Mobile Agent Attack Resistant Distributed Hierarchical Intrusion Detection Systems [open pdf - 44KB]
"Distributed intrusion detection systems are especially vulnerable to attacks because the components reside at a static location and are connected together into a hierarchical structure. An attacker can disable such a system by taking out a node high in the hierarchy, thus amputating a portion of the distributed system. One solution to this problem is to cast the internal nodes in the system hierarchy as mobile agents. These mobile agents randomly move around the network such that an attacker can not locate their position. If an attacker takes out a mobile agent platform, the remaining agents estimate the location of the attacker and automatically avoid those networks. Killed agents are resurrected by a group of backups that retain all or partial state information. We are implementing this technology as an API [application programming interface] such that existing intrusion detection systems can wrap their components as mobile agents in order to gain a type of 'attack resistance'."
Defense Technical Information Center (DTIC): http://www.dtic.mil/dtic/