use of Java in the prototype will also facilitate the cross platform capability of the proposed agents. / Prof. E.M. Ehlers

Artificial intelligence

Intelligent agents (Computer software)

Plug-ins (Computer programs)

Security Architecture and Protocols for Overlay Network Services

Srivatsa, Mudhakar

16 May 2007

Conventional wisdom suggests that in order to build a secure system, security must be an integral component in the system design. However, cost considerations drive most system designers to channel their efforts on the system's performance, scalability and usability. With little or no emphasis on security, such systems are vulnerable to a wide range of attacks that can potentially compromise confidentiality, integrity and availability of sensitive data. It is often cumbersome to redesign and implement massive systems with security as one of the primary design goals. This thesis advocates a proactive approach that cleanly retrofits security solutions into existing system architectures. The first step in this approach is to identify security threats, vulnerabilities and potential attacks on a system or an application. The second step is to develop security tools in the form of customizable and configurable plug-ins that address these security issues and minimally modify existing system code, while preserving its performance and scalability metrics. This thesis uses overlay network applications to shepherd through and address challenges involved in supporting security in large scale distributed systems. In particular, the focus is on two popular applications: publish/subscribe networks and VoIP networks. Our work on VoIP networks has for the first time identified and formalized caller identification attacks on VoIP networks. We have identified two attacks: a triangulation based timing attack on the VoIP network's route set up protocol and a flow analysis attack on the VoIP network's voice session protocol. These attacks allow an external observer (adversary) to uniquely (nearly) identify the true caller (and receiver) with high probability. Our work on the publish/subscribe networks has resulted in the development of an unified framework for handling event confidentiality, integrity, access control and DoS attacks, while incurring small overhead on the system. We have proposed a key isomorphism paradigm to preserve the confidentiality of events on publish/subscribe networks while permitting scalable content-based matching and routing. Our work on overlay network security has resulted in a novel information hiding technique on overlay networks. Our solution represents the first attempt to transparently hide the location of data items on an overlay network.

Performance and scalability

Applied cryptography

Systems security

Overlay networks

Computer architecture Security measures

Computer networks Security measures

Plug-ins (Computer programs)