Thesis
/ | ROMDOC-THESIS-2017-924 |
Contributions to the detection of anomalies in large scale distributed systems
Leordeanu, Cătălin
2012-04-29
Abstract: Contributions to the Detection of Anomalies in Large Scale Distributed Systems PhD Thesis Abstract This PhD thesis presents novel anomaly detection methods for Large Scale Distributed Systems. The focus is to detect any kind of anomalies which may disrupt the running applications and therefore cause damage to the distributed system. Such anomalies can be intrusions, failures or malicious behaviour of authenticated users. We propose G-IDS, a composite two-level Intrusion Detection System(IDS) for a large spectrum of attacks, from simple network attacks to high-level coordinated attacks against the entire Large Scale Distributed System, more specific against Grid Systems. At the low/network level, the local IDS stops attacks such as Denial of Service and detects local policy violations. This level uses a hybrid approach based on a pattern matching engine working in parallel with a neural network module, thus improving the accuracy of the detection results. At the second level we use the data collected from these low-level intrusion detection systems to protect the entire Grid System against coordinated attacks targeting running applications or resource groups. This approach correlates the information received from the network level with monitoring data from the Grid and identifies attacks that cannot be detected at a local level. Failure detection in Grid Environments is another difficult challenge in the context of highly dynamic systems composed of thousands of nodes. Failure detection is a key function of distributed systems that provides reliability. We propose a solution to increase Grid reliability based on accurate failure information about Grid nodes, more specifically, a distributed failure history service. Authenticated users might have a malicious behaviour, which can provoke anomalies. We propose a security framework to detect such internal attacks and to enforce security policies. A new method to detect malicious activity is introduced, which takes trust relationships into consideration. Also, we propose a new description language that allows the definition of very diverse attacks, and an interface for connecting the framework with a distributed data management system. This solution has been implemented and validated on top of the BlobSeer data management platform. The aforementioned solutions for detecting multiple types of anomalies in large scale distributed Systems have been integrated in the DEPSYS system, which is the result of a national research project, aiming to improve the dependability in Large Scale Distributed Systems. Autor: Coordonator: Ing. Cătălin LEORDEANU Prof.Dr.Ing. Valentin CRISTEA
Keyword(s): Sisteme distribuite -- Teză de doctorat ; GRID (Calculatoare) -- Sistem de calcul paralel/distribuit -- Teză de doctorat
OPAC: See record in BC-UPB Web OPAC
Full Text: see files
Record created 2017-02-09, last modified 2017-02-09
Similar records
People who viewed this page also viewed: |
|
|
Be the first to review this document.
Start a discussion about any aspect of this document.