Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

Cluster Security with NVisionCC: The Forseti Distributed File Integrity Checker

Lee, Adam J and Koenig, Gregory A and Yurcik, William (2005) Cluster Security with NVisionCC: The Forseti Distributed File Integrity Checker. In: Proceedings of the Los Alamos Computer Science Institute Symposium (LACSI). UNSPECIFIED, 1 - 12. ISBN UNSPECIFIED

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)

Abstract

Attackers who are able to compromise a single node in a high performance computing cluster can use that node as a launch point for a number of malicious actions. In many cases, the password used to log into a single node can be used to access a large number of nodes in the system, allowing the attacker to utilize the vast computing and storage capabilities of the compromised cluster to sniff network traffic, carry out brute-force password cracking, launch distributed denial of service attacks, or serve illegal digital content. Often, these types of attackers modify important system files to collect passwords to other accounts, disable certain logging facilities, or create back-doors into the system. In this paper, we present Forseti, a distributed file integrity checker designed specifically for the high performance computing cluster environment. Forseti was designed to address the shortcomings exhibited by existing host-based intrusion detection systems when used in the cluster environment and to provide a means of detecting changes to critical system files made by root-level adversaries. We discuss the design and implementation of the Forseti system, present a security analysis of Forseti, examine the performance of the system, and explore how Forseti can be used in concert with other security monitoring techniques to enhance the security of the HPC cluster environment.


Share

Citation/Export:
Social Networking:
Share |

Details

Item Type: Book Section
Status: Published
Creators/Authors:
CreatorsEmailPitt UsernameORCID
Lee, Adam Jadamlee@pitt.eduADAMLEE
Koenig, Gregory A
Yurcik, William
Date: October 2005
Date Type: Publication
Access Restriction: No restriction; Release the ETD for access worldwide immediately.
Page Range: 1 - 12
Institution: University of Pittsburgh
Schools and Programs: Dietrich School of Arts and Sciences > Computer Science
Refereed: Yes
Title of Book: Proceedings of the Los Alamos Computer Science Institute Symposium (LACSI)
Related URLs:
Additional Information: LACSI Symposium 2005, October 11-13, 2005. Santa Fe, NM 87501
Date Deposited: 05 Dec 2012 20:23
Last Modified: 25 Aug 2017 05:05
URI: http://d-scholarship.pitt.edu/id/eprint/16514

Metrics

Monthly Views for the past 3 years

Plum Analytics


Actions (login required)

View Item View Item