Int. J. Communications, Network and System Sciences, 2013, 6, 443-450 Published Online October 2013 (
Wireless Network Security: The Mobile Agent Approach
Olatunde Abiona1, Adeniran Oluwaranti2, Ayodeji Oluwatope2, Surura Bello2, Clement Onime3,
Mistura Sanni2, Lawrence Kehinde4
1Department of Computer Information Systems, Indiana University Northwest, Garry, USA
2Department of Computer Science and Engineering, Obafemi Awolowo University, Ile-Ife, Nigeria
3Information and Communication Technology Section, Abdus Salam International
Centre for Theoretical Physics, Trieste, Italy
4Department of Electrical and Electronic Engineering, Obafemi Awolowo University, Ile-Ife, Nigeria
Received August 12, 2013; revised September 14, 2013; accepted September 21, 2013
Copyright © 2013 Olatunde Abiona et al. This is an open access article distributed under the Creative Commons Attribution License,
which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
The broadcast nature of wireless network makes traditional link-layer attacks readily available to anyone within the
range of the network. User authentication is best safeguard against the risk of unauthorized access to the wireless net-
works. The present 802.1× authentication scheme has some flaws, making mutual authentication impossible and open to
man-in-the-middle attacks. These characteristics make traditional cryptographic mechanism provide weak security for
the wireless environment. We have proposed the use of mobile agents to provide dependable Internet services delivery
to users, this will guarantee secure authentication in wireless networks and we examine the feasibility of our solution
and propose a model for wireless network security.
Keywords: Wireless Network Security; Mobile Agent; Authentication
1. Introduction
Wireless networks has been experiencing an explosive
growth similar to the Internet, this is due largely to the
attractive flexibility enjoyed by both users and service
provider. Some of the benefits are: network coverage
without the cost of deploying and maintaining wires,
mobility support and roaming which grant the users
“anytime”, anywhere access to network. While the emer-
gence of these new techno logies can enable truly ubiqui-
tous Internet access, it also raises issues with the de-
pendability of the Internet service delivered to users. Ba-
sically Wireless Local Area Network (WLAN) can oper-
ate in two modes, the infrastructure based and th e ad hoc
networks. Many organizations are deploying the infra-
structure based wireless network to provide connectivity
to places difficult to reach by cabling, to complement the
existing wired networks. A lot of attention has been
given to the provision of these wireless network solutions,
but little attention has been given to the provision of
adequate security for the emerging wireless networks
making these networks prone to traditional link-layer
attacks readily available to anyone within the range of
the wireless network.
Wireless network security is more concentrated and
complex than security of wired networks because wire-
less is broadcast in nature, making it possible for anyone
within the range of a wireless device to intercept the
packets sent without interrupting the flow of data be-
tween the wireless device and the access point. User au-
thentication is the best safeguard against the risk of un-
authorized access to the wireless network. The security
features for mobile communication system include: con-
fidentiality on the air interface, anonymity of the user
and, most importantly, authentication of the user to the
system in order to prevent fraudulent use of the system
[1]. Wireless network security is different from wired
network security primarily because it gives potential at-
tackers easy transport medium access. This access sig-
nificantly increases the threat that any security architect-
ture must address. Unfortunately, the early IEEE 802.11
standards failed to account for it [2]. Hence the security
schemes in wired network can not be used directly in
wireless network.
A typical wireless infrastructure network consists of a
wireless device known as a stations (STAs) communi-
cating with a centralized stationary Access Point (AP)
opyright © 2013 SciRes. IJCNS
over a wireless channel. Security threats against the
wired network are equally applicable to the wireless net-
works, but the wireless networks suffer a number of ad-
ditional vulnerabilities that make it more challenging to
secure [3].
Open wireless medium: The security threats of mes-
sage eavesdropping and injection are universal in any
network; however, they are more severe in wireless
networks due to open wireless m e di um .
Limited bandwidth: Wireless networks are particu-
larly vulnerable to denial-of-service (DoS) attacks
and in-band signaling.
System Complexity: Wireless networks are far more
complex than the wired networks due to the special
needs for mobility support and efficient channel uti-
Mobile Agent (MA) is an effective paradigm for dis-
tributed applications and is particularly attractive in a
dynamic network environment involving partially con-
nected computing elements. MA is defined as a software
component which is either a thread or a code carrying its
execution state to perform the network function or an
application [4]. MA can act as a middleware and perform
network and other application related functions based on
the underlying infrastructure: fixed wired networks,
wireless cellular network or mobile ad hoc network [4].
MA paradigm is an emerging technology for developing
applications in open, distributed and heterogeneous en-
vironment like the Internet. Agents have the ability to
decide autonomously where to migrate to after they are
dispatched. MA technology offers several advantages in
many application areas, such as e-commerce, mobile
computing, network management and information re-
trieval [4]. MAs are designed to execute locally on data
at their destination, thus reducing network traffic and
latency. Furthermore, MA asynchronous interaction can
provide efficient solution in the case of unreliable and
low bandwidth connection, to support mobile users that
could disconnect while their agent still roam in the net-
work. However, security is a major technical obstacle to
wider acceptance and is of fundamental concern for mo-
bile agent based system [4]. We explore the possibilities
of using MAs for the provisioning of dependable Internet
services delivery that meets the user’s requirement in
terms of security, by providing secure authentication in
wireless networks.
The rest of the paper is organized as follows: Section 2
presents security challenges in wireless network. Sec-
tion 3 presents wireless network security approaches. In
Section 4, mobile agents and wireless network were dis-
cussed. In Section 5, mobile agents and security were dis-
cussed. In Section 6, mobile agent authen tication scheme
was discussed and the paper finally concluded in Section 7.
2. Security Challenges in Wireless Networks
Securing wireless networks posses unique challenges
compared to a wired network due to the open nature of
the access medium. In general, wireless networks suffer
from security threats of wired networks and additional
vulnerabilities making it more challenging to secure.
Wireless network security is different from wired net-
work security primarily because it gives potential attack-
ers easy transport medium access. Hence the security
schemes in wired network can not be used directly in
wireless network. The fact that data are being broadcast
via radio waves rather than transmitted over a wire in-
troduces security challenges namely:
How can you prevent user credentials from being
hijacked during authentication negotiation?
Once authentication is complete, how can you protect
the privacy of the data be ing transmitted between cli-
ent and access po int? And f inally,
How can you make sure the authorized user connects
to the right network?
The concerns are that of authentication, data co nfiden-
tiality and privacy, data integrity, availability and rogue
access point.
Authentication-Most password-based protocols in use
today rely on a hash of the password with a random chal-
lenge. The server issues a challenge, the client hashes
that challenge with the password and forwards a response
to the server, and the server validates that response
against the user’s password retrieved from its database.
Legacy password protocols are easily subjected to eaves-
dropping and man-in-the-middle attacks. An eavesdrop-
ping attacker can easily mount a dictionary attack against
such password protocols. A man-in-the-middle attacker
can pass through the entire authentication, and then hi-
jack the connection and act as the user.
Data Privacy-Another concern is the security of the
wireless data connection between the client and access
point subsequent to authentication. While client and ac-
cess point could easily negotiate keys subsequent to au-
thentication, if the keys are not cryptographically related
prior to the authentication, the data session would be
subject to a man-in-the-middle attack. Therefore it is
incumbent upon the authentication negotiation to result
in keys that may be distributed to both client and access
point to allow the subsequent data connection to be en-
Rogue Access Point-A final security challenge results
from the possibility that someone could install a WLAN
access point and network and fool your user into doing
work on that network. Rogue access points are those in-
stalled by users without coordinating with IT unit. Be-
cause access points are inexpensive and easy to install,
rogue installations are becoming more common.
Copyright © 2013 SciRes. IJCNS
Limited Bandwidth—The networks that connect hand-
held wireless devices such as phones and Personal Digi-
tal Assistants (PDAs) suffer from low bandwidth and
high incidence of network errors. Mobility can also result
in the loss or degradation of wireless connections [5].
Limited communication bandwidth may also be a target
for malicious attacks such as DoS attack. To implement
such attack, the malicious node may send vicious queries
flooding to target nodes to consume the bandwidth and
occupy the shared wireless media, making the network
services unavailable to other nodes [4]. Apart from the
limitation in bandwidth constraint, each node in a wire-
less communication and mobile computing has limited
transmission range and limited power supply.
System Complexity-Wireless networks are far more
complex than the wired networks due to the special needs
for mobility support and efficient channel utilization. It
should be noted that each complexity in the system, adds
additional security vulnerability to the wireless networks
especially for systems with large user population and
complex infrastructure [3].
3. Wireless Network Security Approaches
The Wireless Equivalent Privacy (WEP) protocol [3] was
the first link-layer security mechanism introduced in
802.11 to provide a security level compared to that of
with a physical wire. Unfortunately it is also fairly inse-
cure. Hackers can easily find out the password and then
do anything they want with your network. The software
for doing this is widely available. Unfortunately, several
security flaws in WEP were soon identified, which can
be exploited to defeat its security goals [6].
The Wi-Fi alliance, a non-profit international associa-
tion formed in 1999 to certify interoperability of WLANs,
developed the Wi-Fi protected access (WPA) to enhance
security level [7]. WPA addressed most of the security
threats not resolved by WEP. WPA applies stronger
network access control, supports better security technol-
ogy, and enforces data integrity. However, WPA has
some security flaws similar to WEP which poses addi-
tional threat and concerns namely:
Encryption weakness—WPA suffer from encryption
weakness making it possible for data tampering and
masquerading att a ck s .
Poor performance—Due to intensive computation of
authentication and encryption, data transfer and com-
munication speeds drops.
The IEEE 802.11i provides the highest level of secu-
rity for the wireless networks by eliminating most of the
security flaws in WEP and WPA and providing 128bit
encryption security for wireless networks. Ho wever there
is deterioration in performance as the network runs
scripts to perform security checks and encryption. The
major difference between WPA and IEEE 802.11i (also
known as WPA2) is that WPA uses the temporal key
integrity for confidentiality and MICHAEL for data in-
tegrity [3]. One major concern in the design of Michael is
to reduce the computation overhead which resulted in its
weak defense against message forgery. The IEEE 802.11i
wireless security standards consist of three major com-
ponents n amely:
Temporal Key Integrity (TKIP)
Counter mode Cipher Block Chaining with Message
Authentication Code (counter mode CBC-MAC) and
802.1× port based authentication for wireless client
access control.
The IEEE 802.1× employs the Extensible Authentica-
tion Protocol EAP [8] over Local Area Network (LAN)
called the EAPoL. The EAP is a transport framework
that runs over link layer pro tocol and also has suppo rt for
multiple authenticatio n mechanism. The EAP framework
is based on request and response. The IEEE 802.1× has
three majorcomponents namely:
Supplicant–client card,
Authenticator–access point and
Authentication server.
The supplicant is a station wishing to have access to
the network, an authenticator, acting as a bridge between
the supplicant and the au thentication server. The Remote
Authentication Dial in Service (RADIUS) protocol con-
tains mechanism for per packet authenticity and integrity
verification between AP and the RADIUS server [8].
EAP authentication begins with th e authenticator sending
an identity request to the supplicant. The identity re-
sponse provided by the supplicant is sent from the au-
thenticator to the authentication server. The authentica-
tion server determines the success or failure of the sup-
plicant’s request for authentication. Although the use of
802.1× is recommended for authentication, neither WPA
nor WPA2 provided mutual authentication. Secondly the
EAP is susceptible to Man-in-the-middle attack, since an
attacker could forge success message from authenticator
to supplicant [8]. The use of MA technology could pro-
vide a solution for mutual authentication and man-in-
the-middle attack through the use of certificates and en-
cryption of the MA.
4. Mobile Agents and Wireless Network
The concept of MA is different from Remote Procedure
Calling (RPC), in that the RPC paradigm views com-
puter-to-computer communication as enabling one com-
puter to call procedures in another computer across the
network [9]. Each message that the network transport
either request or acknowledge a procedure’s performance.
E.g. a request includes data that are the procedure’s ar-
gument, consequently the response include data that are
Copyright © 2013 SciRes. IJCNS
its results. Figure 1 shows the RPC concept.
An alternative to remote procedure calling is Remote
Programming (RP). The RP paradigm views computer-
to-computer communication as enabling one computer
not only to call procedures in another computer, but also
to supply the procedure to be performed [9]. The only
message that the network transport is composed of, a
procedure that the receiving computer is to perform and
the data that are its arguments. Such procedure calls are
local rather than remote. The procedure and the state are
termed a mobile agent. Figure 2 shows the Remote Pro-
gramming paradigm.
The advantage of remote programming is that a user
computer and a server can interact without using the
network once the network has transported an agent be-
tween them. Thus ongoing interaction does not require
ongoing communication, leading to improved perform-
ance and better customization of functionality. MAs are
programs that can migrate from one host to another in a
network or at times to any host of their choice making
them autonomous.
Wireless networks are characterized by the ability of
the client or station to move freely at will, this movement
has impact on the security of the network. The security
implementation based on trust is confronted with great
challenges and the static security mechanisms are not
applicable in a dynamic environment. The mobility of
clients may cause frequent breaks in the link resulting in
data loss since the station can join and leave the network
without prior notice. This implies that the connections
Figure 1. Remote procedure calling paradigm.
Figure 2. Remote programming or mobile agent paradigm.
between the client and the server may not be guaranteed
at all times in the communication. This intermittent
transmission has great impact on the information com-
munication in wireless networks which may affect appli-
cations and security implementation. The mobile nodes
in a wireless network could range from laptops, PDA to
cellular phones. These devices are battery powered and
the battery life time becomes crucial for wireless com-
munication and mobile computing. Wireless networks
also suffer from limited communication bandwidth; this
may be a target for malicious attacks such as DoS at-
Several benefits and advantages of using mobile code
and mobile agent computing paradigms have been out-
lined in [10]. These include:
Overcoming network latency
Reduced n et work load
Asynchronous and autonomous execution
Adaptin g dy namically
Encapsulating prot ocols
Operation in heterogeneous environment
Secure brok ering
Robust and fault-tolerant
Well suited for e-commerce
Can operate as pers onal assistant
Distributed information retrieval
Telecommunicati o n ne t work services
Monitoring and notification
Information dissemination and
Parallel processing.
Considering the many advantages offered by MA, a
major technical obstacle to a wider acceptance of the MA
paradigm is security. Both agents and execution envi-
ronments are prone to unwanted attacks and require ap-
propriate protection mechanism. Some efforts at im-
proving MA security include: Java sandboxes, type safe
languages, software fault isolation and secure and open
mobile agent (SOMA) [11].
By employing mobile agents, such mobile devices
could provide a reliable technology for message transport
over the wireless link. MAs are inherently distributed
software entities that reduce the load on the network
when they move. In addition they support disconnected
operations since they continue to execute after they move,
even if they lose network connectivity with their dis-
patcher [5]. MAs can be employed in wireless mobile
devices in two ways: An agent platform could be in-
stalled on the devices, enabling MAs to run directly on
them, or mobile devices could access and use remote
MAs running on a wired network.
5. Mobile Agents and Security
MA security can be considered using a simple model
Copyright © 2013 SciRes. IJCNS
consisting of an agent and the agent platform. An agent is
comprised of the code and the state information for car-
rying out some computation, mobility enables the agent
to move among agent platform and the agent platform
provides the computational environment for the agent to
operate. The platform from which the agent was dis-
patched is known as the home platform, this is the most
trusted environment fo r an agent. An agen t system model
is shown in Figure 3. One or more hosts may comprise
an agent platform, and an agent platform may support
multiple computational environments or meeting places,
where agents can interact.
Mobile agents moving around the network are not safe.
There are four known threat MA, namely: The Agent-
to-Host, Agent-to-Agent, Host-to-Agent, Other-to-Agent
Host attacks are the kinds of security attacks that are
possible in a Mobile Agent System [12].
5.1. Protecting the Agent Platform
A major concern with agent system implementation is to
ensure that agents are not able to interfere with one an-
other or with the agent platform. Some techniques used
for protecting agent platforms are described in detail in
[12]. This includes:
Software-based fault isolation (sandboxes)
Safe code interpretation
Signed code
State appraisal
Path Hist or i e s and
Proof Carrying code
Another technique proposed in [13] replaced the
Trusted Processing Environment (TPE) by a software
machine called Secure Virtual Machine (SVM). The
SVM is a software layer installed between the operating
system and the agent environments. The platforms to be
visited by the agent must have a certified SVM. On a
platform, SVM receive an agent and creates an instance
of SVM to execute only this agent in an allocated mem-
ory space called closed environment. Finally, before mi-
gration, the agent will be associated with a signed stamp
Figure 3. Agent system model.
that contains the actual platform time and the next plat-
form time.
5.2. Protecting Agents
While countermeasures directed towards platform pro-
tection emphasizes active preventive measures, counter-
measures directed towards agent protection tend towards
detection measures as a deterrent. Once an agent arrives
at a platform, little can be done to stop the platform from
treating the agent in any manner. The problem is usually
referred to as the malicious platform problem. Some
techniques used for protecting agents are described in
detail in [12]. This includes:
Contractual agreements
Trusted ha rdware
Trusted nodes
Mutual itinerary recording
Execution Tracing
Environment key generation
Co-operating agents
Encrypted payload
Computing with encrypted functions
Undetachable signatures
Obfuscated code
So far, there are no known techniques for an attacker
to reverse engineer an agent’s code.
6. Mobile Agent Athentication Scheme
The provisioning of dependable Internet service delivery
that meets the user’s requirement in terms of security
requires strong access control. In order to protect the
wireless networks from parking lot attackers, strong ac-
cess control ideally on per packet basis must be enforced.
Furthermore, mutual authentication should also be per-
formed, since access points are untrusted entities from
the supplicant’s point of view. User authen tication is best
safeguard against the risk of unauthorized access to the
wireless networks. However, one emerging technology
could be much more adaptive than others in such envi-
ronment. This technology is the mobile agent. We ex-
plore the feasibility of the Mob ile Agent approach in our
solution to the security problem inherent in IEEE 802.1×
authentication and key management.
The MA paradigm is an emerging technology for de-
veloping applications in an open, distributed and hetero-
geneous environment. MAs are programs that can mi-
grate from host to host in a network, sometimes they mi-
grate to places of their choice. The state of the running
program is saved, transported to the new host, restored,
and execution continues from where it left off. Agents
are software which represents the behavior of the users in
the world of computer network. Some MA characteristics
are as follows [14]:
Copyright © 2013 SciRes. IJCNS
Some examples of mobile agents are; Aglets, Voyager,
Odyssey, Concordia, ARA, Mole, Agent TCL, TA-
COMA and SHIP-MAI. The four commonly used appli-
cation environment for MAs are Aglets, Voyager, Odys-
sey, and Concordia [14].
MAs are small in size, they do not constitute a com-
plete application by themselves, but rather they form an
application by working in conjunction with an agent
platform and other agents. Areas of concern in wireless
network security include:
Integrity and
Our focus is on authentication in wireless infrastruc-
ture network and we explore the feasibility of mobile
agents as a solution to the inherent security problem of
IEEE 802.1× authentication and key management. The
following describe in detail Mobile Agent Wireless Au-
thentication Architecture (MAWAA).
6.1. Security Model for the Scheme
The proposed security model is based on the IEEE
802.1× authentication protocol setup, involving the fol-
lowing three components [15]:
Authenticator and
Authentication server.
Below we describe some of the abbreviations used in
this paper. The security framework comprises of the fol-
Supplicant Platform
Supplicant Mobile Agent (SMA)
Supplicant Mobile Agent with Certificate (SMA Cert)
Authenticator (Access Point)
Authentication Server Platform
Authentication Server Static Agent with certificate
(ASSA Cert)
Mobile Agent Wireless Authentication Architecture
The mobile agent interaction model is shown in Fig-
ure 4. This model shows client/server communication
and mobile agent communication. The mobile agent rep-
resent the client, carrying authentication details of the
client and using this detail to authen ticate the client to th e
server by exchanging request and response with the
server. Figure 5 shows a generic mobile agent frame-
work, with agent manager, event manager, security
manager and persistent manager.
Interaction Model
Client Server
Client/server communication
Client Server
Mobile agent communicat ion
Mobile agent
Figure 4. Interaction model.
A generic Mobile Agent Framework
•Agent state
•Agent checkpoint
(fault tolerance)
(agent dispatching)
•Agent life cycle
(creation, destruction
•Event notification
•Agent collaboration support
•User identification
(agent, server)
Persistent Manager
Agent Manager
Event Manager
Security Manager
Mobile Agent
Figure 5. Generic mobile agent framework.
The proposed mobile agent wireless authentication
Architecture is shown in Figure 6. Agent platforms are
installed on both the supplicant and the authentication
server; this will enable MA to run directly on them.
When a supp licant come within th e range of an authen ti-
cator, the authenticator sends a request for identification
of the supplicant, the supplicant will then dispatch the
SMA carrying all the required authen tication information
for the supplicant i.e. username, password and platform
details for that particular user to the authentication server
The Authentication Server Static Agent (ASSA) Cert
is a static agent residing on the authentication server
platform; the ASSA Cert combines two functions:
Certificate Authority—in charge of the issuing and
the management of certificates
Authentication server—for authenticating users, agent,
and platforms.
The Suplicant Mob ile Agen t (SMA) will meet with th e
ASSA Cert for the authentication process. A mutual au-
thentication between SMA and ASSA Cert is carried out.
If the authentication process is successful, then the net-
Copyright © 2013 SciRes. IJCNS
Server Platform
Netw ork
Supplicant Authenticator
Authentication Server
Figure 6. MAWAA authentication model.
work port on the authenticator closes and the supplicant
will now have access to the network. The SMA will now
be issued a certificate to become SMA Cert before re-
turning to the su pplicant platform.
6.2. Re-Authentication and Roaming MA
In order to increase security, re-authentication of users is
done in some interval of time during the con nection; this
will ensure that a user cannot chang e his iden tity d uring a
session. Re-authentication is achieved using the SMA
Cert. After authentication, the SMA is issued a certificate
to become SMA Cert, this new MA will then be used for
re-authentication with ASSA Cert. As long as the certifi-
cate of SMA Cert is valid, the supplicant will continue to
have access to the network. If for any reason the certifi-
cate of SMA Cert becomes invalid, the network port on
the authenticator opens and the supplicant is discon-
nected from the network. A similar scenario exists for
roaming clients or supplicant. When a supplicant roams
from one access point to another, the SMA Cert carries
out re-authentication of the supplicant on the new au-
thenticator. If the certificate of the SMA Cert is valid, the
supplicant continues to have network access otherwise
the network is disconnected Figures 7 and 8 shows the
re-authentication process and agent migration process
during roaming.
6.3. Security Issues in MA Scheme
A lot of research efforts have been devoted to the secu-
rity of MA and platforms with a view to making agent
based solution attractive. In order to provide adequate
security for the gents and platforms, the Secure and Open
Mobile Agent was considered. SOMA architecture pro-
tects both the execution sites and the agents [11]. SOMA
addresses the problem of protecting MA while executing
in malicious sites. To grant the agent integrity, several
solutions are fully integrated in SOMA, aimed at detect-
ing any attacks targeted to modify or delete the agent
Access Point
Access Point
Supplicant Authenticator
Authentication Server
Access Point
Server Platform
Figure 7. MAWAA migration process during roaming.
Server Platform
Access PointWired
Supplicant Authenticator
Authenticat ion S erver
Cert Cert
Figure 8. MAWAA re-authentication process.
6.4. Proposed Mobile Agent Platform
The Aglets Software Development Kit is an env ironment
for programming MA in Java. The aglet is able to exe-
cute, halt its execution on one host, dispatch itself to an-
other host, and resume execution there. The aglet is ca-
pable of moving both the code as well as the data. The
aglet is well suited for the internet environment. The
proposed mobile agent platform is listed below.
ASDK free software by IBM
Latest version is 2.0.2
Good GUI
Very accessible
Good doc umentati on
Implemented standards; MASIF, and CORBA
Communication; Message passing between agent,
Mobility; Java serialization
Security policy; built in security mechanism
7. Conclusion and Future Work
This paper provides a way to have a secure transmission
Copyright © 2013 SciRes. IJCNS
Copyright © 2013 SciRes. IJCNS
in wireless network. We proposed the use of mobile
agents to provide dependable Internet services delivery to
users. The importance of security in a wireless network
environment cannot be over emphasized. This is due to
the fact that the transport medium is shared, making it
difficult to provide effective ph ysical security controls to
restrict access to the network. As a result, strong access
control and authentication become necessary to provide
adequate security.
Unfortunately, 802.1× authentication and key man-
agement have some flaws in the composition of the pro-
tocol. We have proposed the mobile agent approach to
solve the inherent security flaws in 802.1× authentica-
tion protocol. Hence we have designed the Mobile Agent
Wireless Authentication Architecture (MAWAA) as a
solution to some security issues in wireless networks.
Future research will focus on the following security is-
sues relating to MA which includes:
Availability and
[1] J. Zhu and J. Ma, “A New Authentication Scheme with
Anonymity for Wireless Environments,” IEEE Transac-
tions on Consumer Electronics, Vol. 50, No. 1, 2004, pp.
[2] W. A. Arbaugh, “Wireless Security Is Different,” Maga-
zine of IEEE Computer Society, Computer, Vol. 36, No. 8,
2003, pp. 99-101.
[3] H. Yang, F. Ricciato, L. Songwu and L. Zhang, “Securing
a wireless world,” The Proceedings of IEEE, Vol. 94, No.
2, 2006, pp. 442-454.
[4] S. P. Alampalayam and A. Kumar, “An Adaptive Secu-
rity Model for Mobile Agents in Wireless Networks,”
IEEE Global Telecommunications Conference, Newark,
1-5 December 2003, pp. 1516-1521.
[5] L. Vasiu and Q. H. Mahmoud, “Mobile agents in Wire-
less Devices,” Magazine of IEEE Computer Society,
Computer, 2004, Vol. 37, No. 2, pp. 104-105.
[6] W. Arbaugh, N. Shankar, Y. Wan and K. Zhang, “Your
802.11 Wireless Network Has No Clothes,” IEEE Wire-
less Communication, Vol. 9, No. 6, 2002, pp. 44-51.
[7] A. Karnik and K. Passerini, “Wireless Network Secu-
rity—A Discussion from a Business Perspective,” Pro-
ceedings of IEEE Wireless Telecommunications Sympo-
sium, Nicosia, April 2005, pp. 261-267.
[8] A. Mishra and W. A. Arbaugh, “An Initial Security
Analysis of the IEEE 802.1× Standard,” Report No CS-
TR-4328, 2002.
[9] J. White, “Mobile Agents White Paper,” General Magic,
Inc., 1996.
[10] D. Lange and M. Oshima, “Seven Good Reasons for Mo-
bile Agents,” Communications of ACM, 1999, Vol. 42,
No. 3, pp. 88-89.
[11] A. Corradi, R. Montanari and C. Stefanelli, “Security
No.s in Mobile Agent Technology,” Proceedings of 7th
IEEE Workshop on Future Trends of Distributed Com-
puting Systems (FTDCS’99), Cape Town, December 1999,
pp. 3-8.
[12] N. Borselius, “Mobile Agent Security”, Electronics and
Communication Engineering Journal, Vol. 4, No. 5, 2002,
pp. 211-218.
[13] H. Aouadi and M. B. Ahamed, “Modile Agents Security,”
2nd International Conference on Mobile Technology, Ap-
plications and Systems, Guangzhou, November 2005, pp.
[14] Y. Wang, C. Wang and L. Cheng-Horng, “Mobile Agent
Protection and Verification in the Internet Environment,”
Proceedings of 4th International Conference on Com-
puter and Information Technology, Wuhan, September
2004, pp. 482-487,
[15] N. Aboudagga, M. T. Refaei, M. Eltoweissy, L. A.
Dasilva and J. Quisquater, “Authentication Protocols for
Ad Hoc Networks: Taxonomy and Research No.s,” Pro-
ceedings of 1st ACM International Workshop on QoS and
Security in Wireless and Mobile Networks, Montreal,
October 2005, pp. 96-104.