A Streaming Intrusion Detection System for Grid Computing Environments

被引:7
作者
Smith, Matthew [1 ]
Schwarzer, Fabian [1 ]
Harbach, Marian [1 ]
Noll, Thomas [1 ]
Freisleben, Bernd [1 ]
机构
[1] Univ Marburg, Dept Math & Comp Sci, D-35032 Marburg, Germany
来源
HPCC: 2009 11TH IEEE INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS | 2009年
关键词
D O I
10.1109/HPCC.2009.99
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper, a novel architecture for a streaming intrusion detection system for Grid computing environments is presented. Detection mechanisms based on traditional log-files or single host databases are replaced by a streaming database approach. The streaming architecture allows processing of temporal attack data across multiple sites and offers the potential for performance benefits in large scale systems, since data is processed during its natural flow and only stored as long as necessary for analysis. Two cross-site example attacks in a Grid environment and the streaming detection logic for these attacks are presented to illustrate the approach. Experimental results of a prototypical implementation are presented.
引用
收藏
页码:44 / 51
页数:8
相关论文
共 15 条
[1]  
Arasu A., 2003, Proceedings 9th international Conference on Data Base Programming Languages (DBPL 2003), P1
[2]  
*ARB DAT, PIPES PROJ HOM
[3]  
CHOON O, 2003, P 9 AS PAC C COMM SE, V3, P1028
[4]  
Chu YG, 2005, PDCAT 2005: SIXTH INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED COMPUTING, APPLICATIONS AND TECHNOLOGIES, PROCEEDINGS, P130
[5]  
Debar H., 2007, 4766 RFC, P1
[6]  
Feng GF, 2006, APSCC: 2006 IEEE ASIA-PACIFIC CONFERENCE ON SERVICES COMPUTING, PROCEEDINGS, P526
[7]  
FUJII K, 2008, JPCAP
[8]  
Kenny S, 2005, LECT NOTES COMPUT SC, V3470, P275
[9]  
KRAMER J, 2005, P COMAD, P70
[10]  
Kramer J., 2004, P ACM SIGMOD INT C M, P925