Secure Migration of Mobile Agent Using AES &

Secret Sharing Approach

A Thesis Submitted
In Partial Fulfillment of the Requirements
for the Degree of

MASTER OF TECHNOLOGY
in
Computer Science and Engineering
by
UTTAM UPADHYAY
(1709110504)

Under the Supervision of

Mr. Pradeep Kumar
&
Mrs. Deepti Aggarwal
JSS Academy of Technical Education, Noida

to the

FACULTY OF COMPUTER SCIENCE & ENGINEERING

DR. APJ ABDUL KALAM TECHNICAL UNIVERSITY

LUCKNOW
(Formerly Uttar Pradesh Technical University, Lucknow)

June, 2019
 DECLARATION

I hereby declare that the work presented in this report entitled “SECURE

MIGRATION OF MOBILE AGENT USING AES AND SECRET SHARING

APPROACH”, was carried out by me. I have not submitted the matter embodied in

this report for the award of any other degree or diploma of any other University or

Institute.

I have given due credit to the original authors/sources for all the words, ideas,

diagrams, graphics, computer programs, experiments, results, that are not my original

contribution. I have used quotation marks to identify verbatim sentences and given

credit to the original authors/sources.

I affirm that no portion of my work is plagiarized, and the experiments and results

reported in the report are not manipulated. In the event of a complaint of plagiarism

and the manipulation of the experiments and results, I shall be fully responsible and

answerable

Name: Uttam Upadhyay

Roll No: 1709110504
Branch: Computer Science and Engineering

ii
 CERTIFICATE

Certified that UTTAM UPADHYAY (1709110504)

has carried out the research work presented in this thesis entitled
“Secure Migration of Mobile Agent using AES and Secret
Sharing Approach” for the award of Master of Technology
from Dr. APJ Abdul Kalam Technical University, Lucknow
under my supervision. The thesis embodies results of original
work, and studies are carried out by the student himself and the
contents of the thesis do not form the basis for the award of any
other degree to the candidate or to anybody else from this or any
other University/Institution.

(Mr. Pradeep Kumar) (Mrs. Deepti Aggarwal)

(Assistant Professor) (Assistant Professor)

(Department of CSE, (Department of CSE,

JSS Academy of Technical Education, JSS Academy of Technical Education,
Noida) Noida)

Date: Date:

iii
SECURE MIGRATION OF MOBILE AGENT USING AES & SECRET
SHARING APPROACH
UTTAM UPADHYAY

ABSTRACT

A free portable agent is an executing program that can move from machine to machine
in a heterogeneous framework under its own one of a kind control. An operator can
either seek after a pre-doled out route on the framework or choose its motivation reliant
on the data accumulated from the framework. Offices for exceptionally special
improvement of code and data engage a program to take favored position of the locale
of data. It furthermore empowers one to progress between the necessities of low
information move limit, high inertness and withdrew orchestrate affiliations.

This computing model which exploits code, information and state versatility raises
numerous new security issues, which are very unique in relation to regular
customer/server frameworks. Agent servers which give an execution domain to the
operators to execute can be assaulted by pernicious operators. Essentially agents could
be conveying touchy data about their proprietors and ought to be shielded from altering
by pernicious hosts. Likewise, the information gathered by the agents from one host
ought to be shielded from altering by another host in the schedule.

In this report, I examine the various security issues that arise in mobile agents in
general with special reference to data collection agents. In this thesis we use AES
(Advanced Encryption Standard) and Shamir‟s secret sharing approach to provide the
security of mobile agents during the migration process. Advanced encryption standard
(AES) algorithmic rule is one on the foremost common and wide parallel block cipher
algorithmic rule employed in worldwide. This algorithmic rule has Associate in
Nursing own specific structure to encipher and decode sensitive knowledge and is
applied in hardware and code everywhere the planet. It’s very tough to hackers to urge
the real knowledge once encrypting by AES algorithmic rule. Until date isn't any proof
to creak this algorithmic rule. Second approach which we use for providing security to
mobile agent is Shamir‟s secret sharing; this technique is used for hiding a secret which
is needed in many situations. One possibly ought to hide a password, an encryption
Key, a secret formula, and etc. data is secured with encryption, however the
requirement to secure the secret key used for such encryption is important too.
Consider, we tend to cypher our necessary files with one secret key and if that secret
key is lost then all the necessary files are going to be inaccessible. Thus, secure and
economical key management mechanisms are needed. One of them is secret sharing
theme (SSS) that enables to separate the key into many shares which is able to get
distributed to any or all the participants. the key are often recovered once these parties
collaborate in some way. This survey paper can study these schemes and make a case
for the requirement for the key sharing and their security.

iv
 ACKNOWLEDGEMENTS

The Thesis has proved to be a very helpful and versatile platform to increase my knowledge
and empower me with a better understanding of concepts in the real world scenario. My work
completed successfully. Thanks to the supportive staff and friends.

However, I wish to make special mention of the following. First of all I am thankful to my
thesis supervisor Mr. Pradeep Kumar, Assistant Professor, Department of Computer
Science and Engineering, JSS Academy of Technical Education, Noida under whose
guidelines I completed my dissertation. I am wholeheartedly thankful to him for giving me
his valuable time, attention & for providing me a systematic way for completing my
dissertation in time.

I would also like to thank my Co-supervisor Mrs. Deepti Aggarwal, Assistant Professor,
Department of Computer Science and Engineering, JSS Academy of Technical Education,
Noida for encouraging and inspiring me to carry out the project.

I would also like to thank my M. Tech thesis coordinator Ms. Sonali Mathur for providing
the important information regarding the thesis work.

I also do not want to miss the opportunity to acknowledge the contribution of all faculty
members of the department for their kind assistance and cooperation during the development
of the project, in general, for extending a helping hand at every juncture of need.

Finally, I would like to thank my classmates for productive discussions and their help.

UTTAM UPADHYAY

v
 TABLE OF CONTENTS
.
Page No.
Declaration ii
Certificate iii
Abstract iv
Acknowledgment vi
Table of content vii
List of Tables x
List of Figure xi
List of Abbreviations x

CHAPTER 1: INTRODUCTION 1-16

.1.1 OVERVIEW 1

1.2 INTRODUCTION TO MOBILE AGENTS 2

1.3 SECRET SHARING 12

1.4 OUTLINE OF THE THESIS 15

CHAPTER 2: LITERATURE REVIEW 17-28

2.1 INTRODUCTION 17

2.2 REVIEW OF SOME RELATED WORK ON VARIOUS 20

APPROACHES OF MOBILE AGENT SECURITY

2.3 COMPARATIVE ANALYSIS OF DIFFERENT METHODS 27

DISCUSSED
2.4 SUMMARY 28

CHAPTER 3: PROBLEM DEFINITION 29-30

3.1 INTRODUCTION 29

3.2 PROBLEM STATEMENT 30

CHAPTER 4: PROPOSED WORK 31-33

4.1 INTRODUCTION 31

4.2 BACKGROUND DETAILS 31

vi
 4.3 USED TECHNOLOGY 31

CHAPTER 5: RESEARCH METHODOLOGY 34-46

5.1 INTRODUCTION 34

5.2 RESEARCH METHODOLOGY 34

5.3 SECURITY PROTOCOL IMPLEMENTATION 35

5.4 DATA ENCRYPTION AND DECRYPTION 38

5.5 SHAMIR’S SECRET SHARING SCHEME 44

5.6 PROPOSED SECURITY PROTOCOL 44

5.7 SUMMARY 45

CHAPTER 6: SOFTWARE AND HARDWARE REQUIREMENT 47-48

6.1 INTRODUCTION 47

6.2 SOFTWARE REQUIREMENT 47

6.3 HARDWARE REQUIREMENT 48

CHAPTER 7: ANALYSIS OF MODEL 49-55

7.1 INTRODUCTION 49

7.2 ENCRYPTION 49

7.3 DECRYPTION 52

7.4 SHAMIR’S SECRET SHARING SCHEME 54

CHAPTER 8: SNAPSHOTS 56-63

CHAPTER 9: CONCLUSION 64

CHAPTER 10: FUTURE DIRECTIONS 65

REFERENCES 67

LIST OF PUBLICATIONS 68

Curriculum Vitae 69

UTTAM UPADHYAY
Enrollment No: 1709110504

vii
 LIST OF TABLES

Table 2.1 Tool Kits and Their Features 18

Table 2.2 Comparative Analysis of Different Methods Discussed 27
Table 7.1 Encoding Time of AES for Various File Sizes 51
Table 7.2 Decoding Time of AES for Various File Sizes 53

viii
 LIST OF FIGURES

Fig. 1.1 Mobile Agent Communication 2

Fig. 1.2 Mobile Agent Architecture 4
Fig. 1.3 Life Cycle of Mobile Agent 8
Fig. 1.4 Comparison of Client Server And Agent Based Model 10
Fig. 1.5 Shamir’s Secret Sharing Scheme 14
Fig. 2.1 Mobile Agent Based Execution of Tasks 21
Fig. 2.2 A Detailed Conceptual View of The Mobile Trust Architecture 22
Fig. 2.3 Secure Mobile Agent System Architecture 23
Fig. 2.4 Basic Petri net Model 27
Fig. 4.1 JADE Architecture 32
Fig. 5.1 Secure Agent Communication 35
Fig. 5.2 Agent Class Transfer 38
Fig. 5.3 AES Algorithm 39
Fig. 5.4 4x4 Array of 16 bytes 40
Fig. 5.5 Round Key Generation 41
Fig. 5.6 General Structure of Encryption 42
Fig. 5.7 General Structure of Decryption 44
Fig. 5.8 Processing Architecture of Mobile Agent 45
Fig. 7.1 Encryption Program 49
Fig. 7.2 Encryption Sender Side 50
Fig. 7.3 Encryption Time for AES 52
Fig. 7.4 Decryption on Receiver Side 53
Fig. 7.5 Decryption Time for AES 54
Fig. 7.6 Shamir’s Secret Sharing Program 55
Fig. 8.1 A Snapshot of Runtime Code 56
Fig. 8.2 A Snapshot of Encryption Phase 57
Fig. 8.3 A Snapshot of Decryption Phase 58
Fig. 8.4 A Snapshot of Home Page 59
Fig. 8.5 A Snapshot of User Login Page 60
Fig. 8.6 A Snapshot of Available Options For User After Login 61
Fig. 8.7 A Snapshot of Authorized Party Home Page 62
Fig. 8.8 A Snapshot of Secret Key Sharing Page 63

ix
 List of Abbreviations

MA Mobile Agent
WANET Wireless Ad-hoc Network
WSN Wireless Sensor Network
DoS Denial of Service
OSI Open System Infrastructure
AES Advance Encryption Standard
ASDK Agent Software Development Kit
JADE Java Agent Development Environment
SSL Secure Socket Layer
EEOS Extend Elementary Object System
ERC Extend Root Canal
AMS Agent Management System
ACC Agent Communicational Channel
JVM Java Virtual Machine
SSSS Shamir’s Secret Sharing Scheme

x
 CHAPTER 1
INTRODUCTION
1.1 OVERVIEW
Consistently, PCs have created from enormous strong contraptions with by no
memory to client server conditions that license eccentric and moved kinds of scattered
preparing. From remote work entry terminals to Java applets, from attractive tapes to
passed on databases, distinctive compelled sorts of code and data flexibility have reliably
existed. Versatile Agent is a progressing figuring perspective which empowers all out
conveys ability of working together applications to supporting stages to outline a vaguely
coupled dispersed structure.

A portable operator can be thought of as a product program, which can go starting

with one spot then onto the next. The agent enacts the course by passing a "go" direction
that uses the objective name or email as a contention. The following guidance in the
Agent's program is executed in the goal machine. Accordingly, a portable specialist isn't
bound to the structure where it begins execution. It has the novel capacity to move itself
starting with one structure in a plan then onto the next. The capacity to explore enables a
convenient official to move to a structure containing the archive the client needs to
interface with, and after that use being in an equivalent host or plan as the article. There are
different kinds of portability in convenient code. Solid versatility is the capacity of a
portable code framework to permit the code and execution status of an execution unit to be
moved to an alternate domain of calculation. What's more, powerless versatility is the limit
of a compact code plan to empower code moves crosswise over unmistakable PC settings.
The product may include some introduction data, yet no usage condition is passed.

Mobile Agents have numerous points of interest. They can move from solicitation
Agents to organizations Agents through the system continuously, so Agents require low
transmission limit and can use these advantages sufficiently. Therefore, Agents have less
subject to data transmission in the entire Agents framework. Portable Agents needn't bother

1
with a brought together booking. Adaptable Agents which made by customers can execute
from host to have non concurrently. They will send back the result to the customers in the
wake of completing the endeavor. To complete a task, customers can make a couple of
Agents running on a couple of hosts. These Agents can execute the undertaking in parallel.
Other than those characters referenced above, versatile Agents moreover have the
characters of development self-administering and shrewd steering.

1.2 INTRODUCTION TO MOBILE AGENTS

Mobile Agents are programming modules that move from stage to stage with its
own information and code. In the wake of coming to goal, the undertakings are executed in
the manner they are intended to be. Mobile Agents speak with one another when they move
inside the environment on a similar system. An agent platform incorporate the
administrations, for example, the ability for a specialist to bring forth or make new
specialists, end any produced specialists, clone itself, find different operators at stage or at
another stage, move itself on another stage and send messages to different agents. Fig. 1.1
represents the communication between agents.

Fig. 1.1 Mobile Agent Communication, [36]

The platform of Mobile agents goes about as appropriated middleware. Along these
lines, stages have the duty of sending, accepting, shaping, executing, crushing and
exchanging mobile agents. There are various models that clarify the arrangement of agents.

2
In my work, I will utilize a basic methodology for security reason. It will incorporate
Agents, and Agent's Platform. We accepted specialists as an accumulation of program,
control data and certainties which is conveyed amid execution on hosts they visit or dwell.
For specialist stages, we have expected that it is the condition where the agents live and
execute. The phase where operators are instated is known as the home stage. This is the
most trustful and relentless stage. Mobile agents give us the benefit of making conveyed
applications. These applications bring about defeating system idleness, decrease of system
load, separated activities and quicker collaboration. As Mobile agents move starting with
one stage then onto the next for their execution, they are helpful if there should arise an
occurrence of utilizations that recover data from disseminated conditions. A few people
utilize Mobile agents to handle with their dull and tedious employments.

Data Communication is also an appropriate application in case of mobile agents. In

e- commerce this technology can be used to automate different stages that require a lot of
time during the procedure of buying and selling. Mobile agents are customized and
autonomous as compared to other "traditional" software‟s. Mobile agents can find products
asked by user across every provider because of its ability to migrate within the network.
While migrating, the exchange of information between mobile agent and the vendor in local
way. Also, the exchange of information is not over network. Therefore they reduce
overload and latencies in network. These special features of Mobile agents are helpful in
optimization of selling and buying skills. This will also upgrade online communication.

1.2.1Mobile Agent Architecture

Versatile Agents have transformed into a promising advancement in structure, use

and upkeep of Distributed Computing Systems, as they can wander out structure one center
point to another nearby their inside state. Versatile Agents are fit for performing activities
which need a lot of arrangement. These days, Mobile Agents are comprehensively used in
number of employments in perspective on their insight. Versatile operators are modules of
programming contain information itself and ready to move independently starting with one
host then onto the next to perform assignments and naturally return to the host where they
were introduced. Fig. 1.2 speaks to the essential engineering of Mobile Agent System.

3
 Application Application

Mobile Agent Mobile Agent

Agent Platform Agent Platform

OS OS

Communication
Framework

Fig. 1.2 Mobile Agent Architecture

1.2.2 Diagnostic of Mobile Agents

Characteristics of Mobile Agents are as follows:

Self-governing: Mobile agents ought to have the option to act as indicated by their
condition. They should have fundamental management ability, i.e. where to go, when to go
and what to do. They should be prepared to monitor their state and information.

4
Proxy: once in a while mobile agents go about as another person for specific advantage.

Portability: It is the most significant key element of mobile agent. Mobile agent ought to
have the option to hold it starting with one stage then the next stage in a dynamic system.

Knowledgeable: Mobile agents are fit for taking choice due to regress learning.

Aggressive: Mobile agents should be willing to react to the network and should therefore
be goal-oriented.

Disconnected application: portable agents should have the capacity to work without
system connection.

Coordinated: Mobile agents should be prepared to synchronize with separate officers to

meet a mutual goal.

Research: Mobile agents ought to be able to amass learning. It is useful if a decision event
should occur. In mobile agents’ innovation, the information is dealt with locally Instead of
exchanging Information over system. Thus they reduce network traffic which is significant
for immense volume of information progressively frameworks.

1.2.3 Application of Mobile Agents

In this section, I give a couple of uses of versatile operators and show how they
offer a beneficial and gainful framework for arranging circulated applications.

Almost everything that should be conceivable using versatile operators should

similarly be conceivable using the conventional customer/server programming model.
Basically, there is no 'killer application' for versatile operators. Regardless, advertisers of
the versatile operator’s perspective, look at portable specialists as a development that can
deal with a lot of issues in a uniform and successful manner rather than as an advancement
that engages new things that weren't possible in some other way. The three key spaces
where specialists can be put to use are delineated in this segment:

5
Information Intensive Operations:

Versatile Agents can be effectively used when a customer with explicit needs to use
a great deal of data arranged at a remote site. For example, a customer should need to check
the occasions of the word, 'Hindu', in all of the postings of soc.culture.indian newsgroup.
This need is unquestionable and it is doubtful that any specialist co-op will have a moment
application thus. Moreover, trading all of the postings of the particular newsgroup, to the
area site may not be valuable. In this circumstance, a specialist changed for the specific task
can be passed on. Significant hold assets in exchange speed can be cultivated with by no
application support from the server.

Detached Operations:

Portable specialists are particularly useful when backing for isolated exercises is
required. Mechanical assemblies like cellphones and PDAs could be related with the
system through remote associations. They can release a specialist altered to finish a
particular endeavor into the framework and disengage themselves from the framework. The
operator can complete its task freely and believe that the contraption will interface again to
pass on the results.

Effective Distribution of Software:

An affiliation may have numerous PCs or PDAs which ought to be orchestrated with
another adjustment of programming. A portable specialist can be sent with the arrangement
reason to all of these contraptions. No novel assistance (then again, actually of a specialist
execution condition) is required on these devices. Another likelihood is to have these
contraptions send specialists that trust that entrancing events will happen at the remote
server. For example, a specialist can be sent to prompt a customer through his cellphone at
whatever point there is a monetary trade crash.

1.2.4 Life Cycle of Mobile Agent

There are set of occasions that a mobile agent can have amid its lifetime which
finishes the mobile agent model. Basic occasions of mobile agent are as Follows:

6
Creation: formation of an agent legitimately Corresponds to an item's constructor.
Occasion handler is in charge of introducing the condition of operator. Further the occasion
handler will likewise set up the agent for more directions that will go do.

Deletion: Deletion of an agent is Similar to the article's decimation. Every assets which are
being utilized by agent ought to be sans set by the occasion handler amid this occasion.

Convey: Conveying the agent implies Sending sign to get ready for leaving present area
and heading off to a most recent one. This occasion can be instated by whatever other agent
who needs that agent to move structure that area or agent itself can likewise start expressly
by a move demand.

Arrival: Here the relocated agent sends signals that it has landed at new area effectively
and execution of obligations has been begun.

Communication: Correspondence fundamentally implies between agent associations. In

this occasion, warnings of dealing with approaching messages are sent from different
agents.

Fig. 1.3 represents the life cycle of mobile agents.

7
 Active
Creating Running

Te
nd

rm
s pe

in
Su

at
e
Deleting
Terminate
Suspend

Resume
Dispatch

Resuming

Fig. 1.3 Life Cycle of Mobile Agent

1.2.5. Security Concern in Mobile Agents

If there should arise an occurrence of incredible development of compact operators, all its
code, data and condition are exposed to the convenient specialist stage where it moves for
application usage Because of this versatile errant, the wellbeing perils are increasingly
genuine. Following are doable vindictive stage assaults:

Changing the Code of the Mobile Agent: Since a visitor framework needs to peruse the
code of the compact specialist, this pernicious framework can peruse and recall bearings
that will be performed dependent on that comprehension to gather the rest of the program.
Thusly, the stage knows the versatile specialist's methodology and reason. On the off
chance that versatile gadgets are delivered from regular development obstructs, the
pernicious framework comprehends a full picture of the compact specialist's direct, finding
the physical location and being set up to access its code stockpiling to change its code

8
either quickly or through infection presentation. It might even immediately change code,
perform it, and in conclusion restart beginning code before leaving the versatile operator.

Change the data of the Mobile Agent: There are many sensitive information such as
safety buttons, digital cash, and personal safety numbers that trigger information leakage or
loss of money. If the malicious device receives to understand the initial place of the
information, it can alter the information according to the chip. The above tasks could have
severe consequences. Even if data is not sensitive, malicious platform can attack and leak to
someone on normal data such as traveling person data.

Denial of Services: This assault leads the portable officer to lose some decent opportunities
if the officer can finish their implementation on that platform in moment and move to some
other platform. DoS allows the portable officer transfer not to be performed and locations it
with gaps in the waiting list.

Modify a mobile agent's interaction with other parties: Here, malignant framework
spies on the correspondence of a versatile official with different sides, for example, other
official or different frameworks. This adds to the expulsion of classified information from
portable specialists and outsiders. It can even exchange the connection substance and
uncover itself as a feature of association, guiding the collaboration to another surprising
outsider. It would thus be able to complete assaults on versatile operators just as outsiders.

1.2.6 Comparing Client Server Model with Mobile Agent Based Communication

The communication in Client server and Mobile agent based environment is shown below
fig 1.4:

9
 Computer 2
Computer 1

Communication
Server Program
Client Program

Network

Agent Migration
Computer 2
Computer 1

Agent Based Client

Agent Based Client Server Program
Program
Program

Network

Fig. 1.4 Comparison of Client Server and Agent Based Model

Client Server Model: A customer server model is an environment in which a machine or

system gives demands to another in a network. The requesting computer or process is
called a client here, and the computer it requested is called the server. The server basically
serves the clients ' requests on their behalf. There are some methods for achieving client-
server communication such as RPC (Remote Procedure Call), Message Passing, and REV
(Remote Evaluation). The procedures are called in RPC by the client's procedure call. The
caller is called the client and the caller is called the severe. The procedure will be executed
on side of the server and the output of the procedure will be sent as a response. Methods are
downloaded directly from the server for the client in remote evaluation. In the architecture
of the client server, network-based communication is classified as two processes running
over multiple processors, i.e. front end and back end. Front end and back end work together
by interacting with each other to complete various applications as a single task. For many
applications, the client server model has not proven to be good. Some of the client-server
model's drawbacks are as follows:

1. On the server runs a large portion of the application. The client will therefore use
resources on an ongoing basis. This may lead to a resource congestion condition.

10
2. Due to the lack of compatibility of development tools, composite methods are needed for
back-end and front-end procedures.

3. Some operating systems on the network are not very scalable. So there's a scalability
shortage.

4. There is total server dependence to satisfy the request. The client cannot fulfill his
request when the server goes down.

Agent Based Model: Mobile Agent Technology is introducing a new communication

method where agents migrate with their code and data from one node to another. It has also
overcome the client server model's limitations. The procedures are called in RPC by the
client's procedure call. The caller is called the client and the caller is called the severe. The
procedure will be executed on the side of server and the output of the procedure will be sent
as a response. Methods are downloaded directly from the server for the client in remote
evaluation. Mobile agents, and also, carry the code and execution status with themselves
and thus overcome the disadvantages of other approaches mentioned above. Mobile agent
reduces network bandwidth, requires low power requirements, and mobile unit support,
providing low latency interaction.

Benefits of Mobile Agents are as follows:

Less bandwidth: Mobile agents do not require a large bandwidth because bandwidth is
only required when the agent migrates from one location to another.

Support dynamic environment: In Java, mobile agents are being developed. Java is
independent from the platform due to its byte code. That means it is network- and
computer-independent as byte code can run on any system installed with JVM.

Easier Development: Mobile agents are essentially distributed by nature, so building a

distributed system is relatively easy.

Efficiency: Mobile agents require less network resource because movement is from
computing to data rather than computing data. It therefore increases efficiency.

11
Fault Compassion and Robustness: The officers can respond dynamically depending on
the scenario. As a consequence, it boosts tolerance of faults in extremely complicated
distributed structures.

Support Data Communication: Mobile agents can also be used in e-marketing.

1.2.7 Allocation of Security Threats

Dangers in versatile programming plans can be generally ordered as: dangers from a
specialist assaulting an operator stage, an operator stage assaulting an official, and an
operator assaulting another specialist on the specialist stage. Different components and
results of these dangers are tended to in detail in the accompanying parts.

1.2.8 Platform-to-agent

This classification speaks to the threat class in which hosts are trading off the
specialists. Disguising, forswearing of administration, listening in, and change are among
the dangers. These assaults are the hardest to distinguish and avert as the host has full
authority over the code and information of the specialists.

1.2.9 Agent-to-platform

This class reflects the number of risks that officials take benefit of the safety faults
of an officer system or perform assaults on an agent platform. Executing programs from
possibly untrusted sources often needs an agent platform.

1.2.10 Agent-to-Agent

This classification speaks to the arrangement of assaults where specialists exploit different
operators ' security shortcomings or dispatch assaults on different specialists. These dangers
additionally incorporate disguising, administration forswearing, unapproved access and
revocation.

1.3 SECRET SHARING

Envision that you were given the assignment of discovering the normal
compensation of a room brimming with profoundly fruitful individuals from N. The

12
apparent way to do this is to summarize all the employees ' wages and average the room's
complete amount of people. The issue is that since these statistics are extremely secret and
delicate, none of the people want their monthly earnings to be disclosed.

This is a pragmatic answer. This new worth is to be passed on to Person B, who will
at that point add possess pay to Person's another worth. Presently, Person B doesn't have
even an inkling how much the pay of Person An is on the grounds that the individual
doesn't have the foggiest idea what irregular number [α] Person A has picked.

The procedure proceeds until the last individual in the room, Person N, gets the new
incentive from the second-to-keep going individual, Person N - 1. Individual N continues
adding to his or her pay, and the last worth, say[ β], is then passed back to individual A. At
this stage, individual A just needs to deduct[ α] from[ β] (on the grounds that solitary the
person knows what[ α] is), and normal this sub-aggregate over the quantity of individuals in
the room, N. Along these lines, it is conceivable to acquire the normal compensation in the
room with no individual revealing their pay.

In this occurrence, the estimation of [ α ] is basic as it gives a door to social affair

data from various sources without uncovering any undesirable data that should generally
stay mystery. For instance, if an individual in the room other than Person A knew the
estimation of [ a ], at that point the person could discover Person A's pay by essentially
giving the data to Person B and having Person B play out the number-crunching.

Consider another example of secret sharing. It takes three keys to open a bank vault
in a highly secured bank. Key holders have already been designated as two of the top
hierarchy of the bank. But strict financial regulations state that, for fear of corruption, no
one should be in full possession of the three keys. It would be the logical partition to split
the keys between these two staff. This is a conundrum, as both need equal authority over
the safeguarding of the vault of the bank.

Adi Shamir and George Blakley designed the procedure of sharing privileged insights (or
part insider facts) in 1979. In this proposal, Shamir's Secret Sharing Scheme is
fundamentally examined as one of the most outstanding and prevailing mystery sharing
plans.

13
1.3.1 Shamir’s Secret Sharing Procedure

Shamir's Secret Sharing Approach includes the general portion of stocks to different
respondents where every part has an unmistakable offer a few or the majority of the parts
are required to redo the mystery. Since reconstructing the secret by gathering all the
participants may be impractical, this formulates the threshold scheme where there are
sufficient k parts to remake the secret. Also known as the {k, n} limit system. If k= n, all
participants are required to disclose the secret.

The secret S is commonly part into n parts of information S1,S2, ... ,Sn, so that

• k or more Si stocks are sufficient to unite the secret.

• k - 1 or less Si shares are not sufficient to determine the secret (other than trying
out all options).

Fig. 1.5 represents the Shamir’s secret sharing scheme.

S1

S2
Secret S Secret S

S3

Sn

ion
tr uct
Divis ns
ion co
Re

Fig. 1.5 Shamir’s Secret Sharing Scheme

14
1.3.2 Brink Secret Sharing

Under this framework, the message M is part into M1 parts, M2 parts, M3 parts, Mn parts,
with or without change of the message, so for a given k, (2 sections k),

1. Knowing any k or a greater amount of Mi's parts makes M processable.

2. Information of any k-1 or less Mi parts leaves M totally unsure (as in the entirety of its
potential qualities are similarly plausible).

A (k, n)- limit plan is considered such a plan. The limit worth is known as the parameter k-
n.
There may be situations in which all participants are unable to present concurrently,
in such conditions it is essential to bring together a defined amount of respondents to reveal
secrecy.

1.4 OUTLINE OF THE THESIS

The primary problem of our thesis is to ensure secure communication and information
transfer using mobile agents. This can be achieved by stopping malicious access to data
conducted by the officer. The goal to be accomplished is to follow:

 Providing communication using mobile agent technology.

 Securing information using ciphering technique such as AES.
 Securing the key with Shamir’s secret sharing Approach.
 Comparing the used Ciphering techniques.

The total report is sorted out in five unique sections.

Chapter 1: Introduction

This segment gives brief presentation about the territory and issue definition, the area
likewise incorporates the inspiration and commitment of the thesis.

Chapter 2: Literature Review

In this section a foundation subtleties and information of the exploration territory is being
advertised. To start with, it outlines the ongoing exploration thinks about on portable
specialist security and surveys some related past work.

15
Chapter 3: Methodology

So in my work I used Advanced Encryption Standard (AES) for encrypting and decrypting
the information and for securing the key we used shamir’s secret sharing scheme. This
approach provides better security to the mobile agent system as well as migration of mobile
agent.

Chapter 4: Results and Discussion

In the main area of the part, the dataset is portrayed. At that point the parameters that are
utilized for the outcome assessment are talked about. After that the current and proposed
approach are thought about based on certain parameters. This investigation is appeared by
the table. The outcome demonstrates that the proposed work has higher Security lastly the
depictions of the GUI execution are exhibited.

Chapter 5: Conclusion and Future Directions

In this thesis, the primary concern is security of versatile specialist during Migration
Process. Security is the most significant worry for any classified or mystery message.
Propelled Encryption is a system which is utilized for encryption and unscrambling of the
data or information and Shamir's Secret sharing plan is utilized for separating the mystery
key into n number of keys.

16
 CHAPTER 2
LITERATURE REVIEW

2.1 INTRODUCTION

Portable specialist innovation has given a few dispersed applications major changes
over customary ways to deal with correspondence, for example, RPC, REV, and so on.
Security is the best issue that darkenes the profitable side of the portable operator
framework. As fast as the versatile operator moves from the home stage, he leaves control
of his proprietor, enabling him to assault (meddler, arrange sniffer, and execution).

2.1.1 Available Development Tools for Mobile Agent

1. IBM- Aglet Software Development Kit (ASDK)

One of the settings to create JAVA-based mobile agents is the IBM-Aglet or Aglet
Software Development Kit. These toolkits are open source freely accessible ; the recent
Aglet 2.5 alpha version. Good graphical user interface is given for the growth of agents. It
consists primarily of two Aglet Workbench and Aglet Building Environment (ABE)
packages.

2. Voyager

An Object Space agent development tool called Voyager, developed in mid-1996.

Voyager is one of Object Space's commercial products that Recursion Software Inc. has
acquired since 2001.

3. Springs

The SPRINGS agent development toolkit is developed by DISG, Distributed

Information Systems Group at Zaragoza University in Spain, concentrating on scalability
and reliability. Also, SPRING proposes a hierarchical regional infrastructure. The standard

17
FIPA, a major drawback of SPRINGS, does not support agent communication. There are
also no sophisticated mechanisms for security. This platform does not provide user-based
graphics tools, but is still easy to use.

4. Grasshopper

Grasshopper's application of MASIF assistance is a comparatively new platform for

the growth of mobile agents. This application is a telecommunications-based application. In
the 1990s, IKV++ developed Grasshopper. The Grasshopper MA framework comprises of
various areas. It provides an interface for graphical users to manage agents and their
regions. Developers benefit from dynamic proxies because of the regions.

5. JADE

For multi-operator applications for distributed correspondence design, Researchers

created JADE (Java Agent Development Framework). It is a totally structured and executed
programming system in Java language. Improvement of multi-specialist frameworks has
been cultivated using a middleware that meets the most recent Smart Physical Agents
Foundation (FIPA) 2000 determinations. A lot of graphical instruments are given to help
the production of operator investigating and arrangement stages. A detailed comparison of
available development tool kit for mobile agent is discussed in below Table 2.1:

Table 2.1 Tool Kits and Their Features

MA Platform Aglets Voyager JADE Grasshopper SPRINGS

Features
Security Partial Partial and Strong Partial Partial
security Secured
channel
Model Events Procedural Traditional, Procedural Procedural
Procedural
Communication Synchronous All Only Synchronous Only
technique and methods Synchronous and Asynchronous
Asynchrony Asynchrony

18
Elements Contexts Servers Places Places Agencies
Agents(aglets) Agents Regions
Agents
Regions
(RNSs)-
Tahiti-Agents
Habitats
Platforms
Plugins
Mobility Aglet transfer Java Dynamic Dynamic Mobility
protocol object proxies Proxies through
series (mobility is (region Transfer
location server) control
wise) protocol
GUI Based Some No GUI GUI is there No GUI Some GUI
tools
Organization IBM Tokyo Object IKV++ Distributed Tromoso and
research space Information Cornell
Systems University
Group
Operating JDK 1.1.x on UNIX, Windows Linux Unix,Win95,
system used Win32, OS/ 2 Linux NT/ 9x, Win NT,
Warp Version Windows Solaris PDA systems
3 and 4, AIX Should run
4.x, Solaris on all
for SPARC. platforms
supporting
JDK 1.1
Programming JAVA 1.1 JAVA 1.1 JAVA 1.1 JAVA 1.1,1.2 C, Perl, Unix,
Languages used Tcl scripting
language

19
Proxy Yes Yes Yes Yes Yes
Synchronous Yes Yes Yes Yes Yes
communication
Movement by No No No Yes Yes
Name
Level of Very low High None High Very low
activity

2.2 REVIEW OF SOME RELATED WORK ON VARIOUS APPROACHES OF

MOBILE AGENT SECURITY

During the past years security of mobile agent is the major topic of research in the field
of information security. Just of which many new methodologies are available for securing
the migration of mobile agents. The chapter outlined below offers a short overview of
different mobile agent migration safety methods.

M.Uddin et. al. [21] proposed a multi-layer versatile operator based system consented to
do numerous cloud tasks by both customer and cloud administration providers. Portable
specialists are utilized to direct obligations for the benefit of clients on virtual PCs in cloud
data focuses. Customers and cloud specialist organizations confirm and check these
portable operators to concur on explicit wellbeing related guidelines to do all exercises to
make a confided in stage. This procedure enables the two substances to assemble trust and
trust between themselves in the productive utilization of cloud administrations.

A Mobile Agent (MA) is a bit of programming used to configuration, actualize and

keep up data and administrations in enormous adaptable systems. They are utilized to deal
with the procedure that created them nonconcurrently and self-sufficiently for their ability.
One of the essential highlights of versatile specialists is their ability to build increasingly
vigorous and issue tolerant frameworks and empower people to delegate occupation to
them. . Fig 2.1 represents the execution task of the mobile agents.

20
 CLIENTS

MOBILE AGENTS

TASK MANAGER

MOBILE AGENT PLATFORM

VIRTUAL MACHINE

PHYSICAL MACHINE

Fig. 2.1 Mobile Agent Based Execution of Tasks, [21]

L.Benachenhou [5] Proposed Protocol ensuring versatile operators for electronic business
applications from pernicious hosts attacks. By running his clone on confided in servers
related to the execution of the portable specialist, he utilized the reference execution
thought. This convention secures a portable specialist against alterations in code, execution
stream, data, and course. Moreover, these assaults square measure recognized about
continuously, the vindictive has square measure known and in this way the convention
proceeds to straightforwardly execute them to the client.

Creator's convention utilizes the reference execution thought to guarantee that a

versatile operator is shielded from malignant stage ambushes for internet business
applications. To do this, related to the execution of the shopping operator, its clone is
performed on a confided in server to check its correct execution.

Protocol Security Protocol can detect and analyze the effectiveness of previously presented
attacks to identify malicious platforms.

 Masquerade
 Denial of service
 Eavesdropping

21
  Alteration

Ching Lin [20] displayed another method which alludes to as trust improved security, and
applies it to versatile operator based framework. This crisp strategy advances a change from
security-driven choices to trust-driven ones. This expands the conventional security
systems by permitting trust choices by expressly determining and overseeing trust
connections identified with security. Incorporating trust choices into the way toward
settling on security choices prompts expanded security execution in our trust. A formal
model of certainty is proposed and incorporated into the formation of another Mobile Trust
the executives design for portable specialist based applications and careful handy
investigations are done to survey and approve the rising attributes of the trust-upgraded
security strategy.

Fig 2.2 represents detailed conceptual view of the mobile trust architecture.

Security Trust Enhanced Trust

Management Security for Management
Mobile Agent

Agent Codifying
Authentication
Protection Trust

A Collecting
Authorization E Trust
+

Integrity Deriving Trust

B C
Presenting
Confidentiality Host Trust
Protection

Non-
repudiation F Trust Decision

+ D
Auditing

Security to
Trust
Feedback

J Feedback K

Fig. 2.2 A Detailed Conceptual View of the Mobile Trust Architecture, [20]

L.Ma et. al. [22] proposed an all-encompassing rudimentary item framework that is a P/T
system and article direction coupling. The procedure of the Reference Clone advances
feeble portability. Just as giving secure correspondence, the EEOS advances ground-
breaking versatility. Portable Agent and Execution Platform confirm the exchanges or
techniques. It likewise incorporates a way to deal with distinguish noxious assaults on
Execution Platform. This model must include greater security components which would

22
best fit into the nonexclusive model. Creator has built up a formal versatile operator
nonexclusive secure model. This model backings solid versatility as well as a portable
specialist's protected portability. Shared verification between a versatile operator and his
facilitating stage is accomplished in this model. In the meantime, all through the execution
of versatile operators, a police security framework works noxious stage assaults on portable
specialist code or execution stream. Displaying, recreating and breaking down a safe
portable specialist framework utilizing a naturally graphical formal strategy.

S.Venkatesan et al. [32] proposed an eXtended Root Canal Algorithm to help check the
trustworthiness of code and distinguish versatile specialist vindictiveness. An extended
adaptation of the Root Canal Algorithm (RC Algorithm) is the ERC Algorithm. The RC
Algorithm was utilized to check the trustworthiness of code of Mobile Agent. This strategy
has a low time multifaceted nature when contrasted with other contender procedures, for
example, Code on Demand and SeMoA. Pernicious Identification Policy (MIP)
significantly helps in ID of malevolent activities.The ERC calculation is time-complex and
space-complex effective. It additionally shields the Mobile Agent from all assaults other
than the replay assaults.

.P.Marikkannu et al. [23] actualized the Dual Check-Point Analysis system that locations
an explicitly piggybacking unidentified assault in which the noxious operator joins to the
portable specialist to assault either the versatile operator or the execution stage. It
safeguards an Authentication Table to confirm Mobile Agent's code trustworthiness and
legitimacy. The system is named Dual Check-Point Analysis since it checks the portable
operator as far as Digital Signature Verification at external entryway and as far as Size
confirmation too at inward door. This method gives a decent answer for the piggybacking
assaults. The proposed architecture to overcome the tailgating attack is shown in Fig. 2.3

Fragmentation
Fragmentation Defragmentation
Defragmentation

Authentication
Authentication
Check
Check Passage
Passage

Agent
Agent Generator
Generator
Authentication
Authentication Table
Table

Mobile Agent
Authentication Information Agent Entry

Agent Registration

Fig. 2.3 Secure Mobile Agent System Architecture

23
S.Venkatesan et al. [33] executed the Mobile Agent model dependent on the Artificial
Immune System. The Protection Platform gives a spotless grouping of the division of
obligations and clones for managing remote specialists. It improves the framework's
processing abilities. In this methodology, the obligations are unmistakably partitioned;
hence assurance is given by just those operators who are equipped for recognizing
pernicious movement. This strategy drastically diminishes the expense of figuring. The
recommended model will give partition of obligations and clones so as to acquire
computational viability for the simultaneous treatment of different remote operators. The
test discoveries and the trial results demonstrated this recommended model would devour
less time contrasted with the present structures. It will identify the pernicious specialist by
separating and joining the examples with the malignant models accessible and can likewise
perceive the new noxious examples by following the application procedure.

Algorithm

Arrival of foreign Mobile Agent;

Begin

1: Trigger Killer Agent to scan the agent to detect malicious;

Killer Agent begins

2: For all patterns in malicious knowledge base

3: If (malicious knowledge base pattern == foreign agent pattern)

4: Kill the agent and exit;

5: End If

6: End For

Killer Agent ends

Pattern Extractor begins

7: Extract all the patterns and send to Malicious Detector;

Pattern Extractor ends

Malicious Detector begins

24
8: Compare all the extracted patterns with the patterns with pattern knowledge base;

9: If (extracted patterns remain without match)

10: Consider that patterns as unknown patterns;

11: Forward the agent to execute in isolated environment [1];

12: If (malicious occurs during the execution of the foreign agent)

13: Killer agent will be triggered to kill the agent;

14: Unknown patterns will be moved to the malicious knowledge base and exit;

15: Else

16: Unknown patterns will be moved to the aglet functional pattern knowledge base and
exit;

17: End if

18: Else

19: Allow the agent to execute in the Genuine Agent execution environment;

20: End if

Malicious Detector Ends

End

G. Geetha et al. [15] presented the Trust and Reputation Management structure for plotted
truncation assaults. The essential security spotlight is on the course pursued by the Mobile
Agent. A steering table with a notoriety based and trust-based safe way has been expected
for the Mobile Agent course. Moreover, cryptographic calculations were utilized to ensure
the portable operator's security. Mama data security, trust and notoriety the board (TRM) is
acquainted all together with give a sheltered course to free-meandering. TRM uses a trust-
based steering table that has a trust and notoriety esteem. Secure steering averts different
sorts of assaults, particularly conspired truncation assaults. To guarantee properties, for
example, privacy, respectability, and so forth., cryptographic calculations are utilized. In
this way, the free-meandering MA gathers data safely and effectively from different remote
hosts.

25
Y.F.T.L.Chen et al. [9] presented the Hierarchical Key Management Scheme to lessen the
unpredictability of key administration by a Mobile Agent, since versatile operator has the
heap of being moved from framework to framework. They have utilized Elliptic Curve
Cryptography to expand the security. In this manner it helps the presentation of versatile
operator on the grounds that the overhead of transmitting the key is diminished. The keys
naturally get changed by time. This is exceptionally basic in light of the fact that at some
other minute a Mobile Agent who approaches a particular asset might not approach that
asset. Thusly, specialists can get to assets just when they are allowed to get to. This
methodology is resistive to turn around assault, outer aggregate assault, conspiracy assault
and date modification assault.

S.Srivastava et al. [31] proposed Self-Reliant Mobile Code, a joint effort of different
classification, uprightness and self-security strategies. An unconstrained symmetric key
calculation dependent on Petri net was formalized by the creators. One of the key parts is
safely dispersed and another key segment is determined at runtime or at execution time
from the information gathered. The crucial development squares of our convention depend
on a secrecy and self-assurance technique dependent on wellbeing driven by the operator.
During its usage, the general idea driving self-assurance is to make portable specialist less
intuitive. We are building up a new thought for the segment portion of symmetric key to
achieve specialist driven security, whereby a principle component is securely conveyed and
other significant components are gotten from guaranteeing the honesty of data assembled at
runtime.

Petri net with EEOS: Petri net procedure is presently developed enough to show
frameworks in a wide locale of programming building since formalism is regularly used to
demonstrate disseminated and concurrent framework. Because of the nonattendance of
compositionality attributes in Petri systems, in most recent years object-arranged
innovation has been joined with Petri organizes as compositionality is the primary intensity
of this innovation. Fig.2.4 speaks to the essential petri net model.

26
 Input Output

Place Pi Place Pj

Tokens
Place

Transition

Arc

Fig. 2.4 Basic Petri net model, [32]

2.3 COMPARATIVE ANALYSIS OF DIFFERENT METHODS

DISCUSSED
A Comparative examination of various strategies utilized for verifying the mobile agent
framework as well as agent platform is given in Table 2.5.

Table 2.2 Comparative Analysis of Different Methods Discussed

Method Used Violation Security Observations

Identified/Avoided Access

Dependable Pirated Entry SSL Key Exchange - Guarantees

Relationship Using Method Security and
Mobile Agent [21] confidentiality of
Client Data.
Reference DoS, Pirated Entry, Reference of Agent - Can't ensure
Simulation[5] Conversion is kept under a condition of
dependable Server portable operator.
- Supports feeble
Mobility.

Mobile Trust[20] Pirated Entry, Cryptanalysis - Compelling

Repudiation Structure such as approach
DES , RSA etc. utilized in
Aglets too.
Formal Pirated Entry EEOS Access -Active
Modeling[22] Flexibility
-Need extra

27
 clarification.
Malicious Pirated Entry, ERC Algorithm, -Small Time and
Availability and masquerading, MIP Capacity Intricacy
Code Test alteration
Test[33]
Dual Audit Point Attend Electronic Signature - Great answer for
[23] Piggybacking
Attacks.
AIF[33] Pirated Entry, Arrangement - Definitely
Masquerading Matching decreases
computational
expense
Faith and Character Character, Classic - Successful system
Administration[15] Adjustment and Cryptographic for plotted
Overhearing System: RSA. truncation assaults.
Stratified key Adjustment and ECC - Resisting
Administration [9] Overhearing reversal attacks,
Collective
external attacks,
attacks on
collusion and
attacks on data
alteration.
Surrogate Signature Pirated Entry Trip Executer - Successful if
aggrement[37] and just if the
Execution
Platform isn't
undermined

2.4 SUMMARY
We came across through literature survey about many limitation and security
issues that make information carried by mobile agent unsecure. Many researchers
have used RSA for ciphering the mobile agent’s data. Although AES has considered
being a fast algorithm, but it is not been used in agent based environments. In our
dissertation work we will prevent our data from malicious access by using AES and
RSA, and finally we will compare their performance.

28
 CHAPTER 3
PROBLEM DEFINITION
3.1 INTRODUCTION
Portable Agent could be a sensibly program that moves type one host to an alternate
during a dispersed system versatile specialist has a few favors over existing disseminated
strategies like asset usage, diminished system traffic and so forth.

Software Mobile Agent

Programming operators are a crisp worldview for development of programming

applications. Likewise, specialist based figuring was commended as the "following real
leap forward in programming development" and the "crisp transformation in
programming." In a few sub-fields of innovation and registering, operators are by and by
the subject of extreme concern. Operators are utilized in a more extensive range of
applications, from similarly small frameworks like email channels to enormous, open,
convoluted, mission-basic frameworks like airport regulation.

A product specialist is a program that helps people and follows up for their benefit from
the end-client see. Specialists work by empowering them to delegate employment to
individuals. It is a property shared by all authorities that they live in some setting. They
have the ability to impart and follow up on their execution setting no concurrently and self-
sufficiently. Nobody is expected to give information to the operator or eat any of its yields.
The specialist demonstrations just to accomplish his own objectives on a proceeding with
premise.

From System Perspective, A product specialist is a product object that

 is arranged inside an execution domain

 possesses the accompanying obligatory properties:
a. Reactive: faculties changes in the earth and acts likewise to those changes.

29
 b. Autonomous: has command over its own behavior.
c. Goal driven: is ace dynamic.
d. Temporally continuous: is consistently executing.
 and may have any of the accompanying symmetrical properties:
a) Communicative: have the option to speak with different operators.
b) Mobile: can make a trip starting with one host then onto the next.
c) Learning: adjusts as per past experience.
d) Believable: seems convincing to the end-client.

3.2 PROBLEM STATEMENT

Research is fundamentally founded on the way to give portability in correspondence

handle today. In the event that we attempt to execute versatility, at that point we need
changes in the current framework in both equipment and programming. Another model,
portable operator based correspondence framework, is created to tackle the product issues,
yet this framework still has a few issues.

There are numerous issues in systems like low transfer speed, slow information rate
and data are not protected attributable to open flag in the versatile specialist based
correspondence plot. Any operator can move their preparing to the host in pernicious host
issue and the client can not keep the host to defend it from malevolent availability. A
straightforward model how malevolent host can influence any program, for example, a hunt
operator has been conveyed to discover the contact number of any individual. An operator
stores some underlying data that is required during the handling, for example, name of the
individual and it is to be conveyed to discover the contact number of that individual. The
official should visit every hub and inquiry their database for that result. A vindictive host
may meddle by deleting the majority of the specialist's accumulated information or by
giving an off base sum. There are additionally some different issues with the specialist
based correspondence plot, for example, malevolent operator, which likewise stances issues
in the correspondence plan arranged on versatile specialists. In a similar way as versatile
host, malevolent specialist can impact the framework and it is likewise a kind of infection
that can crash the portable host.

30
 CHAPTER 4

PROPOSED WORK

4.1 INTRODUCTION

Developing agents and their broad use needs excellent infrastructure underlying
them. Literature study shows scarcity of instruments for agent growth in original years of
studies that restricted the use of this useful technology. However, a good sort of tools
square measure obtainable to make robust infrastructure.

4.2 BACKGROUND DETAILS

Versatile specialist is the mix of innovation for programming operators and

innovation for dispersed figuring. Portable operators contrast from Remote Procedure Call
(RPC), for example since portable operators can change starting with one host then onto the
next and travel based on their own necessities and choices. Portable operators are not
normal for the basic procedure movement, in light of the fact that the basic procedure
relocation framework can not choose where to go and when to pass without anyone else's
input. Notwithstanding, versatile operators can relocate to anyplace whenever. Portable
operators are particular from Java Applets, as applets can venture out from server to
customer just a single way, though versatile specialists can travel bidirectionally among
customer and server.

4.3 USED TECHNOLOGY

4.3.1 JADE (JAVA Agent Development Environment)

JAVA Agent Development Environment (JADE) is a very easy middleware for

multi-agent development. It involves a class library to be used by programmers to create
agent, a runtime environment in which the jade agent lives, and a collection of graphical

31
tools to monitor and manage the running agent's activity. Now and then specialists
incorporate calculations of man-made reasoning to make them more brilliant. JADE is a
consistent dependent on FIPA. Specialists are made and put away in a compartment store.
Operators have source and host delivers to enable them to relocate from host to have.
Specialists have metadata cradle to store. They additionally have a one of a kind character
to separate between all specialists. It depicts the stage with three noteworthy offices. It
comprises of AMS, DF (Directory Facilitator) and ACC (Agent Communication Channel).
At the point when the specialist stage is started, all these three operators are naturally
enacted. DF and AMS are responsible for managing the agent. Fig 4.1 represents the JADE
architecture.

Software

Agent

Agent Platform

Agent
Directory
Management ACC
Facilitator
System

Internal Platform Message Transport

Fig. 4.1 JADE Architecture, [4]

JADE provide us with the following features:

 The ADE Agent Platform incorporates the Agent Management System (AMS), the
DF (Directory Facilitator) and the ACC (Agent Communication Channel). Toward
the start-up of the specialist stage, all these three operators are naturally enacted. DF
and AMS are in charge of dealing with the specialist.
 It is a disseminated operator stage that can be isolated into different hosts. For a
solitary Java application, a solitary Java Virtual Machine is performed on each host.
Specialists are actualized as one Java string and Java occasions are utilized on a
similar host to impart adequately and lightweightly between operators. In a
progressively viable JVM correlation, JADE is arranging these assignments for
strings.

32
  In order to execute multi-domain apps, variety of DFs (Directory Facilitator) will be
begun at runtime.

4.3.2 JDBC (Java Database Connectivity)

The JDBC API might be a Java API on the server feature acclimated produce a
Java-database correspondence. You can execute SQL articulations in the java program
utilizing the JDBC API client, recover the discoveries gained and alter data sources to
refresh the database.

In Java JDBC, the item class Driver Manager is utilized to interface the application
to the JDBC driver. The Driver Manager is extremely little in size and simple to work and
furnishes these three programming exercises with its significant capacity in the JDBC
engineering.

33
 CHAPTER 5

RESEARCH METHODOLOGY

5.1 INTRODUCTION

This section gives a diagram of proposed structure “Secure Migration of Mobile

Agent using AES and Shamir’s Secret Sharing”. Security of mobile agent got improved by
using advanced encryption standard during the migration process of mobile agent mobile
agent from one host to another. The personal key is split into elements and sent to the
approved parties for the verification phase by victimization the shamir's secret sharing
system. In cryptography, secret sharing relates to any technique by that a secret is
distributed among a bunch of respondents, each allocating a part of the key. The secret can
only be rebuilt when the shares are mixed; individual shares are ineffective on their own.
The primary reason for using the AES technique is that AES has the greatest capacity to
safeguard delicate information from attackers and is not permitted to break the information
for encryption compared to other suggested algorithms. AES was one of the calculations
designated by NIST since it tends to be utilized in an expansive range of applications and
has a high computational adequacy.

5.2 RESEARCH METHODOLOGY

I have proposed a secure communication model for mobile agent data and
information transfer. In our dissertation work, we have provided security at transport layer.
This can be done by securing information of agent using encryption technique thus
preventing transport layer from malicious attacks. Fig. 5.1 represents the secure agent
communication-

34
 Cipher
Text

Agent

A
Encry AT Receiver
p eD
tion u
s cur
ing A
ES Se

Network

Cipher

Se
Text

cu
Server

re
D
A
TA
Plain Text
before
Encryption

Receiver

Fig. 5.1 Secure Agent Communication

5.3 SECURITY PROTOCOL IMPLEMENTATION

Many scientists have given distinct alternatives to safeguard the agent's data, as we
discussed in Chapter 2, but scientists are still worried about it. We have introduced security
protocol in our dissertation work to provide protection for mobile agents against various
threats / attacks. Mobile agent's migration property that helps agent move to different
remote locations makes this architecture of communication superior to others. Our study
work offers safety for mobile agents during communication or execution, thus focusing on
confidentiality. We have provided transport layer protection using AES Algorithm and For
Key Security we have used Shamir’s secret key Scheme.

35
5.3.1 Building an Agent and dumping

The spot of making of a portable specialist is known as a versatile host. On a similar

versatile host, there is another operator. This operator can trigger the creation procedure or
some other specialist plan can initiate it. By offering force and information to be prepared
by the new official, this procedure must be validated. The maker additionally gives
instatement contentions to the new specialist. Creation involves three steps:

1. Assignments of instantiation and identification

2. Login
3. Autonomous implementation

Dumping of an agent is takes two steps:

1. Ready for dumping: Before the mobile agent is disposed of, the agent gives the
opportunity to complete its current task.

2. Execution suspension: mobile agent is suspending implementation

5.3.2 Relocating an agent

In any versatile host, portable operator can move around and the versatile specialist
itself gives this moving guidance. The exchange procedure is performed by dispatch, move
operator from their present spot (beginning versatile host) and acquired by the specific spot.

5.3.3 Sending an agent

On the off chance that we need to move versatile operators starting with one area
then onto the next, at that point portable specialists should probably distinguish their
portable host goal. On the off chance that the goal of the portable host isn't characterized,
the goal operator will choose its keep running in the default area. Versatile specialist
framework offers information that operator needs to go to the area of the portable operator.
This message is transferred between the specialist and the operator framework through an
inner API. At the point when the operator framework gets the solicitation for an outing
from the specialist, the accompanying ought to be finished.

36
  Swing the agent
 Resister the agent
 Decrypt the registered agent
 Relocate the agent

5.3.4 Accepting an agent

Before acquiring any versatile operator, the static portable specialist decides if this
specialist is worthy. That is the reason the static versatile specialist needs the coming
operator validation. After that dynamic versatile specialist gives it is confirmed and on the
off chance that it is right, at that point the dynamic portable operator is executed so that the
accompanying advances occur.

 Getting the dynamic portable operator.

 Decrypt the dynamic mobile agent.
 Run the aggressive mobile agent.
 Resume task of aggressive mobile agent.

5.3.5 Transfer of class of agent

Without the presence of its class, the mobile agent can not resume execution in the
destination. Coming up next are the approaches to make the goal motor class accessible.

 Original Class: if the class is already at the location

 Disposal class
 Request Code

Fig 5.2 represents the class transfer for the mobile agent during the task execution.

37
 Server

Class Code

Origin Destination

Agent Agent

Class Code Class Code

Fig. 5.2 Agent Class Transfer

5.3.6 Conversation

Specialists can speak with different officials. These different specialists may dwell
in a similar spot or somewhere else. Informing specialists are either distributed or
communicated. In the distributed correspondence framework, just two hosts trade
information. Despite what might be expected, telecom is one of many informing
frameworks. The telecom framework is useful in multi-specialist frameworks. Three kinds
of correspondence plans pursue:

 Start Typing the Text or Information

 Messaging of the future Type
 Messaging from One Way

5.4 DATA ENCRYPTION AND DECRYPTION

Data encryption is performed using the AES algorithm. The data is in a text file
format. The data sent by an agent is secured by encrypting it and decrypting it using key by
the receiving agent. Below are the algorithms brief discussion and their work:

38
AES Algorithm

Encoding is a common method that plays a key role in defending information from
intruders. To provide the best security, AES algorithm uses a specific structure to encode
information. It depends on a number of rounds to do so and consists of four sub-processes
in each round. AES provides us with 16, 24, 32 bytes key length. We used the main
duration of 16 bytes. Fig 5.3 represents the general structure of the AES algorithm.

Plain Text

Round Keys(128 bits)

Pre-Round Cipher Key (128 bits)

K0
Round-1
Key
K1
Expansi
on
Round-2

K2

Round n

Kr

Cipher Text

Fig. 5.3 AES Algorithm

The process of encryption in AES uses derived key sets, called round keys.
Together with some other activities, these keys are introduced to the information set that
will be encrypted. This is called the state array. To encrypt a data block (128 bit) using
AES, the following steps were taken:

Step: 1 gotten the round keys from the primary figure key.

Step: 2 initialized the state array with plaintext.

Step: 3 Added the starting state array to the first round key.

39
Step: 4 performed nine rounds for manipulation of state.

Step: 5 performed the final and last round for manipulation of state.

Step: 6 copied the final state array out as the cipher text.

The tenth round is manipulated slightly differently from others. That's why they
differ from the tenth final round in the first nine rounds. Each round has its own round key,
obtained from the 128-bit encryption key that was originally used. There are four steps in
each round. One of the four round main steps conducts government array XORing.

AES Key Expansion

The AES Key expansion algorithmic program derives a spherical main of sixteen
bytes for every spherical. It’s no heritable from the encoding key of the main sixteen bytes.
Here's the logic; if you change 1 bit of encipher key, several rounds will create a difference
in round numbers. First of all, as shown below, the algorithm arranges the 16-byte
encryption key in a 4-volume array.

Fig. 5.4 4x4 Array of 16 bytes

Here the words [w0 to w3] are bitwise XOR’ed with the input block of data before the
round processing starts.
Fig 5.5 shows the round key generation for the AES algorithm.

40
 W0 W1 W2 W3 g

+ + + +

W4 W5 W6 W7 g

+ + + +

W8 W9 W10 W11

Fig. 5.5 Round Key Generation

On the receiver side, to decrypt the cipher text using AES 16 bit private key, all steps are
taken in reverse.

Any vendor agent wishing to communicate with the client agent will encrypt their
data. Therefore no other vendor could know the price mentioned by the other.
Consequently, no unauthenticated person could manipulate, delete or read the data. Use
private key to decrypt the information when the customer receives the price list of all the
vendors.

5.4.1 Encryption Process

In encryption mode, the initial keys added to the input value at the terribly starting,
that is termed an initial spherical. This is followed by nine iterations of a traditional
spherical and finishes with a finishing spherical rather altered. The following order is
conducted throughout one of the traditional activities: Sub Bytes, Shift Rows, Combine
Columns, and Add Round Key. The ultimate spherical may be a traditional spherical while
not the mix Columns stage. The first round process is depicted below in figure: 5.6

41
 Cipher Text Plain Text

Ko(128 bits)
ADD ROUND KEY

Sub Bytes

Shift Rows

Round 1
Mix Columns

K1(128 bits)
ADD ROUND KEY

Fig. 5.6 General Structure of Encryption

(i) Byte Substitution (SubBytes)

The first phase of each spherical begins with the conversion of SubBytes. This
phase is dependent on nonlinear S-box replacing a byte to a distinct byte within the state.
Consistent with diffusion and confusion Shannon’s principles for cryptographic algorithm
design its vital roles to get far more security. For instance in AES if we've got hexa 53
within the state, it has to exchange to hexa ED. ED created from the intersection of 5 and 3.
For remaining bytes of the state need to perform this operation.
(ii) Shift Rows
Every one of the four columns of the lattice is moved to one side. Any sections that
'tumble off' are re-embedded on the correct part of line. Move is administered as pursues

 Not shifting the 1st row.

 The 2nd row moves one position to the left.
 Two positions are moved to the left in the 3rd row.
 Three Positions are moved to the left in the 4th row.
 The result is a matrix substitute composed of sixteen byte equal but changed with
relevance.

42
(iii) Mix Column Transformation

A unique mathematical relationship is presently being reworked for each column of

4 bytes. This component requires the four bytes of 1 section as information and produces
four totally new bytes supplanting the first segment. Another crisp network of seventeen
new bytes is the outcome. It ought to be seen that in the last circular this progression isn't
led.

(iv) ADD Round Key

The sixteen bytes of the framework square measure by and by idea of to be 128 bits
and square measure XORed to the 128 bits of the circular key.If this is frequently the last
round, the figure content will be the yield. Something else, the subsequent 128 bits are
comprehended as sixteen bytes and that we start another comparable round.

5.4.2 Decoding Process

In decoding mode, the activities in encryption mode are in inverse order relative to
their order. Therefore it starts with associate degree initial spherical, followed by nine
iterations of an inverse traditional spherical and ends with an AddRoundKey. An inverse
traditional spherical consists of the subsequent operations during this order: AddRoundKey,
InvMixColumns, InvShiftRows, and InvSubBytes. an initial spherical is an inverse
traditional spherical while not the InvMixColumns. Figure: 5.7 represent the general
structure of Decryption-

43
 Plain Text

ADD ROUND KEY

Decryption Round
InvMix Coulmns

InvSub Bytes

InvShift Rows

ADD ROUND KEY

Cipher Text

Fig. 5.7 General Structure of Decryption

5.5 SHAMIR’S SECRET SHARING SCHEME

For verifying the key which are required for getting to the classified data we have
utilized shamir's mystery sharing approach.Secret sharing incorporates 2 principle segments
especially share development and mystery reproduction stage. Shamir's subject fills in as
pursues:

(A) Share Planning:

For share development, edge (k, n) and mystery esteem S is required. At that point
polynomial work of a request (k-1) is developed as appeared in condition.

In above equation, constant term d0 is replaced with secret value S. the opposite
coefficients like, d1, d2 , …, dk-1 are any random values. Secret shares are the pairs of
values (xi , yi ), where yi=f(xi ) for 1 ≤ i ≤ n and 0 < x1 < x2 . . < xn < n -1.

(B) Secret Replanning:

44
 During mystery re planning any k offers are gathered. At that point, mystery worth
is processed misuse Lagrange's interjection equation. Condition demonstrates the
Lagrange's insertion equation which supplies polynomial works.

∑ ( )

The steady term in condition f(x) is our unique mystery esteem. Condition can be
additionally rearranged as entire condition isn't required. Streamlined condition is appeared
in condition which legitimately gives consistent term for example mystery esteem S

∑ ( )

5.6 PROPOSED SECURITY PROTOCOL

Fig 5.6 represents the proposed processing architecture for the mobile agent.

Ciphertext
Plaintext Plaintext

Sender
Sender Encrypt Recipient
Recipient
Decrypt

Same key is used to

encrypt and decrypt
message

Shared Secret Key

Fig. 5.8 Processing Architecture of Mobile Agent

5.7 SUMMARY

This Chapter explains the proposed security design for verifying the portable
operator during the movement procedure. AES Approach is utilized for encoding and

45
Decrypting the data which is send by the client through the portable specialist and Shamir's
mystery sharing plan is utilized for verifying the private key which is required to get to the
data.

46
 CHAPTER 6

SOFTWARE AND HARDWARE REQUIREMENT

6.1 INTRODUCTION

The proposed method is used to build the SQLyog-11.3.3-0.x64 database platform

using NetBeans IDE 8.2 on the Intel core i5 processor CPU 1.8 GHz PC with 4 GB of
RAM. The findings are clarified by discovering all the appropriate data obtained by
estimating safety, effectiveness and overhead. The experimental results of present
techniques are presented in table form based exclusively on adjectives and proposed
method. At long last, the discoveries of the all tested framework will be talked about and
investigated.

6.2 SOFTWARE REQUIREMENT

Container Information

The essential tools for any Java developer, including a Java IDE, a CVS client, Git
client, XML Editor, Mylyn, Maven integration and WindowBuilder

This Package includes:

 Java EE 7, Java EE 6, and Java EE 5

 JavaFX 2.2.x and 8
 Java ME SDK 8.0
 Java Card 3 SDK
 WindowBuilder Core
 SQL Editor

47
 Installing NetBeans is relatively straightforward, it is suggested that you install Java
Development Kit (JDK) for Java programming first. Installer "NetBeans IDE" from
http:/netbeans.org/downloads/index.html after this downloads. A lot of "bundles" are
accessible. Select the first entry "Java SE" for beginners. Run the downloaded installer in
the final phase.

For Microsoft Windows and Linux:

1. Delete the installer working directory.

2. Delete the installation directories of the IDE and the GlassFish application server.

3. On the Windows platform, delete all nbi* registry entries from the following
registry Key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Un
install
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Unin
stall

6.3 HARDWARE REQUIREMENT

 Intel dual core processor CPU

 1.8 GHz PC
 4 GB of RAM

48
 CHAPTER 7

ANALYSIS OF MODEL

7.1 INTRODUCTION

In this section we compute the importance of the proposed methodology; the

outcomes are contrasted and the consequences of existing work. Mobile agent migrates
from one place to another in ad-hoc environment, which is prone to various threats. Thus,
information carried by agent is not secure. To provide security to information we are using
encryption technique.

7.2 ENCRYPTION

The data is encrypted before migrating by sender agent as shown below in fig 7.1 and 7.2:

Fig. 7.1 Encryption Program

49
 Fig. 7.2 Encryption Sender Side

Plain Text: hello uttam this side this is version 2. this is better version.

Cipher Text by AES: &n2SøJ„*ÀãYÆ

Here any malicious agent cannot read the file as it is in encrypted format. The agent
who knows the key can only decrypt the file. It thus improves the confidentiality of the
information of the sender. We've also overcome the danger of unlawful access and Middle
Attack Man.

Encryption Time of AES for Different File Sizes

Experimental results for AES algorithm is shown in below Table 7.1.

50
 Table 7.1: Encoding Time of AES for Various File Sizes

ENCRYPTION TIME
File Size AES (Seconds)
(Bytes)
10 0.63
20 0.44
30 0.39
40 1.14
50 0.37
60 0.42
70 0.38
80 0.08
90 0.46
100 0.34
110 1.16
120 0.55

The graph of encryption time taken by the algorithm for different file sizes is shown
below fig 7.3. We have observed that for any file size, AES takes less time for encryption.

51
 AES Encryption Algorithm

Fig. 7.3 Encryption Time for AES

7.3 DECRYPTION

On receiver side the data is decrypted by receiver agent using the decryption key.
The received data after decryption is shown in the output console. Decryption process of
received data is shown in below fig 7.4.

52
 Fig. 7.4 Decryption on Receiver Side
The data can be decrypted by those agents who have the key. The decryption is also
done by the AES algorithms.

Decryption Time of AES for Different File Sizes

Time taken by AES algorithm to decrypt the data for different file size is given in below
Table 7.2.

Table 7.2: Decoding Time of AES for Various File Sizes

Decryption Time

File Size (Bytes) AES (Seconds)

10 0.69
20 0.43
30 0.43
40 1.31
50 0.36

53
 60 1.13
70 0.41
80 0.41
90 0.75
100 0.38
110 0.62
120 0.45

The graph of AES on the basis of time taken to decrypt the files of different
sizes is shown below fig. 7.5:

AES Decryption Algorithm

Fig. 7.5 Decryption Time for AES

7.4 SHAMIR’S SECRET SHARING METHOD

Shamir's Java implementation involves two programs. The first will generate a
Swing form marked with JTextFields which will accept a key, the n and t limit values, and
the p prime number which will define the working module of the program. The program
will then produce a polynomial function of m-1 degree s(x) with random coefficients where

54
the constant term is the secret key. This can be done with the simple random integers
function and the coefficients can be stored in an array. Fig. 7.6 shows the working process
of shamir’s secret sharing scheme.

Fig. 7.6 Shamir’s Secret Sharing Program

We found that communication securing is better than securing platform or agent or
both because it is independent of all of them. Communication will avoid variety of assaults
like eavesdropping, unlawful access, modification, sniffing, and Man within the Middle
Attack. AES is really fast, but it suffers from key exchange security risks. This means that
key exchange should be very secure so no attacker can guess or steal the key. If the key is
secured sufficiently, then it is better to use AES.

55
 CHAPTER 8

SNAPSHOTS

In this chapter the previews of GUI are introduced which gives the consequence of
entire procedure just as abridges the usage part of the proposed methodology.

The snapshots of GUI in stepwise manner are shown below:

Fig. 8.1 shows the runtime code for my implemented program

Fig. 8.1 A Snapshot of Runtime Code

56
Fig. 8.2 Shows the Encryption Process of the data.

Fig. 8.2 A Snapshot of Encryption Phase

57
Fig. 8.3 Shows the Decryption process for the received data or information.

Fig. 8.3 A Snapshot of Decryption Phase

58
Fig. 8.4 shows the Home Page of the application.

Fig. 8.4 A Snapshot of Home Page

59
Fig. 8.5 shows the credential page for the user or client.

Fig. 8.5 A Snapshot of User Login Page

60
Fig. 8.6 shows the options available for the user after successful login.

Fig. 8.6 A Snapshot of Available Options For User After Login

61
Fig. 8.7 shows the options availble for the authorized party after successful login.

Fig. 8.7 A Snapshot of Authorized Party Home Page

62
Fig. 8.8 shows the Secret Key Sharing for verification of the sent data or information.

Fig. 8.8 A Snapshot of Secret Key Sharing Page

63
 CHAPTER 9

CONCLUSIONS

In this dissertation, I concern the security issues of mobile agent system during its
migration process. I proposed the Mobile Agent-based Communication Security
Architecture Framework and halfway execution of the framework. The plan is extremely
broad, making it simple to coordinate into other portable specialist frameworks.
Progressively about our attention is on an application-layer security for specialist based
correspondence to end validation and classification of information between versatile
operators. To verify versatile operators, we recommended a two-way verification
convention. This arrangement can be executed in aglet (Java-based innovation) without
changing the fundamental conventions and correspondence framework for versatile
specialists. The key research findings are as follows:

 Comparison of Client Server and Mobile Agent based communication models.

 Proposed a Mobile Agent based secure communication model.
 Provide security to the information using AES algorithm.

Using AES enhanced the security of mobile agent and reduce the complexity of the
platform. AES provides better encryption and decryption of data than any other algorithm
does. By using shamir’s secret sharing plan security of private key enhanced and loss of
data prevented in a better way. AES is relatively fast, it can done both operation encryption
as well as decryption.

64
 CHAPTER 10

FUTURE DIRECTIONS

The security architecture we have made with regard to programming, i.e. code
writing, is still partial in its implementation. It is a result of the way that portable specialist
security is excessively thorough and too enormous to be in any way finished in the theory
of an ace. Since our proposal work is related with security calculations, it is commonly
founded on the pertinence of the date of the present framework, so it might be
fundamentally reliant on the date. To underline and attempt to finish this advanced
undertaking just as limit the date reliance would be the test of right now. This is beginning
to implement security on the transportation layer data of agents. Although the work is a
start-up of mobile agent-based communication that we provided in this thesis, we planned
to expand the work for multi-agent-based communication and multi-platform
communication. We also planned to work on detecting intrusion in agent-based
environments.

65
 REFERENCES

[1] A.Ghaffari. "Vulnerability and Security of Mobile Ad Hoc Networks.” Proceedings of the 6th
WSEAS International Conference on Simulation, Modeling and Optimization, (2006): pp. 124-
129
[2] A. Shamir. “How to Share a Secret.” communications of ACM, vol.22, no. 11(1979): pp. 612-
613.
[3] P. Ahuja and V. Sharma. “A Review on Mobile Agent Security.” International Journal of
Recent Technology and Engineering, vol. 1, no. 2(2012): pp. 83-88.
[4] F. Bellifemine, G. Caire, A. Poggi and G. Rimasa. “JADE: A White Paper.” Available:
http://exp.telecomitalialab.com, vol. 3, no. 3(2003)
[5] L. Benachenhou and S. Pierre. “Protection of mobile agent with a reference clone.” Computer
Communications, vol. 29(2006): pp. 268-278.
[6] B. Bhatia, M.K. Soni and P. Tomar. “Vulnerability Analysis of Mobile Agent Praxis in Mobile.”
International Journal of Computer Applications, vol. 163, no. 7(2017): pp. 58-65.
[7] Bing Wu, J. Chen Jie Wu and M. Cardei. “A survey of Attacks and Countermeasures in Mobile
Ad Hoc Networks.” Wireless Network Security, Springer US (2007): pp. 103-135.
[8] D. Camacho, R. Aler, C. Castro and J. M. Molina. “Performance Evaluation of Zeus, Jade and
Skelton Agent Frameworks.” IEEE SMC, vol. 2(2002): pp. 210-216.
[9] Y.F.T.L. Chen. “An efficient date-constraint hierarchical key management scheme for mobile
agents.” An International Journal of Expert Systems with Applications, vol. 37, no. 12(2010):
pp. 7721-7728.
[10] C. Chowdhury and S. Neogy. “Securing Mobile Agent in MANET Against Attacks using
Trust.” International Journal of Network Security & its Application, vol. 3, no. 6(2011): pp.
259-274.
[11] Dr. T. M. Ahmed. “Increasing Mobile Agent Performance.” Journal of Object Technology,
vol.6, no. 4(2007): pp. 125-140.
[12] N. Garg and R.P. Mahapatra. “MANET Security Issues.” International Journal of Computer
Science and Network Security, vol. 9, no. 8(2009): pp. 241-246.
[13] C. Garrigues, S. Robels, J. Borrell and G. Navarro-Arribas. “Promoting the Development of
Secure Mobile Agent System.” Journal of System and Software, vol. 83, no. 6(2010): pp. 959-
971.
[14] C. Garrigues , N. Migas, W. J. Buchanan and S. Robles. “Protecting Mobile Agent from
External replay Attacks.” Journal of System and Software, vol. 82(2009): pp. 197-206.
[15] G. Geetha and C. Jayakumar. “Implementation of Trust and Reputation Management for Free-
Roaming Mobile Agent Security.” IEEE Systems Journal, vol. 9, no. 2(2015): pp. 556-566.
[16] D. Horvat, D. Cvetkovic, V. M. Milutinovic and P. Kocovic. “Mobile Agents and Java Mobile
Agent Toolkits.” In Proceeding of 33rd Hawaii IEEE International Conference on System
Sciences (HICSS), pp. 1-10. IEEE, 2000.
[17] G. Kastidou, E. Pitoura and G. Samaras. “A scalable hash-based mobile agent location
mechanism.” In 23rd International Conference on Distributed Computing Systems Workshops
Proceedings, pp. 472-477. IEEE, 2003.
[18] Katiyar. “Wireless sensor network System Powered by Sensor Security Using
Steganography.” proceeding of IEEE Transaction, Second International Conference on
Emerging Applications of Information Technology, pp. 288-291. IEEE, 2011.
[19] Lange and Oshima. “Mobile Agents with Java: The Aglet API.” World Wide Web, vol. 1, no.
3(1998): pp. 111-121.
[20] C. Lin and V. Varadharajan. “MobileTrust: a trust enhanced security architecture for mobile
agent systems.” International Journal of Information Security, vol. 9, no. 3(2010): pp. 153-
178.

66
[21] M.Uddin, J. Memon, R. Alsaqour, A. Shah and M.Z.A. Rozan. “Mobile Agent based multi-
layer security framework for cloud data centers.” Indian Journal of Science and Technology,
vol. 8, no. 12(2015): pp. 1-10.
[22] L. Ma and J.J.P. Tsai. “Formal Modeling and Analysis of a Secure Mobile-Agent System.”
IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, vol. 38,
no. 1(2008): pp. 180-196.
[23] P. Marikkannu, A. Jovin and T. Purusothaman. “A Secure Mobile Agent System against
Tailgating Attacks.” Journal of Computer Science, vol.7, no. 4(2011): pp. 488-492.
[24] Mudumbai, Srilekha S., Johnstone, William, Essari and Abdelilah. “Anchor Toolkit-A Secure
Mobile Agent System.” Lawrence Berkeley National Laboratory, june-2008.
[25] G. Naguyen, T.T. Dang, L. Hluchy, M. Laclavil, Z. Balogh and I. Budinska. “Agent Platform
Evaluation and Comparison.,” Institute of Informatics, Solvak Acadamy of Sciences, 2002.
[26] N. Borselius. “Mobile agent Security.” Electronics & Communication Engineering Journal,
vol. 14, no. 5(2002): pp. 211-218.
[27] R.Bindhu, “Mobile Agent Based Routing Protocol with Security for MANET.” International
Journal of Applied Engineering Research Dindigul, vol. 1, no. 1(2010): pp. 92-101.
[28] Reiser and Vogt. “Security requirements for management systems using mobile agents.” in
Proceeding of the Fifth IEEE Symposium on Computers and Communications. pp. 115-121,
IEEE, 2000.
[29] S.L. Shans, “Mobile Agent Protection with Self-Modifying Code.” Journal of Signal
Processing System, vol. 65, no. 1(2011): pp. 105-116.
[30] G. Samaras, M.D. Dikaiakos, C. Spyrou and A. Liverdos. “Mobile agent platforms for Web
databases: a qualitative and quantitative assessment.” In IEEE Proceedings First and Third
International Symposium on Agent Systems Applications, and Mobile Agents, pp. 50-64. IEEE,
2002.
[31] S. Srivastava and G.C. Nandi. “Self-reliant mobile code: a new direction of agent security.”
Journal of Network and Computer Applications, vol. 37(2014): pp. 62-75.
[32] S. Venkatesan, C. Chellappan and P. Dhavachelvan. “Advanced mobile agent security models
for code integrity and malicious availability check.” Journal of Network and Computer
Applications, vol.33, no. 6(2010): pp. 661-671.
[33] S. Venkatesan, R. Baskaran, C. Chellappan, A. Vaish and P. Dhavachelvan. “Artificial
Immune System based mobile agent platform protection.” Computer Standards and Interfaces,
vol. 35, no. 4(2013): pp. 365-373.
[34] S. Vitabile, V. Conti, C. Militello and F. Sorbello. “An Extended JADE-S Based Framework
for Developing Secure Multi-Agent Systems.” Computer Standards and Interfaces, vol.
31(2009): pp. 913-930.
[35] W.A.Jansen. "Mobile Agents Security." Journal of Computer applications, vol. 23, no.
17(2000): pp. 1667-1676.
[36] T. Wang, Sheng-Uei Guan and T.K. Chen. “Integrity Protection for Code-On-Demand mobile
agent in e-commerce.” The Journal of System and Software, vol. 60, no, 3(2002) pp. 211-221.
[37] X. Hong, “Efficient Threshold Proxy signature Protocol for Mobile Agent.” An International
Journal of Information Science, vol. 179, no. 24(2009): pp. 4243-4248.
[38] H. Yang, H. Luo, Fan Ye, S. Lu and L. Zhang. “Security in Mobile Ad Hoc Networks:
Challenges and solution.” IEEE Wireless Communications, vol. 11, no. 1(2004): pp. 38-47.
[39] Zakerolhosseini and Nikooghadam. “Secure Transmission of Mobile Agent in Dynamic
Distributed Environment.” Wireless Personal Communications, vol. 70, no. 2(2013): pp. 641-
656.
[40] Zhou and Haas. “Securing Ad Hoc Networks.” Special Issue on Network Security, vol. 13, no.
6(1999): pp. 24-30

67
 LIST OF PUBLICATION

1. U. Upadhyay, P. Kumar and D. Aggarwal. “Software Mobile Agent Migration: A

Review.” Journal of Emerging Technologies and Innovative Research, vol. 6, no.
4(2019): pp. 25-32.

2. U. Upadhyay, P. Kumar and D. Aggarwal. “Secure Migration of Mobile Agent using

AES and Secret Sharing Approach.” International Journal on Emerging Technologies (In
Progress)

68
 Curriculum Vitae

Uttam Upadhyay Tel: (+91) 9711368772

Department of CSE, E-mail: uttam.jssate@gmail.com
JSS Academy of Technical Education, Noida
Uttar Pradesh-201309

EDUCATION

 Pursuing M.Tech. In Computer Science and Engineering from JSS Academy of

Technical Education, Noida (U.P.), affiliated to Dr. A.P.J. Abdul Kalam Technical
University.
 B.Tech. in Computer Science and Engineering from College of Engineering and
Technology IILM Academy of Higher Learning, Greater Noida (U.P.), affiliated to
Dr. A.P.J. Abdul Kalam Technical University.

RESEARCH INTREST

 Investigations to improve security issues in wireless network as well as mobile

agents.

PUBLICATIONS

 Uttam Upadhyay, Pradeep Kumar and Deepti Aggarwal, “Software Mobile Agent
Migration: A Review”, Journal of Emerging Technologies and Innovative Research,
6(4), pp no. 25-32, 2019

TECHNICAL SKILLS

 Basic Knowledge of Programming Languages such as Core Java, C and HTML.

 Cloud Computing (Amazon Web Services)

LANGUAGES

 English: Proficient
 Hindi: Fluent

69