A Topology-Adapted Network Defense Model Based on Mobile Agent

  • Yichuan Jiang
  • Yiping Zhong
  • Shiyong Zhang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3252)


Since the topology of now network system is always dynamic, the paper provides a network active defense model that is adaptive for dynamic topology based on the mobile agent technology. The model includes three parts: network topology discovery, adaptive agents modulation mechanism and active defense. The model provided by the paper contains two kinds of agents: topology discovery agent and defense one. The model uses mobile network topology discovery agents to actively probe the current network topology and encodes it; then the adaptive modulation part of the model implements the distribution and migration of the defense agents according to the current topology; at last the defense agents then make active defense for the network.


Network Topology Intrusion Detection Mobile Agent Adaptive Modulation Active Defense 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Lee, W., Stolfo, S.J., Mok, K.W.: A Data Mining Framework for Building Intrusion Detection Models. In: IEEE Symposium on Security and Privacy 1999, pp. 120–132 (1999)Google Scholar
  2. 2.
    Ludoric ME. GASTATA, A Genetic Algorithm as an Alternative Tool for Security Audit Trails Analysis,
  3. 3.
    Balasubramaniyan, J., Garcia-Fernandez, J.O., Isacoff, D., Spafford, E.H., Zamboni, D.: An Architecture for Intrusion Detection using Autonomous Agents. Department of Computer Science, Purdue University; Coast TR 98-05 (1998)Google Scholar
  4. 4.
    Asaka, M., Okazawa, S., Taguchi, A., Goco, S.: A Method of Tracing Intruders by Use of Mobile Agents. In: INET 1999 (June 1999)Google Scholar
  5. 5.
    Parikh, S.: A Framework of System Integrator for MAIDS[Report for the degree of Master of Science]. Iowa State University, Ames, Iowa. (2001)Google Scholar
  6. 6.
    Jiang, Y., Zhong, Y., Zhang, S.: A Network Defense Model Adapted to Variable Topology. In: The Proceeding of Network Research Workshop 2003, APAN. Busan, Korea (August 2003)Google Scholar
  7. 7.
    Carver Jr., C.A.: Adaptive Agent-based Intrusion Response. [PH.D Thesis]. Texas A&M University (2001)Google Scholar
  8. 8.
    Lin, H.-C., Wang, C.-H.: Automatic Topology Discovery Using Mobile Agents. In: Proceeding of the International Workshop on Agent Technologies over Internet Applications, September 26-28 (2001)Google Scholar
  9. 9.
    Lowekamp, B., O’Hallaron, D.R., Gross, T.R.: Topology Discovery for Large Ethernet Networks. In: SIGCOMM 2001, August 27-31 (2001)Google Scholar
  10. 10.
    Holland, J.H.: Genetic Algorithms. Scientific American 267, 60–78 (1992); [mcr95] Crosbie, M., Spafford, G.: Defending a Computer System Using Autonomous Agents. In: Proceedings of the 18th National Information Security Conference (October 1995)CrossRefGoogle Scholar
  11. 11.
    Herringshaw, C.: Detecting Attacks on Networks. IEEE Computer Magazine, 16–17 (December 1997)Google Scholar
  12. 12.
    D’haeseleer, P., Forrest, S., Helman, P.: An Immunological Approach to Change Detection: Algorithms, Analysis, and Implications. In: Proceedings of the 1996 IEEE Symposium on Computer Security and Privacy, pp. 110–120 (1996)Google Scholar
  13. 13.
    Colorni, A., Dorigo, M., Maniezzo, V.: Distributed Optimization by Ant Colonies [A]. In: Proceedings of the 1st European Conf. Artificial Life [C], Pans, France: Elsevier, pp. 134–142. Elsevier, Pans (1991)Google Scholar
  14. 14.
    Jansen, W., Mell, P., Kargiannis, T., Marks, D.: Mobile Agents in Intrusion Detection and Response. In: Proceedings of the 12th Annual Canadian Information Technology Security Symposium, Ottawa, Canada (June 2000)Google Scholar
  15. 15.
    Tanachaiwiwat, S., Hwang, K., Chen, Y.: Adaptive Intrusion Response to Minimize Risk over Multiple Network Attacks. ACM Trans on Information and System Security, August 19 (2002)Google Scholar
  16. 16.
    Aguilar, J.: A General Ant Colony Model to Solve Combinational Optimization Problems. Revista Colombiana De Computaction 2(1), 7–18Google Scholar
  17. 17.
    Si-Yun, H.: Stochastic Processes, pp. 49–75. South-East University Pree (1988)Google Scholar
  18. 18.
    LIN-Chuang: Computer Network and Computer System Performance Evaluation, pp. 176–185. Tsinghua University Press, Beijing (2001)Google Scholar
  19. 19.
    HE-Yong, WANG Hong-Wei, FEI-Qi: Petri-Net-Based Modeling Support. Journal of Huazhong University of Science & Technology 23(5), 52–56 (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Yichuan Jiang
    • 1
  • Yiping Zhong
    • 1
  • Shiyong Zhang
    • 1
  1. 1.Department of Computing & Information TechnologyFudan UniversityShanghaiChina

Personalised recommendations