Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

SAPA: Software Agents for Prevention and Auditing of Security Faults in Networked Systems

  • Conference paper
Information Networking. Convergence in Broadband and Mobile Networking (ICOIN 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3391))

Included in the following conference series:

  • 995 Accesses

Abstract

This paper describes the design and implementation of a multi-agent system to detect and audit host security vulnerabilities. The system uses agent platforms allocated through the network to scan and interact with each host. The information collected by each agent is then used to build a common knowledge base that together with data retrieved from vulnerabilities information sources is used to improve the overall security. This approach reduces the total time to scan the network and the processing time overhead associated. The amount of traffic involved is also reduced. It allows the dissemination of updated knowledge about the network security status and reduces the communication with the network administrator. This solution provides an autonomous and proactive distributed system. It acts as a vulnerability assessment tool to make security notifications only if needed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Householder, A., Houle, K., Dougherty, C.: Computer Attack Trends Challenge Internet Security. IEEE Computer, Security and Privacy - Supplement, 5–7 (April 2002)

    Google Scholar 

  2. CERT, http://www.cert.org (Accessed 05/30/2004)

  3. NIST: National Institute of Standards and Technology, http://www.nist.org (Accessed 05/30/2004)

  4. Nessus, http://www.nessus.org (Accessed 05/30/2004)

  5. SARA: The Security Auditors Research Assistant, http://www-arc.com/sara/ (Accessed 05/30/2004)

  6. Securitymetrics. Integrated Vulnerability Assessment, Intrusion Detection and Prevention. Technical White Paper, Securitymetrics (2003)

    Google Scholar 

  7. Qualys. On-Demand Security Audits and Vulnerability Management: A Proactive Approach to Network Security. Technical White Paper, Qualys (2003)

    Google Scholar 

  8. Bace, R.: An Introduction to Intrusion Detection & Assessment. In: Technical White Paper, ICSA (1999)

    Google Scholar 

  9. Nmap, http://www.nmap.org (Accessed 05/30/2004)

  10. Saint, http://www.saintcorporation.com (Accessed 05/30/2004)

  11. Snort: Open source network intrusion detection system, http://snort.org (Accessed 05/30/2004)

  12. Pedireddy, T., Vidal, J.M.: A Prototype Multiagent Network Security System. In: Proceedings of the Second International Joint Conference on Autonomous Agents and Multiagent Systems AAMAS 2003, Melbourne, Australia, July 14-18 (2003)

    Google Scholar 

  13. Humphries, J.W., Pooch, U.W.: Secure Mobile Agents for Network Vulnerability Scanning. In: Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, New York, United States, June 6-7, pp. 19–25 (2000)

    Google Scholar 

  14. Zhang, M., Karmouch, A., Impey, R.: Adding Security Features to FIPA Agent Platforms

    Google Scholar 

  15. JADE (Java Agent DEvelopment Framework), http://jade.tilab.com

  16. Cardoso, R.C., Freire, M.M.: An Agent-based Approach for Detection of Security Vulnerabilities in Networked Systems. In: Proceedings of 11th International Conference on Software, Telecommunications and Computer Networks (SoftCom 2003), Split, Dubrovnik (Croatia), Venice, Ancona (Italy), October 7- 10, pp. 49–53 (2003)

    Google Scholar 

  17. CVE: Common Vulnerabilities and Exposures, http://www.cve.mitre.org (Accessed 05/30/2004)

  18. ICAT: Internet Categorization of Attacks Toolkit, http://icat.nist.gov (Accessed 05/30/2004)

  19. Mell, P.: Understanding the World of your Enemy with I-CAT (Internet- Categorization of Attacks Toolkit). In: 22nd National Information System Security Conference (October 1999)

    Google Scholar 

  20. Anderson, J.P.: Computer Security Threat Monitoring and Surveillance. James P. Anderson, Co., FortWashington (1980)

    Google Scholar 

  21. Martin, R.A.: Managing Vulnerabilities in Networked Systems. IEEE Computer 34(11), 32–38 (2001)

    Google Scholar 

  22. Kemmerer, R.A., Vigna, G.: Intrusion Detection: A Brief History and Overview. IEEE Computer, Security and Privacy - Supplement, 27–29 (April 2002)

    Google Scholar 

  23. Manikopoulos, C., Papavassiliou, S.: Network Intrusion and Fault Detection: A Statistical Anomaly Approach. IEEE Communications Magazine 40(10), 76–82

    Google Scholar 

  24. Kim, B., Jang, J., Chung, T.M.: Design of Network Security Control Systems for Cooperative Intrusion Detection. In: Chong, I. (ed.) ICOIN 2002. LNCS, vol. 2344, pp. 389–398. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  25. Bellifemine, F., et al.: JADE - A FIPA-compliant agent framework. In: Proceedings of PAAM 1999, London, April 1999, pp. 97–108 (1999)

    Google Scholar 

  26. FIPA, http://www.fipa.org (Accessed 05/30/2004)

  27. FIPA ACL Message Structure Specification, http://www.fipa.org/specs/fipa00061/ (Accessed 05/30/2004)

  28. PortsDB (Ports Database), http://www.portsdb.org (Accessed 05/30/2004)

  29. Labrou, Y., Finin, T., Peng, Y.: Agent communication languages: The current landscape. IEEE Intelligent Systems, 45–52 (March/April 1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Informatics, University of Beira Interior, Rua Marquês d’Ávila e Bolama, P-6201-001, Covilhã, Portugal

    Rui Costa Cardoso & Mário Marques Freire

Authors
  1. Rui Costa Cardoso
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mário Marques Freire
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Pohang University of Science and Technology (POSTECH), San 31 HyoJa-Dong, Nam-Gu, 790-784, Pohang, Korea

    Cheeha Kim

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Costa Cardoso, R., Marques Freire, M. (2005). SAPA: Software Agents for Prevention and Auditing of Security Faults in Networked Systems. In: Kim, C. (eds) Information Networking. Convergence in Broadband and Mobile Networking. ICOIN 2005. Lecture Notes in Computer Science, vol 3391. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30582-8_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30582-8_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-24467-7

  • Online ISBN: 978-3-540-30582-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation