Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Applying Mobile Agents to Intrusion Detection and Response

Published

Author(s)

Wayne Jansen, Tom T. Karygiannis, D G. Marks, Peter M. Mell

Abstract

Effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, mobile agents go a long way toward realizing the ideal behavior desired in an Intrusion Detection System (IDS). This report is an initial foray into the relatively unexplored terrain of using Mobile Agents for Intrusion Detection Systems (MAIDS). It suggests a number of innovative ways to apply agent mobility to address shortcomings of current IDS designs and implementations, and explores several new paradigms involving mobile agents. The report looks not only at the benefits derived from mobility, but also those inherent to agent technology, such as autonomous components. We explore these benefits in some detail and propose specific research topics in both the intrusion detection and intrusion response areas. We also discuss performance advantages and disadvantages that occur when using mobile agents in intrusion detection and response. The report concludes with a rating of the proposed research topics, falling under three main areas: performance enhancements, design improvements, and response improvements.
Citation
NIST Interagency/Internal Report (NISTIR) - 6416
Report Number
6416

Keywords

intrusion detection, intrusion response, mobile agents

Citation

Jansen, W. , Karygiannis, T. , Marks, D. and Mell, P. (1999), Applying Mobile Agents to Intrusion Detection and Response, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.IR.6416 (Accessed April 15, 2024)
Created October 1, 1999, Updated November 10, 2018