Paradigms for mobile agent based active monitoring of network systems

We present here a framework together with a set of paradigms for mobile agent based active monitoring of network systems. In our framework mobile agents are used to perform remote information filtering and control functions. Such agents can detect basic events or correlate existing events that are stored in a database to enforce system policies. A system administrator can securely modify the monitoring policies and information filtering functions of its agents, or install new agents at a node. The framework presented here includes monitor, subscriber, auditor and inspector agents. The policies and itineraries of these agents can be modified dynamically. In response to certain trigger events agents may change their itineraries to correlate event data. We present here a set of experiments that we have conducted using the Ajanta mobile agent system to evaluate and demonstrate the capabilities of our mobile agent framework.

[1]  Aaron Kershenbaum,et al.  Mobile Agents: Are They a Good Idea? , 1996, Mobile Object Systems.

[2]  Alexander Poylisher,et al.  Mobile agents for aggregation of network management data , 1999, Proceedings. First and Third International Symposium on Agent Systems Applications, and Mobile Agents.

[3]  Anand R. Tripathi,et al.  Design of a Dynamically Extensible System for Network Monitoring using Mobile Agents , 2001 .

[4]  G. Glass ObjectSpace Voyager core package technical overview , 1999 .

[5]  Paolo Bellavista,et al.  An Open Secure Mobile Agent Framework for Systems Management , 1999, Journal of Network and Systems Management.

[6]  Anand R. Tripathi,et al.  Mobile agent programming in Ajanta , 1999, Proceedings. 19th IEEE International Conference on Distributed Computing Systems (Cat. No.99CB37003).

[7]  Eugene H. Spafford,et al.  Defending a Computer System Using Autonomous Agents , 1995 .

[8]  William Stallings,et al.  SNMP and SNMPv2: the infrastructure for network management , 1998, IEEE Commun. Mag..

[9]  R. Boutaba,et al.  An outlook on intranet management , 1997 .

[10]  Giovanni Vigna,et al.  NetSTAT: A Network-based Intrusion Detection System , 1999, J. Comput. Secur..

[11]  Haitham S. Cruickshank,et al.  Using mobile agents for network performance management , 2000, NOMS 2000. 2000 IEEE/IFIP Network Operations and Management Symposium 'The Networked Planet: Management Beyond 2000' (Cat. No.00CB37074).

[12]  Eugene H. Spafford,et al.  An architecture for intrusion detection using autonomous agents , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[13]  Kurt Geihs,et al.  Decentralized SNMP management with mobile agents , 1999, Integrated Network Management VI. Distributed Management for the Networked Millennium. Proceedings of the Sixth IFIP/IEEE International Symposium on Integrated Network Management. (Cat. No.99EX302).

[14]  Danny B. Lange,et al.  A Security Model for Aglets , 1997, IEEE Internet Comput..

[15]  Silvano Gai,et al.  Exploiting Code Mobility in Decentralized and Flexible Network Management , 1997, Mobile Agents.

[16]  Peter G. Neumann,et al.  EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances , 1997, CCS 2002.

[17]  Danny B. Lange,et al.  A Security Model for Aglets , 1997, IEEE Internet Comput..

[18]  Karl N. Levitt,et al.  GrIDS A Graph-Based Intrusion Detection System for Large Networks , 1996 .

[19]  Anand R. Tripathi,et al.  A security architecture for mobile agents in Ajanta , 2000, Proceedings 20th IEEE International Conference on Distributed Computing Systems.

[20]  Anand R. Tripathi,et al.  Security in the Ajanta mobile agent system , 2001, Softw. Pract. Exp..

[21]  George Pavlou,et al.  Modelling network and system monitoring over the Internet with mobile agents , 1998, NOMS 98 1998 IEEE Network Operations and Management Symposium.