GHIDS: Defending Computational Grids against Misusing of Shared Resources
Detecting intrusions at host level is vital to protecting shared resources in grid, but traditional Host-based Intrusion Detecting System (HIDS) is not suitable for grid environment. Grid-specific attacks are different from traditional ones, and traditional HIDS can not recognize a grid user and always with high performance overhead. This paper proposes a Grid- specific Host-based Intrusion Detection System (GHJDS) which employs bottleneck verification approach to detect intrusions with low false alarm rate and high detection rate. Working within operating system kernel and performing bottleneck verification by integer comparison, GHIDS achieves high efficiency and accuracy. Security reports generated by GHIDS are indexed not only by local user ID, but also by Grid user ID. That is more usejulfor analyzing grid user behaviors globally by both host administrators and high level Grid-based IDS.
Guofu Feng Xiaoshe Dong Weizhe Liu Ying Chu Junyang Li
School of Electronics and Information Engineering, Xian Jiaotong University
国际会议
2006 Asia-Pacific Services Computing Conference(IEEE亚太地区服务计算会议)
广州
英文
526-533
2006-12-12(万方平台首次上网日期,不代表论文的发表时间)