{"title":"Multi-agent based security auditing system of broadband man","authors":"Xiantai Gou, Wei-dong Jin, Gexiang Zhang","doi":"10.1109/ICIMA.2004.1384335","DOIUrl":null,"url":null,"abstract":"Normally, security auditing is quite common in low bandwidth network, especially in 100M/IOM Ethernet. It is difficult to accomplish security auditing in broadband metropolitan area network (MAN) with Gigabit Ethernet or 2.5 GPOS (OC48) as its convergence layer backbone. This paper presents the Multi-agent based security auditing system of broadband MAN (MASASM) to resolve the problem. The key for auditing in MAN is how to get packets from MAN and how to overcome the processing of huge information. The usual ways of getting packets from network such as BSD Packet Filter (BPF) and tcpdump are not suitable for auditing in MAN at all. MASASM uses Broadband Access Server (BAS) of MAN as Information Gathering Agent that uses Hardware Packet Filter (HPF) io get packet from MAN. HPF has better process abilie than BPF and tcpdump. MASASM uses distributed multi-agent to share the task of auditing for whole MAN. To make the least influence on the performance of Information Gathering Agent, a new mechanism of routing and forwarding is given to modify the traditional \"route once, switch many\" to the \"audit once, pass many\" in BAS. The auditing system has been implemented in our experimental convergence layer routing switch that can be used as a BAS, and shows goad performance in test.","PeriodicalId":375056,"journal":{"name":"2004 International Conference on Intelligent Mechatronics and Automation, 2004. Proceedings.","volume":"56 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2004 International Conference on Intelligent Mechatronics and Automation, 2004. Proceedings.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIMA.2004.1384335","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Normally, security auditing is quite common in low bandwidth network, especially in 100M/IOM Ethernet. It is difficult to accomplish security auditing in broadband metropolitan area network (MAN) with Gigabit Ethernet or 2.5 GPOS (OC48) as its convergence layer backbone. This paper presents the Multi-agent based security auditing system of broadband MAN (MASASM) to resolve the problem. The key for auditing in MAN is how to get packets from MAN and how to overcome the processing of huge information. The usual ways of getting packets from network such as BSD Packet Filter (BPF) and tcpdump are not suitable for auditing in MAN at all. MASASM uses Broadband Access Server (BAS) of MAN as Information Gathering Agent that uses Hardware Packet Filter (HPF) io get packet from MAN. HPF has better process abilie than BPF and tcpdump. MASASM uses distributed multi-agent to share the task of auditing for whole MAN. To make the least influence on the performance of Information Gathering Agent, a new mechanism of routing and forwarding is given to modify the traditional "route once, switch many" to the "audit once, pass many" in BAS. The auditing system has been implemented in our experimental convergence layer routing switch that can be used as a BAS, and shows goad performance in test.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
