Architecture for Network-Intrusion Detection and Response in open Networks using Analyzer Mobile Agents

M.Shivakumar ¹ , R.Subalakshmi ² , S. Shanthakumari³ , S.John Joseph⁴

Section:Research Paper, Product Type: Journal
Vol.1 , Issue.4 , pp.1-7, Sep-2013

Online published on Oct 30, 2013

Copyright © M.Shivakumar, R.Subalakshmi, S. Shanthakumari , S.John Joseph . This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
 

View this paper at   Google Scholar | DPI Digital Library

XML View     PDF Download

How to Cite this Paper

Abstract :
This paper describes the implementation of distributed agent architecture for intrusion detection and response in networked computers. Unlike conventional intrusion detection systems (IDS), this security system attempts to emulate mechanisms of the natural immune system using Java-based agents. These security agents monitor multiple levels like packet, process, system, user etc. of networked computers to determine correlation among the observed anomalous patterns, reporting such abnormal behavior to the network administrator and possibly taking some action to counter a suspected security violation. Here the focus is on the design aspects of such an intrusion detection system by integrating different artificial intelligence techniques and a mobile agent architecture. Here anomaly based intrusion mechanism will be taken into consideration with the help of agents.

Key-Words / Index Term :
Component, Mobile Agents (MA), Intrusion Detection, Distributed Systems

References :
[1]. William Stallings, “Cryptography and Network Security�, Principles and Practices, Third Edition.
[2]. D. E. Denning, "An intrusion-detection model". IEEE Transactions on Software Engineering, Vol. SE-13 (No. 2):222-232, Feb. 1987.
[3]. Stephen Northcutt, Judy Novak, “Network Intrusion Detection�, Third Edition, Pearson Education 2003.
[4]. Anderson, James P., “Computer Security Threat Monitoring and Surveillance,� Technical Report, James P. Anderson Co., Fort Washington, PA, April1980.
[5]. Amoroso, Edward, Intrusion Detection, Intrusion.net Books, Sparta, New Jersey, 1999. [ASAK99] M.Asaka, S.Okazawa, A.Taguchi, and S.Goto, "A Method of Tracing Intruders by Use of Mobile Agents," INET'99, June 1999.
[6]. Bauer, David S. and Koblentz, Michael E., “NIDX: An Expert System for Real-Time Network Intrusion Detection,� Proceedings of the Computer Networking Symposium, pp. 90-106, April 1988, Washington, DC.
[7]. Jeffrey M. Bradshaw, “An Introduction to Software Agents,� In Jeffrey M. Bradshaw, editor, Software Agents, chapter 1. AAAI Press/The MIT Press, 1997.
[8]. Chess, D., B. Grosof, C. Harrison, D. Levine, C. Parris, G. Tsudik, “Itinerant Agents for Mobile Computing,� IBM Research Report, RC 20010, March 1995.
[9]. Mark Crosbie and E. H. Spafford, “Active Defense of a Computer System Using Autonomous Agents,� Department of Computer Sciences, Purdue University, CSD-TR-95-008, 1995.
[10]. Denning, Dorothy E., “An Intrusion Detection Model,� IEEE Transactions on Software Engineering, Vol. SE-13, No. 2, pp. 222-232, February 1987.
[11]. Farmer, W.M., J.D. Guttman, and V. Swarup, “Security for Mobile Agents: Authentication and State Appraisal,� Proceedings of the 4th European Symposium on Research in Computer Security (ESORICS ’96), pp. 118-130, September1996.
[12]. Farmer, W.M., J.D. Guttman, and V. Swarup, “Security for Mobile Agents: Issues and Requirements,� Proceedings: National Information Systems Security Conference, pp. 591-597, October 1996.
[13]. Finin, T., R. Fritzson, D. McKay, and R. McEntire. “KQML as an Agent Communication Language,� Proceedings of the Third International Conference on Information and Knowledge Management (CIKM ’94), ACM Press, Nov. 1994.
[14]. Hansoty, Jatin N., “LAVA: Secure Delegation of Mobile Applets,� Master’s Thesis North Carolina State Univ., 1997.
[15]. Harrison, C.G., D.M. Chess, A. Kershenbaum, “Mobile Agents: Are they a good idea?,� IBM Research Report, March 1995.
[16]. Danny Lange and Mitsuru Oshima, Programming and Deploying Java Mobile Agents with Aglets, Addison-Wesley, 1998.
[17]. W. Lee, S.J. Stolfo, and K. Mok, “A Data Mining Framework for Building Intrusion Detection Models,� Proceedings of the IEEE Symposium on Security and Privacy, 1999.
[18]. Marreale, P., “Agents on the Move,� IEEE Spectrum, April 1998, pp. 34-41.
[19]. Stefano Martino, “A Mobile Agent Approach to Intrusion Detection,� Joint Research Centre-Institute for Systems, Informatics and Safety, Italy, June 1999.
[20]. Michael M. Sebring et al., “Expert Systems in Intrusion Detection: A Case Study,� Proceedings, 11th National Computer Security Conference, pp. 74-81, October 1988.
[21]. Stephen E. Smaha, “Haystack: An Intrusion Detection System,� Fourth Aerospace Computer Security Applications Conference, Orlando Florida, pp. 37-44, December 1988.
[22]. Jonathan Smith, “A Survey of Process Migration Mechanisms,� Operating Systems Review, 22(3), ACM Special Interest Group on Operating Systems, pp. 28-40, July 1988.
[23]. Wu, S.F., M. S. Davis, J. N. Hansoty, J. J. Yuill, S. Farthing, J. S. Webster, X. Hu. “LAVA: Secure Delegation of Mobile Applets,� Technical Report 96/42, Center for Advanced Computing and Communication, North Carolina State Univ., Raleigh, NC , October 1996.