Artificial immune system based mobile agent platform protection

https://doi.org/10.1016/j.csi.2012.10.003Get rights and content

Abstract

An emerging technology for systems to communicate efficiently in the distributed environment is the mobile agent. The features of the mobile agent are too big when compared with the static agent and conventional communication system. However, the security issues of the mobile agent and mobile agent platform lags its usage. Even though the protection models are available for the mobile agent environment, the vulnerabilities still exist or the models need more computational time. To mitigate these issues related with the agent platform, this paper proposed an artificial immune system (AIS) based model. The proposed model will give the separation of duties and clones to handle multiple foreign agents simultaneously to achieve the computational efficiency. The experimental results and the constructed results from the experimental results have proved that this proposed model will consume less computational time when compared with the existing models. It will detect the malicious agent by extracting and matching the patterns with the available malicious patterns and also it can identify the new malicious patterns through monitoring the agent process.

Highlights

► It will automatically identify the new malicious/non-malicious code. ► It can handle any number of agents at a time. ► There is no compromising problem because the agent will be quarantined at first. ► It will work in the form of the signature based as well as anomaly based technique.

Introduction

Software agent is a program which will act on behalf of its owner with features like autonomy, persistency, etc. Generally the agent is divided into two types: static and mobile agents. Static agent will always stay in one place and it will perform the operations for what it has created. Mobile agent is the one which will migrate from one host to another host to perform the operations for its owner. It will minimize the network traffic through minimizing the data transmission. Further, mobile agent is divided into two types to minimize the network traffic more and more. The types of the mobile agent are: single hop mobile agent (which will visit only one remote host and get back to the home) and multi-hop mobile agent (which will visit multiple remote hosts and return to the home with the required result). Because of agent versatility, nowadays static or mobile agent concept is applied in most of the applications like sensor network [7], [9], [14], network fault detection [22], e-services [28], m-commerce [29], etc. However, the vulnerabilities available in this concept lags it usage. Compared with static agent, mobile agent is more vulnerable. This is the major motivation for us to concentrate on the mobile agent environment protection especially on the agent platform where the agent get executed.

The mobile agent platform is facing a number of issues from foreign agents like denial of service attack (spamming the agent with dummy requests, suspending the agent, sending a signed message with a fake sender ID, etc.) and unauthorized access (shutdown the platform, modifying policy file, killing an agent in the platform, etc.). To protect the agent platform from these kinds of attacks, we are proposing the platform protection mechanism by incorporating the artificial immune system. Apart from our incorporation, artificial immune system have been applied for many models like anomaly detection including intrusion detection [17], [20], computer security [6], and misbehavior detection [12], [13] because of its efficiencies.

The biological immune system generally begins when a pathogen enters the biological structure [27]. The representation of the immune system is shown in Fig. 1. It shows that whenever a pathogen enters the body, the macrophages ingest it, process it and display its antigen fragments on their cell surfaces (if the pathogen comes first time to the body). The macrophage having the antigen on its surfaces is called the Antigen Presenting Cell (APC). After that, APC interacts with a T-helper cell that can recognize the antigen available on the surface. At the time of interaction, the macrophage will release a chemical alarm signal called interleukin-1, which stimulates the T-helper cell to secrete interleukin-2, which then causes the proliferation of certain cytotoxic T cells and B cells [18], [26]. The immune response from this point will go in two paths, one through cytotoxic T cells and the other one through B cells.

T cells: Normal cells of the body that become infected will be able to digest some of the pathogens and display antigen fragments on their cell surfaces. The body makes millions of different types of cytotoxic T cells (killer T cells). Each type is able to recognize a particular antigen. The cytotoxic T cells that are capable of recognizing the antigen on the infected cell surfaces bind to the infected cells and produce chemicals to kill the infected cell. The death of the infected cells results in killing of the pathogen [27]. The helper T cell also generates the memory T-cell for the respective pathogen to prevent it in future.

B cells: It will also come in millions of different types; each can recognize a particular antigen. Whenever B cells get activated by T-helper cells (HT cell), they differentiate into plasma cells. These plasma cells become antibody producing factories, flooding the bloodstream with antibodies that can bind to the antigen involved in this infection. Antibodies bind to the antigens on the surfaces of the pathogens, marking them for destruction by macrophages. Also some of the B cells do not turn into antibody factories but instead become memory B cells that may survive for several years to prevent the same pathogen in the future. The secondary immune response which will come from the memory B-cell is what gives strong immunity to the same disease after you have had them once or after you have been vaccinated [27]. If the same pathogen enters the body again, the memory B-cell or memory T-cell will directly start the functions to kill the pathogen instead of once again processing the pathogen by the macrophages (APC).

The immune system in our body is working in two scenarios: one is innate immune system (work with our own cell) and the second is adaptive immune system (vaccinated cell). In innate immune system, responses are non-specific, meaning these systems respond to pathogens in a generic way [8]. However, both of them use to follow the same procedure to kill the pathogens.

For agent platform protection, already we had proposed simple and policy based Malicious Identification Police (MIP) model with the Attack Identification Scanner, which will also work moreover the same as the above biological immune system but we did not discuss that perspective, also the separation of duties is not like the immune system and there is also no cloning (proliferation) concept. Now, this paper proposes the model by incorporating biological immune system as artificial immune system to protect the agent platform. The main motivation behind this paper is, these days the agent or mobile agent concept is used everywhere. Even the artificial immune system is applied into many of the environments like robotics [21], sensor network [24], etc. with the help of the mobile agent. Hence protecting the mobile agent platform is most important.

The remaining section of this paper is organized as follows: Section 2 gives a brief description over the related works. Section 3 describes the proposed model to protect the mobile agent platform against the malicious agent by incorporating the artificial immune system. Section 4 discusses about the experimental and constructed result analyses of the proposed model and lastly, Section 5 concludes the paper with future works.

Section snippets

Related works

To protect the mobile agent platform from the malicious agents, various techniques are available. However all the techniques are facing certain issues like time complexity, false positive, false negative, etc. This section discusses some of the existing techniques and its issues.

Sandbox [1] technique is introduced to isolate the non-trusted mobile agents. Since the non-trusted agents are isolated it cannot alter or disturb the platform or other agents running in the platform. Access to the

Components equivalent to biological immune system

To implement the immune system functionalities for agent platform protection, we have created the artificial immune system components equivalent to the biological immune system components which are given in Table 1. The pathogens (non-self cell) are the foreign mobile agents coming to the platform to perform some computation. Patterns are the functional codes of the foreign mobile agent which is like the antigens (patterns of the pathogens).

In artificial immune system based agent protection we

Experimental result analysis

This artificial immune system based model is experimented using the IBM Aglet agent server (it supports interoperability and open source) [25]. The model is implemented in the machine which has the configuration of 3.2 GHz dual core processor and 1 GB RAM. The agent code is written in Java. Table 2 shows the execution time of the various processes of the model to protect the platform. Initially when the foreign mobile agent arrives, the killer agent will start to scan the agent to detect the

Conclusion and future works

Mobile agent plays a very important role in all the environments because of its excellent features but the security issues are degrading its usage. Agent to platform attack is one of those issues which threaten the mobile agent based services. To overcome this security issue, we have proposed the novel artificial immune system based model in this paper. It will separate the duties and also it will generate the clones to handle number of foreign agents at a time in addition to other features.

References (29)

  • S. Venkatesan et al.

    Performance analysis of mobile agent failure recovery in E-service applications

    International Journal on Computer Standard and Interfaces

    (2010)
  • R. Wahbe et al.

    Efficient software-based fault isolation

    ACM SIGOPS Operating Systems Review

    (1993)
  • C. Ordille et al.

    Itinerant agents for mobile computing

    IEEE Personal Communications

    (1995)
  • J.J. Ordille

    When agents roam, who can you trust?

    (1996)
  • T. Joseph et al.

    ‘Mobile Agent Security and Telescript’, Proceedings of the 41st IEEE International Computer Conference, 1063-6390/96

    (1996)
  • G. Necula, “Proof-carrying code”, In Conference Record of POPL '97: the 24th ACM SIGPLAN-SIGACT Symposium on Principles...
  • Harmer P K, Williams P D, Gunsch G H, Lamont G B, “An artificial immune system architecture for computer security...
  • Levis P, Culler D.Mate, “A tiny virtual machine for sensor networks”, ACM Sigplan Notices 2002 Vol. 37 No.10,...
  • Alberts Bruce et al.

    Molecular Biology of the Cell

    (2002)
  • Boulis A., Han, C.-C., Srivastava, M.B. “Design and implementation of a framework for efficient and programmable sensor...
  • Xavier L., ‘Java bytecode verification: algorithms and formalizations’, International, Journal of Automated Reasoning,...
  • Yao M., ‘A security architecture for protecting dynamic components of mobile agents’, Ph.D. thesis of Information...
  • Sarafi janovic S, Le Boudec J Y., “An artificial immune system approach with secondary response for misbehavior...
  • Dasgupta D, Yu S, Majumdar N S, “MILA—multi level immune learning algorithm and its application to anomaly detection”....
  • Cited by (15)

    • Adaptive artificial immune networks for mitigating DoS flooding attacks

      2018, Swarm and Evolutionary Computation
      Citation Excerpt :

      This entails the increase of the weights of the monitored features, thus gaining restrictiveness and specificity. Finally, in [63] a solution to some of the attacks that affect mobile networks is proposed. As in previous approaches, its behavior is based on cloning the agents that have been able to recognize a specific threat.

    • An antigen space density based real-value negative selection algorithm

      2017, Applied Soft Computing Journal
      Citation Excerpt :

      Inspired by BIS, Artificial Immune Systems (AISs) have been proposed and become a popular kind of computational intelligence approach [2]. AISs have been widely utilized in the fields of network intrusion detection, mechanical damage detection, disease diagnosis, and other pattern recognition applications [3–5]. The Negative Selection Algorithm (NSA) is an important algorithm for the generation of immune detectors in the AIS, and it simulates the epitope recognition of biological antibodies to identify nonself-antigens.

    • Applications of artificial immune systems to computer security: A survey

      2017, Journal of Information Security and Applications
      Citation Excerpt :

      How faithfully each concept is modeled seems to be more important, notably in the DT, because the interpretation of suitable signals and their combination is key for the performance of the system. It can also be perceived that some recent works [86,118] are loosely based on the immune system, simply adopting some of the conceptual ways it works in combination with other techniques to achieve memory and detector proliferation, for instance. Throughout the years, the selfnonself discrimination has been widely explored in several works aiming at distinguishing positive cases from negative ones.

    • A Biological Immune System (BIS) inspired Mobile Agent Platform (MAP) security architecture

      2017, Expert Systems with Applications
      Citation Excerpt :

      In order to fend off this waiting time of the agent, the cloning of agents is included to handle multiple agents. Additionally, the pipelining concept is introduced by separating the duties (or operations) i.e. scanning, pattern extracting and detecting unknown codes are performed by different agents respectively which ultimately reduces the time complexity (Venkatesan et al., 2013). It is clear that many researchers have been engaged in the Mobile Agent Platform protection, though there is much to be done.

    • A security framework for mobile agent systems

      2024, Automated Software Engineering
    View all citing articles on Scopus
    View full text