Vulnerability assessment through mobile agents

摘要

Vulnerability assessment is the process of measuring and prioritizing the risks associated with network- and host based systems to allow balance planning of technologies and activities that manage business risk. That is useful for adapting security policy, analysis of vulnerabilities, and creation of reports that effectively communicate security vulnerability discoveries and detailed corrective actions to all levels of an organization. While vulnerability assessment is not a new technology, mobile agents offer many advantages to the traditional implementations. The most significant contribution is the increased ability for system administrators to quickly and easily add distributed components to existing systems that can look for newly published vulnerabilities. This paper suggests the vulnerability assessment through mobile agents where both network and host-based technologies in coordinated fashion using mobile agents will provide the best vulnerability assessment for measuring an organization's security risks. The mobile agent targets the intended host or network, captures, analyzes, and scans all vulnerabilities and reports to the master agent/server for comprehensive analysis and security assessment, and the master agent will act accordingly. The paper also addresses advantages and issues regarding its implementation.