An approach called Intention Spreading is recently proposed to protect mobile agents from read attack. Read attack helps the malicious hosts to win over other hosts in a competitive environment by analyzing the content of the mobile agents without modification of the agents' static code or the dynamic state. Intention spreading protects a mobile agent from read attack by adding noisy code to spread its original intention. There are three main types for distribution of mobile agents: source code, intermediate code and compiled native binary code. The source code category suffers the direct read attack because this category is readily readable. The remaining categories suffer a certain degree of read attack after software reverse engineering. Besides, read attack could be rather obvious in some mobile agent systems in which the system calls are monitored for host security. In this paper, the vulnerabilities of programming languages under read attack, and the inherent undesirability of system monitoring by hosts are surveyed, in the perspective of agent security. Further techniques in intention spreading are mentioned to show its implementation varieties: both the intention spreading which occurs within a mobile agent and among several collaborating mobile agents are outlined. Intention spreading is generalized as a theme to 1) complement the classical cryptography and 2) install protection codes (weapons) to the mobile agents as a promising extension.
展开▼
