Publication: Agent Verification Protocol in Agent-based IDS
No Thumbnail Available
Date
2008
Journal Title
Journal ISSN
Volume Title
Publisher
IEEE Computer SOC
Abstract
Agent-based IDS is a powerful technique used by network administrator to monitor traffic activities in their network. However, the widespread network coverage has introduced a possibility of a hacker installing unauthorized agents or fake agents secretly within the network. This is considered as a very serious threat to the network security. This paper proposes a protocol that is used to detect the presence of a fake agent upon its installation. The technique is a combination of Elgamal encryption, Elgamal digital signature, and SHA-1 message digest function. A simple implementation was developed to test the proposed protocol.