Research Article
Intrusion Detection and Tolerance in Grid-based Applications
@INPROCEEDINGS{10.1109/SECCOM.2007.4550328, author={Jun WANG and Luigi LO IACONO}, title={Intrusion Detection and Tolerance in Grid-based Applications}, proceedings={1st International ICST Workshop on Security, Trust and Privacy in Grid Systems}, publisher={IEEE}, proceedings_a={GRID-STP}, year={2008}, month={6}, keywords={Grid SOA Intrusion Detection Intrusion Tolerance}, doi={10.1109/SECCOM.2007.4550328} }- Jun WANG
Luigi LO IACONO
Year: 2008
Intrusion Detection and Tolerance in Grid-based Applications
GRID-STP
IEEE
DOI: 10.1109/SECCOM.2007.4550328
Abstract
With the increasing use of Grid-based applications, especially in business-driven scenarios, new types of crossdomain attacks which initiate from one site and then easily spread to other federated sites are expected to appear and become serious threats. In this paper, the need for dedicated Grid Intrusion Detection Systems (Grid-IDS) is motivated by giving such an example attack on a federated service protocol. A generic Grid-IDS architecture is presented as well as a concrete realization based on various Web services specifications. At the heart of the introduced Grid-IDS architecture is the correlation service, which receives the event information from sensors distributed across the federation and detects intrusions by analyzing and correlating the events. A protocol-aware correlation service is proposed, in which each service protocol is abstracted to a generic representation – a relationship of roles. Finally, based on the developed Grid-IDS and the gathered experiences, an approach towards intrusion tolerance is presented and discussed.