World Applied Sciences Journal 29 (2): 287-297, 2014 ISSN 1818-4952 © IDOSI Publications, 2014 DOI: 10.5829/idosi.wasj.2014.29.02.1561 Corresponding Author: Mohamed A. Madkour, FCIT, King Abdulaziz University, Jeddah, KSA. 287 Securing Mobile-Agent-Based Systems Against Malicious Hosts Mohamed A. Madkour, Fathy E. Eassa, Abdullah M. Ali and Noor U. Qayyum FCIT, King Abdulaziz University, Jeddah, KSA Abstract: Mobile agent technology is an attractive alternative to traditional network computing models. It is suitable to many different types of distributed systems’ applications. The main obstacle for the widespread deployment of the mobile agent technology is the security issue, in particular the problem of protecting a mobile agent from malicious hosts that may completely block the agent or modify its accumulated data. The present work aims to introduce a solution for this problem based on identifying and skipping malicious blocking hosts within the mobile agent’s itinerary. The solution is extended without using expensive cryptographic techniques to ensure the integrity of the accumulated data when the agent eventually returns home. The proposed solution is simulated to examine feasibility, correctness and scalability of the developed protocol. A prototype is built and tested to investigate practical aspects of the solution. Key words: Mobile agents Malicious host problem Blocking platforms Distributed systems safety Security. INTRODUCTION For instance, in the first threat category the Mobile agent technology introduces the concept of host systems from malicious mobile agents. Sharma et al code mobility that allows efficient use of valuable network [18] provide a good survey and comparison between bandwidth in distributed environments. In its simplest alternative techniques to counter this problem. These form, a relatively small piece of software migrates to one include the code signing technique, sandboxing and proof or more remote heterogeneous host systems, executes on coding. Microsoft Corporation [11] provides a good local data at the host system and eventually returns back introduction to code signing. Sandboxing is discussed by with the obtained results to the home host. This scenario Gong [4]. A good review of code signing and sandboxing is typical in many distributed applications where data from is given in Alfalayleh and Brankovic [2] and Ahmadi- different host systems may be needed to perform certain Brooghani [1]. Loureiro et al [9] and Necula and Lee [12] tasks. In fact, moving a mobile code between hosts to are good references for the proof coding technique. perform a certain task consumes very little network On the other hand, a more severe and challenging bandwidth compared to the traditional paradigm which issue is the “Platform-to-Agent” problem identified in the involves moving bulky chunks of data between hosts to second threat category. This problem considers the perform the same task. protection of mobile agents from malicious host systems. The main obstacle for the widespread deployment of A malicious agent platform may ignore agent service mobile agent technologies is the security issue. A requests, introduce unacceptable delays for critical tasks, classical NIST report [6] about mobile agent security simply not execute the agent's code, or even terminate the identifies four threat categories: threats stemming from an agent without notification [6]. agent attacking an agent platform, an agent platform In essence, the mobile agent comprises three attacking an agent, an agent attacking another agent on components, namely: code, data and execution state. As the agent platform and other entities attacking the agent a mobile agent moves from host to host accumulating system. partial results, it is vulnerable to malicious manipulation “Agent-to-Platform” problem focuses on the protection of