Design and Evaluation of a Grid Computing Based Architecture for Integrating Heterogeneous IDSs

Intrusion detection systems (IDSs) have been substantially improved in recent past. However, network attacks have become more sophisticated and increasingly complex: many of current attacks are coordinated and originated in multiple networks. To detect these attacks, IDSs need to obtain information on network events from multiple networks or administrative domains. This work demonstrates that a Distributed IDS (DIDS) can be composed of existing IDSs, improving the detection of misuses in a multiple network environment. We use a grid middleware for creating a service-based intrusion detection grid. We demonstrate through experimental results that the proposed DIDS allows the integration of heterogeneous existing IDSs and improves the detection of attacks by exploring the synergy between existing IDSs.

[1]  Rajkumar Buyya,et al.  GridSim: a toolkit for the modeling and simulation of distributed resource management and scheduling for Grid computing , 2002, Concurr. Comput. Pract. Exp..

[2]  Mike Erlinger,et al.  Intrusion Detection Message Exchange Requirements , 2007, RFC.

[3]  Donald F. Ferguson,et al.  The WS-Resource Framework , 2004 .

[4]  Ami Marowka,et al.  The GRID: Blueprint for a New Computing Infrastructure , 2000, Parallel Distributed Comput. Pract..

[5]  Karl N. Levitt,et al.  A general cooperative intrusion detection architecture for MANETs , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[6]  Carla Merkle Westphall,et al.  Composition of a DIDS by integrating heterogeneous IDSs on grids , 2006, MCG '06.

[7]  Ian Foster,et al.  The Grid 2 - Blueprint for a New Computing Infrastructure, Second Edition , 1998, The Grid 2, 2nd Edition.

[8]  Xiaoshe Dong,et al.  GHIDS: Defending Computational Grids against Misusing of Shared Resources , 2006, 2006 IEEE Asia-Pacific Conference on Services Computing (APSCC'06).

[9]  Ian Foster,et al.  A Globus Toolkit Primer , 2005 .

[10]  Chao-Tung Yang,et al.  Integrating grid with intrusion detection , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[11]  Fang-Yie Leu,et al.  Intrusion Detection based on Grid , 2006, 2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06).

[12]  Donald F. Ferguson,et al.  From Open Grid Services Infrastructure to WS-Resource Framework: Refactoring and Evolution , 2004 .

[13]  Kwong-Sak Leung,et al.  Learning acyclic decision trees with Functional Dependency Network and MDL Genetic Programming , 2006, 2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06).

[14]  Hui Song,et al.  A New Flexible Multi-Agent Approach to Intrusion Detection for Grid , 2006, 2006 International Conference on Machine Learning and Cybernetics.