Version: 4.5 Role: middleware for multi-agent systems. JADE is FIPA-compliant and supports weak agent mobility for this project.
Agent Management System (AMS): Handles the lifecycle (creation, deletion) of agents.
Directory Facilitator (DF): Allows agents to discover services dynamically.
Weak Mobility: agents (e.g., ScoutAgent and KillerAgent) can pause, serialize state, migrate to a remote container, and resume.
2.2. Virtualization and network simulation (GNS3 and VirtualBox)
Role: Infrastructure Emulation
Justification:
GNS3: emulates Cisco routers to simulate routing, NAT, and segmentation between a monitoring zone and external access.
VirtualBox: hosts Ubuntu Server VMs for agent execution.
2.3. SQLite
Role: embedded database used by the CentralAgent to store telemetry and audit logs.
Serverless: It does not require a separate database server process, making the CentralAgent self-contained and easier to deploy.
Performance: For the scale of this project (3-4 nodes reporting every 5 seconds), SQLite’s write performance is sufficient and offers persistent storage without the overhead of MySQL or PostgreSQL.
2.4. WireGuard
Role: VPN and encryption layer. WireGuard provides confidentiality and low overhead compared to alternatives.
Confidentiality: Ensures that ACL messages (containing metrics and sensitive process lists) are encrypted in transit.
Performance: WireGuard operates in the kernel space and is significantly faster and leaner than OpenVPN or IPsec, minimizing the overhead on our monitoring traffic.
2.5. Monitoring and analysis tools (Wireshark and iperf3)
Role: Validation & Network Traffic Analysis
Justification:
Wireshark: verifies that agent traffic is encapsulated within the WireGuard tunnel and helps debug JADE communication.
iperf3: simulates high-bandwidth scenarios to distinguish legitimate transfers from abnormal congestion.
2.6. Development and scripting (Java, C/GCC, Python Flask)
Role: Application Logic & User Interface
Justification:
Java (JDK 8+): The primary language for JADE agents, offering strong typing and extensive standard libraries for system management (JMX).
GCC & C: Used to write and compile custom low-level scripts (e.g., specific resource-hogging binaries) to test the ScoutAgent’s ability to detect non-standard process signatures.
Python (Flask): The framework chosen for the Dashboard WebApp. Flask provides a lightweight backend to query the SQLite database and serve the real-time graphs (Chart.js) to the administrator, offering a decouple visualization layer separate from the JADE logic.
Stress-ng: used to trigger specific CPU loads (e.g., stress —cpu 4) to test detection thresholds.