Intrusion detection with mobile agents

Implementing an effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, we argue that mobile agent technology goes a long way toward realizing the ideal behavior desired in an intrusion detection system (IDS). This paper discusses various ways in which mobile agents could be applied to the problem of detecting and responding to intrusions. The paper looks not only at the benefits derived from mobility, but also at those associated with software agents in general. After exploring these benefits, we outline a number of ways to apply mobile agent technology in addressing the shortcomings of current IDS designs and implementations, and delineate the associated security issues involved. We also look at several new approaches for automated responses to an intrusion, once detected.

[1]  Salima Hassas,et al.  A distributed Intrusion Detection and Response System based on mobile autonomous agents using social insects communication paradigm , 2001, Electron. Notes Theor. Comput. Sci..

[2]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[3]  J. C. Byington,et al.  Mobile agents and security , 1998, IEEE Commun. Mag..

[4]  Franco Zambonelli,et al.  The impact of the coordination model in the design of mobile agent applications , 1998, Proceedings. The Twenty-Second Annual International Computer Software and Applications Conference (Compsac '98) (Cat. No.98CB 36241).

[5]  W. A. Jansen,et al.  MOBILE AGENTS AND SECURITY , 1999 .

[6]  Vasant Honavar,et al.  Intelligent agents for intrusion detection , 1998, 1998 IEEE Information Technology Conference, Information Environment for the Future (Cat. No.98EX228).

[7]  S. E. Smaha Haystack: an intrusion detection system , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[8]  D. Frincke,et al.  A Framework for Cooperative Intrusion Detection , 1998 .

[9]  Biswanath Mukherjee,et al.  A network security monitor , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[10]  Danny B. Lange,et al.  Programming and Deploying Java¿ Mobile Agents with Aglets¿ , 1998 .

[11]  M. Asaka,et al.  A method of tracing intruders by use of mobile agents , 1999 .

[12]  Gene Tsudik,et al.  Itinerant Agents for Mobile Computing , 1995, IEEE Communications Surveys & Tutorials.

[13]  Peter Mell,et al.  A denial-of-service resistant intrusion detection architecture , 2000, Comput. Networks.

[14]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.

[15]  Karl N. Levitt,et al.  GrIDS A Graph-Based Intrusion Detection System for Large Networks , 1996 .

[16]  Michael Conner,et al.  Genetic algorithm/artificial life evolution of security vulnerability agents , 1999, MILCOM 1999. IEEE Military Communications. Conference Proceedings (Cat. No.99CH36341).

[17]  William E. Johnston,et al.  Anchor Toolkit - a secure mobile agent system , 1999 .

[18]  Luís Valente,et al.  Mobile agent security and Telescript , 1996, COMPCON '96. Technologies for the Information Superhighway Digest of Papers.

[19]  Karima Boudaoud,et al.  MA-NID : a multi-agent system for network intrusion detection , 1999 .

[20]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[21]  Wayne A. Jansen,et al.  Privilege Management of Mobile Agents , 2000 .

[22]  Eugene H. Spafford,et al.  An architecture for intrusion detection using autonomous agents , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[23]  Refik Molva,et al.  Secure Data Collection with Updates , 2001, Electron. Commer. Res..

[24]  R. Jagannathan,et al.  A prototype real-time intrusion-detection expert system , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[25]  Udo W. Pooch,et al.  Cooperating security managers: a peer-based intrusion detection system , 1996, IEEE Netw..

[26]  Thomas Henry Ptacek,et al.  Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection , 1998 .

[27]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[28]  Wayne A. Jansen,et al.  Mobile Agent Security , 1999 .

[29]  Jonathan M. Smith,et al.  A survey of process migration mechanisms , 1988, OPSR.