Browse > Article

A Secure Agent Communication Mechanism for Intruder Tracing System  

최진우 (국민대학교 전산과학과)
황선태 (국민대학교 컴퓨터학부)
우종우 (국민대학교 컴퓨터학부)
정주영 (국가보안기술연구소)
최대식 (국가보안기술연구소)
Publication Information
Journal of KIISE:Information Networking / v.29, no.6, 2002 , pp. 654-662 More about this Journal
Abstract
As the Internet technology becomes a major information infrastructure, an emerging problem is the tremendous increase of malicious computer intrusions. The present Intrusion Detection System (IDS) serves a useful purpose for detecting such intrusions, but the current situation requires more active response mechanism other than simple detection. This paper describes a multi-agent based tracing system against the intruders when the system is attacked. The focus of the study lies on the secure communication mechanism for the agent message communication. We have extended parameters on the KQML protocol, and apt)lied the public key encryption approach, The limitation might be the requirements of two-way authentication for every communication through the broker agent. This model ma)r not improve the efficiency, but it provides a concrete secure communication. Also this is one important factor to protect the agent and the tracing server during the tracing process.
Keywords
KQML; Intruder Tracing; Multi-agent System;
Citations & Related Records
연도 인용수 순위
  • Reference
1 P. Stone and M. Veloso, 'Multiagent Systems: A Survey from a Machine Learning Perspective,' Technical Report CMU-CS-97-193, School of Computer Science, Carnegie Mellon University, Pittsburg, PA 15213, 1997
2 M. N. Huhns and L. M. Stephens, 'Multi agent Systems and Societies of Agents,' In Multiagents Systems. A Modern Approach to Distributed Artificial Intelligence. Weiss, Gehrard, ed. Cambridge, Mass., MIT Press, pp 79-120, 1999
3 H. Chalupsky, T. Finin, R. Fritzson, D. McKay, S. Shapiro, and G. Weiderhold, 'An overview of KQML: A knowledge query and manipulation language,' Technical report, KQML Advisory Group, April 1992http://www.csee.umbc.edu/kqml/papers/kqmloverview.ps
4 N. Bhandaru and W. Croft, 'An architecture for supporting goal-based cooperative work,' In Gibbs S. and Verrijn-Stuart A., eds., Multi-User Interfaces and Applications, pp 337-354, Elsevier Science Publishers B.V., North-Holand, 1990
5 J. C. Corbett, 'The S-expression design language (SEDL),' ICS-TH-93-02, Information and Computer Science Department, University of Hawaii at Manoa, 1993
6 T. Finin, R. Fritzson, D. McKay, and R. McEntire, 'KQML: An information and knowledge exchange protocol,' In K. Funchi and T. Yokoi, editors, Knowledge Building and Knowledge Sharing. Ohmsha and IOS Press, 1994
7 R. Feiertag, C. Kahn, P. Porras, D. Schnackenberg, S. Staniford-Chen, B. Tung, 'A Common Intrusion Specification Language(CISL),' 10 March 2000, http://www.gidos.org/drafts/language.txt
8 S. Staniford-Chen, B. Tung, and D. Schnackenberg, 'The Common Intrusion Detection Framework(CIDF),' Position paper accepted to the Informatio Surviv-ability Workshop, Orlando FL, October 1998
9 Asaka, M., Taguchi, A., Goto, A., 'Implementation of IDA: An Intrusion Detection Agent System,' http://www.ipa.go.jp/STC/IDA/paper/first.ps
10 J.S.BaJasubramaniyan, J.O.Garcia-Femandez, D.lsacoff, E.Spafford,and D. Zamboni, 'Architecture for Intrusion Detection using Autonomous Agents,' COAST Technical Report, COAST Laboratory, Purdue University, 1998
11 R. Rivest, 'S-expressions,' Internet Draft draft-rivest-sexo-00.txt, 1997
12 C. Thirunavukkarasu, T. Finin, J. Mayfield, 'Secret Agents - A Security Architecture for the KQML Agent Communication Language,' Proc. of CIKM '95 Intelligent Information Agents Workshop, 1995
13 Q. He, K. P. Sycara, 'Personal Security Agent: KQML-Based PKI,' to appear in Autonoumous Agents '98, Mineneapolis/St. Paul, May 10-13, 1998   DOI
14 Hando Kim, Min Soo Kim, Yeongho Kim, Suk Ho Kang, 'Design of SKAP(Secure KQML Agent Protocol),' Journal of the Korean Institute of Industrial Engineers(JKIIE), '98 Fall Academic Conference, 1998