Fundamentals of queueing theory (2nd ed.).
Fundamentals of queueing theory (2nd ed.).
The grid: blueprint for a new computing infrastructure
The grid: blueprint for a new computing infrastructure
The elusive goal of workload characterization
ACM SIGMETRICS Performance Evaluation Review
Operating System Concepts
Sustaining Availability of Web Services under Distributed Denial of Service Attacks
IEEE Transactions on Computers
Granidt: Towards Gigabit Rate Network Intrusion Detection Technology
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
An Integrated Approach to Parallel Scheduling Using Gang-Scheduling, Backfilling, and Migration
IEEE Transactions on Parallel and Distributed Systems
Stateful Intrusion Detection for High-Speed Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
eXpert-BSM: A Host-Based Intrusion Detection Solution for Sun Solaris
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Exploiting Reconfigurable Hardware for Network Security
FCCM '03 Proceedings of the 11th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
A Networking Approach to Grid Computing
A Networking Approach to Grid Computing
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
On the Scalability of Centralized Control
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 18 - Volume 19
Integrating Grid with Intrusion Detection
AINA '05 Proceedings of the 19th International Conference on Advanced Information Networking and Applications - Volume 1
A Performance-Based Grid Intrusion Detection System
COMPSAC '05 Proceedings of the 29th Annual International Computer Software and Applications Conference - Volume 01
Theory, Volume 1, Queueing Systems
Theory, Volume 1, Queueing Systems
Measurement of DNS Traffic Caused by DDoS Attacks
SAINT-W '05 Proceedings of the 2005 Symposium on Applications and the Internet Workshops
Backfilling with lookahead to optimize the packing of parallel jobs
Journal of Parallel and Distributed Computing
Parallel computer workload modeling with markov chains
JSSPP'04 Proceedings of the 10th international conference on Job Scheduling Strategies for Parallel Processing
Fuzzy-based dynamic bandwidth allocation system
FSKD'05 Proceedings of the Second international conference on Fuzzy Systems and Knowledge Discovery - Volume Part II
Traffic models in broadband networks
IEEE Communications Magazine
Defending against flooding-based distributed denial-of-service attacks: a tutorial
IEEE Communications Magazine
Future Generation Computer Systems
Network Bandwidth-aware job scheduling with dynamic information model for Grid resource brokers
The Journal of Supercomputing
Predicting vertebrate promoters using heterogeneous clusters
International Journal of Ad Hoc and Ubiquitous Computing
Hi-index | 0.00 |
Denial-of-service (DoS) and distributed denial-of-service (DDoS) are two of the most serious and destructive network threats on the Internet. Hackers, exploiting all kinds of malicious packages to attack and usurp network hosts, servers and bandwidth, have seriously damaged enterprise, campus and government network systems. Many network administrators employ intrusion detection systems (IDSs) and/or firewalls to protect their systems. However, some systems lose most of their detection and/or protection capabilities when encountering a huge volume of attack packets. In addition, some detection resources may fail due to hardware and/or software faults. In this paper, we propose a Grid-based platform, named the dynamic grid-based intrusion detection environment (DGIDE), which exploits Grid's abundant computing resources to detect a massive amount of intrusion packets and to manage a dynamic environment. A detector, a node that detects attacks, can dynamically join or leave the DGIDE. A newly joined detector is tested so that we can obtain its key performance curves, which are used to balance detection workload among detectors. The DGIDE backs up network packets. When, for some reason, a detector cannot continue its detection thus leaving an unfinished detection task, the DGIDE allocates another available detector to take over. Therefore, the drawbacks of ordinary security systems as mentioned above can be avoided.