Research Of Mobile Agent Risk Assessment Model

With the rapid development of Internet and communication technology, network information security has become the focus of people's attention. Generally speaking, attackers and virus intrude into the target system by utilizing security vulnerabilities. Therefore, scanning and examining security vulnerabilities of target system actively, then analyzing and assessing risk of the target system according to the scan result are very necessary. And this technique has become the focus of network security research.The traditional risk assessment system has some disadvantages. Because the scanning module and assessing module could not move in the net, the velocity and area of assessment are confined. So Mobile Agent technique is imported to make up these disadvantages. Mobile Agent technique could improve the mode of scan and assess, reduce the traditional system's dependence on the bandwidth of net, enhance the service ability and work efficiency of the system.Firstly, the definition and the cause of system vulnerabilities are studied, and some key technologies of network vulnerability scan are analyzed detailedly. Furthermore, some standards, principles, analysis methods and assessment arithmetics of the risk assessment are introduced. And then the theory and technology of Mobile Agent are studied, its architecture and key technique are introduced, and the analysis as well as comparison of typical Mobile Agent systems is also given out.Secondly, combining Mobile Agent theory and risk assessment technology, a kind of Mobile Agent risk assessment model has been brought forward. The model is composed of three layers: vulnerability scan layer, result management layer and risk assessment layer. In order to get the target system's vulnerabilities, Mobile Agent is used to scan the system according to user's particular setting of assessment rules. And then the risk grade of target system is given out for providing user particular assessment result and security advice. The function and key technique of Control Agent, Scan Agent and Assessment Agent in the model are also introduced detailedly in the thesis. At last adventages and disadventages of the Model is educed.On the base of model design, an experiment of Mobile Agent risk assessment model called MARAM also is designed. The experimental system is based on Mobile Agent platform Aglet. In the process of experiment, the target system is scanned according to facility condition, and the function of Mobile Agent risk assessment model is primarily implemented. When a user logs in the system for setting assessment information and sends out assessment requirement, the Control Agent will dispatch Scan Agent which is generated locally to target system to scan vulnerabilities and get vulnerabilities information. Then Assessment Agent can educe the risk grade of target system by utilizing assessment arithmetic according to vulnerabilities information. Finally vulnerabilities information, assessment information and security advice will be returned to the user. The global design of system and function of sub-system are given out, and key techniques of system are also analyzed in this paper. The experiment preferably educes the advantages of saving network bandwidth, lightening burden of local CPU and improving system efficiency by using Mobile Agent.Risk assessment technology is a fresh research field in our country, and is an important part of network security. The Mobile Agent risk assessment technology is studied, and some primary research fruits are achieved in this dissertation, that will be valuable and have a good prospect to some certain extend.