On the Design and Performance of an Adaptive, Global Strategy for Detecting and Mitigating Distributed DoS Attacks in GRID and Collaborative Workflow Environments

摘要

While intrusion detection systems have seen a great deal of commercialization in recent years, these products are not geared towards environments, which require support for high-performance applications and open access policy for collaboration. A second limitation of existing intrusion detection systems is their lack of flexibility to deal with the ever-evolving characteristics of the attacks, in terms of diversity and intensity. Moreover, applications in high-performance collaborative environments are very diverse, with possible extreme performance requirements. Consequently, effective strategies to detect attacks in these environments strongly depend on how closely the underlying intrusion detection mechanisms reflect the "specifics" of the application. The focus of this paper is on secure GRID and workflow environments. The purpose is to investigate a distributed defense method that can secure collaborative GRID and workflow environments and neutralize attacks before they reach their potential target en mass. To this end, the paper proposes a progressive, globally deployable sentinel scheme for data sampling, packet inspection, and DoS attack detection and recovery. A simulation framework is developed to study the performance of the proposed scheme. The results show a significant improvement in how the network deals with DoS attacks to secure GRID and workflow environments, in comparison to local DoS detection and prevention schemes.