On the Security Properties and Attacks against Mobile Agent Graph Head Sealing (MAGHS)

  • Abid Khan
  • Qasim Arshad
  • Xiamu Niu
  • Zhang Yong
  • Muhammad Waqas Anwar
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5576)


Mobile Agents (MAs) are not fully adopted for implementing distributed system especially in e-commerce application. The main reason is the security issues associated with use of MAs. Providing integrity of execution is considered as the most challenging problem in MAs. Mobile agent Graph Head Sealing (MAGHS) is a technique that aims towards providing integrity of execution. This paper discusses the attacks that can be launched against MAGHS technique and how the security properties for MAs data integrity are fulfilled. We try to model the behavior of a malicious host by launching a series of passive attacks against mobile agent and then see to what extent the security properties for mobile agent can be achieved. The experimental results suggest that MAGHS framework can be used to protect the computations results of mobile agents.


Mobile Agent security Graph head Sealing execution integrity active attacks security properties malicious hosts 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ma, C., Concepcion, A.: A security evaluation model for multi-agent distributed systems. In: Technologies for Business Information Systems, pp. 403–415. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Tsai, J.P., Ma, L.: Security modeling of mobile agent systems. Journal of Ubiquitous Computing and Intelligence 1, 73–85 (2007)CrossRefGoogle Scholar
  3. 3.
    Kannammal, A., Ramachandran, V., et al.: Reliable multiagent system for e-business applications. Academic Open Internet Journal 18 (2006)Google Scholar
  4. 4.
    Jonsson, E., Olovsson, T.: A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering 23(4) (1997)Google Scholar
  5. 5.
    Pleisch, S., Schiper, A.: Fault tolerant mobile agent execution. IEEE Transaction on Computers 52(2) (2003)Google Scholar
  6. 6.
    Hohl, F.: A model of attacks of malicious host against mobile agents. In: Demeyer, S., Bosch, J. (eds.) ECOOP 1998 Workshops. LNCS, vol. 1543, p. 299. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  7. 7.
    Chan, A.H.W., Lyu, M.R.: Security modeling and evaluation for mobile code paradigm. In: Thiagarajan, P.S., Yap, R.H.C. (eds.) ASIAN 1999. LNCS, vol. 1742, pp. 371–372. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  8. 8.
    Karjoth, G., Asokan, N., et al.: Protecting the computation results of free-roaming agents. In: Rothermel, K., Hohl, F. (eds.) MA 1998. LNCS, vol. 1477, p. 195. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Yee, B.: A sanctuary for mobile agents. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 261–273. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  10. 10.
    Khan, A., Niu, X., et al.: Mobile agent computation results protection with head sealing. IJCSES 2(1), 13–18 (2008)Google Scholar
  11. 11.
    Loureiro, S.: Mobile code protection. Ph.D thesis, ENST Paris / Institut Eurecom (2001)Google Scholar
  12. 12.
    Lin, H.-C., et al.: Protection of mobile agent data collection by using ring signature. In: Proceedings IEEE International Conference on Networking, Sensing & Control (2004)Google Scholar
  13. 13.
    McDonald, J.T., Yasinsac, A., et al.: Mobile agent data Integrity using multi-agent architecture. In: Proceedings of the (PDCS 2004), pp. 14–17 (2004)Google Scholar
  14. 14.
    Roth, V.: Mutual protection of co-operating agents. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 275–285. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  15. 15.
    Vigna, J.: Cryptographic traces for mobile agents. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, pp. 137–153. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  16. 16.
    Esparza, O., et al.: Mobile agent watermarking and fingerprinting: tracing malicious hosts. In: Mařík, V., Štěpánková, O., Retschitzegger, W. (eds.) DEXA 2003. LNCS, vol. 2736, pp. 927–936. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Lange, D.B., Oshima, M.: Programming and deploying Java mobile agents with Aglets. Addison Wiley (1998)Google Scholar
  18. 18.
    Gong, L., Schemers, R.: Signing, Sealing, and Guarding Java Objects. In: Vigna, G. (ed.) Mobile Agents and Security. LNCS, vol. 1419, p. 206. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Oppliger, R.: Contemporary Cryptography. Artech House Computer Security (2005)Google Scholar
  20. 20.
    Khan, A., Niu, X., Yong, Z.: A hybrid approach for mobile agent security using reversible watermarking and dynamic data structure. IJCSES 1(1), 48–53 (2007)Google Scholar
  21. 21.
    Khan, A., Niu, X., Yong, Z.: Protecting mobile agent computation results with reversible watermarking and digital signature. In: IEEE Third International Conference on Intelligent Information Hiding and Multimedia Signal Processing. IEEE Computer Security, Los Alamitos (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Abid Khan
    • 1
    • 3
  • Qasim Arshad
    • 1
    • 2
  • Xiamu Niu
    • 3
  • Zhang Yong
    • 3
  • Muhammad Waqas Anwar
    • 1
  1. 1.Department of Computer ScienceCOMSATS Instiutute of Information TechnologyIslamabadPakistan
  2. 2.New Jersey Science and Technology University(NJIT)USA
  3. 3.Department of Computer Science &Technology, Harbin Instiute of TechnologyShenzhen Graduate SchoolShenzhenP.R. China

Personalised recommendations