State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
IEEE Transactions on Software Engineering
Software engineering for mobility: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Supporting reconfigurable security policies for mobile programs
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
ACM Transactions on Information and System Security (TISSEC)
Programming and Deploying Java Mobile Agents Aglets
Programming and Deploying Java Mobile Agents Aglets
Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse
IEEE Transactions on Software Engineering
Designing a Web of Highly-Configurable Intrusion Detection Sensors
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Cryptographic Traces for Mobile Agents
Mobile Agents and Security
Security Issues in Mobile Code Systems
Mobile Agents and Security
D'Agents: Security in a Multiple-Language, Mobile-Agent System
Mobile Agents and Security
Mobile Agents and Security
An Architecture for Intrusion Detection Using Autonomous Agents
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
The statl attack detection language
The statl attack detection language
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
SP 800-19. Mobile Agent Security
SP 800-19. Mobile Agent Security
Detecting malicious java code using virtual machine auditing
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Adaptive agents applied to intrusion detection
CEEMAS'03 Proceedings of the 3rd Central and Eastern European conference on Multi-agent systems
| Hi-index | 0.01 |
Mobile agent systems provide support for the execution of mobile software components, called agents. Agents acting on behalf of different users can move between execution environments hosted by different organizations. The security implications of this model are evident and these security concerns have been addressed by extending the authentication and access control mechanisms originally conceived for distributed operating systems to mobile agent systems. Other well-known security mechanisms have been neglected. In particular, satisfactory auditing mechanisms have seldom been implemented for mobile agent systems. The lack of complete and reliable auditing makes it difficult to analyze the actions of mobile components to look for evidence of malicious behavior. This paper presents an auditing facility for the Aglets mobile agent system and an intrusion detection system that takes advantage of this facility. The paper describes how auditing was introduced into the Aglets system, the steps involved in developing the intrusion detection system, and the empirical evaluation of the approach.