In September 2004 a post over the main italian security mailinglist,
announced Infosecurity 2005 the very next february. The deadline for call for
papers was setted up for november 2004. I was lacking motivation and good
ideas so I started a guru meditation weekend trying to find out something
good to prepare a speech for Infosecurity 2005.
The good idea came when I started think over AngeL project and over a very
old university work done for a Programming Language course I attended...
that work was about mobile agent. So my mind started working fast and it
drown Dafne project.
Suppose you are connected to a network, AngeL presence over every host is
not neccessary. I wan to implement a mobile agent network travelling
accross network nodes, asking the hosting system to perform some security
check both over local program execution and user's behaviour, than over
network traffic. The idea is that a mobile agent can detect dynamically
when a security branch can occur both from outside than starting from the
hosting machine. After the agent has been detected something goes wrong, it
takes up necessary actions sanitazing the system or defending it from
outside. The agent will broadcast the performed actions to let other
network agent to be aware about the hostile activity that has been
intercepted. Of course agent can interact with AngeL but they are
indipendent from this security module.
In fact there will be a system daemon (dafned), listening at a well known
port, that will accept connection from other daemons. The agent is
represented with a process spawned by dafned, interacting with it using a
well known protocol. Security checks are provided by daemon and described
with a well known language.
More informations will follow as soon as the first daemon prototype will be
released. By now, you can send me all the feedback about this idea or just
telling me what do you think about it, writing me.