INTRUSION DETECTION AND PREVENTION SYSTEM USING SECURE MOBILE AGENTS

Muhammad Awais Shibli, Sead Muftic

2008

Abstract

The paper describes design and architecture of the intrusion detection and prevention system based on secure mobile agents along with the analysis of commercial products and current research efforts in the area. Once system will be operational it will be the first comprehensive real–life application using mobile agents that will not only provide security to network resources but also provide security and protection to the mobile agents system itself. The system efficiently solves several problems with the existing IDS/IPS solutions: it can detect new vulnerabilities, it can process and filter large volumes of logs, it reacts to intrusions in real–time, provides protection against unknown attacks, supports and improves IDS/IPS commercial products by different vendors, and handles software patches. The system not only improves the existing IDS/IPS solutions, but it also eliminates several of their core problems. In addition, it is self– protected by full encryption, both mobile agents and their platforms, and therefore not vulnerable to attacks against its own components and resources.

References

  1. Balasubramaniyan Jai et al., An architecture for intrusion detection using autonomous agents (Conference)// Computer Security Applications Conference.- Phoenix, Arizona: IEEE, 1998. - Vol. 7. - pp. 13-24.- 0-8186-8789-4.
  2. Bishop Matt Malicious Logic (Book Section)// Introduction to Computer Security.- (s.l.): Addison Wesley, 2005.- 0-321-24744-2.
  3. Bruce Potter and McGraw Gary Software Security Testing (Article)// IEEE Security and Privacy.- 2004.- pp. 32- 35.
  4. CERT “CERT/CC Statistics 1988-2007 (Online)// CERT Coordination Center.- 2007.- May 2008.- http:// www.cert.org/stats/.
  5. Cisco Security - Products & Services - Cisco Systems (Online)// CISCO.- 2007.- October 2007.- http://www.cisco.com/en/US/products/hw/vpndevc/.
  6. Denning Dorothy An Intrusion-Detection Model (Journal)// IEEE Transactions on Software Engineering.- (s.l.): IEEE Press Piscataway, NJ, USA , 1987. - 2 : Vol. 13. - pp. 222-232. - 0098-5589.
  7. James Anderson Computer Security Threat Monitoring and Surveillance (Report).- Washington US: NIST, 1980.
  8. Jansen Wayne and Karygiannis Tom Mobile Agent Security (Report)/ Computer Security Division ; National Institute of Standards and Technology. - Gaithersburg, MD 20899, USA: NIST, 1999.- 800-19.
  9. Ko Calvin, Fink George and Karl Levitt Automated detection of vulnerabilities in privileged programs by execution monitoring (Conference) // 10th Annual Computer Security Applications Conference.- 1994.- Vol. 5.- pp. 134-144. - DOI:10.1109/CSAC.1994 .367313.
  10. Muftic Sead and Chang J Intrusion-Detection System based on Mobile Agents (Report). - Washington DC USA : The George Washington University, 2005.
  11. nCircle nCircle, “Proactive Network Security (Online)// nCircle. - 2007. - October 2007.
  12. Nessus http://www.tenablesecurity.com/nessus/ (Online)// NESSUS.- 2007. - October 2007. - http:// www.tenablesecurity.com/nessus/.
  13. NIST National Vulnerability Database (Online)// NIST. - 2007. - October 2007. - http://nvd.nist.gov/.
  14. OSVDB The Open Source Vulnerability Database (Online)// OSVDB. - 2007. - October 2007. - http://osvdb.org/.
  15. Read H and Blyth A DS Data Visualization: Potential and Challenges(Report). - (s.l.): ENISA Quarterly, 2007.
  16. Reflex Network Security Switch, Intrusion Prevention System and Policy (Online)// REFLEX. - 2007. - October 2007.- http://www.reflexsecurity.com/.
  17. Security Department of Homeland Cyber Security Research and Development (Report). - (s.l.): Department of Homeland Security, Science and Technologies Division, 2007.
  18. Snort Snort - the de facto standard for intrusion detection/prevention (Online)// SNORT.- 2007- October 2007.- http://www.snort.org/.
  19. Steven John Adopting an Enterprise Software Security Framework (Journal)// IEEE Security and Privacy.- (s.l.): IEEE, 2006. - 2 : Vol. 4. - pp 84-87
Download


Paper Citation


in Harvard Style

Awais Shibli M. and Muftic S. (2008). INTRUSION DETECTION AND PREVENTION SYSTEM USING SECURE MOBILE AGENTS . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008) ISBN 978-989-8111-59-3, pages 107-113. DOI: 10.5220/0001930201070113


in Bibtex Style

@conference{secrypt08,
author={Muhammad Awais Shibli and Sead Muftic},
title={INTRUSION DETECTION AND PREVENTION SYSTEM USING SECURE MOBILE AGENTS},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)},
year={2008},
pages={107-113},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001930201070113},
isbn={978-989-8111-59-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2008)
TI - INTRUSION DETECTION AND PREVENTION SYSTEM USING SECURE MOBILE AGENTS
SN - 978-989-8111-59-3
AU - Awais Shibli M.
AU - Muftic S.
PY - 2008
SP - 107
EP - 113
DO - 10.5220/0001930201070113