GridSec: trusted grid computing with security binding and self-defense against network worms and DDoS attacks

Authors:
Kai Hwang;Yu-Kwong Kwok;Shanshan Song;Min Cai Yu Chen;Ying Chen;Runfang Zhou;Xiaosong Lou
Affiliations:
Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA;Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA;Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA;Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA;Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA;Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA;Internet and Grid Computing Laboratory, University of Southern California, Los Angeles, CA
Venue:
ICCS'05 Proceedings of the 5th international conference on Computational Science - Volume Part III
Year:
2005

Citing 6
Cited 8

Chord: A scalable peer-to-peer lookup service for internet applications

Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
The Eigentrust algorithm for reputation management in P2P networks

WWW '03 Proceedings of the 12th international conference on World Wide Web
Alert Correlation in a Cooperative Intrusion Detection Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
MAFIC: Adaptive Packet Dropping for Cutting Malicious Flows to Push Back DDoS Attacks

ICDCSW '05 Proceedings of the Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW'05) - Volume 02
Automated worm fingerprinting

OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Autograph: toward automated, distributed worm signature detection

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13

Collaborative Internet Worm Containment

IEEE Security and Privacy
A reputation-driven scheduler for autonomic and sustainable resource sharing in Grid computing

Journal of Parallel and Distributed Computing
A survey of job scheduling in grids

APWeb/WAIM'07 Proceedings of the joint 9th Asia-Pacific web and 8th international conference on web-age information management conference on Advances in data and web management
SVM approach with CTNT to detect DDoS attacks in grid computing

GCC'05 Proceedings of the 4th international conference on Grid and Cooperative Computing
A worm behavioral approach to susceptible host detection

GCC'05 Proceedings of the 4th international conference on Grid and Cooperative Computing
Enhancing grid security using trusted virtualization

ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Single Attestation Image for a Trusted and Scalable Grid

International Journal of Grid and High Performance Computing
Information dependability in distributed systems: The dependable distributed storage system

Integrated Computer-Aided Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

The USC GridSec project develops distributed security infrastructure and self-defense capabilities to secure wide-area networked resource sites participating in a Grid application. We report new developments in trust modeling, security-binding methodology, and defense architecture against intrusions, worms, and flooding attacks. We propose a novel architectural design of Grid security infrastructure, security binding for enhanced Grid efficiency, distributed collaborative IDS and alert correlation, DHT-based overlay networks for worm containment, and pushback of DDoS attacks. Specifically, we present a new pushback scheme for tracking attack-transit routers and for cutting malicious flows carrying DDoS attacks. We discuss challenging research issues to achieve secure Grid computing effectively in an open Internet environment.