Monitoring Mobile Device Vitals for Effective Reporting (ER)
Ransbottom,J. Scot
D/Electrical Engineering & Computer Science, US Military Academy
Jacoby,Grant A.
D/Electrical Engineering & Computer Science, US Military Academy
This paper outlines how to proactively screen the health of a corporate network and perform first aid by systematically monitoring vital signs of mobile devices within the network. The first contribution is the set of vital signs consisting of event activities such as registry content changes, active processes, open ports, power usage thresholds, and power signatures (using the Battery-Based Intrusion Detection system) to detect and prevent system intrusions. These vital signs are periodically reported back to a monitor using agents we designed for effective reporting (ER). These ER agents are installed in hosts and routers throughout the network. To minimize communications overhead, we achieve a size reduction of the raw, XML health reports by over 98% in a short-list, delta-set update. As a result, a 1.07MB update was reduced to only 3,756B. These updates are received by the ER monitor(s) and analyzed using existing intrusion detection and prevention systems providing a means to diagnose and isolate potential health hazards within the network that are not perceptible to individual devices.
J. Scot Ransbottom is a lieutenant colonel in the US Army, as a career Signal Officer, and now an Information Systems Engineer. He received his Ph.D. in Computer Engineering from Virginia Tech in 2004. He earned a MS degree in Computer Science from Duke University in 1997 and a B.S.E.E. from Ohio University in 1988. He is currently an Assistant Professor of Electrical Engineering and Information Technology in the Department of Electrical Engineering and Computer Science at West Point, NY. His academic interests include mobile and wireless networks, network simulation, and most aspects of communications systems networking and digital systems.
Grant A. Jacoby is a lieutenant colonel in the US Army and is now a member of the Army Acquisition Corps’ Uniformed Army Scientist and Engineer Cadre.
He received his first Ph.D. in Software Engineering at the U.S. Naval Postgraduate School and his second Ph.D. in Electrical Engineering from Virginia Tech. He has a BS degree (Mechanical Engineering) from the U.S. Military Academy at West Point and three MS degrees from Boston U. (Business Administration) and the U. of Colorado at Boulder (Information Systems & Telecommunications). He is currently a Senior Research Scientist in the Information Technology Operations Center in the Department of Electrical Engineering and Computer Science at West Point, NY. His academic interests include mobile and wireless network security, information assurance and knowledge management of intranets.