Design, Implementation and Testing of Mobile Agent Protection Mechanism for MANETS

In the current research, we present an operation framework and protection mechanism to facilitate secure environment to protect mobile agents against tampering. The system depends on the presence of an authentication authority. The advantage of the proposed system is that security measures is an integral part of the design, thus common security retrofitting problems do not arise. This is due to the presence of AlGamal encryption mechanism to protect its confidential content and any collected data by the agent from the visited host . So that eavesdropping on information from the agent is no longer possible to reveal any confidential information. Also the inherent security constraints within the framework allow the system to operate as an intrusion detection system for any mobile agent environment. The mechanism is tested for most of the well known severe attacks against agents and networked systems. The scheme proved a promising performance that makes it very much recommended for the types of transactions that needs highly secure environments, e. g., business to business.

• Khaled E. A. Negm

• Mobile agent security
• mobile accesses
• agent encryption.

[1] D. Vincenzetti and M. Cotrozzi, ATP anti tampering program,
in Edward DeHart, ed., Proc. of Security IV Conf.-USENIX
Assoc., pp 79-90, 1993.
[2] R. Sielken, Application Intrusion Detection, Univ. of Virginia
Computer Science Technical Report CS-99-17, 1999.
[3] V. Roth, "Scalable and Secure Global Name Services for
Mobile Agents," 6th ECOOP Workshop on Mobile Object
Systems: Operating System Support, Security and
Programming Languages, 2000.
[4] R. Gray, "D-Agents: Security in a Multiple Language, Mobile-
Agent System," in Mobile Agents and Security, G. Vigna, ed.,
LNCS 1419 pp. 154-187, Springer, 1998.
[5] Fuggetta, G, Picco, and G. Vigna, "Understanding Code
Mobility," IEEE Transactions on Software Engineering, 24,
pp. 342-361, 1998.
[6] "Agent Management," FIPA 1997 Specification, part 1, ver.
2.0, Foundation for Intelligent Physical Agents, 1998.
[7] "Mobile Agent System Interoperability Facilities
Specification," OMG-TC-orbos/97, 1997.
[8] "Jumping Beans White Paper," Ad Astra Engineering Inc., CA,
1998.
[9] Khaled E. A. Negm, "Implementation of Secure Mobile Agent
for Ad-Hoc Networks, WEAS Transactions on
Communications, Vol. 2, 2003, pp. 519-526.
[10] Khaled E. A. Negm and Wael Adi, "Secure Mobile Code
Computing in Distributed Remote Environment, Proc. the
2004 IEEE International Conference on Networking, Sensing
and Control, 2004, pp. 270-275.
[11] W. Farmer, J. Guttman, and V. Swarup, Security for Mobile
Agents: Issues and Requirements. In Proc. of the 19th
International Information Systems Security Conference, pp.
591-597, 1996.
[12] F. Buschmann, R. Meunier, H. Rohnert, P. Sommerlad, and M.
Stal, "Pattern-Oriented Software Architecture: A System of
Patterns," John Wiley, UK, 1996.
[13] J. White, "Mobile Agents," in Software Agents (J. Bradshow,
ed.), ch. 18, pp. 437-472, MIT Press, 1997.
[14] A. Tripathi, N. Karnik, N. Vora, T. Ahmed, R. Singh,
Mobile Agent Programming in Ajanta, Proc. of 19th IEEE
International Conference on Distributed Computing Systems,
pp. 190-197, 1999.
[15] M. Bellare, S. Goldwasser, and D. Micciancio, "Pseudo-
Random Number Generation with Cryptographic Algorithms:
the DSS Case, Crypto 97, LNCS 1294, pp. 1-12, Springer,
1997.
[16] T. ElGamal, "A public Key Cryptosystem and a Signature
Scheme Based on Discrete Logarithms, Proc. of Crypto -84,
LNCS 196, pp. 10-18, 1984.
[17] Common Vulnerability Exposure (CVE) http://cve.mitre.org/.
[18] TG: Traffic Generator, http://www.postel.org/services.html.