A Grid-aware Intrusion Detection System

Michal Witold Jarmolkowicz

AbstractExisting Intrusion Detection Systems (IDS) are not designed to deal with any specific types of systems. The purpose of this work is to investigate the possibility of Grid-focused IDS. The main stress is put on feature selection and performance of the system.

An existing framework, IDSNet, is used as a basis for considerations and development. An algorithm based on Self-Organizing Map has been selected for pattern discovery in traffic analysis. No Grid environment was available for testing, therefore no real-life experiments could have been performed, and main focus was shifted to system performance and away from feature selection.

It is shown that the performance of the system greatly depends on the efficiency of the underlying framework. A number of optimizations are shown that improve the algorithm's performance by 2 orders of magnitude.
TypeMaster's thesis [Academic thesis]
Year2007
PublisherInformatics and Mathematical Modelling, Technical University of Denmark, DTU
AddressRichard Petersens Plads, Building 321, DK-2800 Kgs. Lyngby
SeriesIMM-Thesis-2007-109
NoteSupervised by Prof. Robin Sharp, IMM, DTU.
Electronic version(s)[pdf]
BibTeX data [bibtex]
IMM Group(s)Computer Science & Engineering