To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
GIDRE: Environment of Detection and Answer of Intrusions based on GRID |
|
Author |
Olimpia Olgu?n, Manel M?dina |
| Citation |
Vol. 7 No. 4 pp. 232-241 |
|
Abstract |
In the early days the intrusions to data processing systems were little sophisticated but nowadays with the great advance of the new technologies, the intrusions be a lot more difficult to detect causing the need to create capable tools of detecting them as soon as possible, here arises GIDRE, it is innovative development tools for the exhaustive network traffic monitoring of suspicious activities, the data analysis related to these activities, taking decisions and regarding the related security measures establishment to those threats, all it inside the network environment based on GRID. This is a new mechanism, and will be gifted of an express train and efficient answer to the new attacks that appear in the network (for example internet), in the shape of packages filtered (firewalls) that correspond to distribute attacks or not, or they be discovered by the Intrusion Detection Systems(IDS) that they will form the mechanism. It will be obtained, to identify new attacks related to virus and denials of service (DoS); subsequently create update reports about the security state in the network, bringing to light to the community from Internet the information on the new discovered attacks, and in this way take security measures regarding the incidents produced in the systems. Some of the technologies will be utilized are data mining for the analysis of data, and GRID for the compartici?n of resources in the joint work of the anomalies detectors teams and in their take of decisions. Besides this it will generate countermeasures against these attacks, so much to internal level of the network, as for the international community and finally, they will be generated tools to evaluate the own system efficacy and the structure propagation to other environments. The network traffic capture will be carried out constantly, by means of ADSH (hybrid anomaly detection systems) assembly, which will be distributed through the network. The IDS agents will share information about the anomalies detected in the network, being able to deduce if an global attack is produced in certanly moment. When an agent monitoring anomalous traffic, it will notify to the other agents, then all agents will analyze the data, and they will decide new politics to apply to the firewalls. These politics, if does not affect to certain system as critical ports, will apply automatically; otherwise, will be done of manual form, informing the administrators and taking the most adequate action. |
|
Keywords |
GRID, attacks, Firewalls, IDS, ADS. |
|
URL |
