Abstract
Mobile agent systems provide support for the execution of mobile software components, called agents. Agents acting on behalf of different users can move between execution environments hosted by different organizations. The security implications of this model are evident and these security concerns have been addressed by extending the authentication and access control mechanisms originally conceived for distributed operating systems to mobile agent systems. Other well-known security mechanisms have been neglected. In particular, satisfactory auditing mechanisms have seldom been implemented for mobile agent systems. The lack of complete and reliable auditing makes it difficult to analyze the actions of mobile components to look for evidence of malicious behavior. This paper presents an auditing facility for the Aglets mobile agent system and an intrusion detection system that takes advantage of this facility. The paper describes how auditing was introduced into the Aglets system, the steps involved in developing the intrusion detection system, and the empirical evaluation of the approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
J.P. Anderson. Computer Security Threat Monitoring and Surveillance. James P. Anderson Co., Fort Washington, April 1980.
J.S. Balasubramaniyan, J.O. Garcia-Fernandez, D. Isacoff, E.H. Spafford, and D. Zamboni. An Architecture for Intrusion Detection Using Autonomous Agents. In Proceedings of ACSAC’ 98, pages 13–24, 1998.
CER T/CC. "Code Red Worm" Exploiting Buffer Overflow In IIS Indexing Service DLL.Advisory CA-2001-19, July 2001.
D.M. Chess. Security Issues in Mobile Code Systems. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS, pages 1–14.Springer-Verlag, June 1998.
CIAC. The Ramen Worm. Information Bulletin L-040, February 2001.
S. T. Eckmann. The STATL Attack Detection Language. PhD thesis, Department of Computer Science, UCSB, Santa Barbara, CA, June 2002.
W.M. Farmer, J.D. Guttman, and V. Swarup. Security for Mobile Agents: Issues and Requirements. In Proc. of the 19 th National Information Systems Security Conf., pages 591–597, Baltimore, MD, USA, October 1996.
A. Fuggetta, G.P. Picco, and G. Vigna. Understanding Code Mobility. IEEE Transactions on Software Engineering, 24(5):342–361, May 1998.
R.S. Gray, D. Kotz, G. Cybenko, and D. Rus. D’Agents: Security in a multiple-language, mobile-agent system. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of Lecture Notes in Computer Science, pages 154–187. Springer-Verlag, 1998.
B. Hashii, S. Malabarba, R. Pandey, and M. Bishop. Supporting reconfigurable security policies for mobile programs. Computer Networks, 33(1–6):77–93, June 2000.
Paul Helman and Gunar Liepins. Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse. In IEEE Transactions on Software Engineering, volume Vol 19, No.9, pages 886–901, 1993.
G. Helmer, J.S.K. Wong, V. Honavar, and L. Miller. Intelligent Agents for Intrusion Detection. In Proceedings of the IEEE Information Technology Conference, pages 121–124, Syracuse, NY, September 1998.
K. Ilgun, R.A. Kemmerer, and P.A. Porras. State Transition Analysis: A Rule-Based Intrusion Detection System. IEEE Transactions on Software Engineering, 21(3):181–199, March 1995.
W. Jansen and T. Karygiannis. Mobile Agent Security. NIST Special Publication 800-19, August 1999.
W. Jansen, P. Mell, T. Karygiannis, and D. Marks. Applying mobile agents to intrusion detection and response. Technical Report 6416, NIST, October 1999.
H.S. Javitz and A. Valdes. The NIDES Statistical Component Description and Justification. Technical report, SRI International, Menlo Park, CA, March 1994.
G. Karjoth, D. Lange, and M. Oshima. A Security Model for Aglets. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS. Springer, 1998.
C. Ko, M. Ruschitzka, and K. Levitt. Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-based Approach. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 175–187, May 1997.
Danny B. Lange and Mitsuru Oshima. Programming and Deploying Java Mobile Agents with Aglets. Addison-Wesley Longman, 1998.
U. Lindqvist and P.A. Porras. Detecting Computer and Network Misuse with the Production-Based Expert System Toolset (P-BEST).In IEEE Symposium on Security and Privacy, pages 146–161, Oakland, California, May 1999.
S. Mudumbai, A. Essiari, and W. Johnston. Anchor Toolkit, 1999.
S. Nitzberg. Performance benchmarking of unix system auditing. Master’s thesis, Monmouth College, August 1994.
M. Roesch. Snort-Lightweight Intrusion Detection for Networks. In Proceedings of the USENIX LISA’ 99 Conference, November 1999.
Gruia-Catalin Roman, Gian Pietro Picco, and Amy L. Murphy. Software Engineering for Mobility: A Roadmap. In A. Finkelstein, editor, The Future of Software Engineering, pages 241–258. ACM Press, 2000.
F. Schneider. Enforceable security policies. ACM Transactions on Information and System Security, 3(1):30–50, February 2000.
Sun Microsystems, Inc. Installing, Administering, and Using the Basic Security Module. 2550 Garcia Ave., Mountain View, CA 94043, December 1991.
A. Tripathi, T. Ahmed, S. Pathak, A. Pathak, M. Carney, M. Koka, and P. Dokas. Active Monitoring of Network Systems using Mobile Agents. Technical report, Department of Computer Science, University of Minnesota, May 2002.
G. Vigna. Cryptographic Traces for Mobile Agents. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS. Springer-Verlag, June 1998.
G. Vigna, S. Eckmann, and R. Kemmerer. The STAT Tool Suite. In Proceedings of DISCEX 2000, Hilton Head, South Carolina, January 2000. IEEE Computer Society Press.
G. Vigna, S.T. Eckmann, and R.A. Kemmerer. Attack Languages. In Proceedings of the IEEE Information Survivability Workshop, Boston, MA, October 2000.
G. Vigna, R.A. Kemmerer, and P. Blix. Designing a Web of Highly-Configurable Intrusion Detection Sensors. In W. Lee, L. Mè, and A. Wespi, editors, Proceedings of the 4 th International Symposiun on Recent Advances in Intrusion Detection (RAID 2001), volume 2212 of LNCS, pages 69–84, Davis, CA, October 2001. Springer-Verlag.
D. Wagner and D. Dean. Intrusion Detection via Static Analysis. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2001. IEEE Press.
C. Warrender, S. Forrest, and B.A. Pearlmutter. Detecting intrusions using system calls: Alternative data models. In IEEE Symposium on Security and Privacy, pages 133–145, 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vigna, G., Cassell, B., Fayram, D. (2002). An Intrusion Detection System for Aglets. In: Suri, N. (eds) Mobile Agents. MA 2002. Lecture Notes in Computer Science, vol 2535. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36112-X_5
Download citation
DOI: https://doi.org/10.1007/3-540-36112-X_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00085-3
Online ISBN: 978-3-540-36112-1
eBook Packages: Springer Book Archive