Mobile Agent Attack Resistant Distributed Hierarchical Intrusion Detection Systems

Abstract

Distributed intrusion detection systems are especially vulnerable to attacks because the components reside at a static location and are connected together into a hierarchical structure. An attacker can disable such a system by taking out a node high in the hierarchy, thus amputating a portion of the distributed system. One solution to this problem is to cast the internal nodes in the system hierarchy as mobile agents. These mobile agents randomly move around the network such that an attacker can not locate their position. If an attacker takes out a mobile agent platform, the remaining agents estimate the location of the attacker and automatically avoid those networks. Killed agents are resurrected by a group of backups that retain all or partial state information. We are implementing this technology as an API such that existing intrusion detection systems can wrap their components as mobile agents in order to gain a type of "attack resistance".

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 10, 1999
Accession Number
ADA391492

Entities

People

  • Mark Mclarnon
  • Peter Mell

Organizations

  • National Institute of Standards and Technology

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Abstracts
  • Classification
  • Command And Control
  • Command And Control Systems
  • Communication Channels
  • Computing System Architectures
  • Denial Of Service Attack
  • Detection
  • Detectors
  • Directories
  • Hierarchies
  • Information Operations
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Platforms

Fields of Study

  • Computer science

Readers

  • Agent-Based Social Robotics and Mobile-Assisted Learning in Virtual Environments.
  • Irregular Warfare and Special Operations Cyberspace Operations against Adversarial Threats.
  • Parallel and Distributed Computing.