移动设备的安全性研究

智能移动设备不断接近传统计算环境的性能和可扩展性.但这些新的功能和应用使移动设备成为攻击者和恶意软件的攻击目标.本文分析了移动设备所面临的安全挑战,深入研究了移动设备的安全模型.     

基于静态代理修正模式的移动AGENT模型

移动的代码在开放的、没有范围限制的网络环境下不利于对其进行控制。为了适应开放的网络环境，提出了移动代理的新的实现模型，旨在将移动代理技术更实用化。作者提出的新模型，将移动代理分解成移动指令和静态代理两个部分，由移动平台中静态代理帮助移动Agent实现传统方法实现移动Agent全部功能，具有较少的安全隐患和更强大的功能。     

移动代理的安全性问题及对策研究

移动代理由于其灵活、移动、自治等特性被广泛应用,但对移动代理的安全性问题研究仍不充分。文章针对移动代理不同方面的安全问题加以分析,针对性地提出安全保护方案,为移动代理的进一步充分应用给出新思路。通过提高移动代理安全性,使移动代理技术在降低网络负载、减小所占带宽、提高系统效率等方面发挥更大效用。     

应用环境密钥的移动Agent系统安全模型

移动Agent必须在不同环境安全条件的主机上运行。文中提出了一种基于信任的安全机制,用于改进移动Agent安全。安全机制基于Agent与环境之间的动态交互,在交互中收集信息并产生环境密钥,由该密钥可知主机的信任度与允许移动Agent适应它的执行环境。     

基于JavaCard的移动代理安全模型研究

欲阻止恶意主机攻击移动代理,代理中的代码信息和数据信息必须被隐藏起来。同时,还要使它们对于执行环境来说是可访问和可执行的。现有措施大都采用软件方法(如密码技术),但并不足以解决恶意主机问题。一个完全不同的方法就是使用可信赖的且可抵御攻击的JavaCard来保护移动代理。本文讨论用JavaCard保护移动代理的机理,同时给出我们所设计的一个JavaCard的安全模型。     

基于移动代理的入侵检测系统模型的研究

阐述了基于移动代理的入侵检测系统的优势,提出了一个使用移动代理技术的入侵检测系统MAAFID。首先由数据收集代理(DCA)在网络中随机移动并收集信息,然后将收集到的信息传递给数据分析代理(DAA)来评估入侵发生的可能性。本文重点讨论了系统中数据收集代理的数目与检测出入侵发生的可能性二者之间的定量关系,最后还给出了一个仿真结果。     

移动代理服务器安全性研究

论述了SeMoA服务器的概念和体系结构。介绍了该体系结构的安全性和易扩展性,并且凭借过滤器为代理的内容检查提供框架结构。     

Stable routing algorithm for mobile ad hoc networks using mobile agent

Wireless ad hoc networks are growing important because of their mobility, versatility, and ability to work with fewer infrastructures. The mobile ad hoc network is an autonomous system consisting of mobile nodes connected with wireless links. Establishing a path between two nodes is a complex task in wireless networks. It is still more complex in the wireless mobile ad hoc network because every node is no longer as an end node and an intermediate node. In this paper, it focuses on design of connectionless routing protocol for the wireless ad hoc networks based on the mobile agent concept. The proposed model tries to discover the best path taking into consideration some concerns like bandwidth, reliability, and congestion of the link. The proposed model has been simulated and tested under various wireless ad hoc network environments with the help of a different number of nodes. The results demonstrate that the proposed model is more feasible for providing reliable paths between the source and destination with the minimum control message packets over the network. It has delivered more number of packets to the destination over the network. Copyright © 2012 John Wiley & Sons, Ltd.     

A new solution for assigning cryptographic keys to control access in mobile agent environments

A mobile agent is a technological promising product. It is an executive program that can migrate from host to host, performing tasks autonomously. However, in an open environment, the mobile agent has many potential threats. Security becomes a critical issue for the mobile agent. Recently, Volker and Mehradad have constructed a mobile agent structure and designed a key assignment strategy to prevent the sensitive data to from being accessed by an unauthorized host. However, their scheme requires a larger agent size and a higher computational cost. In this paper, we shall propose an efficient key assignment scheme to enhance the performance of Volker and Mehradad's scheme. Only few computations and a fixed and small storage are required in our proposed scheme. Furthermore, our scheme can achieve the dynamic key management efficiently. It can also be implemented simply and practically. Copyright © 2006 John Wiley & Sons, Ltd.     

An effective SVD-based image tampering detection and self-recovery using active watermarking

In this paper, an effective tamper detection and self-recovery algorithm based on singular value decomposition (SVD) is proposed. This method generates two distinct tamper detection keys based on the singular value decomposition of the image blocks. Each generated tamper detection and self-recovery key is distinct for each image block and is encrypted using a secret key. A random block-mapping sequence and three unique optimizations are employed to improve the efficiency of the proposed tamper detection and the robustness against various security attacks, such as collage attack and constant-average attack. To improve the proposed tamper localization, a mixed block-partitioning technique for 4×4 and 2×2 blocks is utilized. The performance of the proposed scheme and its robustness against various tampering attacks is analyzed. The experimental results demonstrate that the proposed tamper detection is superior in terms of tamper detection efficiency with a tamper detection rate higher than 99%, security robustness and self-recovery image quality for tamper ratio up to 55%.     

基于mobile agent的动态自适应网络安全模型的研究

计算机网络的迅速发展和广泛应用，对信息安全特别是网络安全带来了新的挑战。传统的安全模型和单一的安全手段，已不能适应复杂的网络结构、多变的入侵手段所带来的困扰。作者通过对多种典型的安全模型和技术分析后认为，网络安全是一种动态的安全。基于上述认识，本文提出了一种基于mobile agent的动态自适应安全模型，并详细介绍了该模型的基本结构、控制策略和原型的实现。     

基于策略驱动的移动agent安全框架研究

针对移动agent系统面临的安全问题，本文介绍了一种将安全性与agent平台融为一体的框架（SOMA），这个框架可根据实际移动agent应用系统的需要，灵活动态地提供不同质量的安全服务，并针对这一框架系统的局限性作进一步的研究和探讨，提出了一种新的基于硬件的保护策略（TPE）。     

An improved reversible watermarking scheme using weighted prediction and watermarking simulation

For the reversible watermarking scheme using the prediction error expansion and histogram shifting (PEE–HS), improving the prediction accuracy facilitates performance enhancement, which still remains a challenging problem in this field. To this end, the paper improves the state-of-the-art local predictor (LP) by designing the following approaches: 1) enlarging the prediction context; 2) partitioning the prediction block surrounding the target pixel into the watermarked and original regions, and imposing different weights on prediction values from these two regions to generate the final prediction for the target pixel; and 3) conducting watermarking simulation on the original region via random noises to further enhance the prediction performance. These three approaches are then integrated to result in an improved LP using weighted prediction and watermarking simulation (LP-WPWS). By exploiting the LP-WPWS for prediction error generation, we thus construct a new PEE–HS-based reversible watermarking scheme. Extensive simulation shows that the proposed scheme outperforms the state-of-the-art LP and is comparable to the excellent methods exploiting the sorting, multiple histograms modification, and hybrid dimensional histogram generation with adaptive mapping selection.     

Research on cultural algorithm for solving routing problem of mobile agent

The key idea behind cultural algorithm is to explicitly acquire problem-solving knowledge from the evolving population and in return apply that knowledge to guide the search. In this article, cultural algorithm-simulated annealing is proposed to solve the routing problem of mobile agent. The optimal individual is accepted to improve the belief space＇s evolution of cultural algorithms by simulated annealing. The step size in search is used as situational knowledge to guide the search of optimal solution in the population space. Because of this feature, the search time is reduced. Experimental results show that the algorithm proposed in this article can ensure the quality of optimal solutions, and also has better convergence speed. The operation efficiency of the system is considerably improved.     

一种基于中心代理的移动Ad—Hoc网络接入方法

本文针对已有接入方法所存在的缺点,提出一种以移动节点间相互竞争出现的中心节点作为移动代理,利用移动IP协议实现MANET接入Internet的新方法,并对中心代理节点的选取、MANET整体移动接入等问题进行了探讨。该方法具有开销小、接入灵活、不需对移动IP做大的改动等优点。     

QoS routing based on mobile agent for LEO satellite IP networks

Current quality of service (QoS) routing schemes for low earth orbit (LEO) satellites IP networks either neglect the varying population density or fail to guarantee end-to-end delay. As a remedy, QoS routing protocol based on mobile agent (QoSRP-MA) is proposed. QoSRP-MA is a source-based routing protocol. Once connection requests arrive, QoS mobile agents are dispatched from ingress satellite to explore routes, which migrate using satellite routing tables. Upon arriving in egress satellite, QoS mobile agents migrate back towards ingress satellite to reserve bandwidth. To construct satellite routing tables, load balancing routing algorithm based on mobile agent (LBRA-MA) is presented. In LBRP-MA, at regular intervals mobile agents launched on all satellites migrate autonomously to evaluate path cost and update routing tables. Moreover, path cost between source and destination is evaluated considering satellite geographical position as well as inter-satellite link (ISL) cost. Furthermore, ISL congestion index is considered to update routing table. Through simulations on a Courier-like constellation, it shows that QoSRP-MA can achieve guaranteed end-to-end delay bound with higher throughput, lower connection failing ratio and signaling overhead compared to high performance satellite routing (HPSR) scheme.     

An efficient weighted trust‐based malicious node detection scheme for wireless sensor networks

The aim of wireless sensor networks (WSNs) is to gather sensor data from a monitored environment. However, the collected or reported information might be falsified by faults or malicious nodes. Hence, identifying malicious nodes in an effective and timely manner is essential for the network to function properly and reliably. Maliciously behaving nodes are usually detected and isolated by reputation and trust‐based schemes before they can damage the network. In this paper, we propose an efficient weighted trust‐based malicious node detection (WT‐MND) scheme that can detect malicious nodes in a clustered WSN. The node behaviors are realistically treated by accounting for false‐positive and false‐negative instances. The simulation results confirm the timely identification and isolation of maliciously behaving nodes by the WT‐MND scheme. The effectiveness of the proposed scheme is afforded by the adaptive trust‐update process, which implicitly performs trust recovery of temporarily malfunctioning nodes and computes a different trust‐update factor for each node depending on its behavior. The proposed scheme is more effective and scalable than the related schemes in the literature, as evidenced by its higher detection ratio (DR) and lower misdetection ratio (MDR), which only slightly vary with the network's size. Moreover, the scheme sustains its efficient characteristics without significant power consumption overheads.     

基于网管应用的移动代理和CORBA性能比较研究

对基于移动代理和CORBA的网管应用分别建立了数学模型和原型系统,对两种分布式技术在网管应用中的性能进行了比较分析。仿真结果表明两种技术的性能比较应综合考虑多种因素。此外,利用移动代理可以实现更为灵活的网络管理机制。     

移动IPv6网络家乡代理容错方案性能分析

移动IPv6网络家乡代理的容错机制可保证在家乡代理失效后,节点仍能被寻址。针对现有容错方案普遍存在缺少容错性能定量评价的问题,对其工作机制进行深入研究,并通过仿真对不同方案的容错性能进行定量分析和评价。仿真结果表明：环状备份方案（MADB）在容错时间、服务中断时间以及信令开销等方面的性能均优于其他方案,综合性能提高35%左右。     

基于移动代理的无线智能网体系结构和关键技术研究

提出一种基于移动代理技术的无线智能网体系结构,比较了无线智能网各个实体采用移动代理后与目前的无线智能网平台的优缺点,在此基础上,分析了此体系结构中的一些关键技术:代理支持业务的方法;采用移动代理协作技术实现业务交互;采用移动代理之后业务逻辑的选择机制;代理的下载技术等,提出了相应的解决方案。