GridSec: Trusted Grid Computing with Security Binding and Self-defense Against Network Worms and DDoS Attacks
نویسندگان
چکیده
The USC GridSec project develops distributed security infrastructure and self-defense capabilities to secure wide-area networked resource sites participating in a Grid application. We report new developments in trust modeling, security-binding methodology, and defense architecture against intrusions, worms, and flooding attacks. We propose a novel architectural design of Grid security infrastructure, security binding for enhanced Grid efficiency, distributed collaborative IDS and alert correlation, DHT-based overlay networks for worm containment, and pushback of DDoS attacks. Specifically, we present a new pushback scheme for tracking attack-transit routers and for cutting malicious flows carrying DDoS attacks. We discuss challenging research issues to achieve secure Grid computing effectively in an open Internet environment.
منابع مشابه
DHT-based security infrastructure for trusted internet and grid computing
We designed a distributed security infrastructure with self-defence capabilities to secure networked resources in Grids and internet applications. This paper reports new developments in fuzzy trust management, game-theoretic Grid models, security-binding methodology, as well as new Grid performance metrics, defence architecture and mechanisms against intrusions, worms, and low-rate pulsing Dist...
متن کاملSecure Grid Computing with Trusted Resources and Internet Datamining
Internet-based Grid computing is emerging as one of the most promising technologies that may change the world. Dr. Hwang and his research team at the University of Southern California (USC) are working on self-defense tools to protect Grid resources from cyber attacks or malicious intrusions, automatically. This project builds an automated intrusion response and trust management system to facil...
متن کاملProactive Intrusion Defense Against DDoS Flooding Attacks: Adaptive Filtering with Security Datamining – The NetShield Approach at USC*
The NetShield security system was developed at USC to defend against network worms and flood attacks. The system prevents malicious hackers from orchestrating DDoS flooding attacks on any IP-based public network. This article presents new packet filtering and anomaly detection techniques developed with the NetShield system. All packets from each IP source are counted and timed during their life...
متن کاملIn-VIGO: Making the Grid Virtually Yours
Internet-based Grid computing is emerging as one of the most promising technologies that may change the world. Dr. Hwang and his research team at the University of Southern California (USC) are working on self-defense tools to protect Grid resources from cyber attacks or malicious intrusions, automatically. This project builds an automated intrusion response and trust management system to facil...
متن کاملRESCUE: Reputation based Service for Cloud User Environment
Exceptional characteristics of Cloud computing has replaced all traditional computing. With reduced resource management and without in-advance investment, it has been victorious in making the IT world to migrate towards it. Microsoft announced its office package as Cloud, which can prevent people moving from Windows to Linux. As this drift is escalating in an exponential rate, the cloud environ...
متن کامل