Fast attack detection using correlation and summarizing of security alerts in grid computing networks

Raheel Hassan Syed, Jasmina Pazardzievska, Julien Bourgeois

Research output: Contribution to journalArticlepeer-review

Abstract

Due to the extensive growth of grid computing networks, security is becoming a challenge. Usual solutions are not enough to prevent sophisticated attacks fabricated by multiple users especially when the number of nodes connected to the network is changing over the time. Attackers can use multiple nodes to launch DDoS attacks which generate a large amount of security alerts. On the one hand, this large number of security alerts degrades the overall performance of the network and creates instability in the operation of the security management solutions. On the other hand, they can help in camouflaging other real attacks. To address these issues, a correlation mechanism is proposed which reduces the security alerts and continue detecting attacks in grid computing networks. To obtain the more accurate results, a major portion of the experiments are performed by launching DDoS and Brute Force (BF) attacks in real grid environment, i.e., the Grid’5000 (G5K) network.
Original languageEnglish
Pages (from-to)804–827
JournalJournal of Supercomputing
Volume62
DOIs
Publication statusPublished - 6 May 2012

Cite this