![[usc.gif]](http://www.isi.edu/gost/icons/usc.gif) |
GridSec: Trusted Grid Computing with Dynamic Resources and Automated Intrusion Responses
|
![[isi.gif]](http://www.isi.edu/gost/icons/isi.gif)
|
![[gridsec.gif]](gridsec.gif)
The National Science Foundation funded GridSec effort at the University of Southern California.
The GridSec project is devoted to protecting pervasive, cluster, peer-to-peer, and Grid computing environments. Several research fronts are being attacked with intensive simulation, testbed construction, and NetShield software development.
Research Assistant at ISI:
Research Assistants at USC EE and CS Min Qin, Shanshan Song, Yongjin Kim, Rakesh Rajbanshi, Ching-Hua Chuan, Gurpreet Grewal, Mikin Macwan, Narayana Jayaram, Yushun Zhang, Rohil Tripathi.
International Collaborators: Prof. Michel Cosnard of INRIA, France Dr. Zhiwei Xu of Chinese Academy of Sciences
- Remove computing - Offering a new trust model
- GridSec offers distributed intelligence in trust management on top of Globus, AppLes, NimRod etc.
- Dynamic grid resource allocation optimized with respect to computing power, security demand, and cost limit
- Benefiting E-commerce, digital government, public safety, and global economy over the Internet using GridSec-based VPN tunneling
GridSec for protecting distributed resources:
- Security-assured resource allocation (SARA)
- Local resources fortified with NetShield library
- Remote processing through GridSec VPN tunneling
Automated intrusion detection and responses:
- Generating anomaly detection rules to build IDS
- Adaptive intrusion response through risk assessment
- Priority defense against DDoS and flood attacks
Continued research tasks and future directions:
- Testing SARA and NetShield on GridSec testbed
- Optimize the GridSec VPN architecture
- Explore wireless Grid computing technology
The researchers at ISI are investigating the policy-controlled data mining for intrusion detection.
This approach includes three steps:
- Adaptive gathering and encoding of audit data remotely.
- Adaptive pre-processing of audit data. Use standard logging tools but support adaptive selection of most
influential system features.
- Adaptive Data mining. Provide advise/predictions for classifiers based on the info observed by the GAA-API - Generic Authorization and Access-control API
and encoded in the security policy.
![[anomaly.gif]](anomaly.gif)