PROTOCOL FOR COLLABORATING MOBILE AGENTS IN THE NETWORK INTRUSION DETECTION SYSTEMS.

By

Olumide Simeon Ogunnusi Shukor Abd Razak

TOPICS COVERED: what are mobile agents ?

need for an intrusion detection system for them

Related background

Proposed system architecture

key distribution protocol

MOTIVATION

Mobile agents have Great applications

But are vulnerable to intrusions

which in turn causes threat to the network which they operate on.

Great need of an efficient system that prevents intrusions that are targeted through mobile agents.

so that, they are accepted by different networks.

WHAT ARE MOBILE AGENTS ?

A mobile agent is an autonomous software agent that has the capability of moving from one host to another with its components .

They can carry data, code and state.

Features. mobile autonomous learning effective for distributed systems

NETWORK VULNERABILITIES

A malicious visiting agent can intercept and attack legitimate collaborative agents.

Malicious code can be sent into the network through Mobile Agents.

Types of Attacks Confidentiality Integrity Availability

PREVIOUS RESEARCH

Various Cryptography methods were proposed But none provide complete safety from the

possible attacks They limit the functionality of the Agents or do not

protect against the confidentiality, integrity or the availability attacks.

Guan and Huanguo-2010

Cryptographic protocol where behaviour of hosts and agents can be monitored.

Malicious Identification Police (MIP) Uses the extended Root Canal algorithm Efficient in integrity protection of agents and

agent platform. Does not protect the confidentiality of agents

components

Carles et al. 2010 Simpler implementation of cryptographic

methods for agent communication.

Srivastava and Nandi (2013) A system where the interaction between the

agents is limited during their execution

Woei-Jiunn (2012) Prevents illegal alteration of Agents and Hosts Uses proxy signature and Elliptic curve

cryptographic techniques

Abdelhamid et al. (2007) Protects Agents from malicious hosts. Uses timeouts, and digital signature based

cryptographic methods for secure communications.

Rajeshwar et al. 2012 Protocol for secure routing based on reputation

value and trust value. Uses two agents, one for generating routing table

and second to retrieve securely from non malicious hosts.

PROPOSED SYSTEM

Agent Server Creates all mobile agents. Requests for the private/public key pairs from CA1 Keeps database of the certificates and private keys

Backup Agent Server Replica of the agent server Ensures uninterrupted availability when the agent server

breaks down

Certification Authority Trusted third party used to authenticate

intercommunication between two or more networks.

Security Domain It is the network domain of an agent system. Consists of agent server, backup agent server,

network server, host key store and mobile agents.

Messaging System Messaging system provides facilities for agents’

local and remote communication. It establishes communication links

between collaborating agents

Execution platform It is a host platform or network server platform

appointed by the agent server to coordinate, monitor and supervise the execution and collaboration of cooperating Agents.

KEY DISTRIBUTION PROTOCOL

ASSUMPTIONS

The two network domains considered in our protocol should use two distinct Certification Authorities

The visiting agent is not having the same mission as the cooperating mobile agents

The network server, execution platform, host platform and the cooperating mobile agents are trusted entities

CONCLUSION

This system provides a fault tolerant security protocol for mobile agents.

Two key measures that ensure fault tolerance. Establishment of backup agent server

Dynamic appointment of host Execution platform

Vivek konathala