TY - JOUR
T1 - Fast attack detection using correlation and summarizing of security alerts in grid computing networks
AU - Syed, Raheel Hassan
AU - Pazardzievska, Jasmina
AU - Bourgeois, Julien
PY - 2012/5/6
Y1 - 2012/5/6
N2 - Due to the extensive growth of grid computing networks, security is becoming a challenge. Usual solutions are not enough to prevent sophisticated attacks fabricated by multiple users especially when the number of nodes connected to the network is changing over the time. Attackers can use multiple nodes to launch DDoS attacks which generate a large amount of security alerts. On the one hand, this large number of security alerts degrades the overall performance of the network and creates instability in the operation of the security management solutions. On the other hand, they can help in camouflaging other real attacks. To address these issues, a correlation mechanism is proposed which reduces the security alerts and continue detecting attacks in grid computing networks. To obtain the more accurate results, a major portion of the experiments are performed by launching DDoS and Brute Force (BF) attacks in real grid environment, i.e., the Grid’5000 (G5K) network.
AB - Due to the extensive growth of grid computing networks, security is becoming a challenge. Usual solutions are not enough to prevent sophisticated attacks fabricated by multiple users especially when the number of nodes connected to the network is changing over the time. Attackers can use multiple nodes to launch DDoS attacks which generate a large amount of security alerts. On the one hand, this large number of security alerts degrades the overall performance of the network and creates instability in the operation of the security management solutions. On the other hand, they can help in camouflaging other real attacks. To address these issues, a correlation mechanism is proposed which reduces the security alerts and continue detecting attacks in grid computing networks. To obtain the more accurate results, a major portion of the experiments are performed by launching DDoS and Brute Force (BF) attacks in real grid environment, i.e., the Grid’5000 (G5K) network.
UR - http://gateway.webofknowledge.com/gateway/Gateway.cgi?GWVersion=2&SrcAuth=ORCID&SrcApp=OrcidOrg&DestLinkType=FullRecord&DestApp=WOS_CPL&KeyUT=WOS:000309353800014&KeyUID=WOS:000309353800014
U2 - 10.1007/s11227-012-0754-1
DO - 10.1007/s11227-012-0754-1
M3 - Article
VL - 62
SP - 804
EP - 827
JO - Journal of Supercomputing
JF - Journal of Supercomputing
SN - 0920-8542
ER -