Research On Security Problem Of Mobile Agent

Mobile agent is a program, which can carry the code, data and execution state to migratefrom one node to another node of network according to the decided route and continue itsexecution from the break-point at the new location. As a new distributed computing scheme,mobile agent can improve network performance, reduce network traffic and enhanceutilization of online resources effectively, so it is a technology with great latent capacity. Itstransferring characteristic of "code migrating to data" adapts to the requirements of themodern network technology and applications.Due to the openness of network, the migration of mobile agents in the networkencounters serious security threats, such as theft, tampering, etc. If a mobile agent ismalicious, these mobile agent servers visited by it will face with a security threat. So how toensure the security of mobile agents is particularly critical.This paper first introduces the concept, characteristics, advantages, application fields andexisting related studies of mobile agent. Then, it analyses the security risks encountered bymobile agents. On the basis of the above analysis, this paper proposes a novel solution formobile agent security, aiming to the shortcomings of existing methods.Aiming to the security problem of mobile agents, this paper proposes a security strategyof mobile agent based on fuzzy comprehensive evaluation. The strategy is based on theconcepts of credit value and domain and calculates the credit value for each mobile agentserver on the network. The third-party service center is responsible for completing thedivision of the domain of mobile agent servers based on the calculated credit values. Mobileagent gives priority to the mobile agent server with high credit value when it selects mobileagent server, so the possibility of visiting malicious host is decreased and the security ofmobile agents is enhanced.In order to solve the security threats encountered by mobile agent during transmission,this paper proposes a security strategy based on interaction validation and hybrid encryption.This strategy adds a security layer between the transport layer and the application layer toeffectively ensure the safety of mobile agents during the migration process. Specifically, wefirstly utilize the interaction validation mechanism to verify the true identity of the destinationnode, and then use a hybrid encryption mechanism to encrypt mobile agents. Finally, in orderto ensure the authenticity of the returned data, we use data validation mechanism based ondata analysis to validate the returned results in order to effectively guarantee the data safety ofmobile agents.In order to evaluate the strategies and algorithms proposed in this paper, we design a lotof simulation experiments, and experimental results show that the proposed strategies andalgorithms are feasibility and effectiveness.