Please use this identifier to cite or link to this item:
|Title:||NETWORK MONITORING AND ANOMALY DETECTION USING MOBILE SECURITY" AGENTS"|
|Keywords:||ELECTRONICS AND COMPUTER ENGINEERING;NETWORK MONITORING;ANOMALY DETECTION;MOBILE SECURITY AGENTS|
|Abstract:||Mobile Agent (MA) technology is generating increasing interest in and providing elegant and uniform solutions to a wide range of applications, from network management to mobile computing and from distributed information retrieval to distributed security management. .A mobile agent is a software agent that can migrate, at a time of its own choosing, from machine to machine in a heterogeneous network. A MA that is used in distributed security management can be characterized as a Security Mobile Agnt (SMA). An anomaly can be defined as "A deviation of the system from the normal system usage patterns". Anomaly detection is based on the observation of deviations from normal system usages patterns. It is detected by building up a profile of the system being monitored, and detecting significant deviations from this profile. This report describes the implementation of a Distributed Security Mobile Agent System (DSMAS)-for monitoring and anomaly detection on networked computers. It consists of a set of security agents. There are Monitoring agents which monitor multiple levels (packet and system) of networked computers to determine the correlation among the observed anomalous patterns, and report such abnormal behavior to the network administrator and/or to a Decision/Action (D/A ) Agent. The D/A agent takes action to counter a suspected security violation or reports it to the user. The report focuses on the design. aspects of such a monitoring and anomaly detection system by integrating Adaptive Resonance Theory (ART-2) and mobile agent technology. The PMADE (Platform for Mobile Agent Distribution and Execution) system, developed at IIT Roorkee, is used as the base agent architecture. The application is developed using JAVA J2SDK1.42, Kwrite text editor and tested on Mandrake Linux 9.2 and runs on three networked Pentiums running PMADE.|
|Research Supervisor/ Guide:||Garg, Kum Kum|
|Appears in Collections:||MASTERS' DISSERTATIONS (E & C)|
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.