Cargando…
Intrusion Prevention and Detection in Grid Computing - The ALICE Case
Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process...
| Autores principales: | , , |
|---|---|
| Lenguaje: | eng |
| Publicado: |
2017
|
| Materias: | |
| Acceso en línea: | https://dx.doi.org/10.1088/1742-6596/664/6/062017 http://cds.cern.ch/record/2134599 |
| _version_ | 1780949913082789888 |
|---|---|
| author | Gomez, Andres Lara, Camilo Kebschull, Udo |
| author_facet | Gomez, Andres Lara, Camilo Kebschull, Udo |
| author_sort | Gomez, Andres |
| collection | CERN |
| description | Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machine Learning approach. We plan to implement the proposed framework as a software prototype that will be tested as a component of the ALICE Grid middleware. |
| id | oai-inspirehep.net-1413939 |
| institution | Organización Europea para la Investigación Nuclear |
| language | eng |
| publishDate | 2017 |
| record_format | invenio |
| spelling | oai-inspirehep.net-14139392022-08-10T13:00:59Zdoi:10.1088/1742-6596/664/6/062017http://cds.cern.ch/record/2134599engGomez, AndresLara, CamiloKebschull, UdoIntrusion Prevention and Detection in Grid Computing - The ALICE CaseComputing and ComputersGrids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machine Learning approach. We plan to implement the proposed framework as a software prototype that will be tested as a component of the ALICE Grid middleware.Grids allow users flexible on-demand usage of computing resources through remote communication networks. A remarkable example of a Grid in High Energy Physics (HEP) research is used in the ALICE experiment at European Organization for Nuclear Research CERN. Physicists can submit jobs used to process the huge amount of particle collision data produced by the Large Hadron Collider (LHC). Grids face complex security challenges. They are interesting targets for attackers seeking for huge computational resources. Since users can execute arbitrary code in the worker nodes on the Grid sites, special care should be put in this environment. Automatic tools to harden and monitor this scenario are required. Currently, there is no integrated solution for such requirement. This paper describes a new security framework to allow execution of job payloads in a sandboxed context. It also allows process behavior monitoring to detect intrusions, even when new attack methods or zero day vulnerabilities are exploited, by a Machine Learning approach. We plan to implement the proposed framework as a software prototype that will be tested as a component of the ALICE Grid middleware.arXiv:1704.06193oai:inspirehep.net:14139392017-04-20 |
| spellingShingle | Computing and Computers Gomez, Andres Lara, Camilo Kebschull, Udo Intrusion Prevention and Detection in Grid Computing - The ALICE Case |
| title | Intrusion Prevention and Detection in Grid Computing - The ALICE Case |
| title_full | Intrusion Prevention and Detection in Grid Computing - The ALICE Case |
| title_fullStr | Intrusion Prevention and Detection in Grid Computing - The ALICE Case |
| title_full_unstemmed | Intrusion Prevention and Detection in Grid Computing - The ALICE Case |
| title_short | Intrusion Prevention and Detection in Grid Computing - The ALICE Case |
| title_sort | intrusion prevention and detection in grid computing - the alice case |
| topic | Computing and Computers |
| url | https://dx.doi.org/10.1088/1742-6596/664/6/062017 http://cds.cern.ch/record/2134599 |
| work_keys_str_mv | AT gomezandres intrusionpreventionanddetectioningridcomputingthealicecase AT laracamilo intrusionpreventionanddetectioningridcomputingthealicecase AT kebschulludo intrusionpreventionanddetectioningridcomputingthealicecase |