论文信息 - A mobile agent-based P2P model for autonomous security hole discovery

A mobile agent-based P2P model for autonomous security hole discovery

Generally an agent-based security system is constructed hierarchical, with a central manager acting as head of the whole system. However, the manager becomes a bottleneck for being connected by each client. It can even overload when too many clients request service simultaneously. The whole system may collapse when the central manager is attacked. And these systems are passive to detect and deal with the secure problem. We present a mobile agent-based P2P model for autonomous security hole discovery (MASHD). It can detect infection and network intrusion based on knowledge of the local host. Viruses are removed and connections are refused after identification. In case of a suspicious activity, MASHD initiates a voting approach to make a collective decision and take further action. The integration of peer-to-peer behavior with mobile agents reduces latency and load; however, flexibility, effectivity, security and cooperation of the system are enhanced.

Xin Wang | Xiangyang Xue | Ji Zheng | Kun Xiao | C. K. Toh

[1] Vasant Honavar,et al. Lightweight agents for intrusion detection , 2003, J. Syst. Softw..

[2] Chengqi Zhang,et al. MA-IDS Architecture for Distributed Intrusion Detection using Mobile Agent , 2004 .

[3] Terry Martin,et al. Benchmarking Methodology for Firewall Performance , 2003, RFC.

[4] Somesh Jha,et al. Static Analysis of Executables to Detect Malicious Patterns , 2003, USENIX Security Symposium.

[5] Shigeki Goto,et al. Remote attack detection method in IDA: MLSI-based intrusion detection using discriminant analysis , 2002, Proceedings 2002 Symposium on Applications and the Internet (SAINT 2002).

[6] Eugene H. Spafford,et al. An architecture for intrusion detection using autonomous agents , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[7] Shigeki Goto,et al. Remote attack detection method in IDA: MLSI-based intrusion detection with discriminant analysis , 2003 .

[8] Delbert Hart,et al. A P2P intrusion detection system based on mobile agents , 2004, ACM-SE 42.