This paper proposes the use of programming language constructs to support adaptive self-monitoring and self-reporting software. The methods are particularly well-suited to wireless mobile devices, where limited resources may constrain the use of certain software audits. An adaptive software architecture is described that supports run-time transformations on software components, enabling them to report internal details on how they are being used to other parts of the system. Effectively, any component of the system can be turned into an "informer" at run time, and the nature of the reported information can be adapted dynamically based on changing conditions or directives from another authority, such as an intrusion detection system. A prototype implementation is described. The operation of the system is demonstrated through an experiment in which it detects and responds to a malicious host that multicasts "noise" packets to a wireless iPAQ handheld computer.
展开▼