Title :
NIDS architecture for clusters
Author_Institution :
CEA/DIF
Abstract :
Intrusion detection is a security concept implemented on networks in various academic and commercial solutions. Most of them rely on sensors dedicated to local area networks or Internet. However clusters rely heavily on networks. Because of their uniformity, they are sensible to attacks: one compromised node can lead to the control of whole cluster. In order to solve such security issues, we purpose a NIDS architecture which addresses the same constraints as a cluster: efficiency, scalability and reliability. It is based on the cluster paradigm. We stress on the facts that network packets must be dispatched according to streams and analysis must be load-balanced at process level. Moreover two types of practical parallel analysis are presented, depending on the type of flows. Finally, we discuss implementations and dimensioning issues
Keywords :
resource allocation; security of data; workstation clusters; NIDS architecture; load-balancing; network cluster; network intrusion detection system; network packet dispatching; parallel analysis; security issues; Bandwidth; Computer architecture; Computer network reliability; Computer networks; Costs; Delay; IP networks; Intrusion detection; Local area networks; Scalability;
Conference_Titel :
Collaborative Technologies and Systems, 2005. Proceedings of the 2005 International Symposium on
Conference_Location :
St Louis, MO
Print_ISBN :
0-7695-2387-0
DOI :
10.1109/ISCST.2005.1553297
