Intranet security with micro-firewalls and mobile agents for proactive intrusion response

Author

Gangadharan, Muralidaran ; Hwang, Kai

Author_Institution

Internet & Cluster Comput. Lab., Univ. of Southern California, Los Angeles, CA, USA

fYear

2001

fDate

2001

Firstpage

325

Lastpage

332

Abstract

We propose a distributed multi-level architecture to solve the intranet security problem. The basic idea is to build micro firewalls on all hosts in the intranet, as a second line of defense behind the gateway firewall. A distributed intrusion detection system (IDS) is developed to achieve proactive intrusion responses with dynamic policy changes. Mobile agents, CORBA, and RMI are evaluated for dynamic policy update. We find that mobile agents are most scalable and robust for policy update, but prone to attacks by other agents and hosts. CORBA has the best speed performance. The Java-based RMI has the highest security based on the sandbox model. Key concepts, preliminary results, and continued research challenges are presented

Keywords

Java; authorisation; distributed object management; intranets; software agents; CORBA; Java-based RMI; Proactive Intrusion Response; distributed intrusion detection system; distributed multi-level architecture; dynamic policy changes; dynamic policy update; intranet security; micro-firewalls; mobile agents; sandbox model; Computer networks; Data security; Inductors; Intrusion detection; Laboratories; Mobile agents; Protection; Robustness; Scalability; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Networks and Mobile Computing, 2001. Proceedings. 2001 International Conference on

Conference_Location

Los Alamitos, CA

Print_ISBN

0-7695-1381-6

Type

conf

DOI

10.1109/ICCNMC.2001.962615

Filename

962615