Intrusion detection system for grid computing using SNORT

Because of distributed nature, grid computing environments are easy targets for intruders looking for possible vulnerabilities to exploit [1]. By impersonating legitimate users, the intruders can use a service's abundant resources maliciously. To combat attackers, intrusion-detection systems (IDSs) can offer additional security measures for these environments by investigating configurations, logs, network traffic, and user actions to identify typical attack behavior. However, IDS must be distributed to work in a grid computing environment. It must monitor each node and, when an attack occurs, alert other nodes in the environment. This kind of communication requires compatibility between heterogeneous hosts, various communication mechanisms, and permission control over system maintenance and updates. We present the problem of grid intrusion; analyze the requirements of a system to detect them. In this paper we are discussing how IDS can be implemented for grid computing environment.

[1]  Umit Topaloglu,et al.  Globus security model for grid environment , 2005, SOEN.

[2]  M. F. Tolba,et al.  DISTRIBUTED INTRUSION DETECTION SYSTEM FOR COMPUTATIONAL GRIDS , 2005 .

[3]  David A. Curry,et al.  Intrusion detection message exchange format: Extensible markup language (xml) document type de nitio , 2001 .

[4]  Jauvane Cavalcante de Oliveira,et al.  Functionalities in Grid Computing with Active Services , 2003, Middleware Workshops.

[5]  Vanish Talwar,et al.  An environment for enabling interactive grids , 2003, High Performance Distributed Computing, 2003. Proceedings. 12th IEEE International Symposium on.

[6]  Xiaoshe Dong,et al.  GHIDS: Defending Computational Grids against Misusing of Shared Resources , 2006, 2006 IEEE Asia-Pacific Conference on Services Computing (APSCC'06).

[7]  Azman Samsudin,et al.  Grid-based intrusion detection system , 2003, 9th Asia-Pacific Conference on Communications (IEEE Cat. No.03EX732).

[8]  Abderrahim Sekkaki,et al.  Intrusion Detection for Computational Grids , 2008, 2008 New Technologies, Mobility and Security.

[9]  Paulo Veríssimo,et al.  Tolerating Intrusions in Grid Systems , 2004, Security and Management.

[10]  Rajkumar Buyya,et al.  Global Grids and Software Toolkits: A Study of Four Grid Middleware Technologies , 2004, ArXiv.

[11]  R. V. van Nieuwpoort,et al.  The Grid 2: Blueprint for a New Computing Infrastructure , 2003 .

[12]  Chao-Tung Yang,et al.  Integrating grid with intrusion detection , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[13]  Kristopher Kendall,et al.  A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems , 1999 .

[14]  Stuart Kenny,et al.  Towards a Grid-wide Intrusion Detection System , 2005, EGC.

[15]  Carlos Becker Westphall,et al.  Towards Grid-based Intrusion Detection , 2006, 2006 IEEE/IFIP Network Operations and Management Symposium NOMS 2006.

[16]  Aleksandar Lazarevic,et al.  Self-Organising management of Grid environments , 2007, ArXiv.