A survey of intrusion detection techniques
Computers and Security
Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
Intrusion Detection
Controlling high bandwidth aggregates in the network
ACM SIGCOMM Computer Communication Review
IEEE/ACM Transactions on Networking (TON)
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
BlueBoX: A policy-driven, host-based intrusion detection system
ACM Transactions on Information and System Security (TISSEC)
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Roaming Honeypots for Mitigating Service-Level Denial-of-Service Attacks
ICDCS '04 Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04)
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks
Journal of Systems and Software - Special issue: Performance modeling and analysis of computer systems and networks
On the difficulty of scalably detecting network attacks
Proceedings of the 11th ACM conference on Computer and communications security
Alert Correlation through Triggering Events and Common Resources
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Survey of network-based defense mechanisms countering the DoS and DDoS problems
ACM Computing Surveys (CSUR)
ANSS '06 Proceedings of the 39th annual Symposium on Simulation
Hi-index | 0.00 |
While intrusion detection systems have seen a great deal of commercialization in recent years, these products are not geared towards environments, which require support for high-performance applications and open access policy for collaboration. A second limitation of existing intrusion detection systems is their lack of flexibility to deal with the ever-evolving characteristics of the attacks, in terms of diversity and intensity. Moreover, applications in high-performance collaborative environments are very diverse, with possible extreme performance requirements. Consequently, effective strategies to detect attacks in these environments strongly depend on how closely the underlying intrusion detection mechanisms reflect the "specifics" of the application. The focus of this paper is on secure GRID and workflow environments. The purpose is to investigate a distributed defense method that can secure collaborative GRID and workflow environments and neutralize attacks before they reach their potential target en mass. To this end, the paper proposes a progressive, globally deployable sentinel scheme for data sampling, packet inspection, and DoS attack detection and recovery. A simulation framework is developed to study the performance of the proposed scheme. The results show a significant improvement in how the network deals with DoS attacks to secure GRID and workflow environments, in comparison to local DoS detection and prevention schemes.