Survivable Monitoring in Dynamic Networks

We present a monitoring system for a dynamic network in which a set of domain nodes shares the responsibility for producing and storing monitoring information about a set of visitors. This information is stored persistently when the set of domain nodes grows and shrinks. Such a system can be used to store traffic or other logs for auditing or can be used as a subroutine for many applications to allow significant increases in functionality and reliability. The features of our system include authenticating visitors, monitoring their traffic through the domain, and storing this information in a persistent, efficient, and searchable manner. The storage process is O(log n)-competitive in the number of network messages with respect to an optimal offline algorithm; we show that this is as good as any online algorithm can achieve and significantly better than many commonly used strategies for distributed load balancing

[1]  Eugene H. Spafford,et al.  An Application of Pattern Matching in Intrusion Detection , 1994 .

[2]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[3]  Gene Tsudik,et al.  Key Agreement in Dynamic Peer Groups , 2000, IEEE Trans. Parallel Distributed Syst..

[4]  David R. Karger,et al.  Wide-area cooperative storage with CFS , 2001, SOSP.

[5]  Peter G. Neumann,et al.  EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances , 1997, CCS 2002.

[6]  Cannady,et al.  A Comparative Analysis of Current Intrusion Detection Technologies , 1996 .

[7]  Michael Isard,et al.  A Cooperative Backup System , 2003 .

[8]  Qi Zhang,et al.  Indra: a peer-to-peer approach to network intrusion detection and prevention , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..

[9]  Andrew V. Goldberg,et al.  A prototype implementation of archival Intermemory , 1999, DL '99.

[10]  Richard A. Kemmerer,et al.  NSTAT: A Model-based Real-time Network Intrusion Detection System , 1998 .

[11]  Hassan Masum Review of Data Structures and Algorithms in Java (2nd ed): Michael T Goodrich and Roberto Tamassia , 2001, SIGA.

[12]  Udo W. Pooch,et al.  Cooperating security managers: a peer-based intrusion detection system , 1996, IEEE Netw..

[13]  Brian D. Noble,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation Pastiche: Making Backup Cheap and Easy , 2022 .

[14]  Biswanath Mukherjee,et al.  DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype , 1997 .

[15]  Eli Upfal,et al.  Building low-diameter P2P networks , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[16]  Eugene H. Spafford,et al.  An architecture for intrusion detection using autonomous agents , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[17]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[18]  Karl N. Levitt,et al.  GrIDS A Graph-Based Intrusion Detection System for Large Networks , 1996 .

[19]  Alfred V. Aho,et al.  Data Structures and Algorithms , 1983 .

[20]  Andrew S. Tanenbaum,et al.  The Globe Distribution Network , 2000, USENIX Annual Technical Conference, FREENIX Track.

[21]  Eli Upfal,et al.  Building low-diameter peer-to-peer networks , 2003, IEEE J. Sel. Areas Commun..

[22]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[23]  Peter Drake,et al.  Data structures and algorithms in Java , 2005 .

[24]  Christopher Batten,et al.  pStore: A Secure Peer-to-Peer Backup System∗ , 2007 .

[25]  Ben Y. Zhao,et al.  Maintenance-Free Global Data Storage , 2001, IEEE Internet Comput..

[26]  Anita K. Jones,et al.  Computer System Intrusion Detection: A Survey , 2000 .

[27]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[28]  Ben Y. Zhao,et al.  OceanStore: an architecture for global-scale persistent storage , 2000, SIGP.

[29]  Angelos D. Keromytis,et al.  Implementing a distributed firewall , 2000, CCS.

[30]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[31]  Antony I. T. Rowstron,et al.  Storage management and caching in PAST, a large-scale, persistent peer-to-peer storage utility , 2001, SOSP.

[32]  J. F. McClary,et al.  NADIR: An automated system for detecting network intrusion and misuse , 1993, Comput. Secur..

[33]  Gunar E. Liepins,et al.  Intrusion detection: Its role and validation , 1992, Comput. Secur..

[34]  C. Scheideler,et al.  Guaranteed broadcasting using SPON: supervised P2P overlay network , 2004, International Zurich Seminar on Communications, 2004.

[35]  Gene Tsudik,et al.  New multiparty authentication services and key agreement protocols , 2000, IEEE Journal on Selected Areas in Communications.

[36]  Murray Turoff,et al.  Past and future emergency response information systems , 2002, CACM.

[37]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.