Title :
Self-Protection in a Clustered Distributed System
Author :
De Palma, Noel ; Hagimont, Daniel ; Boyer, Fabienne ; Broto, Laurent
Author_Institution :
INRIA - SARDES Res. Group, Univ. of Grenoble, St. Ismier, France
Abstract :
Self-protection refers to the ability for a system to detect illegal behaviors and to fight-back intrusions with counter-measures. This article presents the design, the implementation, and the evaluation of a self-protected system which targets clustered distributed applications. Our approach is based on the structural knowledge of the cluster and of the distributed applications. This knowledge allows to detect known and unknown attacks if an illegal communication channel is used. The current prototype is a self-protected JEE infrastructure (Java 2 Enterprise Edition) with firewall-based intrusion detection. Our prototype induces low-performance penalty for applications.
Keywords :
Java; authorisation; computer network security; clustered distributed system; communication channel; fight-back intrusions; firewall-based intrusion detection; illegal behavior detection; self-protected JEE infrastructure; structural knowledge; Communication channels; Computer architecture; Intrusion detection; Law; Servers; Software; Middleware; clustered systems; self-protection.;
Journal_Title :
Parallel and Distributed Systems, IEEE Transactions on
DOI :
10.1109/TPDS.2011.161
