How to play Sherlock Holmes in the world of mobile agents

In the world of mobile agents, security aspects are extensively being discussed. In this context, denial of service (DoS) attacks are of considerable interest where the focus is on malicious hosts that either delete received agents or prevent them from continuing their route. This paper discusses a detection method for a posteriori identification of such malicious hosts to build a trust policy useful for future agent journeys. Depending on how much the agent owner trusts the hosts, he can either define an appropriate order in which selected hosts should be visited, or he can decide which hosts he does not want to contact again. Additionally, we show how the sequence of hosts to be visited should be determined in order to minimize some costs. Moreover, our proposal ensures that hosts originally intended to be visited cannot be skipped as a result of one malicious host's misbehavior. Our method is achieved by a new protocol that combines the application of well-known cryptographic primitives and a set of rules. The proposed protocol also works in the case of colluding hosts.