A general or agent-based security system is usually constructed hierarchically and has a central manager acting as head of the whole system. However, the manager becomes a bottleneck for being connected by each client. It can even overload when too many clients request service simultaneously. The whole system may collapse when the central manager is attacked. And these systems are passive to detect and deal with the secure problem. Hereby we present a mobile agent-based P2P Autonomous Security Hole Discovery system (PASHD). It can detect infection and network intrusion based on knowledge of the local host. Viruses will be removed and connection will be refused after identification. In case of a suspicious activity, PASHD initiates a voting approach to make a collective decision and take further action. This system acts self-learning when encountering intrusion or infection with new patterns. And it has the capability of autonomous discovery the security hole of hosts in network. The integration of peer-to-peer behavior with mobile agents reduces latency and load; however, flexibility, effectivity, security and cooperation of the system are enhanced.
[1]
Delbert Hart,et al.
A P2P intrusion detection system based on mobile agents
,
2004,
ACM-SE 42.
[2]
Chengqi Zhang,et al.
MA-IDS Architecture for Distributed Intrusion Detection using Mobile Agent
,
2004
.
[3]
Terry Martin,et al.
Benchmarking Methodology for Firewall Performance
,
2003,
RFC.
[4]
Somesh Jha,et al.
Static Analysis of Executables to Detect Malicious Patterns
,
2003,
USENIX Security Symposium.
[5]
Vasant Honavar,et al.
Lightweight agents for intrusion detection
,
2003,
J. Syst. Softw..
[6]
Sergey Brin,et al.
The Anatomy of a Large-Scale Hypertextual Web Search Engine
,
1998,
Comput. Networks.
[7]
Eugene H. Spafford,et al.
An architecture for intrusion detection using autonomous agents
,
1998,
Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).
[8]
Stefan Savage,et al.
Inside the Slammer Worm
,
2003,
IEEE Secur. Priv..