基于移动代理的分布式入侵检测系统的设计与研究
|
摘要
互联网为信息的共享和交互提供了一个便利的平台,但其开放性同时也对信息的安全性提出了严峻的挑战。在现代互联网高速发展的同时,计算机安全问题日益突出,信息安全已经逐渐发展成为信息系统的关键问题。面对网络大规模化和入侵复杂化的发展趋势下,传统的网络安全技术暴露出诸多缺陷。传统的安全技术基本上立足于被动防御,保障网络的安全仅仅依靠传统的被动防御远远不够。
入侵检测是网络安全领域中的一个极为重要的分支,作为一种主动的信息安全防御技术,和防火墙技术、防病毒技术一起构筑起了网络的安全防线。虽然目前入侵检测技术已经有了长足的进步,开发出了许多针对不同需求的产品,但传统的入侵检测技术仍然存在着一些不足,如分布性、智能性、灵活性等。移动代理(Mobile Agent, MA)技术是一种源于智能代理的分布式计算技术,为解决复杂、动态、分布式智能应用而提出的一种全新的计算手段。与传统的分布式计算相比,MA具有能明显减轻网络负载、异步方式自主运行、动态适应网络环境变化等优势。本文在此基础上提出了一种基于MA技术的分布式入侵检测模型,该模型在分布式框架内有机结合了MA,基于主机检测、基于网络检测等技术。
本文首先详细介绍了入侵检测技术和移动Agent技术的发展历程和现状,分析了当前入侵检测系统面临的主要问题和发展趋势。虽然移动Agent的相关特性可提高入侵检测系统的适应性、可扩展性和健壮性,但是考虑目前入侵检测技术所面临的问题,必须对基于移动Agent的入侵检测系统加以改进。
其次,对本系统作了需求和可行性分析,明确了系统的性能要求及系统的开发环境和应用环境。采用以IBM的Aglet移动代理平台为Agent运行开发平台,力求将基于主机和基于网络的入侵检测技术相结合,将任务处理和数据分布到网络各个节点,自动适应复杂多变的网络环境,通过自我学习、智能决策,充分利用基于主机和基于网络的数据源,增强系统的检测能力,保证系统的安全性并减少数据传输量。
最后论文详细论述了所提出的入侵检测系统结构的主要特点和相关技术,并描述了基于移动Agent的入侵检测系统的各功能模块并加以实现。
The openness of Internet offers great convenience of information sharing and exchange, accompanied with crucial challenges to Information security. With the development of the Internet at present, security issues have evolved into the key problem of information systems. To the development of large-scale Internet and invading complication, the traditional Internet safe technology exposes lots of defect.
Intrusion detection is one of the kernel technology of Information security, protects internal network together with firewall and anti-virus tools. The research of intrusion detection has grown considerably nowadays, and large numbers of intrusion detection systems have been developed to address different needs. However traditional intrusion detection systems have some shortcomings in certain aspects, such as distribute, intelligent, flexibility, efficiency and so on.
Mobile agents have been proposed for decentralized network management. Mobile agents has obvious advantages in comparison with others, such as reducing network load greatly, running independent and non-synchronous. Having studied the currently deployed IDSs and agent technology, a distributed intrusion detection framework based on mobile agents is designed in this paper. The design proposed incorporating MA and NIDS, HIDS techniques through DIDS management.
At first of the dissertation, the technology of IDS and mobile agent has been presented in detail, while the major problem and the trend of intrusion detection are also analyzed. Although the unique features of Mobile Agent can improve the haleness, adaptability and extendibility to the intrusion detection system, it is necessary to improve on the intrusion detection system which IDS base on Mobile Agent faced. Then, the dissertation analyzes the requirement of the system, and confirms which development's environment to use. Secondly, after analyzing the intrusion detection system base on Mobile agent, this system model is constructed by administration module and Agent sub modules, and using IBM' Aglet platform as the runtime platform of mobile agent. To achieve better accuracy, the architecture adopts security audit data gathered from both host and network, ensure the safety of system and decrease data transmission. And it introduces the architecture in detail. In the end, intrusion detection system base on Mobile Agent is designed and implemented. Analysis shows the effectiveness of the system.
入侵检测是网络安全领域中的一个极为重要的分支,作为一种主动的信息安全防御技术,和防火墙技术、防病毒技术一起构筑起了网络的安全防线。虽然目前入侵检测技术已经有了长足的进步,开发出了许多针对不同需求的产品,但传统的入侵检测技术仍然存在着一些不足,如分布性、智能性、灵活性等。移动代理(Mobile Agent, MA)技术是一种源于智能代理的分布式计算技术,为解决复杂、动态、分布式智能应用而提出的一种全新的计算手段。与传统的分布式计算相比,MA具有能明显减轻网络负载、异步方式自主运行、动态适应网络环境变化等优势。本文在此基础上提出了一种基于MA技术的分布式入侵检测模型,该模型在分布式框架内有机结合了MA,基于主机检测、基于网络检测等技术。
本文首先详细介绍了入侵检测技术和移动Agent技术的发展历程和现状,分析了当前入侵检测系统面临的主要问题和发展趋势。虽然移动Agent的相关特性可提高入侵检测系统的适应性、可扩展性和健壮性,但是考虑目前入侵检测技术所面临的问题,必须对基于移动Agent的入侵检测系统加以改进。
其次,对本系统作了需求和可行性分析,明确了系统的性能要求及系统的开发环境和应用环境。采用以IBM的Aglet移动代理平台为Agent运行开发平台,力求将基于主机和基于网络的入侵检测技术相结合,将任务处理和数据分布到网络各个节点,自动适应复杂多变的网络环境,通过自我学习、智能决策,充分利用基于主机和基于网络的数据源,增强系统的检测能力,保证系统的安全性并减少数据传输量。
最后论文详细论述了所提出的入侵检测系统结构的主要特点和相关技术,并描述了基于移动Agent的入侵检测系统的各功能模块并加以实现。
The openness of Internet offers great convenience of information sharing and exchange, accompanied with crucial challenges to Information security. With the development of the Internet at present, security issues have evolved into the key problem of information systems. To the development of large-scale Internet and invading complication, the traditional Internet safe technology exposes lots of defect.
Intrusion detection is one of the kernel technology of Information security, protects internal network together with firewall and anti-virus tools. The research of intrusion detection has grown considerably nowadays, and large numbers of intrusion detection systems have been developed to address different needs. However traditional intrusion detection systems have some shortcomings in certain aspects, such as distribute, intelligent, flexibility, efficiency and so on.
Mobile agents have been proposed for decentralized network management. Mobile agents has obvious advantages in comparison with others, such as reducing network load greatly, running independent and non-synchronous. Having studied the currently deployed IDSs and agent technology, a distributed intrusion detection framework based on mobile agents is designed in this paper. The design proposed incorporating MA and NIDS, HIDS techniques through DIDS management.
At first of the dissertation, the technology of IDS and mobile agent has been presented in detail, while the major problem and the trend of intrusion detection are also analyzed. Although the unique features of Mobile Agent can improve the haleness, adaptability and extendibility to the intrusion detection system, it is necessary to improve on the intrusion detection system which IDS base on Mobile Agent faced. Then, the dissertation analyzes the requirement of the system, and confirms which development's environment to use. Secondly, after analyzing the intrusion detection system base on Mobile agent, this system model is constructed by administration module and Agent sub modules, and using IBM' Aglet platform as the runtime platform of mobile agent. To achieve better accuracy, the architecture adopts security audit data gathered from both host and network, ensure the safety of system and decrease data transmission. And it introduces the architecture in detail. In the end, intrusion detection system base on Mobile Agent is designed and implemented. Analysis shows the effectiveness of the system.
引文
[1]蒋建春,马恒太,任党恩,卿斯汉.网络安全入侵检测.软件学报,2000
[2]刘宝旭,许榕生,钱桂琼,郑捷文.网络安全关键技术.信息网络安全,2005
[3]南湘浩,陈钟.网络安全技术概论.国防工业出版社,2003
[4]周明全,吕林涛,李军怀.网络安全信息技术.西安电子科技大学出版社,2003
[5]Emdad, Ali. Synergetic model for building an intelligent documentation system (IDS).Microcomputers for information management v 7, n 2, p 115-125, Jun 1990
[6]Mao, Yun (IEEE); Saul, Lawrence K.; Smith, Jonathan M. IDES:An internet distance estimation service for large networks Source:IEEE Journal on Selected Areas in Communications, v 24, n 12, p 2273-2283, December 2006
[7]Graham, Robert.NIDS-pattern search vs. protocol decode. Source:Computers and Security, v 20, n 1, p 37-41,2001
[8]Huo, Guangcheng; Wang, Xiaodong DIDS:A Dynamic model of Intrusion Detection System in wireless sensor networks.Source:Proceedings of the 2008 IEEE International Conference on Information and Automation, ICIA 2008, p 374-378,2008, Proceedings of the 2008 IEEE International Conference on Information and Automation, ICIA 2008
[9]戴红.计算机网络安全.高等教育出版社,2004年9月.
[10]雷震甲.网络工程师教程.清华大学出版社,2004年7月
[11]Carlisle Adame, SteveLoyd著,冯登国等译.公开密钥基础设施概念,标准、和实施.人民邮电出版社,2001
[12]冯新宇,吕建,曹建农.通用的移动Agent通信框架设计.软件学报,2003.14(05)
[13]王丹,王萍,王国仁,域戈.移动agent迁移机制的研究和实现.东北大学学报(自然科学版),2001,6.
[14]刘泉永.基于系统调用的异常入侵检测系统研究.武汉理工大学.通信与信息系统,2006
[15]蒋丽,沈勇.移动agent的实现机制研究.华东船舶工业学院报(自然科学版).2003.6
[16]周延森.基于代理的分布式入侵检测系统的研究与实现.北京邮电大学.2004
[17]Gray R S. Agent TCL:A transportable agent system[R].Dartmouth College, Dept of Computer Science Technical Report,1995
[18]王新颖.移动Agent实现技术[EB/OL]. HTTP://www.China_pub
[19]刘锦德,张云勇.一个实用的移动Agent系统(Aglet)的综述.《计算机应用》2001
[20]邱凤娇.一种基于CORBA的分布式入侵防御系统.山东大学,2004
[21]Chen, Xiaosu; Ning, Xiang; Xiao, Daoju. Kind of intrusion detection system model based on'CIDF. Source:Huazhong Keji Daxue Xuebao (Ziran Kexue Ban)/Journal of Huazhong University of Science and Technology (Natural Science Edition), v 30, n 3, p 1, March 2002
[22]Da Silva, Paulo Fernando; Westphall, Carlos Becker. Improvements in the model for interoperability of intrusion detection responses compatible with the IDWG model. Source:International Journal of Network Management, v 17, n 4, p 287-294, July/August 2007
[23]Robert S.Gray, Agent TCL, DR. Dobb's Journal,1997:18-26
[24]刘大有,杨鲲,陈建中.Agent研究现状与发展趋势.《软件学报》2005
[25]吕玉海,徐学洲.移动Agent技术的发展.《西安电子科技大学学报(自然科学版)》2002
[26]徐小龙,王汝传.一种基于多移动Agent的对等计算动态协作模型.《计算机学报》2008
[27]李光.基于多智能体网络入侵检测系统的架构及匹配算法研究.内蒙古科技大学:控制理论与控制工程,2009
[28]王继曾,王小刚.移动agent的迁移实现技术研究[J].兰州理工大学学报,2005,31(3):101-104
[29]董晓梅.入侵检测系统的若干关键技术的研究[D].东北大学,2004:16-18
[30]雷雁.基于多Agent的网络入侵检测系统的研究[D].南京信息大学,2005:7-8
[31]王汝传,李映等.基于移动代理的动态路由算法的研究.计算机学报,2005,28(3):420-426
[32]谭湘,顾毓清,包崇明.移动agent访问控制机制研究.计算机科学,2005,32(12):61-62,78
[33]Stefan Axclsson. Research in Intrusion detection Systems:A Survey[EB/OL], HTTP://www.windousecurity.com/,2000
[34]Wandishin, Matthew S. (Department of Atmospheric Sciences, University of Arizona, Tucson, AZ, United States); Mullen, Steven J. Multiclass ROC analysis. Source: Weather and Forecasting, v 24, n 2, p 530-547, April 2009
[35]史美林等.入侵检测技术与其发展趋势[J].信息安全与通信保密,2002.(05):.12-16.
[36]Stuart Russell and Peter Norvig. Artificial Intelligence:A Modern Approach. USA: Prentice Hall, Inc.2003
[37]任新华.基于移动代理的分布式入侵检测系统[R].太原理工大学,2005
[38]梁毅.基于移动Agent的分布式入侵检测系统的研究与实现[D].武汉大学,2003:12-18
[39]毕鲁燕.一种基于移动Agent的分布式入侵检测系统的研究与实现[D].山东大学,2005:1-8,32-35
[40]兰少华.多Agent技术及其应用研究[D].南京理工大学,2002:11-36[41]
[42]Tan, Xiang (Inst. of Software, Chinese Acad. of Sci., Beijing 100080, China); Gu, Yu-Qing; Bao, Chong-Ming.Method for mobile agent data protection. Source:Ruan Jian Xue Bao/Journal of Software, v 16, n 3, p 477-484, March 2005
[43]Wang, Suzhen.Security frame and evaluation in mobile agent system.Source: Journal of Internet Technology, v 7, n 3, p 225-229, July 2006
[44]Spafford, Eugene H. (Ctr. Educ. Res. Info. Assur. Secty.,1315 Recitation Bldg., Purdue Univ., West Lafayette, IN 47907-1315, United States); Zamboni, Diego.Intrusion detection using autonomous agents. Source:Computer Networks, v 34, n 4, p-547-570, October 2000
[45]李荣鑫.基于智能代理的分布式入侵检测系统模型.《微计算机信息》2008
[46]Yu, Feng (Dept. of Comp. Sci. and Eng., Southeast Univ., Nanjing 210096, China); Wang, Qian.Research and implementation of flexible workflow based on mobile agent platform:Aglet. Source:Dongnan Daxue Xuebao (Ziran Kexue Ban)/Journal of Southeast University (Natural Science Edition), v 33, n 2, p 172-176, March 2003
[47]A.M Turing. Turing Test[R]. Unknown:Computing Machinery and Intelligence,1950
[48]Martin Roesch and Chris Reid. Snort 2.0 [EB/OL]. HTTP://www.Snort.org,2005
[49]HTTP://WWW.SNORT.ORG/, snort用户手册
[50](美)Brian Caswell著.Snort 2.0入侵检测,国防工业出版社.2004
[51]中国互联网中心(CNNIC).中国互联网发展状况统计报告[EB,OL].2009
[52]韩东海,王超,李群.入侵系统实例剖析[M],清华大学出版社,2002
[53]James P. Anderson Company, Fort Washington. Computer Security Threat Monitoring and Surveillance[R], Pennsylvania.1980:4-14 [54]Intrusion detection working Group(IDWG)[EB/OL].http://www.ietf.org/,2009
[55]孙晓蓉,刘建伟,王育民.分布式环境中的公钥认证.西安电子科技大学IDSN国家重点实验室,通信学报,2001.6
[56]Wu, Guo-Wei (Software School, Dalian University of Technology, Dalian 116024, China); Bi, Ling; Wang, Shi-Yi.Study of a fast Snort intrusion detection system. Source: Dalian Ligong Daxue Xuebao/Journal of Dalian University of Technology, v 45, n SUPPL., p S185-S188, October 2005
[57]Marques, Oge (Florida Atlantic University, Boca Raton, FL, United States); Baillargeon, Pierre.Design of a multimedia traffic classifier for snort.Source: Information Management and Computer Security, v 15, n 3, p 241-256,2007
[58]叶志伟,郑肇葆.蚁群算法中参数α、β、ρ设置的研究—以TSP问题为例《武汉大学学报(信息科学版)》2004
[59]D.Wong,N.paciorek,T.Walsh,j.DiCelie,M.yong, and B.Peet.Concordia:An infrastructure for collaborating mobile agents[j].In Mobile Agents. First International Workshop, MA97,LNCS1219,Springer-Verlag,1997:86-97
[60]赵进,袁春风.移动Agent系统的安全性研究[j]计算机工程与设计2004,25(4): 579-582
[61]曹天杰,张永平.移动agent系统的安全性研究[J].微型机与应用,2002,21(3): 57-58
[2]刘宝旭,许榕生,钱桂琼,郑捷文.网络安全关键技术.信息网络安全,2005
[3]南湘浩,陈钟.网络安全技术概论.国防工业出版社,2003
[4]周明全,吕林涛,李军怀.网络安全信息技术.西安电子科技大学出版社,2003
[5]Emdad, Ali. Synergetic model for building an intelligent documentation system (IDS).Microcomputers for information management v 7, n 2, p 115-125, Jun 1990
[6]Mao, Yun (IEEE); Saul, Lawrence K.; Smith, Jonathan M. IDES:An internet distance estimation service for large networks Source:IEEE Journal on Selected Areas in Communications, v 24, n 12, p 2273-2283, December 2006
[7]Graham, Robert.NIDS-pattern search vs. protocol decode. Source:Computers and Security, v 20, n 1, p 37-41,2001
[8]Huo, Guangcheng; Wang, Xiaodong DIDS:A Dynamic model of Intrusion Detection System in wireless sensor networks.Source:Proceedings of the 2008 IEEE International Conference on Information and Automation, ICIA 2008, p 374-378,2008, Proceedings of the 2008 IEEE International Conference on Information and Automation, ICIA 2008
[9]戴红.计算机网络安全.高等教育出版社,2004年9月.
[10]雷震甲.网络工程师教程.清华大学出版社,2004年7月
[11]Carlisle Adame, SteveLoyd著,冯登国等译.公开密钥基础设施概念,标准、和实施.人民邮电出版社,2001
[12]冯新宇,吕建,曹建农.通用的移动Agent通信框架设计.软件学报,2003.14(05)
[13]王丹,王萍,王国仁,域戈.移动agent迁移机制的研究和实现.东北大学学报(自然科学版),2001,6.
[14]刘泉永.基于系统调用的异常入侵检测系统研究.武汉理工大学.通信与信息系统,2006
[15]蒋丽,沈勇.移动agent的实现机制研究.华东船舶工业学院报(自然科学版).2003.6
[16]周延森.基于代理的分布式入侵检测系统的研究与实现.北京邮电大学.2004
[17]Gray R S. Agent TCL:A transportable agent system[R].Dartmouth College, Dept of Computer Science Technical Report,1995
[18]王新颖.移动Agent实现技术[EB/OL]. HTTP://www.China_pub
[19]刘锦德,张云勇.一个实用的移动Agent系统(Aglet)的综述.《计算机应用》2001
[20]邱凤娇.一种基于CORBA的分布式入侵防御系统.山东大学,2004
[21]Chen, Xiaosu; Ning, Xiang; Xiao, Daoju. Kind of intrusion detection system model based on'CIDF. Source:Huazhong Keji Daxue Xuebao (Ziran Kexue Ban)/Journal of Huazhong University of Science and Technology (Natural Science Edition), v 30, n 3, p 1, March 2002
[22]Da Silva, Paulo Fernando; Westphall, Carlos Becker. Improvements in the model for interoperability of intrusion detection responses compatible with the IDWG model. Source:International Journal of Network Management, v 17, n 4, p 287-294, July/August 2007
[23]Robert S.Gray, Agent TCL, DR. Dobb's Journal,1997:18-26
[24]刘大有,杨鲲,陈建中.Agent研究现状与发展趋势.《软件学报》2005
[25]吕玉海,徐学洲.移动Agent技术的发展.《西安电子科技大学学报(自然科学版)》2002
[26]徐小龙,王汝传.一种基于多移动Agent的对等计算动态协作模型.《计算机学报》2008
[27]李光.基于多智能体网络入侵检测系统的架构及匹配算法研究.内蒙古科技大学:控制理论与控制工程,2009
[28]王继曾,王小刚.移动agent的迁移实现技术研究[J].兰州理工大学学报,2005,31(3):101-104
[29]董晓梅.入侵检测系统的若干关键技术的研究[D].东北大学,2004:16-18
[30]雷雁.基于多Agent的网络入侵检测系统的研究[D].南京信息大学,2005:7-8
[31]王汝传,李映等.基于移动代理的动态路由算法的研究.计算机学报,2005,28(3):420-426
[32]谭湘,顾毓清,包崇明.移动agent访问控制机制研究.计算机科学,2005,32(12):61-62,78
[33]Stefan Axclsson. Research in Intrusion detection Systems:A Survey[EB/OL], HTTP://www.windousecurity.com/,2000
[34]Wandishin, Matthew S. (Department of Atmospheric Sciences, University of Arizona, Tucson, AZ, United States); Mullen, Steven J. Multiclass ROC analysis. Source: Weather and Forecasting, v 24, n 2, p 530-547, April 2009
[35]史美林等.入侵检测技术与其发展趋势[J].信息安全与通信保密,2002.(05):.12-16.
[36]Stuart Russell and Peter Norvig. Artificial Intelligence:A Modern Approach. USA: Prentice Hall, Inc.2003
[37]任新华.基于移动代理的分布式入侵检测系统[R].太原理工大学,2005
[38]梁毅.基于移动Agent的分布式入侵检测系统的研究与实现[D].武汉大学,2003:12-18
[39]毕鲁燕.一种基于移动Agent的分布式入侵检测系统的研究与实现[D].山东大学,2005:1-8,32-35
[40]兰少华.多Agent技术及其应用研究[D].南京理工大学,2002:11-36[41]
[42]Tan, Xiang (Inst. of Software, Chinese Acad. of Sci., Beijing 100080, China); Gu, Yu-Qing; Bao, Chong-Ming.Method for mobile agent data protection. Source:Ruan Jian Xue Bao/Journal of Software, v 16, n 3, p 477-484, March 2005
[43]Wang, Suzhen.Security frame and evaluation in mobile agent system.Source: Journal of Internet Technology, v 7, n 3, p 225-229, July 2006
[44]Spafford, Eugene H. (Ctr. Educ. Res. Info. Assur. Secty.,1315 Recitation Bldg., Purdue Univ., West Lafayette, IN 47907-1315, United States); Zamboni, Diego.Intrusion detection using autonomous agents. Source:Computer Networks, v 34, n 4, p-547-570, October 2000
[45]李荣鑫.基于智能代理的分布式入侵检测系统模型.《微计算机信息》2008
[46]Yu, Feng (Dept. of Comp. Sci. and Eng., Southeast Univ., Nanjing 210096, China); Wang, Qian.Research and implementation of flexible workflow based on mobile agent platform:Aglet. Source:Dongnan Daxue Xuebao (Ziran Kexue Ban)/Journal of Southeast University (Natural Science Edition), v 33, n 2, p 172-176, March 2003
[47]A.M Turing. Turing Test[R]. Unknown:Computing Machinery and Intelligence,1950
[48]Martin Roesch and Chris Reid. Snort 2.0 [EB/OL]. HTTP://www.Snort.org,2005
[49]HTTP://WWW.SNORT.ORG/, snort用户手册
[50](美)Brian Caswell著.Snort 2.0入侵检测,国防工业出版社.2004
[51]中国互联网中心(CNNIC).中国互联网发展状况统计报告[EB,OL].2009
[52]韩东海,王超,李群.入侵系统实例剖析[M],清华大学出版社,2002
[53]James P. Anderson Company, Fort Washington. Computer Security Threat Monitoring and Surveillance[R], Pennsylvania.1980:4-14 [54]Intrusion detection working Group(IDWG)[EB/OL].http://www.ietf.org/,2009
[55]孙晓蓉,刘建伟,王育民.分布式环境中的公钥认证.西安电子科技大学IDSN国家重点实验室,通信学报,2001.6
[56]Wu, Guo-Wei (Software School, Dalian University of Technology, Dalian 116024, China); Bi, Ling; Wang, Shi-Yi.Study of a fast Snort intrusion detection system. Source: Dalian Ligong Daxue Xuebao/Journal of Dalian University of Technology, v 45, n SUPPL., p S185-S188, October 2005
[57]Marques, Oge (Florida Atlantic University, Boca Raton, FL, United States); Baillargeon, Pierre.Design of a multimedia traffic classifier for snort.Source: Information Management and Computer Security, v 15, n 3, p 241-256,2007
[58]叶志伟,郑肇葆.蚁群算法中参数α、β、ρ设置的研究—以TSP问题为例《武汉大学学报(信息科学版)》2004
[59]D.Wong,N.paciorek,T.Walsh,j.DiCelie,M.yong, and B.Peet.Concordia:An infrastructure for collaborating mobile agents[j].In Mobile Agents. First International Workshop, MA97,LNCS1219,Springer-Verlag,1997:86-97
[60]赵进,袁春风.移动Agent系统的安全性研究[j]计算机工程与设计2004,25(4): 579-582
[61]曹天杰,张永平.移动agent系统的安全性研究[J].微型机与应用,2002,21(3): 57-58