Mobile Agent Based Distributed Intrusion Detection System
#1

[attachment=3934]

Mobile Agent Based Distributed Intrusion Detection System.
Abstract:-

This project have the implementation of a distributed agent architecture for intrusion detection and response in networked computers. Unlike conventional intrusion detection systems (IDS), this security system attempts to emulate mechanisms of the natural immune system using Java-based mobile software agents. These security agents monitor multiple levels (packet, process, system, and user) of networked computers to determine correlation among the observed anomalous patterns, reporting such abnormal behavior to the network administrator and/or possibly taking some action to counter a suspected security violation. The project focuses on the design aspects of such an intrusion detection system by integrating different artificial intelligence techniques and a mobile agent architecture.

Implementation of security agents monitor multiple levels Packet, Process, System, and user of networked computers to determine correlation among the observed anomalous patterns, reporting such abnormal behavior to the network administrator and/or possibly taking some action to counter a suspected security violation.
¢ Active monitoring
Alter detection policies in response to critical events
¢ Robust
Detect failed components and restore them without stopping the system
¢ Acceptable system performance
Should not interfere with the normal functioning of the host.
¢ Dynamic configurability
¢ Change in configuration of software components, administrative policies
¢ Dynamic extensibility
Addition of new monitoring functions, tools
Implementation Modules :-
1. GUI based Remote Interface Monitoring

Listing a Remote Host
Listing Mobile Agent
Display a Warning
Agent Action
Agent information
2. Designing a Remote Server Application

This module is designed for managing and controlling the agents
Execution of agents on the runtime. A machine that hosts incoming agents is running the Java runtime environment. This runtime must implement facilities for executing agents concurrently. Java provides the ability to run several threads on a Java runtime . Therefore, it is easy to manage several concurrent application processes (called agents) on the same runtime. When an agent needs to execute on the runtime, the runtime creates a new thread which executes the agentâ„¢s program.

Migration of agents between different runtimes. The second important issue when implementing a mobile agent distributed environment is agent migration. When an agent
migrates, two kinds of objects have to be transferred: classes and instances. The classes
constitute the program executed by the agent while the instances compose the execution
3. Mobile Agents

The agent learns about its environment and actions to be more effective. The agent must be able to communicate not only with the master agent at the host but with other agents, too. Through this communication, an agent can collaborate with other agents in the intention to reach its goals

4. User Authentication

Creating
Remove
Change
user key.
5. Implementing Mobile Agents

6. Agent is implemented in Agent Runtime Enviroment
Flow Chart

Software Requirements :-

Language : Java, RMI, SWING
O/S : WIN2000 Server , TCP/IP
Reply
#2
I need working flow chart on mobile agent based distributed transaction .so please help me
Reply
#3
Presented by,
Madhuri D. Unde

[attachment=13018]
INTRODUCTION
• Intrusion: Problem of identifying individuals who are using a computer system without authorization.
Types of Intrusion detection system
1) Anomaly detection
2) Misuse detection
System description
• Background in IDS
• Strategies of analysis
1) Anomaly detection
2) Policy detection
Types of IDS
1)HIDS
2)NIDS
IDS Requirements
 Functional requirements
-Monitor and report intrusion
-Low false alarm rate
-Provide enough information if intrusion is detected
-Adaptive to network topology
 Performance requirements
-Detected in real time
-IDS must be scalable
IDS limitations
1) Lack of efficiency
-It slows down the system
2)Exposure to attacks
-Cutting of control branch
3)High False positive
ID system component
1) Sensors
2) Analyzers
3) User interface
Mobile agent technology Mobile agent
• What is Agent?
• Mobile agent
• Characteristics of MA
1) Reducing network load
2) Overcoming Network Latency
3) Asynchronous Execution and Autonomy
4) Dynamic Adaptation
5) Robust Behavior
6) Scalability
Disadvantages
• Security
• Performance
• Code size
• Lack of prior knowledge
• Limited exposure
• Coding and deployment difficulties

Reply
#4
Presented By
Miss. Madhuri Unde
Miss. Neha Tiwari

[attachment=13029]
What is an agent?
An agent is a physical or a logical entity characterized by the following Attributes:
Autonomy: agents are independently running entities, they operate (In ideal cases) without human control,
Mobility: agents are able to suspend processing on one platform and to move to another one where they resume execution,
Rationality: agents represent the capacity to analyze and solve a Problem in a rational manner,
Reactivity: agents perceive their environment and adapt their behavior In a dynamic way to match, as soon as possible, new environment Parameters,
Inferential capability: agents are able to share a set of knowledge in order to achieve a specific goal,
Pro-activeness: agents can decide to adapt their behavior to their Environment,
Social ability: agents are able to meet and interact with other Agents. The interaction and collaboration between agents is achieved by an agent communication language and it may depend on ontology.
Useful characteristics of mobile Agents
• Reducing Network Load
Existing IDS are faced with the problem of performing a huge amount of data over transfer. Abstracted forms of this Data are usually sent from all locations in the network to the central site in Order to be processed. Sending a huge amount of data causes an increase Of a network loads. Mobile agents offer the opportunity to overcome this Problem by eliminating the need of so much data transfer. The processing Program (agent) can be dispatched to the host containing crucial data. This will reduce network traffic since an agent is smaller than the processed Data,
• Overcoming Network Latency
Mobile agents are able to dispatch from a Host to carry out operations directly to the remote point of interest, thus Agent scans provide an appropriate response faster than hierarchical IDS
That has to communicate with a central coordinator based elsewhere on the network.
• Asynchronous Execution and Autonomy
Agents can be stopped and started without disturbing the rest of the IDS. Notice that the mobile
agents are able to continue to operate autonomously even if the host platform where it was created is not available or is disconnected from the Network. Mobile agent frameworks provide IDS with the possibility of Continuing to work even when a central controller is down,
• Dynamic Adaptation
Mobile agents can be retracted, cloned, dispatched, Killed or put to sleep as network’s configuration, topology and traffic characteristics Change over time. As the number of nodes in the network Increases, agents can be cloned and dispatched to these new computing Elements.
• Robust Behavior
Mobile agents have the ability to react dynamically to Security conditions making it easier to build robust distributed systems.
• Scalability
Distributed mobile agents IDS are one of several options that allow computational load and diagnostic responsibilities to be distributed throughout the network. This improves scalability and maintains Fault-resistance behavior.
Model architecture
It has mobile agent which moves from host to host to collect the data. In contrast to the above model, this model does not use the stationary or static agent. In fact our roaming agent moves to predefined host to collect Data. The supervisor also act as evaluator that takes the Decision whether suspicious activity is detected at a particular Host and alerts with the help of action agent.
Supervisor Agent: This assigns the tasks to the other agents & dispatches the roaming agent. This decides which roaming Agent is to be dispatched. All the roaming agents coordinate With the supervisor. This agent as an evaluator determines the Occurrence of intrusion with the help of inference rules.
Roaming Agent: The roaming agent sits in the host or moves Host to host and collects the suspicious activities and Coordinates with the supervisor. The roaming agent is composed of three parts: code, itinerary and results. It moves following a predetermined itinerary established by supervisor. Upon reaching a host the Aglet platform begins executing the Code and carries the result.
Action Agent: The main purpose Of this agent is to notify the administrator when intrusion
Occurred. It receives an alert generated from supervisor.
How it works:
The monitoring and detection starts with user interaction to the supervisor. The supervisor agent then sends a roaming Agent, which then starts collecting data on the machine, which is to be monitored. The roaming agent also tries to detect Deviation from the normal. If any deviation is noticed, Information is send to the supervisor agent. The supervisor Agent then detects the type of anomaly based on interference Rule. Once the suspicious activity is found, a report is send to
The action agent, which raises an alert.
Disadvantages
Security

The security concerns related to mobile code are one of the main obstacles to the widespread use of this technology. The MA computing paradigm presents a number of security threats that are not addressed by conventional security techniques. Standard security techniques must be modified or new techniques invented to address these threats.
Performance
One of the most challenging problems facing IDSs is improving the speed with which they can identify malicious activity. Not only must IDSs detect attacks quickly, but them must also process system events in real time. This task is becoming ever more difficult as network bandwidth increases. MA runtime environments slow down MAIDS especially if they are When performance criteria are taken into consideration, it is more likely that IDSs will be built using a combination of mobile agents, static agents, and other technologies.
Code Size
IDSs are complex pieces of software. Agents that perform IDS services may thus be required to contain a large amount of code. If these agents are supposed to do operating system specific tasks on multiple operating systems then this code base may get extremely large. The size of MA code may limit the functionality of MAIDS because it will take a long time to transfer an agent between hosts. In addition, such a transfer will require greater computing and network resources.
Lack of Priori Knowledge
Large enterprise networks are comprised of several different hardware platforms, running several different operating systems, each having different configurations and running different applications. It is not trivial for the mobile agents to have a priori knowledge about how a system is configured, how data is arranged, and still remain lightweight. Static and less transient agents may be more familiar with how data is locally arranged and accessed, and able to act as intermediaries between mobile agents and other platforms. Localized data may be more efficiently manipulated through standard APIs.
Limited Exposure
The client-server computing paradigm is well understood and quite mature as a technology, but the area of distributed control of mobile agent systems is still the subject of many research efforts. An agent’s envisioned autonomous behavior, involving collaboration with other agents at various network locations, creates a dynamic environment that requires new design methodologies and modeling tools to properly formulate and construct agent-based systems. The lack of mature agent design methodologies and modeling tools makes this task difficult, but the problem is likely to be overcome as commercial demand for these product increases and is eventually satisfied.
Coding and Deployment Difficulties
MAs that are developed in-house or purchased from trusted vendors are likely to undergo the same software engineering methods as their non-mobile counterparts in order to assure the quality of code. This standard development process historically produces code with many faults. MAs' inherent capabilities, such as moving and cloning, add more complexity to the design and development process.
Reply
#5
can v have Mobile agent based wireless sensor networks ppt slides.......pls send me urgent
Reply
#6
can v any body have 'Mobile agent based wireless sensor networks' plss send meurgentttttt
Reply
#7

to get information about the topuc"Mobile Agent Based Distributed Intrusion Detection System" refer the page link bellow

http://studentbank.in/report-mobile-agen...ion-system
Reply
#8
i want source code for this project please send me urgent
Reply
#9

to get information about the topic Mobile Agent Based Distributed Intrusion Detection System full report ,ppt and related topic refer the page link bellow

http://studentbank.in/report-mobile-agen...ion-system

http://studentbank.in/report-mobile-agen...tem?page=2

http://studentbank.in/report-safe-mobile...-detection
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: diagram for agent based efficient anomaly intrusion detection system, mobile agent detection, mobile agent in distributed multimedia database system, a safemobile agent system for distributed intrusion detection, a safe mobile agent system for distributed intrusion detection, agent based intrusion detection in active network using digital signature, a distributed intrusion detection system based on agents ppt,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  SPOC: A Secure and Privacy-preserving Opportunistic Computing Framework for Mobile-He 1 876 14-02-2017, 03:49 PM
Last Post: jaseela123d
  Critical State-Based Filtering System for Securing SCADA Network Protocols 1 838 14-02-2017, 12:48 PM
Last Post: jaseela123d
  Content-based image retrieval (CBIR) System project topics 15 13,653 13-05-2016, 02:30 PM
Last Post: dhanabhagya
  SUSPICIOUS EMAIL DETECTION seminar class 11 7,774 21-04-2016, 11:16 AM
Last Post: dhanabhagya
  Development of a workflow based Complaint Management System (where the complaints are mechanical engineering crazy 5 5,592 28-08-2015, 04:59 AM
Last Post: AlbertFak
  DATA LEAKAGE DETECTION project topics 16 13,002 31-07-2015, 02:59 PM
Last Post: seminar report asees
  An Acknowledgement-Based Approach for the Detection of routing misbehavior in MANETs mechanical engineering crazy 2 2,941 26-05-2015, 03:04 PM
Last Post: seminar report asees
  Web Based Blood Bank Management System project report maker 4 12,585 18-04-2015, 07:12 PM
Last Post: Guest
  MOBILE PHONE BASED ATTENDANCE TRACKING SYSTEM seminarsonly 25 20,833 06-03-2015, 07:18 PM
Last Post: unas
  An Acknowledgment-Based Approach For The Detection Of Routing Misbehavior In MANETs electronics seminars 7 4,671 27-01-2015, 12:09 AM
Last Post: Guest

Forum Jump: