Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Scheduling and Load Balancing in Parallel and Distributed Systems
Scheduling and Load Balancing in Parallel and Distributed Systems
A taxonomy of scheduling in general-purpose distributed computing systems
IEEE Transactions on Software Engineering
A Statistical Method for Profiling Network Traffic
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Stateful Intrusion Detection for High-Speed Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Optimizing 10-Gigabit Ethernet for Networks of Workstations, Clusters, and Grids: A Case Study
Proceedings of the 2003 ACM/IEEE conference on Supercomputing
Kerrighed and data parallelism: cluster computing on single system image operating systems
CLUSTER '04 Proceedings of the 2004 IEEE International Conference on Cluster Computing
M2D2: a formal data model for IDS alert correlation
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A performance prediction framework for scientific applications
ICCS'03 Proceedings of the 2003 international conference on Computational science: PartIII
| Hi-index | 0.00 |
Intrusion detection is a security concept implemented on networks in various academic and commercial solutions. Most of them rely on sensors dedicated to local area networks or Internet. However clusters rely heavily on networks. Because of their uniformity, they are sensible to attacks: one compromised node can lead to the control of whole cluster In order to solve such security issues, we purpose a NIDS architecture which addresses the same constraints as a cluster: efficiency, scalability and reliability. It is based on the cluster paradigm. We stress on thefacts that network packets must be dispatched according to streams and analysis must be load-balanced at process level. Moreover two types ofpractical parallel analysis are presented, depending on the type of flows. Finally, we discuss implementations and dimensioning issues.