Lee, Adam J and Koenig, Gregory A and Yurcik, William
(2005)
Cluster Security with NVisionCC: The Forseti Distributed File Integrity Checker.
In:
Proceedings of the Los Alamos Computer Science Institute Symposium (LACSI).
UNSPECIFIED, 1 - 12.
ISBN UNSPECIFIED
Abstract
Attackers who are able to compromise a single node in a high performance computing cluster can use that node as a launch point for a number of malicious actions. In many cases, the password used to log into a single node can be used to access a large number of nodes in the system, allowing the attacker to utilize the vast computing and storage capabilities of the compromised cluster to sniff network traffic, carry out brute-force password cracking, launch distributed denial of service attacks, or serve illegal digital content. Often, these types of attackers modify important system files to collect passwords to other accounts, disable certain logging facilities, or create back-doors into the system. In this paper, we present Forseti, a distributed file integrity checker designed specifically for the high performance computing cluster environment. Forseti was designed to address the shortcomings exhibited by existing host-based intrusion detection systems when used in the cluster environment and to provide a means of detecting changes to critical system files made by root-level adversaries. We discuss the design and implementation of the Forseti system, present a security analysis of Forseti, examine the performance of the system, and explore how Forseti can be used in concert with other security monitoring techniques to enhance the security of the HPC cluster environment.
Share
Citation/Export: |
|
Social Networking: |
|
Details
Item Type: |
Book Section
|
Status: |
Published |
Creators/Authors: |
Creators | Email | Pitt Username | ORCID  |
---|
Lee, Adam J | adamlee@pitt.edu | ADAMLEE | | Koenig, Gregory A | | | | Yurcik, William | | | |
|
Date: |
October 2005 |
Date Type: |
Publication |
Access Restriction: |
No restriction; Release the ETD for access worldwide immediately. |
Page Range: |
1 - 12 |
Institution: |
University of Pittsburgh |
Schools and Programs: |
Dietrich School of Arts and Sciences > Computer Science |
Refereed: |
Yes |
Title of Book: |
Proceedings of the Los Alamos Computer Science Institute Symposium (LACSI) |
Additional Information: |
LACSI Symposium 2005, October 11-13, 2005. Santa Fe, NM 87501 |
Date Deposited: |
05 Dec 2012 20:23 |
Last Modified: |
06 Sep 2024 10:55 |
URI: |
http://d-scholarship.pitt.edu/id/eprint/16514 |
Metrics
Monthly Views for the past 3 years
Plum Analytics
Actions (login required)
 |
View Item |