共查询到20条相似文献,搜索用时 31 毫秒
1.
2.
一种改进的基于Web的移动代理的设计 总被引:1,自引:0,他引:1
移动代理系统的特点是移动性,自治性和智能性。在移动代理技术拥有完整性保护后,移动代理就可以免于被恶意的主机和其他代理攻击。传统的移动代理是由固定的代码段组成的,提出了一种改进的移动代理方法(MMA),这种方法可以在执行需求时动态添加新的代理代码模块,也可以删除冗余的代码模块。在基于Web的系统中这种方法比传统的静态方法更加灵活有效。 相似文献
3.
4.
Mobile agent security 总被引:2,自引:0,他引:2
The agent paradigm is currently attracting much research. A mobile agent is a particular type of agent with the ability to migrate from one host to another, where it can resume its execution. We consider security issues that need to be addressed before multi-agent systems in general, and mobile agents in particular, can be a viable solution for a broad range of commercial applications. This is done by considering the implications of the characteristics given to agents and the general properties of open multi-agent systems. The paper then looks in some more detail at security technology and methods applicable to mobile agent systems. 相似文献
5.
移动代理系统提供了一个新的计算方式,程序以软件代理的形式出现,它能在一台主机上停止它的执行,通过移动到另一台主机上恢复执行。随着移动软件混合性的增加,也伴随着对安全的威胁。尤其是对拒绝服务攻击这类消耗系统资源的攻击,目前还没有什么好的方法。提出了将电子货币引入系统来抵御这类攻击,并给出了一个应用模型。 相似文献
6.
Jung‐Shian Li Che‐Jen Hsieh Husan‐Yeh Lin 《International Journal of Communication Systems》2013,26(12):1503-1519
The continuous evolvement of the e‐domain has led to a significant increase in the amount of sensitive personal information stored on networked hosts. These hosts are invariably protected by security mechanisms such as intrusion detection systems, Intrusion Prevention System (IPS), antivirus software, firewalls, and so forth. However, they still remain vulnerable to the threat of malicious attacks, theft and intrusion. The high false positive alarm rate of such mechanisms is particularly troublesome because false alarms greatly degrade the efficiency of the security framework. Security operation centers (SOCs) provide an automated solution for analyzing the threat to a network such that appropriate protective measures can be put in place. This paper proposes a novel hierarchical mobile‐agent‐based SOC to overcome the vulnerability of traditional static SOCs to single point of failure attacks. In addition, the network is partitioned into multiple divisions, each with its own alert detection and aggregation methodology to improve the computational efficiency of the data collection and fusion process. The data acquired in the various divisions are fused and correlated in an efficient manner via intrusion detection message exchange format, XML, session and timer methods The experimental results confirm the effectiveness and efficiency of the proposed hierarchical mobile‐agent‐based SOC framework. Copyright © 2012 John Wiley & Sons, Ltd. 相似文献
7.
Mobile agent is widely used in area such as parallel distributed computing for higher performance. But security issues threaten
both the algorithm and data running on mobile agent system. The sensitive information within mobile agent code is inclined
to be reverse engineered on a host platform. Obfuscation provides effective protection in this case with little execution
time and storage size overhead. In this paper, we propose an obfuscation algorithm based on self-modifying code to prevent
mobile agent code from attack at function level. We implement the algorithm and prove the efficacy of the algorithm. 相似文献
8.
郭晔 《微电子学与计算机》2003,20(8):114-115,157
随着移动代理(MA)使用范围的日益扩大,其安全性受到越来越多的关注。MA的安全性包括两方面:一是保护MA不受主机平台的攻击,二是保护主机平台不受恶意MA的攻击。现有的方法保护对具体的应用都有一定的局限。本文提出了一种基于策略的动态可伸缩安全模型,将MA与控制MA动作的策略进行分离,从而根据不同的需要对策略进行加载或卸载,从而达到对MA动态控制的目的。在本文的最后,对未来的工作提出了展望。 相似文献
9.
10.
Code mobility can be defined as the capability to dynamically change the bindings between code fragments and the location in which they are executed. The concept of code mobility is not new, but in recent years has become a hot topic. Web browsers are able to download programs attached to web pages that are executed locally. On the other hand, mobile agent technology allows for agents to autonomously migrate to new hosts. A major concern involved in the use of these technologies is security: the integrity of the receiving host must not be compromised by the execution of mobile code. The local host needs to define a security policy that specifies which resources are made available to mobile code, potentially untrusted. On the other hand, the runtime system must, somehow, enforce such policy. In this paper, we present a survey of different techniques aimed at resolving the problem of secure resource management, and argue within which context they are appropriate. 相似文献
11.
12.
Hero Modares Amirhossein Moravejosharieh Rosli Bin Salleh Jaime Lloret 《ETRI Journal》2014,36(1):51-61
In the Mobile IPv6 (MIPv6) protocol, a mobile node (MN) is a mobile device with a permanent home address (HoA) on its home link. The MN will acquire a care‐of address (CoA) when it roams into a foreign link. It then sends a binding update (BU) message to the home agent (HA) and the correspondent node (CN) to inform them of its current CoA so that future data packets destined for its HoA will be forwarded to the CoA. The BU message, however, is vulnerable to different types of security attacks, such as the man‐in‐the‐middle attack, the session hijacking attack, and the denial‐of‐service attack. The current security protocols in MIPv6 are not able to effectively protect the BU message against these attacks. The private‐key‐based BU (PKBU) protocol is proposed in this research to overcome the shortcomings of some existing MIPv6 protocols. PKBU incorporates a method to assert the address ownership of the MN, thus allowing the CN to validate that the MN is not a malicious node. The results obtained show that it addresses the security requirements while being able to check the address ownership of the MN. PKBU also incorporates a method to verify the reachability of the MN. 相似文献
13.
14.
本文主要讨论保护移动代理免受恶意主机攻击的问题.在指出现有的基于"加密函数"的移动代理保护方法不足的同时作者提出了一种基于可信任元素的安全代理保护模型.这种可信任元素不同于可信任硬件如智能卡和协处理器,它是一种基于加密电路构造的第三方服务称为可信任服务.文中给出了移动代理计算的形式化描述,并说明了纯软件保护方法是不可行的,在介绍完加密电路构造方法后给出了基本模型来说明如何借助于可信任服务实现安全性,并对模型进一步扩充,最后给出应用该模型的一个实例分析. 相似文献
15.
The practicality of mobile agents hinges on realistic security techniques. Mobile agent systems are combination client/servers that transport, and provide an interface with host computers for, mobile agents. Transport of mobile agents takes place between mobile agent systems, which are located on heterogeneous platforms, making up an infrastructure that has the potential to scale to the size of any underlying network. Mobile agents can be rapidly deployed, and can respond to each other and their environment. These abilities expose flaws in current security technology. This article surveys the risks connected with the use of mobile agents, and security techniques available to protect mobile agents and their hosts. The inadequacies of the security techniques developed from the information fortress model are identified. They are the result of using a good model in an inappropriate context (i.e. a closed system model in a globally distributed networking computing base). Problems with commercially available techniques include: (1) conflicts between security techniques protecting hosts and mobile agents, (2) inability to handle multiple collaborative mobile agents, and (3) emphasis on the credentials of software instead of on the integrity of software to determine the level of trust. 相似文献
16.
Agents need resources and protection from hostile influences, in both natural and artificial environments. This paper specifically considers social insects and software mobile agent systems, in order to understand how the need for mobility, resource acquisition and security can influence the design and operation of agent systems. Evolution has honed the movement, resource-gathering and defensive skills of the social insects in a multitude of ways. The paper reviews some of these strategies and assesses whether they may provide useful insights into the design and implementation of mobile software agents. This process is necessary as current mobile agent systems have been handicapped by a lack of convincing security measures which has prevented their adoption in mainstream computing services.This paper therefore examines the strategies for movement, resource acquisition and defence adopted by the social insects and considers how they may be applied to enhance the design of mobile agents. 相似文献
17.
当前智能手机市场中,Android占有很大的市场份额,又因其他的开源,基于Android系统的智能手机很容易成为攻击者的首选目标。随着对Android恶意软件的快速增长,Android手机用户迫切需要保护自己手机安全的解决方案。为此,对多款Android恶意软件进行静态分析,得出Android恶意软件中存在危险API列表、危险系统调用列表和权限列表,并将这些列表合并,组成Android应用的混合特征集。应用混合特征集,结合主成分分析(PCA)和支持向量机(SVM),建立Android恶意软件的静态检测模型。利用此模型实现仿真实验,实验结果表明,该方法能够快速检测Android应用中恶意软件,且不用运行软件,检测准确率较高。 相似文献
18.
The Study and Perspective of Mobile Agent Security 总被引:2,自引:0,他引:2
Security is an important issue for the widespread deployment of applications based on software agent technology. It is generally agreed that without the proper countermeasures in place, use of agent-based applications will be severely impeded. So many projects have focused on the security issues of mobile agent and many mechanisms have been proposed to solve the security problem. This paper discusses the security issues and the countermeasures. Then it points out some directions for the research of the mobile agent security. 相似文献
19.
Secure user authentication scheme with novel server mutual verification for multiserver environments
The fast growth of mobile services and devices has made the conventional single‐server architecture ineffective from the point of its functional requirements. To extend the scalability and availability of mobile services to various applications, it is required to deploy multiserver architecture. In 2016, Moon et al insisted that Lu et al's scheme is weak to insiders and impersonation attack, then they proposed a biometric‐based scheme for authentication and key agreement of users in multiserver environments. Unfortunately, we analyze Moon et al's scheme and demonstrate that their scheme does not withstand various attacks from a malicious registered server. We propose a user authentication scheme with server mutual verification to overcome these security drawbacks. The proposed scheme withstands an attack from malicious insiders in multiserver environments. We use a threshold cryptography to strengthen the process of server authorization and to provide better security functionalities. We then prove the authentication and session key of the proposed scheme using Burrows‐Abadi‐Needham (BAN) logic and show that our proposed scheme is secure against various attacks. 相似文献
20.
随着全球信息化的不断推进,整个世界越来越被连成一个整体,威胁计算机系统安全的领域也越来越广泛,其中以恶意代码最为严重。而随着计算机系统安全攻击与防御技术的不断较量,恶意代码的攻击手法、攻击形式也越来越趋于隐秘化、复杂化。因此,有必要对当下的恶意代码分析技术进行总结,从中发现新的发展方向,以应对不断变化的恶意代码形势。 相似文献