An Anomaly Detection Scheme for DDoS Attack in Grid Computing

Kar, Sumit (2009) An Anomaly Detection Scheme for DDoS Attack in Grid Computing. MTech thesis.



The demand for computing power and storage is increasing continuously and there are applications like scientific research and industrial need, whose computational demand even exceeds the available fastest technologies. As a result it is an economically feasible mean to look into efficiently aggregate existing distributed resources. To achieving this goal makes it possible to build a shared large scale wide-area distributed computing infrastructure, a concept which has been named the Grid computing. The primary objective of Grid computing is to support the sharing of resources and service spanning across multiple administrative domains. Due to the inherently dynamic and multi organizational nature maintaining security of both users and resources is the challenging aspect of Grid. Grid uses internet as an infrastructure to build communication, with the fusion of web services and grid technologies further increases the security concerns for their complex nature.
This thesis takes a look at the vulnerability of Grid environment on denial of service attack. We found that deploying an efficient intrusion detection system to Grid can significantly improve its security and it can detect denial of service attack before it affects the victim. But due to the special characteristics and requirement of Grids, the existing traditional intrusion detection system can not work properly in that environment. The focus of this thesis is to investigate and design an anomaly detection system which can detect DoS and DDoS attack with high attack detection and low false alarm rate to achieve high performance. We have extensively surveyed the current literatures in this area; the main stress is put on feature selection for the Grid based anomaly detection system. An entropy based anomaly detection system has been proposed; also we have discussed the advantage of taking entropy as the metric. Finally the performance of the system has been analyzed using NS2 network simulator.
For shake of continuity each chapter has its relevant introduction and theory. The work is also supported by list of necessary references. Attempt is made to make the thesis self-content.

Item Type:Thesis (MTech)
Uncontrolled Keywords:Grid computing, anomaly detection, entropy, entropy rate
Subjects:Engineering and Technology > Computer and Information Science > Networks
Divisions: Engineering and Technology > Department of Computer Science
ID Code:1473
Deposited By:Sumit Kar
Deposited On:09 Jun 2009 14:50
Last Modified:14 Jun 2012 11:00
Related URLs:
Supervisor(s):Sahoo, B D

Repository Staff Only: item control page