This Article Full Text (PDF) References Alert me when this article is cited Alert me if a correction is posted Services Email this article to a friend Similar articles in this journal Similar articles in ISI Web of Science Alert me to new issues of the journal Add to Saved Citations Download to citation manager Add to My Marked Citations Citing Articles Citing Articles via Google Scholar Google Scholar Articles by Znati, T. Articles by Sweeny, S. Search for Related Content Social Bookmarking                   What's this?

On the Design and Performance of an Adaptive, Global Strategy for Detecting and Mitigating Distributed DoS Attacks in GRID and Collaborative Workflow Environments

Department of Computer Science and Telecommunication Program University of Pittsburgh Pittsburgh PA, 15215, USA, znati{at}cs.pitt.edu

James Amadei

Department of Electrical and Computer Engineering University of Pittsburgh Pittsburgh PA, USA

Daniel R. Pazehoski

Department of Electrical and Computer Engineering University of Pittsburgh Pittsburgh PA, USA

Scott Sweeny

Department of Electrical and Computer Engineering University of Pittsburgh Pittsburgh PA, USA

While intrusion detection systems have seen a great deal of commercialization in recent years, these products are not geared towards environments, which require support for high-performance applications and open access policy for collaboration. A second limitation of existing intrusion detection systems is their lack of flexibility to deal with the ever-evolving characteristics of the attacks, in terms of diversity and intensity. Moreover, applications in high-performance collaborative environments are very diverse, with possible extreme performance requirements. Consequently, effective strategies to detect attacks in these environments strongly depend on how closely the underlying intrusion detection mechanisms reflect the "specifics" of the application. The focus of this paper is on secure GRID and workflow environments. The purpose is to investigate a distributed defense method that can secure collaborative GRID and workflow environments and neutralize attacks before they reach their potential target en mass. To this end, the paper proposes a progressive, globally deployable sentinel scheme for data sampling, packet inspection, and DoS attack detection and recovery. A simulation framework is developed to study the performance of the proposed scheme. The results show a significant improvement in how the network deals with DoS attacks to secure GRID and workflow environments, in comparison to local DoS detection and prevention schemes.

Key Words: DoS Attacks • GRID • Collaborative Workflow Environments

CiteULike    Connotea    Del.icio.us    Digg    Reddit    Technorati    What's this?