基于JavaCard的移动代理安全模型研究

欲阻止恶意主机攻击移动代理,代理中的代码信息和数据信息必须被隐藏起来。同时,还要使它们对于执行环境来说是可访问和可执行的。现有措施大都采用软件方法(如密码技术),但并不足以解决恶意主机问题。一个完全不同的方法就是使用可信赖的且可抵御攻击的JavaCard来保护移动代理。本文讨论用JavaCard保护移动代理的机理,同时给出我们所设计的一个JavaCard的安全模型。     

一种改进的基于Web的移动代理的设计

移动代理系统的特点是移动性,自治性和智能性。在移动代理技术拥有完整性保护后,移动代理就可以免于被恶意的主机和其他代理攻击。传统的移动代理是由固定的代码段组成的,提出了一种改进的移动代理方法(MMA),这种方法可以在执行需求时动态添加新的代理代码模块,也可以删除冗余的代码模块。在基于Web的系统中这种方法比传统的静态方法更加灵活有效。     

基于移动代理安全的研究

论述了移动代理中来自恶意主机的攻击及攻击呈现的多种形式,并提出了代码重组、定时保护和加密的三层解决方案,最后通过实验论证三层解决方案的可行性。     

Mobile agent security

The agent paradigm is currently attracting much research. A mobile agent is a particular type of agent with the ability to migrate from one host to another, where it can resume its execution. We consider security issues that need to be addressed before multi-agent systems in general, and mobile agents in particular, can be a viable solution for a broad range of commercial applications. This is done by considering the implications of the characteristics given to agents and the general properties of open multi-agent systems. The paper then looks in some more detail at security technology and methods applicable to mobile agent systems.     

基于电子货币技术的移动代理系统安全保护机制的研究

移动代理系统提供了一个新的计算方式，程序以软件代理的形式出现，它能在一台主机上停止它的执行，通过移动到另一台主机上恢复执行。随着移动软件混合性的增加，也伴随着对安全的威胁。尤其是对拒绝服务攻击这类消耗系统资源的攻击，目前还没有什么好的方法。提出了将电子货币引入系统来抵御这类攻击，并给出了一个应用模型。     

A hierarchical mobile‐agent‐based security operation center

The continuous evolvement of the e‐domain has led to a significant increase in the amount of sensitive personal information stored on networked hosts. These hosts are invariably protected by security mechanisms such as intrusion detection systems, Intrusion Prevention System (IPS), antivirus software, firewalls, and so forth. However, they still remain vulnerable to the threat of malicious attacks, theft and intrusion. The high false positive alarm rate of such mechanisms is particularly troublesome because false alarms greatly degrade the efficiency of the security framework. Security operation centers (SOCs) provide an automated solution for analyzing the threat to a network such that appropriate protective measures can be put in place. This paper proposes a novel hierarchical mobile‐agent‐based SOC to overcome the vulnerability of traditional static SOCs to single point of failure attacks. In addition, the network is partitioned into multiple divisions, each with its own alert detection and aggregation methodology to improve the computational efficiency of the data collection and fusion process. The data acquired in the various divisions are fused and correlated in an efficient manner via intrusion detection message exchange format, XML, session and timer methods The experimental results confirm the effectiveness and efficiency of the proposed hierarchical mobile‐agent‐based SOC framework. Copyright © 2012 John Wiley & Sons, Ltd.     

Mobile Agent Protection with Self-Modifying Code

Mobile agent is widely used in area such as parallel distributed computing for higher performance. But security issues threaten both the algorithm and data running on mobile agent system. The sensitive information within mobile agent code is inclined to be reverse engineered on a host platform. Obfuscation provides effective protection in this case with little execution time and storage size overhead. In this paper, we propose an obfuscation algorithm based on self-modifying code to prevent mobile agent code from attack at function level. We implement the algorithm and prove the efficacy of the algorithm.     

移动代理系统中可伸缩安全模型研究

随着移动代理(MA)使用范围的日益扩大，其安全性受到越来越多的关注。MA的安全性包括两方面：一是保护MA不受主机平台的攻击，二是保护主机平台不受恶意MA的攻击。现有的方法保护对具体的应用都有一定的局限。本文提出了一种基于策略的动态可伸缩安全模型，将MA与控制MA动作的策略进行分离，从而根据不同的需要对策略进行加载或卸载，从而达到对MA动态控制的目的。在本文的最后，对未来的工作提出了展望。     

基于可信计算技术的抗恶意代码攻击安全结构框架设计

基于可信计算技术构建的抗恶意代码攻击安全结构框架以可信计算技术为基础,融合身份认证、授权访问控制、备份恢复以及审计等多种安全控制技术构成。可信安全模块是抗恶意代码攻击的根基,可信计算技术是抗恶意代码攻击的必要条件,各种安全控制技术使抗攻击效能最大化。该框架通过各种技术的配合,建立了抵抗恶意攻击的层层防线,并且在系统遭到破坏时能及时发现并进行恢复,不仅能防范已知恶意代码,而且能防范未知恶意代码。     

Techniques for secure execution of mobile code: a review

Code mobility can be defined as the capability to dynamically change the bindings between code fragments and the location in which they are executed. The concept of code mobility is not new, but in recent years has become a hot topic. Web browsers are able to download programs attached to web pages that are executed locally. On the other hand, mobile agent technology allows for agents to autonomously migrate to new hosts. A major concern involved in the use of these technologies is security: the integrity of the receiving host must not be compromised by the execution of mobile code. The local host needs to define a security policy that specifies which resources are made available to mobile code, potentially untrusted. On the other hand, the runtime system must, somehow, enforce such policy. In this paper, we present a survey of different techniques aimed at resolving the problem of secure resource management, and argue within which context they are appropriate.     

Enhancing Security in Mobile IPv6

In the Mobile IPv6 (MIPv6) protocol, a mobile node (MN) is a mobile device with a permanent home address (HoA) on its home link. The MN will acquire a care‐of address (CoA) when it roams into a foreign link. It then sends a binding update (BU) message to the home agent (HA) and the correspondent node (CN) to inform them of its current CoA so that future data packets destined for its HoA will be forwarded to the CoA. The BU message, however, is vulnerable to different types of security attacks, such as the man‐in‐the‐middle attack, the session hijacking attack, and the denial‐of‐service attack. The current security protocols in MIPv6 are not able to effectively protect the BU message against these attacks. The private‐key‐based BU (PKBU) protocol is proposed in this research to overcome the shortcomings of some existing MIPv6 protocols. PKBU incorporates a method to assert the address ownership of the MN, thus allowing the CN to validate that the MN is not a malicious node. The results obtained show that it addresses the security requirements while being able to check the address ownership of the MN. PKBU also incorporates a method to verify the reachability of the MN.     

基于Merkle树的安全移动代理路由协议及其推广

本文对Domingo J.等人提出的一个高效的移动代理路由协议进行了分析,指出其具有一个很严重的安全缺陷:不能抵制路由主机间的共谋攻击.在此基础上,利用hash函数,提出了一个基于Merkle树的安全移动代理路由协议,并分析了其安全性、计算复杂度以及信息传输量.结果表明该方案不仅弥补了原有协议的缺陷,而且保持了原协议高效的特点.最后,将该方案其推广至动态路由.     

基于加密电路构造的移动代理保护安全模型的研究

本文主要讨论保护移动代理免受恶意主机攻击的问题.在指出现有的基于"加密函数"的移动代理保护方法不足的同时作者提出了一种基于可信任元素的安全代理保护模型.这种可信任元素不同于可信任硬件如智能卡和协处理器,它是一种基于加密电路构造的第三方服务称为可信任服务.文中给出了移动代理计算的形式化描述,并说明了纯软件保护方法是不可行的,在介绍完加密电路构造方法后给出了基本模型来说明如何借助于可信任服务实现安全性,并对模型进一步扩充,最后给出应用该模型的一个实例分析.     

Mobile agents and security

The practicality of mobile agents hinges on realistic security techniques. Mobile agent systems are combination client/servers that transport, and provide an interface with host computers for, mobile agents. Transport of mobile agents takes place between mobile agent systems, which are located on heterogeneous platforms, making up an infrastructure that has the potential to scale to the size of any underlying network. Mobile agents can be rapidly deployed, and can respond to each other and their environment. These abilities expose flaws in current security technology. This article surveys the risks connected with the use of mobile agents, and security techniques available to protect mobile agents and their hosts. The inadequacies of the security techniques developed from the information fortress model are identified. They are the result of using a good model in an inappropriate context (i.e. a closed system model in a globally distributed networking computing base). Problems with commercially available techniques include: (1) conflicts between security techniques protecting hosts and mobile agents, (2) inability to handle multiple collaborative mobile agents, and (3) emphasis on the credentials of software instead of on the integrity of software to determine the level of trust.     

Mobile Software Agents — Insect-Inspired Computing

Agents need resources and protection from hostile influences, in both natural and artificial environments. This paper specifically considers social insects and software mobile agent systems, in order to understand how the need for mobility, resource acquisition and security can influence the design and operation of agent systems. Evolution has honed the movement, resource-gathering and defensive skills of the social insects in a multitude of ways. The paper reviews some of these strategies and assesses whether they may provide useful insights into the design and implementation of mobile software agents. This process is necessary as current mobile agent systems have been handicapped by a lack of convincing security measures which has prevented their adoption in mainstream computing services.This paper therefore examines the strategies for movement, resource acquisition and defence adopted by the social insects and considers how they may be applied to enhance the design of mobile agents.     

基于混合特征的Android恶意软件静态检测

当前智能手机市场中,Android占有很大的市场份额,又因其他的开源,基于Android系统的智能手机很容易成为攻击者的首选目标。随着对Android恶意软件的快速增长,Android手机用户迫切需要保护自己手机安全的解决方案。为此,对多款Android恶意软件进行静态分析,得出Android恶意软件中存在危险API列表、危险系统调用列表和权限列表,并将这些列表合并,组成Android应用的混合特征集。应用混合特征集,结合主成分分析(PCA)和支持向量机(SVM),建立Android恶意软件的静态检测模型。利用此模型实现仿真实验,实验结果表明,该方法能够快速检测Android应用中恶意软件,且不用运行软件,检测准确率较高。     

The Study and Perspective of Mobile Agent Security

Security is an important issue for the widespread deployment of applications based on software agent technology. It is generally agreed that without the proper countermeasures in place, use of agent-based applications will be severely impeded. So many projects have focused on the security issues of mobile agent and many mechanisms have been proposed to solve the security problem. This paper discusses the security issues and the countermeasures. Then it points out some directions for the research of the mobile agent security.     

Secure user authentication scheme with novel server mutual verification for multiserver environments

The fast growth of mobile services and devices has made the conventional single‐server architecture ineffective from the point of its functional requirements. To extend the scalability and availability of mobile services to various applications, it is required to deploy multiserver architecture. In 2016, Moon et al insisted that Lu et al's scheme is weak to insiders and impersonation attack, then they proposed a biometric‐based scheme for authentication and key agreement of users in multiserver environments. Unfortunately, we analyze Moon et al's scheme and demonstrate that their scheme does not withstand various attacks from a malicious registered server. We propose a user authentication scheme with server mutual verification to overcome these security drawbacks. The proposed scheme withstands an attack from malicious insiders in multiserver environments. We use a threshold cryptography to strengthen the process of server authorization and to provide better security functionalities. We then prove the authentication and session key of the proposed scheme using Burrows‐Abadi‐Needham (BAN) logic and show that our proposed scheme is secure against various attacks.     

恶意代码分析技术综述

随着全球信息化的不断推进,整个世界越来越被连成一个整体,威胁计算机系统安全的领域也越来越广泛,其中以恶意代码最为严重。而随着计算机系统安全攻击与防御技术的不断较量,恶意代码的攻击手法、攻击形式也越来越趋于隐秘化、复杂化。因此,有必要对当下的恶意代码分析技术进行总结,从中发现新的发展方向,以应对不断变化的恶意代码形势。