Mobile Agent Systems, Recent Security Threats and Counter Measures

Mobile agent technology offers a dramatically evolving computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfers itself to another agent-enabled host on the network, and resumes execution on the new host. It is 1960's since mobile code has been used in the form of remote job entry systems. Today's mobile agents can be characterized in a number of ways ranging from simple distributed objects to highly organized intelligent softwares. As a result of this rapid evolvement of mobile agents, plenty of critical security issues has risen and plenty of work is being done to address these problems. The aim is to provide trusted mobile agent systems that can be easily deployed and widely adopted. In this paper, we provide an overview of the most recent threats facing the designers of agent platforms and the developers of agent-based applications. The paper also identifies security objectives, and measures for countering the identified threats and fulfilling those security objectives.

[1]  J. C. Byington,et al.  Mobile agents and security , 1998, IEEE Commun. Mag..

[2]  Ahmed Sameh Mohamed,et al.  Security in mobile agent systems , 2002, Proceedings 2002 Symposium on Applications and the Internet (SAINT 2002).

[3]  Pierangela Samarati,et al.  Protecting Respondents' Identities in Microdata Release , 2001, IEEE Trans. Knowl. Data Eng..

[4]  Atsuko Miyaji,et al.  Mobile Agent Security with Efficient Oblivious Transfer , 2007, SECRYPT.

[5]  Gul A. Agha,et al.  Integrating Encrypted Mobile Agents with Smart Spaces in a Multi-agent Simulator for Resource Management , 2010, J. Softw..

[6]  William D. McInerney,et al.  3 – Attacks and Countermeasures , 1987 .

[7]  Markus Schneider,et al.  Denial of Service Detection in Mobile Agent Systems with Dependencies in Computations , 2007, Contributions to Ubiquitous Computing.

[8]  Hyacinth S. Nwana,et al.  Software agents: an overview , 1996, The Knowledge Engineering Review.

[9]  李幼升,et al.  Ph , 1989 .

[10]  David M. Chess,et al.  Security Issues in Mobile Code Systems , 1998, Mobile Agents and Security.

[11]  Uwe Georg Wilhelm,et al.  A TECHNICAL APPROACH TO PRIVACY BASED ON MOBILE AGENTS PROTECTED BY TAMPER-RESISTANT HARDWARE , 1999 .

[12]  James White,et al.  Mobile Agents White Paper , 1996 .

[13]  Nicholas R. Jennings,et al.  Intelligent agents: theory and practice , 1995, The Knowledge Engineering Review.

[14]  Bennet S. Yee,et al.  Using Secure Coprocessors , 1994 .

[15]  Omar Batarfi,et al.  Protecting Mobile Agents against Malicious Hosts Using Dynamic Programming Homomorphic Encryption , 2011 .

[16]  Lu Ma,et al.  ATTACKS AND COUNTERMEASURES IN SOFTWARE SYSTEM SECURITY , 2005 .

[17]  Michael Wooldridge,et al.  Intelligent agents: theory and practice The Knowledge Engineering Review , 1995 .

[18]  Giovanni Vigna,et al.  Cryptographic Traces for Mobile Agents , 1998, Mobile Agents and Security.

[19]  Volker Roth,et al.  On the Robustness of Some Cryptographic Protocols for Mobile Agent Protection , 2001, Mobile Agents.

[20]  Daniel Kuokka,et al.  Issues and Extensions for Information Matchmaking Protocols , 1996, Int. J. Cooperative Inf. Syst..

[21]  Oswald Drobnik,et al.  An HTTP-Based Infrastructure for Mobile Agents , 1995, World Wide Web J..

[22]  Jim Alves-Foss,et al.  The use of encrypted functions for mobile agent security , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[23]  Gian Pietro Picco,et al.  Understanding code mobility , 1998, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[24]  Mahesh Chandra Govil,et al.  Security Issues in Mobile Agents , 2010 .

[25]  Murat Kunt,et al.  ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE , 2000 .

[26]  James C. Spohrer,et al.  KidSim: programming agents without a programming language , 1994, CACM.

[27]  Arthur C. Graesser,et al.  Is it an Agent, or Just a Program?: A Taxonomy for Autonomous Agents , 1996, ATAL.

[28]  Bo Sun,et al.  Security of mobile agent in ad hoc network using threshold cryptography , 2010 .

[29]  Jan Camenisch,et al.  Cryptographic security for mobile code , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.