Grid-based intrusion detection system (GIDS): a complement security system for grid security infrastructure
| dc.contributor.author | Tian Choon, Ong | |
| dc.date.accessioned | 2019-10-07T02:11:26Z | |
| dc.date.available | 2019-10-07T02:11:26Z | |
| dc.date.issued | 2004-10 | |
| dc.description.abstract | The grid computing concept is similar to the multi-domain of network in a conventional distributed environment. However, the most concerning issue in grid computing is on resource sharing under a secured environment. The grid security has become a big challenge to the community. In the early stage of Grid Security Infrastructure (GSI} development, GSI developers who are working in this area are currently developing only the basic security components. To the best of our knowledge, there is no well published research and development work of Intrusion Detection Systems (IDS) in grid computing environment at this stage. The main objective of this research is therefore to study the IDS technology and requirement of IDS in grid environment. We proposed a framework of IDS designed for grid, called Grid-based Intrusion Detection System (GIDS). GIDS will function in one of the Virtual Organisation (VO) in grid environment to share "intrusion detection seiVice". The GIDS consists of three main tiers - the agent tier, the server tier and the control center tier. Each tier plays its distinct role in intrusion detection task, such as data collection, data analysis and centralised management. In the control center tier, GIDS Manager acts as the control center for the whole system. The Server tier consists of GIDS Servers that perform the analysis task. While in the agent tier, there is a daemon component runs as an agent in all machines being serviced, called GIDS Agent. Since the server tier and the agent tier are required to communicate with each other, and the communication is through the whole grid, we have to secure the communication in order to protect it from any third party attack. In order to provide a secured channel for communication to take place, an extra component has been added between GIDS Server and GIDS Agent, called Secure Communicator. As a proof of concept and functionality, the GIDS was subjected to a series of tests. The GIDS is tested by modular test, scenario test, overhead test and scalability test. The results of the experiments are divided into two categories: qualitative result and quantitative result. The qualitative results serves as a "prove of concept" of the GIDS design. The quantitative results show a low overhead in agent's site and also a low overhead in the whole system including network utilisation. The quantitative results also show that GIDS could be scaled. It also shows that GIDS is timely in providing intrusion detection service to the machines in the grid. As a conclusion, both qualitative and quantitative results proof the usefulness of our approach in providing a solution for effective intrusion detection service in grid computing. Apart from that, this research a!so raise up awareness of the importance of IDS for the grid environment in providing multilevel security system. | en_US |
| dc.identifier.uri | http://hdl.handle.net/123456789/8954 | |
| dc.language.iso | en | en_US |
| dc.subject | Detection system (GIDS): | en_US |
| dc.subject | Grid security infrastructure | en_US |
| dc.title | Grid-based intrusion detection system (GIDS): a complement security system for grid security infrastructure | en_US |
| dc.type | Thesis | en_US |
Files
License bundle
1 - 1 of 1
Loading...
- Name:
- license.txt
- Size:
- 1.71 KB
- Format:
- Item-specific license agreed upon to submission
- Description: