Abstract
Increasing complexity of large scale distributed systems is creating problem in managing faults and security attacks because of the manual style adopted for management. This paper proposes a novel approach called SHAPE to self-heal and self-protect the system from various kinds of faults and security attacks. It deals with hardware, software, and network faults and provides security against DDoS, R2L, U2L, and probing attacks. SHAPE is implemented and evaluated against various standard metrics. The results are provided to support the approach.
Similar content being viewed by others
References
Foster I, Kesselman C, Nick JM, Tuecke S (2004) The physiology of the grid. Global Grid Forum
Armbrust M, Fox A, Griffith R, Joseph AD, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I, Zaharia M (2010) A view of cloud computing. Commun ACM 53(4):50–58
Sun W, Zhang X, Guo CJ, Sun P, Su H (2008) Software as a service: configuration and customization perspectives. In: Congress on services part II, SERVICES-2, 23–26 Sept. IEEE Press, New York
Foster I, Zhao Y, Raicu I, Lu S (2008) Cloud computing and grid computing 360-degree compared. In: IEEE grid computing environments GCE08
Chopra I, Singh M (2010) Analysing the need for autonomic behaviour in grid computing. In: Computer and automation engineering (ICCAE). IEEE Press, New York, pp 535–539
Ganek AG, Corbi TA (2003) The dawning of the autonomic computing era. IBM Syst J 42(1):5–18
Psaier H Dustdar S (2011) A survey on self-healing systems: approaches and systems. Computing. Springer, Berlin
Ghosh D, Sharman R, Raghav Rao H, Upadhyaya S (2006) Self-healing systems—survey and synthesis. Elsevier, Amsterdam
Parashar M, Hariri S (2005) Autonomic computing: an overview Springer, Berlin, pp 247–259
Garg R, Singh AK (2011) Fault tolerance in grid computing: state of art and open issues. Int J Comput Sci Eng Surv IJCSES
Hoffmann H, Eastep J et al (2010) Application heartbeats: a generic interface for specifying program performance and goals in autonomous computing environments. In: Proceeding of the 7th international conference on autonomic computing, ICAC. New York, NY, USA. ACM, New York, 7988 pp
Maggio M, Hoffmann H, Leva A (2010) Controlling software applications via resource allocation within the heartbeats framework In: Proceeding of the 49th international conference on decision and control, Atlanta, USA. IEEE Press, New York
Maggio M, Hoffmann H, Santambrogio MD, Agarwal A, Leva A (2011) A comparison of autonomic decision making techniques. Computer science and artificial intelligence laboratory technical report, MIT
Amoon M (2011) A development of fault-tolerant and scheduling system for grid computing. GESJ, Comput Sci Telecommun
Zhao L, Ren Y, Xiang Y, Sakurai K (2010) Faulttolerant scheduling with dynamic number of replicas in heterogeneous systems. In: High performance computing and communications (HPCC), pp 434–441
Claudel B, De Palma N, Lachaize R, Hagimont D (2006) Self-protection for distributed component based applications. Springer, Berlin
Networks A (2012) Arbor special report: worldwide infrastructure security report, vol VIII
Varalakshmi P, Thamarai Selvi S (2013) Thwarting DDoS attacks in grid using information divergence. Future Gener Comput Syst
Cappelli D, Moore A, Trzeciak R (2012) The CERT guide to insider threats: how to prevent, detect, and respond to information technology crimes (theft, sabotage, fraud). SEI series in software engineering. Addison–Wesley, Reading, 28 pp
Humphrey M, Thompson M (2002) Security implications of typical grid computing usage scenarios, cluster computing, vol 5, issue 3, July
Kendall K (1999) In: A database of computer attacks for the evaluation of intrusion detection systems, June
McAfee (2006) Archived from the original on rootkits, part 1 of 3: the growing threat
NMAP Homepage (1998) http://www.insecure.org/nmap/index.html
Bace R (2000) Intrusion detection. Macmillan Technical Publishing, Indianapolis
Baker A, Beale J, Caswell B, Poore M (2004) Snort 2.1 intrusion detection, 2nd edn. http://www.snort.org/
Roesch M (1999) Snort—lightweight intrusion detection for networks. In: Proceedings of the 13th LISA conference of USENIX association
Ali Aydin M, Halim Zaim A, Gökhan Ceylan K (2009) A hybrid intrusion detection system design for computer network security. Comput Electr Eng 35:517–526
Ding Y-X, Xiao M, Liu A-W (2009) Research and implementation on snort-based hybrid intrusion detection system. In: Proceedings of the eighth international conference on machine learning and cybernetics, Baoding, 12–15 July. IEEE Press, New York. doi:10.1109/ICMLC.2009.5212282
Gomez J, Gil C, Padilla N, Banos R, Jimenez C (2009) Design of a snort-based hybrid intrusion detection system. In: IWANN 2009, part II. LNCS, vol 5518, pp 515–522
Katkar V, Bhirud SG (2012) Novel DoS/DDoS attack detection and signature generation. Int J Comput Appl 47(10):18–24
Diaz-Verdejo JE, Garcia-Teodoro P, Munoz P, Macia-Fernandez G (2007) A Snort-based approach for the development and deployment of hybrid IDS. IEEE Lat Am Trans 5(6):386–392
Hwang K, Cai M, Chen Y, Qin M (2007) Hybrid intrusion detection with weighted signature generation over anomalous Internet episodes. IEEE Trans Dependable Secure Comput 4(1):41–55
Wuu LC, Hung CH, Chen SF (2007) Building intrusion pattern miner for Snort network intrusion detection system. J Syst Softw 80(10):1699–1715
Brahmi I, Yahia SB, Poncelet P (2011) A Snort-based mobile agent for a distributed intrusion detection system. In: SECRYPT 2011—proceedings of the international conference on security and cryptography, Seville, Spain, 18–21 July
Suryawanshi GR, Vanjale SB (2010) Mobile agent for distributed intrusion detection system in distributed system. In: Proceedings in international journal of artificial intelligence and computational research (IJAICR), June
Exposito JA Ametller J Robles S (2010) Configuring the JADE HTTP MTP
Zolnowski AP (2012) JADE-PKI 1.0 manual, 9 September
Linux Kernel Mailing List (2006) Fixes for uli5261 (tulip driver), Aug. http://lkml.org/lkml/2006/8/19/59
Kadav A, Renzelmann MJ, Swift MM (2009) Tolerating hardware device failures in software, SOSP’09, 11–14 October
Maciej Szmit, Adamus S, Bugaa S, Szmit A (2012) Anomaly detection 3.0 for Snort. Snort.AD Project
Boser BE, Guyon IM, Vapnik VN (1992) A training algorithm for optimal margin classifiers. In: 5th annual ACM workshop on COLT. ACM Press, Pittsburgh, pp 144–152
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Chopra, I., Singh, M. SHAPE—an approach for self-healing and self-protection in complex distributed networks. J Supercomput 67, 585–613 (2014). https://doi.org/10.1007/s11227-013-1019-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-013-1019-3