Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Infrastructure for forensic analysis of multi-agent systems

730 views

Published on

The contribution of this paper is an intent to state the basis for forensic analysis of multi-agent system (MAS) runs. It proposes a general approach for open source agents platforms. It consists on techniques to store, order and represent messages based on conventional observation of the events in a distributed system, particularized for the case of MAS in which agents can be distributed across a number of machines or even be mobile.

Published in: Data & Analytics
  • Be the first to comment

  • Be the first to like this

Infrastructure for forensic analysis of multi-agent systems

  1. 1. Infrastructure for forensic analysis of multi-agent systems Emilio Serrano and Juan Botía emilioserra@um.es, juanbot@um.es University of Murcia
  2. 2. 2 Points  Introduction  Global snapshots generation  Global snapshots generation (II)  Storing and ordering  Selection of subset of messages  Message order induced by logical clocks  Message order induced by logical clocks (II)  Valid orders for classic representations  Conclusions and future work
  3. 3. 3 Introduction  Forensic analysis of runs in multi agents systems (MAS) developments.  Forensic analysis: software projects management, distributed systems analysis, security…  MAS software:  Finding anomalies or undesired behaviour.  Steps: 1. To include logical clocks inside messages 2. To capture messages and log them 3. To select an interesting set of messages 4. To order them 5. To analyze them
  4. 4. 4 Global snapshots generation  A general infrastructure, how?  Aspect oriented programming (AOP)  Languages: AspectJ, AspectC, AspectC++, Aspect C#...  With: Java platform + [ACLMessage class used by methods send() and receive()], as Jade, we could write these pointcuts and advices in AspectJ:
  5. 5. 5 Global snapshots generation (II)  Pointcuts (pick out join points)  Advices (behaviour, pointcut + body of code)  Genericity?
  6. 6. 6 Storing and ordering  A storage mechanism that all agents can access -> RDB  Order events from a distributed system -> Vector Clocks  Array of integers (one for every agent)  Every agent stores a maximum clock  and includes it when sends a message  and modifies it before sending or after receiving a message  Order operations = Order events Where do it? Mobility works? Disadvantages?
  7. 7. 7  We have stored every message, we need select a subset  Messages of selected Agents (Ac)  Progressive analysis (Ac, depth) Selection of subset of messages
  8. 8. 8 Message order induced by logical clocks  Vector clocks induce a binary partial order:  Simple example:
  9. 9. 9 Message order induced by logical clocks (II)
  10. 10. 10 Valid orders for classic representations  Vector clocks induce a binary partial order… but we usually work with total orders.  There is a total order which contains a partial order  Topological sorting  Does it lose information?
  11. 11. 11 Conclusions and future work  Framework to: capture, order and represent messages exchanged in a run of a MAS software.  First phase to postmortem analysis.  All implemented in ACLAnalyser  http://aclanalyser.sourceforge.net  Future work:  To implement this framework in multiple platforms  To capture other interesting events  To improve the expressivity of the order graph  Causality graphs  Abstract graphs  Automatic methods for debugging, validation and verification of MAS  Extending Ingenias (http://ingenias.sourceforge.net)
  12. 12. THAK YOU FOR YOUR ATTENTION!

×