1 / 18

GridSec

GridSec. Trusted Grid Computing with Security Binding and Self-defense Against Network Worms and DDoS Attacks. GridSec. Introduction Trusted Resource Allocation Architecture DHT CAIDS Worm Containment DDoS Attacks Conclusion. Computing Grids.

truly
Download Presentation

GridSec

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GridSec Trusted Grid Computing with Security Binding and Self-defense Against Network Worms and DDoS Attacks

  2. GridSec • Introduction • Trusted Resource Allocation • Architecture DHT • CAIDS • Worm Containment • DDoS Attacks • Conclusion

  3. Computing Grids • Combination of computers resources to complete a common task. • Nodes connected via network (LAN, internet, …). • Tasks are divided and sent to different nodes. • Main caracteristics • Large and dynamic pool of users. • Large and dynamic pool of resources. • Resources from multiple administrative domains.

  4. GridSec • University of Southern California Project. • Distributed security infrastructure. • Self-defense capabilities • Security-binding methodology. • Intrusions detections. • Worm containment. • DDoS attacks pushback.

  5. Trusted Resource Allocation • Node Reputation • Job execution success rate. • Cumulative site utilization. • Job turnaround time. • Job slowdown ratio. • Node Defense Capability • Intrusion detection. • Firewall. • Anti-virus/worms. • Attack response capabilities.

  6. Trusted Resource Allocation • Trust Index (TI) • Reputation. • Defense Capability. • Security Demand (SD) • Provided by jobs. • Deadlines, safety, … • Security-assurance condition • TI ≥ SD. • Must be satisfied in a TRA scheme.

  7. Trusted Resource Allocation

  8. DHT Architecture • Distributed Hash Tables (DHT) • Filename -> hashing -> key. • Each node responsible for a key set. • File routed towards its node. • DHT for GridSec • Scalable. • Easy algorithm modifications. • Easy additions. • …

  9. CAIDS • Cooperative Anomaly and Intrusion Detection System • Local sensors scattered on the Grid. • Low-level alerts. • Merging of low-level alerts. • High-level view of attacks. • Better understanding of attacks. • Higher detection rate, lower false alarm rate.

  10. CAIDS

  11. CAIDS

  12. Worm Containment • DHT-based overlay • Grid-wide distributed monitors. • Monitors deployed on the DMZ of domains. • Worms detection • Monitors detect potential worm signature. • Potential worm signatures gathered by root node . • Root node assess the threats. • If threat confirmed, all nodes notified.

  13. Worm Containment

  14. DDoSAtacks • Identification of participating routers. • Identification of malicious data flows. • Traffic tracking • Low complexity real-time monitoring. • Keeps statistics for each packet or flow. • Based on packet- and flow-level counting. • Packet- and Flow-level counting • Tracks packet- and flow-level traffic at each router.

  15. DDoS Attacks

  16. DDoS Attacks

  17. Conclusion • GridSec • Scalable security overlay architecture. • Experimental results of distributed IDS. • Network worms containment. • DDoS attacks pushback. • Encouraging results. • Further work • Software vulnerabilities. • Naïve users. • Containment area. • …

  18. GridSec Questions?

More Related