©2010 International Journal of Computer Applications (0975 - 8887) Volume 1 – No. 15 6 Security on Mobile Agent Based Crawler (SMABC) Nisha Pahal Y.M.C.A. Institute of Engineering, Faridabad Haryana (India) Sunil Kumar Lingayas University, Faridabad Haryana (India) Ashu Bhardwaj Y.M.C.A. Institute of Engineering, Faridabad Haryana (India) Naresh Chauhan Y.M.C.A. Institute of Engineering, Faridabad Haryana (India) Abstract Mobile agents are active objects that can autonomously migrate in a network to perform tasks on behalf of their owners. Current web crawler uses the concept of Mobile Agent to enhance their crawling speed. In mobile crawling, mobile agents are dispatched to remote web severs for local crawling and processing of web documents. After crawling a specific web server, they dispatch themselves either back at the search engine machine, or at the next web server for further crawling. It gives a complete distributed crawling strategy by utilizing the mobile agent’s technology but it suffers with the problem of security. In this paper, a security solution has been proposed, which protects both the mobile agent itself and the host resources that encrypt the data before passing it to mobile agent and decrypt it on the visited host sides. The method of “computing with encryption function” has been used. The proposed approach solves the problem of malicious host that can harm mobile agent or the information it contain. Keywords: Mobile Agents, crawler 1. INTRODUCTION Mobile agent [1], namely, is a type of software agent, with the feature of autonomy, social ability, learning, and most importantly, mobility. It is basically a composition of computer software and data, which is able to migrate (move) from one computer to another autonomously and continue its execution on the destination computer. It provides a new abstraction for deploying functionality over the existing Internet infrastructure. Agents [2], [3] are independent pieces of software capable of acting autonomously in response to input from their environment and may be either stationary, always resident at a single platform; or mobile, capable of moving among different platforms at different times. A mobile agent is a particular class of agent with the ability during execution to migrate from one host to another where it can resume its execution. Mobile agent technology therefore offers a new computing paradigm in which a program, in the form of a software agent, can suspend its execution on a host computer, transfer itself to another agent- enabled host on the network, and resume execution on the new host. Mobile agent based crawler is a program that can migrate from machine to machine in a heterogeneous network. It is an efficient, scalable solution to establishing a specialized search index in the highly distributed, decentralized and dynamic environment of the web. In this, mobile agents [7], [8] are dispatched to remote web severs for local crawling and processing of web documents and after crawling a specific web server, they return either back at the search engine machine, or at the next web server for further crawling. The crawlers [9] based on this approach are called as Mobile Crawlers. It gives a complete distributed crawling strategy by utilizing the mobile agent’s technology. The goals of Mobile Crawling [10] System are: - To minimize network utilization, To keep up with document changes by performing on- site monitoring, To avoid unnecessary overloading of the Web servers by employing time realization, To be upgradeable at run time. 2. RELATED WORK The Anchor Toolkit is a mobile agent system that provides for the secure transmission and management of mobile agents [11]. The toolkit protects the agents being dispatched between hosts through encrypted channels. A mobil e agent’s host platform is required to sign the agent's persistent state before dispatching the agent to the next platform. The signed persistent state can be used later to detect potential problems with the agent's state. State Appraisal [12] defines a security mechanism for protection of mobile agents. The goal of State Appraisal is to ensure that an agent has not been somehow subverted due to alterations of its state information. Both the author and owner of an agent produce appraisal functions that become part of an agent's code. Appraisal functions are used to determine what privileges to grant to an agent based both on conditional factors and whether the identified state invariants hold. An agent whose state violates an invariant can be granted no privileges, while an agent whose state fails to meet some conditional factors may be granted a restricted set of privileges. When the author and owner each digitally sign an agent, their respective appraisal functions are protected from undetectable modification. One way of looking at this in comparison with attribute certificates is that state appraisal conveys both the policy engine and the prescribed policy internal to the agent. An agent platform uses the functions