Proceedings of the 2nd International Workshop on Security in Mobile Multiagent Systems

This report contains the Proceedings of the Second Workshop on Security on Security of Mobile Multiagent Systems (SEMAS2002). The Workshop was held in Montreal, Canada as a satellite event to the 5th International Conference on Autonomous Agents in 2001. The far reaching influence of the Internet has resulted in an increased interest in agent technologies, which are poised to play a key role in the implementation of successful Internet and WWW-based applications in the future. While there is still considerable hype concerning agent technologies, there is also an increasing awareness of the problems involved. In particular, that these applications will not be successful unless security issues can be adequately handled. Although there is a large body of work on cryptographic techniques that provide basic building-blocks to solve specific security problems, relatively little work has been done in investigating security in the multiagent system context. Related problems are secure communication between agents, implementation of trust models/authentication procedures or even reflections of agents on security mechanisms. The introduction of mobile software agents significantly increases the risks involved in Internet and WWW-based applications. For example, if we allow agents to enter our hosts or private networks, we must offer the agents a platform so that they can execute correctly but at the same time ensure that they will not have deleterious effects on our hosts or any other agents / processes in our network. If we send out mobile agents, we should also be able to provide guarantees about specific aspects of their behaviour, i.e., we are not only interested in whether the agents carry out-out their intended task correctly. They must defend themselves against attacks initiated by other agents, and survive in potentially malicious environments. Agent technologies can also be used to support network security. For example in the context of intrusion detection, intelligent guardian agents may be used to analyse the behaviour of agents on a firewall or intelligent monitoring agents can be used to analyse the behaviour of agents migrating through a network. Part of the inspiration for such multi-agent systems comes from primitive animal behaviour, such as that of guardian ants protecting their hill or from biological immune systems

Intrusion detection and response model for mobile ad hoc networks.

This dissertation presents a research whose objective is to design and develop an intrusion detection and response model for Mobile Ad hoc NETworks (MANET). Mobile ad hoc networks are infrastructure-free, pervasive and ubiquitous in nature, without any centralized authority. These unique MANET characteristics present several changes to secure them. The proposed security model is called the Intrusion Detection and Response for Mobile Ad hoc Networks (IDRMAN). The goal of the proposed model is to provide a security framework that will detect various attacks and take appropriate measures to control the attack automatically. This model is based on identifying critical system parameters of a MANET that are affected by various types of attacks, and continuously monitoring the values of these parameters to detect and respond to attacks. This dissertation explains the design and development of the detection framework and the response framework of the IDRMAN. The main aspects of the detection framework are data mining using CART to identify attack sensitive network parameters from the wealth of raw network data, statistical processing using six sigma to identify the thresholds for the attack sensitive parameters and quantification of the MANET node state through a measure called the Threat Index (TI) using fuzzy logic methodology. The main aspects of the response framework are intruder identification and intruder isolation through response action plans. The effectiveness of the detection and response framework is mathematically analyzed using probability techniques. The detection framework is also evaluated by performance comparison experiments with related models, and through performance evaluation experiments from scalability perspective. Performance metrics used for assessing the detection aspect of the proposed model are detection rate and false positive rate at different node mobility speed. Performance evaluation experiments for scalability are with respect to the size of the MANET, where more and more mobile nodes are added into the MANET at varied mobility speed. The results of both the mathematical analysis and the performance evaluation experiments demonstrate that the IDRMAN model is an effective and viable security model for MANET

MARIAN: A hybrid, metric-driven, agent-based routing protocol for multihop ad-hoc networks

Recent advances in technology provided the ground for highly dynamic, mobile, infrastructure-less networks, namely, ad-hoc networks. Despite their enormous benefits, the full potential cannot be reached unless certain issues are resolved. These mainly involve routing, as the lack of an infrastructure imposes a heavy burden on mobile devices that must maintain location information and route data packets in a multi-hop fashion. Specifically, typical adhoc routing devices, such as Personal Digital Assistants (PDAs), are limited in respect to the available throughput, life-time, and performance, that these may provide, as routing elements. Thus, there is a need for metric-driven ad-hoc routing, that is, devices should be utilised for routing according to their fitness, as different device types significantly vary in terms of routing fitness. In addition, a concrete agent-based approach can provide a set of advantages over a non-agent-based one, which includes: better design practice; and automatic reconfigurability.This research work aims to investigate the applicability of stationary and mobile agent technology in multi-hop ad-hoc routing. Specifically, this research proposes a novel hybrid, metric-driven, agent-based routing protocol for multi-hop ad-hoc networks that will enhance current routing schemes. The novelties that are expected to be achieved include: maximum network performance, increased scalability, dynamic adaptation, Quality of Service (QoS), energy conservation, reconfigurability, and security. The underlying idea is based on the fact that stationary and mobile agents can be ideal candidates for such dynamic environments due to their advanced characteristics, and thus offer state of the art support in terms of organising the otherwise disoriented network into an efficient and flexible hierarchical structure, classifying the routing fitness of participating devices, and therefore allow intelligent routing decisions to be taken on that basis

MARIAN: A hybrid, metric-driven, agent-based routing protocol for multihop ad-hoc networks

Recent advances in technology provided the ground for highly dynamic, mobile, infrastructure-less networks, namely, ad-hoc networks. Despite their enormous benefits, the full potential cannot be reached unless certain issues are resolved. These mainly involve routing, as the lack of an infrastructure imposes a heavy burden on mobile devices that must maintain location information and route data packets in a multi-hop fashion. Specifically, typical adhoc routing devices, such as Personal Digital Assistants (PDAs), are limited in respect to the available throughput, life-time, and performance, that these may provide, as routing elements. Thus, there is a need for metric-driven ad-hoc routing, that is, devices should be utilised for routing according to their fitness, as different device types significantly vary in terms of routing fitness. In addition, a concrete agent-based approach can provide a set of advantages over a non-agent-based one, which includes: better design practice; and automatic reconfigurability.This research work aims to investigate the applicability of stationary and mobile agent technology in multi-hop ad-hoc routing. Specifically, this research proposes a novel hybrid, metric-driven, agent-based routing protocol for multi-hop ad-hoc networks that will enhance current routing schemes. The novelties that are expected to be achieved include: maximum network performance, increased scalability, dynamic adaptation, Quality of Service (QoS), energy conservation, reconfigurability, and security. The underlying idea is based on the fact that stationary and mobile agents can be ideal candidates for such dynamic environments due to their advanced characteristics, and thus offer state of the art support in terms of organising the otherwise disoriented network into an efficient and flexible hierarchical structure, classifying the routing fitness of participating devices, and therefore allow intelligent routing decisions to be taken on that basis

INTRODUCING A NETWORK OF EMERGING COMMERCIAL TECHNOLOGIES TO COMBAT WILDFIRES ON DOD INSTALLATIONS

The purpose of this thesis is to analyze the fiscal, environmental, and health impacts of wildfires aboard Marine Corps Base (MCB) Camp Pendleton and the potential benefits of incorporating Project Vesta, a system of emerging commercial-off-the-shelf technologies, into Camp Pendleton’s firefighting capabilities. The main objective of this report is to determine the cost of acquiring Project Vesta and the benefit of fielding it aboard Camp Pendleton and other DOD installations at risk from wildfires. First, we determine the growing threat of wildfires to MCB Camp Pendleton and their fiscal, environmental, and health impacts. Second, we analyze current firefighting detection and suppression methods to determine shortfalls and potential costs derived from insufficient responses. Finally, we identify Project Vesta integration opportunities and conduct a sensitivity analysis of the cost-benefit to better combat wildfires aboard MCB Camp Pendleton. This study determines how investing in Project Vesta will allow fire departments to detect fires sooner and suppress fires faster, leading to reduced costs by protecting people, resources, and training environments. Based on this research, we recommend that DOD facilities that are regularly impacted by wildfires acquire the Vesta system and integrate it into their fire departments.Major, United States Marine CorpsMajor, United States Marine CorpsApproved for public release. Distribution is unlimited

Incident Traffic Management Respone

The North Carolina State Highway Patrol (NCSHP) and the North Carolina Department of Transportation (NCDOT) are often called upon to assist in traffic incidents. Yet little systematic research has examined the extent to which these two agencies collaborate. This gap in understanding is problematic, as a lack of collaboration may result in significant delays in the clearing of traffic incidents. The purpose of this correlational study was to investigate circumstances when the two agencies collaborated in clearing major traffic incidents, and the efficiency of the clearance of the incidents, through the measurement of normal traffic flow. The theory of the convergence of resources from divergent organizations framed the study. The research questions addressed the extent of collaboration between the NCSHP and the NCDOT, the conditions under which this collaboration took place, and the efficiency of the clearance of these incidents. Data were obtained from the NCSHP and the NCDOT on characteristics of 1,580 traffic incidents that occurred on the North Carolina portion of Interstate 95 during the year 2014. The data were analyzed using chi-square tests, analyses of variance, and Z-tests for proportions. Collaboration between the two agencies occurred in 7.2% of all of the incidents and in 21.6% of incidents of major severity (p \u3c .001), which indicated a low level of interagency collaboration. The mean clearance time for incidents in which collaboration took place was 115.92 minutes compared to a national goal of 90 minutes. It is hoped that these results can contribute to policy dialogue relevant to the state\u27s Strategic Plan, leading to safer highways and less financial loss due to congestion caused by traffic incidents

Scalable QoS routing in MPLS networks using mobile code

In a continually evolving Internet, tools such as Q u a lity o f Service ro u tin g must be used in order to accommodate user demands. However, deploying and developing QoS routing in the legacy Internet is difficult. Multiprotocol Label Switching (MPLS) facilitates the deployment of QoS routing, due to its separation of functions between the control and forwarding plane. Developing QoS routing raises scalability issues within very large networks. I propose overcoming these issues by using topology aggregation and distributed routing based on modem techniques such as active networks and mobile agents. However, topology aggregation introduces inaccuracy, which has a negative impact on QoS routing performance. To avoid such problems I propose a hierarchical routing protocol, called Macro-routing, which by using distributed route computation is able to process more detailed information and thus to use the most accurate aggregation technique, i.e. Full-Mesh. Therefore, the protocol is more likely to find the best path between source and destination, and can also find more than one available path. QoS routing, which is used for finding feasible paths that simultaneously satisfy multiple constraints, is also called multiple-constrained routing and is an NP-complete problem. The difficulty of solving such problems increases in a hierarchical context, where aggregation techniques influence the path computation process. I propose a new aggregation technique which allows the selection of multiple paths that satisfy multiple QoS constraints. This reduces the probability of a false negative, i.e., of the routing algorithm incorrectly reporting that no path satisfying the constraints exists. This aggregation technique is called extended full-mesh (EFM) and is intended for use with the Macro-routing protocol. Deploying these protocols in the Internet will allow multi-constrained routing to be practically implemented on large networks