Skip to main content
SpringerLink
Log in

An Intrusion Detection System for Aglets

  • Conference paper
  • First Online:
Mobile Agents (MA 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2535))

Included in the following conference series:

Abstract

Mobile agent systems provide support for the execution of mobile software components, called agents. Agents acting on behalf of different users can move between execution environments hosted by different organizations. The security implications of this model are evident and these security concerns have been addressed by extending the authentication and access control mechanisms originally conceived for distributed operating systems to mobile agent systems. Other well-known security mechanisms have been neglected. In particular, satisfactory auditing mechanisms have seldom been implemented for mobile agent systems. The lack of complete and reliable auditing makes it difficult to analyze the actions of mobile components to look for evidence of malicious behavior. This paper presents an auditing facility for the Aglets mobile agent system and an intrusion detection system that takes advantage of this facility. The paper describes how auditing was introduced into the Aglets system, the steps involved in developing the intrusion detection system, and the empirical evaluation of the approach.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. J.P. Anderson. Computer Security Threat Monitoring and Surveillance. James P. Anderson Co., Fort Washington, April 1980.

    Google Scholar 

  2. J.S. Balasubramaniyan, J.O. Garcia-Fernandez, D. Isacoff, E.H. Spafford, and D. Zamboni. An Architecture for Intrusion Detection Using Autonomous Agents. In Proceedings of ACSAC’ 98, pages 13–24, 1998.

    Google Scholar 

  3. CER T/CC. "Code Red Worm" Exploiting Buffer Overflow In IIS Indexing Service DLL.Advisory CA-2001-19, July 2001.

    Google Scholar 

  4. D.M. Chess. Security Issues in Mobile Code Systems. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS, pages 1–14.Springer-Verlag, June 1998.

    Chapter  Google Scholar 

  5. CIAC. The Ramen Worm. Information Bulletin L-040, February 2001.

    Google Scholar 

  6. S. T. Eckmann. The STATL Attack Detection Language. PhD thesis, Department of Computer Science, UCSB, Santa Barbara, CA, June 2002.

    Google Scholar 

  7. W.M. Farmer, J.D. Guttman, and V. Swarup. Security for Mobile Agents: Issues and Requirements. In Proc. of the 19 th National Information Systems Security Conf., pages 591–597, Baltimore, MD, USA, October 1996.

    Google Scholar 

  8. A. Fuggetta, G.P. Picco, and G. Vigna. Understanding Code Mobility. IEEE Transactions on Software Engineering, 24(5):342–361, May 1998.

    Article  Google Scholar 

  9. R.S. Gray, D. Kotz, G. Cybenko, and D. Rus. D’Agents: Security in a multiple-language, mobile-agent system. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of Lecture Notes in Computer Science, pages 154–187. Springer-Verlag, 1998.

    Chapter  Google Scholar 

  10. B. Hashii, S. Malabarba, R. Pandey, and M. Bishop. Supporting reconfigurable security policies for mobile programs. Computer Networks, 33(1–6):77–93, June 2000.

    Article  Google Scholar 

  11. Paul Helman and Gunar Liepins. Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse. In IEEE Transactions on Software Engineering, volume Vol 19, No.9, pages 886–901, 1993.

    Article  Google Scholar 

  12. G. Helmer, J.S.K. Wong, V. Honavar, and L. Miller. Intelligent Agents for Intrusion Detection. In Proceedings of the IEEE Information Technology Conference, pages 121–124, Syracuse, NY, September 1998.

    Google Scholar 

  13. K. Ilgun, R.A. Kemmerer, and P.A. Porras. State Transition Analysis: A Rule-Based Intrusion Detection System. IEEE Transactions on Software Engineering, 21(3):181–199, March 1995.

    Article  Google Scholar 

  14. W. Jansen and T. Karygiannis. Mobile Agent Security. NIST Special Publication 800-19, August 1999.

    Google Scholar 

  15. W. Jansen, P. Mell, T. Karygiannis, and D. Marks. Applying mobile agents to intrusion detection and response. Technical Report 6416, NIST, October 1999.

    Google Scholar 

  16. H.S. Javitz and A. Valdes. The NIDES Statistical Component Description and Justification. Technical report, SRI International, Menlo Park, CA, March 1994.

    Google Scholar 

  17. G. Karjoth, D. Lange, and M. Oshima. A Security Model for Aglets. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS. Springer, 1998.

    Chapter  Google Scholar 

  18. C. Ko, M. Ruschitzka, and K. Levitt. Execution Monitoring of Security-Critical Programs in Distributed Systems: A Specification-based Approach. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 175–187, May 1997.

    Google Scholar 

  19. Danny B. Lange and Mitsuru Oshima. Programming and Deploying Java Mobile Agents with Aglets. Addison-Wesley Longman, 1998.

    Google Scholar 

  20. U. Lindqvist and P.A. Porras. Detecting Computer and Network Misuse with the Production-Based Expert System Toolset (P-BEST).In IEEE Symposium on Security and Privacy, pages 146–161, Oakland, California, May 1999.

    Google Scholar 

  21. S. Mudumbai, A. Essiari, and W. Johnston. Anchor Toolkit, 1999.

    Google Scholar 

  22. S. Nitzberg. Performance benchmarking of unix system auditing. Master’s thesis, Monmouth College, August 1994.

    Google Scholar 

  23. M. Roesch. Snort-Lightweight Intrusion Detection for Networks. In Proceedings of the USENIX LISA’ 99 Conference, November 1999.

    Google Scholar 

  24. Gruia-Catalin Roman, Gian Pietro Picco, and Amy L. Murphy. Software Engineering for Mobility: A Roadmap. In A. Finkelstein, editor, The Future of Software Engineering, pages 241–258. ACM Press, 2000.

    Google Scholar 

  25. F. Schneider. Enforceable security policies. ACM Transactions on Information and System Security, 3(1):30–50, February 2000.

    Article  Google Scholar 

  26. Sun Microsystems, Inc. Installing, Administering, and Using the Basic Security Module. 2550 Garcia Ave., Mountain View, CA 94043, December 1991.

    Google Scholar 

  27. A. Tripathi, T. Ahmed, S. Pathak, A. Pathak, M. Carney, M. Koka, and P. Dokas. Active Monitoring of Network Systems using Mobile Agents. Technical report, Department of Computer Science, University of Minnesota, May 2002.

    Google Scholar 

  28. G. Vigna. Cryptographic Traces for Mobile Agents. In G. Vigna, editor, Mobile Agents and Security, volume 1419 of LNCS. Springer-Verlag, June 1998.

    Google Scholar 

  29. G. Vigna, S. Eckmann, and R. Kemmerer. The STAT Tool Suite. In Proceedings of DISCEX 2000, Hilton Head, South Carolina, January 2000. IEEE Computer Society Press.

    Google Scholar 

  30. G. Vigna, S.T. Eckmann, and R.A. Kemmerer. Attack Languages. In Proceedings of the IEEE Information Survivability Workshop, Boston, MA, October 2000.

    Google Scholar 

  31. G. Vigna, R.A. Kemmerer, and P. Blix. Designing a Web of Highly-Configurable Intrusion Detection Sensors. In W. Lee, L. Mè, and A. Wespi, editors, Proceedings of the 4 th International Symposiun on Recent Advances in Intrusion Detection (RAID 2001), volume 2212 of LNCS, pages 69–84, Davis, CA, October 2001. Springer-Verlag.

    Chapter  Google Scholar 

  32. D. Wagner and D. Dean. Intrusion Detection via Static Analysis. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 2001. IEEE Press.

    Google Scholar 

  33. C. Warrender, S. Forrest, and B.A. Pearlmutter. Detecting intrusions using system calls: Alternative data models. In IEEE Symposium on Security and Privacy, pages 133–145, 1999.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of California, Santa Barbara

    Giovanni Vigna, Bryan Cassell & Dave Fayram

Authors
  1. Giovanni Vigna
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bryan Cassell
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dave Fayram
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Human and Machine Cognition, University of West Florida, 40 South Alcaniz Street, 32501, Pensacola, FL, USA

    Niranjan Suri

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vigna, G., Cassell, B., Fayram, D. (2002). An Intrusion Detection System for Aglets. In: Suri, N. (eds) Mobile Agents. MA 2002. Lecture Notes in Computer Science, vol 2535. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36112-X_5

Download citation

  • DOI: https://doi.org/10.1007/3-540-36112-X_5

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00085-3

  • Online ISBN: 978-3-540-36112-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation