In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote clien...In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote client enterprises to complete outsourcing service actively. The incentive mechanism model of information security outsourcing is designed based on the principal-agent theory. Through analyzing the factors such as enterprise information assets value, invasion probability, information security environment, the agent cost coefficient and agency risk preference degree how to impact on the incentive mechanism, conclusions show that an enterprise information assets value and invasion probability have a positive influence on the fixed fee and the compensation coefficient; while information security environment, the agent cost coefficient and agency risk preference degree have a negative influence on the compensation coefficient. Therefore, the principal enterprises should reasonably design the fixed fee and the compensation coefficient to encourage information security outsourcing agency enterprises to the full extent.展开更多
To enhance the security of network systems, puts forward a kind of software agent is put forward, which has the induction ability of network frameworks and the ability of behavior independence. It is mobile scanning a...To enhance the security of network systems, puts forward a kind of software agent is put forward, which has the induction ability of network frameworks and the ability of behavior independence. It is mobile scanning agent. More attentions is paid to expound how to design and realize mobile scanning agent. Besides, it is also explained the programs of mobile scanning agent system. In the end, it expects mobile scanning agent.展开更多
This paper presents a computer immunology model for computer security, whose main components are defined as idea of Multi Agent. It introduces the natural immune system on the principle, discusses the idea and chara...This paper presents a computer immunology model for computer security, whose main components are defined as idea of Multi Agent. It introduces the natural immune system on the principle, discusses the idea and characteristics of Multi Agent. It gives a system model, and describes the structure and function of each agent. Also, the communication method between agents is described.展开更多
The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many d...The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.展开更多
The security of mobile agent directly decides its usage width in e-commerce. Especially, to protect users' private information is becoming more important now and future. So an anonymous mobile agent security mechanis...The security of mobile agent directly decides its usage width in e-commerce. Especially, to protect users' private information is becoming more important now and future. So an anonymous mobile agent security mechanism with the secure authentication infrastructure based on PKI (public key infrastructure) is proposed in the paper. The multi-agent system is programmed by java language and every agent must register itself in CA (certificate authority) before working in the net and express his legit identity which is temptly produced and used only once. The CA ensures the legal of all agents' identity which take part in communicaiton or trade. And every user agent identity only is used once which makes other agents cannot decipher users' private information. The security mechanism of the multi-agent system implements anonymity, integrity, data confidentiality of mobile agent based on the MH(multiple hop) integrity protection regard to PKI limit.展开更多
The wireless application protocol (WAP) protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are po...The wireless application protocol (WAP) protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are possibly infected with virus and worms. Though up to now there is no such attack, as the usage of script languages increases, there is a chance of malicious code injection. This paper discusses the threats with current WAP protocol, and how changes in the protocol and the increase in its usage will enable entry of real viruses. Future threat scenarios are presented along with suggestions to avoid these problems.展开更多
The broadcast nature of wireless network makes traditional link-layer attacks readily available to anyone within the range of the network. User authentication is best safeguard against the risk of unauthorized access ...The broadcast nature of wireless network makes traditional link-layer attacks readily available to anyone within the range of the network. User authentication is best safeguard against the risk of unauthorized access to the wireless networks. The present 802.1× authentication scheme has some flaws, making mutual authentication impossible and open to man-in-the-middle attacks. These characteristics make traditional cryptographic mechanism provide weak security for the wireless environment. We have proposed the use of mobile agents to provide dependable Internet services delivery to users, this will guarantee secure authentication in wireless networks and we examine the feasibility of our solution and propose a model for wireless network security.展开更多
Inspired by the immune theory and multi-agent systems, an immune multi-agent active defense model for network intrusion is established. The concept of immune agent is introduced, and its running mechanism is establish...Inspired by the immune theory and multi-agent systems, an immune multi-agent active defense model for network intrusion is established. The concept of immune agent is introduced, and its running mechanism is established. The method, which uses antibody concentration to quantitatively describe the degree of intrusion danger, is presented. This model implements the multi-layer and distributed active defense mechanism for network intrusion. The experiment results show that this model is a good solution to the network security defense.展开更多
In order to overcome defects in existing ASCTS(Agricultural Supply Chain Traceability System,a new traceability system based on Multi-Agent System(MAS) is put forward.By qualitative method,I analyze problems of applic...In order to overcome defects in existing ASCTS(Agricultural Supply Chain Traceability System,a new traceability system based on Multi-Agent System(MAS) is put forward.By qualitative method,I analyze problems of application of Agent technology in tracing quality of agricultural products.Physical model is built for this system and structure of traceability system is determined.Finally,algorithm is presented for major entities.From analysis of algorithm,it is proved that this system has some reference value in improving breadth and depth of product traceability.展开更多
The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- s...The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- sures are only to protect the networks, and there is no automated network-wide counteraction against detected intrusions, the architecture of cooperation intrusion response based multi-agent is propose. The architecture is composed of mobile agents. Monitor agent resides on every node and monitors its neighbor nodes. Decision agent collects information from monitor nodes and detects an intrusion by security policies. When an intruder is found in the architecture, the block agents will get to the neighbor nodes of the intruder and form the mobile firewall to isolate the intruder. In the end, we evaluate it by simulation.展开更多
Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent di...Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent distributed IDS model, enhanced with a method of computing its statistical values of performance is presented. This model can accomplish not only distributed information collection, but also distributed intrusion detection and real-time reaction. Owing to prompt reaction and openness, it can detect intrusion behavior of both known and unknown sources. According to preliminary tests, the accuracy ratio of intrusion detection is higher than 92% on the average.展开更多
Mobile agent technology offers a new computing paradigm in which a program,in the form of a software agent, can suspend its execution in a host computer, transfer itself toanother agent - enabled host in the network ,...Mobile agent technology offers a new computing paradigm in which a program,in the form of a software agent, can suspend its execution in a host computer, transfer itself toanother agent - enabled host in the network , and resume execution of the new host. As thesophistication of mobile software has increased 'with the time, so have the associated threats tosecurity. This paper provides an overview of the range of threats facing the designers of mobileagent. The paper also identifies generic security objectives, and a range of measures for counteringthe identified threats.展开更多
Mobile Agent has many benefits over traditional distributed systems such as reducing latency,bandwidth,and costs.Mobile Agent Systems are not fully utilized due to security problems.This paper focuses on mobile agent ...Mobile Agent has many benefits over traditional distributed systems such as reducing latency,bandwidth,and costs.Mobile Agent Systems are not fully utilized due to security problems.This paper focuses on mobile agent protection against malicious hosts.A new security mechanism called Checkpoints has been proposed.Checkpoint Mechanism(CPM)aims to protect Mobile Agent against malicious hosts in case of Capturing and Integrity attacks.CPM assumes using a free-roaming mobility mechanism by Mobile agent systems.The main idea behind CPM is to generate multiple versions of Mobile Agent.The multiple version is used to recover Mobile Agent from Capturing and Integrity attacks by untrusted hosts.MA versions are kept in Recovery Host(RH).RH plays a key role in CPM by controlling and monitoring MAs’recovery processes.A prototype method has been used to prove the feasibility of CPM.The p https://dsr.kau.edu.sa/Default-305-ARrototype was implemented by using the.Net framework and C#.full discussion for several scenarios has been done to analyze the feasibility and performance for CPM.As found from this research,CPM has a strong ability to protect Mobile Agents from Capturing and Integrity attacks completely.In addition,there is no negative impact on the overall performance of the mobile agent system.展开更多
Ad Hoc network is a kind of multi hop, self-organizing wireless network without center. Each node in network can be used as host as well as router and it can form any network topology through wireless connections. Bec...Ad Hoc network is a kind of multi hop, self-organizing wireless network without center. Each node in network can be used as host as well as router and it can form any network topology through wireless connections. Because of characteristics of itself, many new service items and application fields appear;meanwhile, it is also faced with many new security threats. Using immune agent can perceive the change of network node and make corresponding decision behavior, find the misbehavior nodes in the network as soon as possible and reduce the network attack and improve the immune competence of network.展开更多
The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The eviden...The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The evidence of intrusions is to be associated from all the held up nodes. From the last few years, mobile agent based technique in intrusion detection system (IDS) has been widely used to detect intrusion over distributed network. This paper presented survey of several existing mobile agent based intrusion detection system and comparative analysis report between them. Furthermore we have focused on each attribute of analysis, for example technique (NIDS, HIDS or Hybrid), behavior layer, detection techniques for analysis, uses of mobile agent and technology used by existing IDS, strength and issues. Their strengths and issues are situational wherever appropriate. We have observed that some of the existing techniques are used in IDS which causes low detection rate, behavior layers like TCP connection for packet capturing which is most important activity in NIDS and response time (technology execution time) with memory consumption by mobile agent as major issues.展开更多
作为ICS(Industrial Control System)的重要组成部分,SCADA(Supervisory Control and Data Acquisition)受到的恶意攻击与日俱增。为了充分确保其信息安全,可以选择多Agent技术来实现基于FNN(Factor Neuron Network)的安全防御方法,并...作为ICS(Industrial Control System)的重要组成部分,SCADA(Supervisory Control and Data Acquisition)受到的恶意攻击与日俱增。为了充分确保其信息安全,可以选择多Agent技术来实现基于FNN(Factor Neuron Network)的安全防御方法,并最终建立起一个SCADA系统安全防御模型。该模型继承了多Agent技术与FNN的优点,配置方便,易于维护,可以实时更新以及在线扩展,具备良好的通用性与可塑性,从而克服了现有IDS(Intrusion Detection System)的诸多不足,有效保障SCADA安全可靠地运行。展开更多
Security is an important issue for the widespread deployment of applications based on software agent technolo-gy.It is generally agreed that without the proper countermeasures in place,use of agent-based applications ...Security is an important issue for the widespread deployment of applications based on software agent technolo-gy.It is generally agreed that without the proper countermeasures in place,use of agent-based applications will be severelyimpeded.So many projects have focused on the security issues of mobile agent and many mechanisms have been proposed tosolve the security problem.This paper discusses the security issues and the countermeasures.Then it points out some direc-tions for the research of the mobile agent security.展开更多
基金The National Natural Science Foundation of China(No.71071033)the Youth Foundation of Humanity and Social Scienceof Ministry of Education of China(No.11YJC630234)
文摘In order to solve principal-agent problems caused by interest inconformity and information asymmetry during information security outsourcing, it is necessary to design a reasonable incentive mechanism to promote client enterprises to complete outsourcing service actively. The incentive mechanism model of information security outsourcing is designed based on the principal-agent theory. Through analyzing the factors such as enterprise information assets value, invasion probability, information security environment, the agent cost coefficient and agency risk preference degree how to impact on the incentive mechanism, conclusions show that an enterprise information assets value and invasion probability have a positive influence on the fixed fee and the compensation coefficient; while information security environment, the agent cost coefficient and agency risk preference degree have a negative influence on the compensation coefficient. Therefore, the principal enterprises should reasonably design the fixed fee and the compensation coefficient to encourage information security outsourcing agency enterprises to the full extent.
文摘To enhance the security of network systems, puts forward a kind of software agent is put forward, which has the induction ability of network frameworks and the ability of behavior independence. It is mobile scanning agent. More attentions is paid to expound how to design and realize mobile scanning agent. Besides, it is also explained the programs of mobile scanning agent system. In the end, it expects mobile scanning agent.
基金Supported by the National Natural Science Foundation of China(6 0 0 730 4370 0 710 42 )
文摘This paper presents a computer immunology model for computer security, whose main components are defined as idea of Multi Agent. It introduces the natural immune system on the principle, discusses the idea and characteristics of Multi Agent. It gives a system model, and describes the structure and function of each agent. Also, the communication method between agents is described.
文摘The tremendous growth of the cloud computing environments requires new architecture for security services. Cloud computing is the utilization of many servers/data centers or cloud data storages (CDSs) housed in many different locations and interconnected by high speed networks. CDS, like any other emerging technology, is experiencing growing pains. It is immature, it is fragmented and it lacks standardization. Although security issues are delaying its fast adoption, cloud computing is an unstoppable force and we need to provide security mechanisms to ensure its secure adoption. In this paper a comprehensive security framework based on Multi-Agent System (MAS) architecture for CDS to facilitate confidentiality, correctness assurance, availability and integrity of users' data in the cloud is proposed. Our security framework consists of two main layers as agent layer and CDS layer. Our propose MAS architecture includes main five types of agents: Cloud Service Provider Agent (CSPA), Cloud Data Confidentiality Agent (CDConA), Cloud Data Correctness Agent (CDCorA), Cloud Data Availability Agent (CDAA) and Cloud Data Integrity Agent (CDIA). In order to verify our proposed security framework based on MAS architecture, pilot study is conducted using a questionnaire survey. Rasch Methodology is used to analyze the pilot data. Item reliability is found to be poor and a few respondents and items are identified as misfits with distorted measurements. As a result, some problematic questions are revised and some predictably easy questions are excluded from the questionnaire. A prototype of the system is implemented using Java. To simulate the agents, oracle database packages and triggers are used to implement agent functions and oracle jobs are utilized to create agents.
基金Supported by the National Natural Science Foun-dation of China (50077007) the Youth Teacher Foundation ofNorth China Electric Power University (20051101)
文摘The security of mobile agent directly decides its usage width in e-commerce. Especially, to protect users' private information is becoming more important now and future. So an anonymous mobile agent security mechanism with the secure authentication infrastructure based on PKI (public key infrastructure) is proposed in the paper. The multi-agent system is programmed by java language and every agent must register itself in CA (certificate authority) before working in the net and express his legit identity which is temptly produced and used only once. The CA ensures the legal of all agents' identity which take part in communicaiton or trade. And every user agent identity only is used once which makes other agents cannot decipher users' private information. The security mechanism of the multi-agent system implements anonymity, integrity, data confidentiality of mobile agent based on the MH(multiple hop) integrity protection regard to PKI limit.
文摘The wireless application protocol (WAP) protocol is now the leading standard for information services on wireless terminals like digital mobile phones. By the use of WAP, wireless devices, like mobile phones, are possibly infected with virus and worms. Though up to now there is no such attack, as the usage of script languages increases, there is a chance of malicious code injection. This paper discusses the threats with current WAP protocol, and how changes in the protocol and the increase in its usage will enable entry of real viruses. Future threat scenarios are presented along with suggestions to avoid these problems.
文摘The broadcast nature of wireless network makes traditional link-layer attacks readily available to anyone within the range of the network. User authentication is best safeguard against the risk of unauthorized access to the wireless networks. The present 802.1× authentication scheme has some flaws, making mutual authentication impossible and open to man-in-the-middle attacks. These characteristics make traditional cryptographic mechanism provide weak security for the wireless environment. We have proposed the use of mobile agents to provide dependable Internet services delivery to users, this will guarantee secure authentication in wireless networks and we examine the feasibility of our solution and propose a model for wireless network security.
基金Supported by the National Natural Science Foundation of China (60373110, 60573130, 60502011)
文摘Inspired by the immune theory and multi-agent systems, an immune multi-agent active defense model for network intrusion is established. The concept of immune agent is introduced, and its running mechanism is established. The method, which uses antibody concentration to quantitatively describe the degree of intrusion danger, is presented. This model implements the multi-layer and distributed active defense mechanism for network intrusion. The experiment results show that this model is a good solution to the network security defense.
基金Supported by National Natural Science Foundation of China(71071001)
文摘In order to overcome defects in existing ASCTS(Agricultural Supply Chain Traceability System,a new traceability system based on Multi-Agent System(MAS) is put forward.By qualitative method,I analyze problems of application of Agent technology in tracing quality of agricultural products.Physical model is built for this system and structure of traceability system is determined.Finally,algorithm is presented for major entities.From analysis of algorithm,it is proved that this system has some reference value in improving breadth and depth of product traceability.
基金This project was supported by the National Natural Science Foundation of China (60672068)the National High Technology Development 863 Program of China (2006AA01Z436, 2007AA01Z452.)
文摘The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- sures are only to protect the networks, and there is no automated network-wide counteraction against detected intrusions, the architecture of cooperation intrusion response based multi-agent is propose. The architecture is composed of mobile agents. Monitor agent resides on every node and monitors its neighbor nodes. Decision agent collects information from monitor nodes and detects an intrusion by security policies. When an intruder is found in the architecture, the block agents will get to the neighbor nodes of the intruder and form the mobile firewall to isolate the intruder. In the end, we evaluate it by simulation.
基金Supported by the Key Program of Natural Science Foundation of China(050335020)
文摘Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent distributed IDS model, enhanced with a method of computing its statistical values of performance is presented. This model can accomplish not only distributed information collection, but also distributed intrusion detection and real-time reaction. Owing to prompt reaction and openness, it can detect intrusion behavior of both known and unknown sources. According to preliminary tests, the accuracy ratio of intrusion detection is higher than 92% on the average.
文摘Mobile agent technology offers a new computing paradigm in which a program,in the form of a software agent, can suspend its execution in a host computer, transfer itself toanother agent - enabled host in the network , and resume execution of the new host. As thesophistication of mobile software has increased 'with the time, so have the associated threats tosecurity. This paper provides an overview of the range of threats facing the designers of mobileagent. The paper also identifies generic security objectives, and a range of measures for counteringthe identified threats.
基金This project funded by the Deanship of Scientific Research(DSR),King Abdulaziz University,Jeddah,under Grant No.D-152-611-1441.
文摘Mobile Agent has many benefits over traditional distributed systems such as reducing latency,bandwidth,and costs.Mobile Agent Systems are not fully utilized due to security problems.This paper focuses on mobile agent protection against malicious hosts.A new security mechanism called Checkpoints has been proposed.Checkpoint Mechanism(CPM)aims to protect Mobile Agent against malicious hosts in case of Capturing and Integrity attacks.CPM assumes using a free-roaming mobility mechanism by Mobile agent systems.The main idea behind CPM is to generate multiple versions of Mobile Agent.The multiple version is used to recover Mobile Agent from Capturing and Integrity attacks by untrusted hosts.MA versions are kept in Recovery Host(RH).RH plays a key role in CPM by controlling and monitoring MAs’recovery processes.A prototype method has been used to prove the feasibility of CPM.The p https://dsr.kau.edu.sa/Default-305-ARrototype was implemented by using the.Net framework and C#.full discussion for several scenarios has been done to analyze the feasibility and performance for CPM.As found from this research,CPM has a strong ability to protect Mobile Agents from Capturing and Integrity attacks completely.In addition,there is no negative impact on the overall performance of the mobile agent system.
文摘Ad Hoc network is a kind of multi hop, self-organizing wireless network without center. Each node in network can be used as host as well as router and it can form any network topology through wireless connections. Because of characteristics of itself, many new service items and application fields appear;meanwhile, it is also faced with many new security threats. Using immune agent can perceive the change of network node and make corresponding decision behavior, find the misbehavior nodes in the network as soon as possible and reduce the network attack and improve the immune competence of network.
文摘The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The evidence of intrusions is to be associated from all the held up nodes. From the last few years, mobile agent based technique in intrusion detection system (IDS) has been widely used to detect intrusion over distributed network. This paper presented survey of several existing mobile agent based intrusion detection system and comparative analysis report between them. Furthermore we have focused on each attribute of analysis, for example technique (NIDS, HIDS or Hybrid), behavior layer, detection techniques for analysis, uses of mobile agent and technology used by existing IDS, strength and issues. Their strengths and issues are situational wherever appropriate. We have observed that some of the existing techniques are used in IDS which causes low detection rate, behavior layers like TCP connection for packet capturing which is most important activity in NIDS and response time (technology execution time) with memory consumption by mobile agent as major issues.
文摘作为ICS(Industrial Control System)的重要组成部分,SCADA(Supervisory Control and Data Acquisition)受到的恶意攻击与日俱增。为了充分确保其信息安全,可以选择多Agent技术来实现基于FNN(Factor Neuron Network)的安全防御方法,并最终建立起一个SCADA系统安全防御模型。该模型继承了多Agent技术与FNN的优点,配置方便,易于维护,可以实时更新以及在线扩展,具备良好的通用性与可塑性,从而克服了现有IDS(Intrusion Detection System)的诸多不足,有效保障SCADA安全可靠地运行。
文摘Security is an important issue for the widespread deployment of applications based on software agent technolo-gy.It is generally agreed that without the proper countermeasures in place,use of agent-based applications will be severelyimpeded.So many projects have focused on the security issues of mobile agent and many mechanisms have been proposed tosolve the security problem.This paper discusses the security issues and the countermeasures.Then it points out some direc-tions for the research of the mobile agent security.
