Detection workload in a dynamic grid-based intrusion detection environment

Authors:
Fang-Yie Leu;Ming-Chang Li;Jia-Chun Lin;Chao-Tung Yang
Affiliations:
Department of Computer Science and Information Engineering, Tunghai University, Taiwan;Department of Computer Science and Information Engineering, Tunghai University, Taiwan;Department of Computer Science and Information Engineering, Tunghai University, Taiwan;Department of Computer Science and Information Engineering, Tunghai University, Taiwan
Venue:
Journal of Parallel and Distributed Computing
Year:
2008

Citing 22
Cited 3

Fundamentals of queueing theory (2nd ed.).

Fundamentals of queueing theory (2nd ed.).
The grid: blueprint for a new computing infrastructure

The grid: blueprint for a new computing infrastructure
The elusive goal of workload characterization

ACM SIGMETRICS Performance Evaluation Review
Operating System Concepts

Operating System Concepts
Sustaining Availability of Web Services under Distributed Denial of Service Attacks

IEEE Transactions on Computers
Granidt: Towards Gigabit Rate Network Intrusion Detection Technology

FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
An Integrated Approach to Parallel Scheduling Using Gang-Scheduling, Backfilling, and Migration

IEEE Transactions on Parallel and Distributed Systems
Stateful Intrusion Detection for High-Speed Networks

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
eXpert-BSM: A Host-Based Intrusion Detection Solution for Sun Solaris

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Exploiting Reconfigurable Hardware for Network Security

FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A Networking Approach to Grid Computing

A Networking Approach to Grid Computing
Change-Point Monitoring for the Detection of DoS Attacks

IEEE Transactions on Dependable and Secure Computing
On the Scalability of Centralized Control

IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 18 - Volume 19
Integrating Grid with Intrusion Detection

AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 1
A Performance-Based Grid Intrusion Detection System

COMPSAC '05 Proceedings of the 29th Annual International Computer Software and Applications Conference - Volume 01
Theory, Volume 1, Queueing Systems

Theory, Volume 1, Queueing Systems
Measurement of DNS Traffic Caused by DDoS Attacks

SAINT-W '05 Proceedings of the 2005 Symposium on Applications and the Internet Workshops
Backfilling with lookahead to optimize the packing of parallel jobs

Journal of Parallel and Distributed Computing
Parallel computer workload modeling with markov chains

JSSPP'04 Proceedings of the 10th international conference on Job Scheduling Strategies for Parallel Processing
Fuzzy-based dynamic bandwidth allocation system

FSKD'05 Proceedings of the Second international conference on Fuzzy Systems and Knowledge Discovery - Volume Part II
Traffic models in broadband networks

IEEE Communications Magazine
Defending against flooding-based distributed denial-of-service attacks: a tutorial

IEEE Communications Magazine

Improving reliability of a heterogeneous grid-based intrusion detection platform using levels of redundancies

Future Generation Computer Systems
Network Bandwidth-aware job scheduling with dynamic information model for Grid resource brokers

The Journal of Supercomputing
Predicting vertebrate promoters using heterogeneous clusters

International Journal of Ad Hoc and Ubiquitous Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Denial-of-service (DoS) and distributed denial-of-service (DDoS) are two of the most serious and destructive network threats on the Internet. Hackers, exploiting all kinds of malicious packages to attack and usurp network hosts, servers and bandwidth, have seriously damaged enterprise, campus and government network systems. Many network administrators employ intrusion detection systems (IDSs) and/or firewalls to protect their systems. However, some systems lose most of their detection and/or protection capabilities when encountering a huge volume of attack packets. In addition, some detection resources may fail due to hardware and/or software faults. In this paper, we propose a Grid-based platform, named the dynamic grid-based intrusion detection environment (DGIDE), which exploits Grid's abundant computing resources to detect a massive amount of intrusion packets and to manage a dynamic environment. A detector, a node that detects attacks, can dynamically join or leave the DGIDE. A newly joined detector is tested so that we can obtain its key performance curves, which are used to balance detection workload among detectors. The DGIDE backs up network packets. When, for some reason, a detector cannot continue its detection thus leaving an unfinished detection task, the DGIDE allocates another available detector to take over. Therefore, the drawbacks of ordinary security systems as mentioned above can be avoided.