A BRIEF REVIEW ON MOBILE AGENT SECURITY IN

PEER-TO-PEER NETWORK

Km. Sapna
(M.Tech Computer Science)
JPIET, Meerut
OUTLINES

● Introduction
● Features
● Security threats
● Advantages
● Disadvantages
● Review 1
● Review 2
● Review 3
contd….
● Review 4
● Review 5
● Review 6
● Conclusion and future scope
● References
INTRODUCTION
● Mobile agents are intelligent and autonomous computer program.
● Move data and code from one computer to another in a network.
● Self contained ,sociable,learning, and independent
● Two types of mobile agents are there -
● Mobile agents with predetermined path.
● Roaming mobile agents.
FEATURES
● Autonomous
● Intelligence
● Mobility
● Communicative
● Responsive
● Goal oriented
● Continuous
● Adaptive Framework of mobile agent
SECURITY THREATS
● AGENT-TO-PLATFORM ATTACK
➢ Denial of service
➢ Unauthorized access
➢ masquerading
● AGENT-TO-AGENT ATTACK
➢ Repudiation
➢ Masquerade
➢ Unauthorized access
contd…..
● PLATFORM-TO-AGENT ATTACK
➢ Ateration
➢ Masquerade
➢ Eavesdropping
ADVANTAGES
● Increase resource utilization.
● Reduce network traffic.
● Encapsulation.
● Autonomous execution.
● Dynamic adaptation.
DISADVANTAGES
● Agents location needs to be managed.
● Requirement of security thread is needed.
REVIEW 1
● [1]proposed a mobile agent security model that accompany three-layer security:
agent’s path, agent’s code and its itinerary without hampering the agent’s
autonomy and flexibility features. This model has a preset itinerary list of nodes,
however migration of agents to the next node is decided at execution time to
provide flexibility.
● They assume a trusted key server S in our scenario. Each host platform that
wishes to participate in an agent-based transaction must first register with a
trusted key server and obtain an identity certificate.
REVIEW 2
● [2] proposed a multi-layer mobile agent-based framework for performing
different activities in the cloud agreed by both client and cloud service
providers. Mobile agents are used for performing tasks on the behalf of clients
on virtual machines in cloud data centers.
● Clients and cloud service providers authenticate and verify these mobile agents
to agree on specific rules to achieve security in order to perform all activities to
create a trustworthy platform.
● The proposed multi-layer security framework is divided into four layers.
REVIEW 3
● [3] proposed an intelligent Mobile Agent- based Improved traffic Control System
(MITS). The planned framework deals with traffic control system MITS as the
core module, with sub-modules including a video control system, traffic control
system, supervisory computer control system and peripheral devices.
● The traffic control system manages and controls the heavy traffic during
predefined rush on the road.
REVIEW 4
● [4] have proposed an overview of security threats, categories of dangers
connected to mobile agent technology, and then provide remedies to security
challenges using assessment criteria in this work.
● The overarching purpose of host protection is to minimize the execution
Environment overall power while minimizing a host's overall vulnerability to
harmful mobile agents.
REVIEW 5
[5] proposed a solution that strengthens the security of mobile agents in two parts:
The first one presents our contribution to ensure a strengthened authentication using a
fixed and an enhanced version of Diffie-Hellman key exchange. The second one
presents our policy to manage the access to the platform resources, through using an
extended Discretionary Access Control model (DAC) along with Shamir-threshold
sharing scheme.
REVIEW 6
● [6] gives a high-level summary of the security concerns raised by the mobile
agent paradigm. He suggests a hybrid encryption method that incorporates
Homomorphic Encryption Scheme (HES) and Function Composition (FnC).
● The three-address code will be intercepted by an encryption application called
Mobile Agent Encryption (MAE), which will use HES to encrypt the operands
of the three-address code and FnC to encrypt the codes.
● MAE will now encrypt sensitive data stored in the operands of three address
codes, such as credit card numbers and personal information, and scramble the
code of the mobile agent to deceive untrustworthy hosts.
CONCLUSION AND FUTURE SCOPE
In this work, various types of attacks over mobile agents are discussed. Also,
the techniques which could be used to address each type of attack surveyed. It
is found that, not all techniques address all attacks. Some techniques are more
effective to encounter certain attacks. Hence, the type of technique to be used
can be decided based on the type of application that is about to be designed.
Thus, it could be concluded that the security mechanism used is dependent on
the type and design of application.
REFERENCES
● [1] H. Idrissi, E. M. Souidi, and A. Revel, “Security of mobile agent platforms using access control and
cryptography,” Smart Innov. Syst. Technol., vol. 38, pp. 27–39, 2015, doi: 10.1007/978-3-319-19728-9_3.
● [2] M. Uddin, J. Memon, R. Alsaqour, A. Shah, and M. Z. A. Rozan, “Mobile Agent based Multi-layer
Security Framework for Cloud Data Centers,” Indian J. Sci. Technol., vol. 8, no. 12, 2015, doi:
10.17485/ijst/2015/v8i12/52923.
● [3] M. Rath and B. K. Pattanayak, “Security protocol with IDS framework using mobile agent in robotic
MANET,” Int. J. Inf. Secur. Priv., vol. 13, no. 1, pp. 46–58, 2019, doi: 10.4018/IJISP.2019010104.
● [4] S. S. Ahila, “Overview of Mobile Agent Security,” no. 978, 2014. [16] M. Rezaul Karim, “Security
for Mobile Agents and Platforms: Securing the Code and Protecting its Integrity,” J. Inf. Technol. Softw.
Eng., vol. 08, no. 01, 2017, doi: 10.4172/2165-7866.1000220.
● [5] C.-H. Wei, M.-S. Hwang, and A. Y. Chin, “Security Analysis of an Enhanced Mobile Agent Device
for RFID Privacy Protection,” IETE Tech. Rev., vol. 32, no. 3, pp. 183–187, 2015, doi:
10.1080/02564602.2014.983190.
● [6] M. Rezaul Karim, “Security for Mobile Agents and Platforms: Securing the Code and Protecting its
Integrity,” J. Inf. Technol. Softw. Eng., vol. 08, no. 01, 2017, doi: 10.4172/2165-7866.1000220.
THANK YOU