P ROTOCOL FOR COLLABORATING MOBILE AGENTS IN THE NETWORK INTRUSION DETECTION SYSTEMS. By Olumide Simeon Ogunnusi Shukor Abd Razak

T OPICS COVERED : what are mobile agents ? need for an intrusion detection system for them Related background Proposed system architecture key distribution protocol

M OTIVATION Mobile agents have Great applications But are vulnerable to intrusions which in turn causes threat to the network which they operate on. Great need of an efficient system that prevents intrusions that are targeted through mobile agents. so that, they are accepted by different networks.

W HAT ARE MOBILE AGENTS ? A mobile agent is an autonomous software agent that has the capability of moving from one host to another with its components. They can carry data, code and state. Features. mobile autonomous learning effective for distributed systems

N ETWORK V ULNERABILITIES A malicious visiting agent can intercept and attack legitimate collaborative agents. Malicious code can be sent into the network through Mobile Agents. Types of Attacks Confidentiality Integrity Availability

P REVIOUS R ESEARCH Various Cryptography methods were proposed But none provide complete safety from the possible attacks They limit the functionality of the Agents or do not protect against the confidentiality, integrity or the availability attacks. Guan and Huanguo-2010 Cryptographic protocol where behaviour of hosts and agents can be monitored.

Malicious Identification Police (MIP) Uses the extended Root Canal algorithm Efficient in integrity protection of agents and agent platform. Does not protect the confidentiality of agents components Carles et al Simpler implementation of cryptographic methods for agent communication. Srivastava and Nandi (2013) A system where the interaction between the agents is limited during their execution

Woei-Jiunn (2012) Prevents illegal alteration of Agents and Hosts Uses proxy signature and Elliptic curve cryptographic techniques Abdelhamid et al. (2007) Protects Agents from malicious hosts. Uses timeouts, and digital signature based cryptographic methods for secure communications. Rajeshwar et al Protocol for secure routing based on reputation value and trust value. Uses two agents, one for generating routing table and second to retrieve securely from non malicious hosts.

P ROPOSED S YSTEM

Agent Server Creates all mobile agents. Requests for the private/public key pairs from CA1 Keeps database of the certificates and private keys Backup Agent Server Replica of the agent server Ensures uninterrupted availability when the agent server breaks down Certification Authority Trusted third party used to authenticate intercommunication between two or more networks.

Security Domain It is the network domain of an agent system. Consists of agent server, backup agent server, network server, host key store and mobile agents. Messaging System Messaging system provides facilities for agents’ local and remote communication. It establishes communication links between collaborating agents Execution platform It is a host platform or network server platform appointed by the agent server to coordinate, monitor and supervise the execution and collaboration of cooperating Agents.

K EY DISTRIBUTION P ROTOCOL

A SSUMPTIONS The two network domains considered in our protocol should use two distinct Certification Authorities The visiting agent is not having the same mission as the cooperating mobile agents The network server, execution platform, host platform and the cooperating mobile agents are trusted entities

C ONCLUSION This system provides a fault tolerant security protocol for mobile agents. Two key measures that ensure fault tolerance. Establishment of backup agent server Dynamic appointment of host Execution platform

Vivek konathala