Vol. 1 Issue 3
Year:2013
Issue:Sep-Nov
Title:Behavior Monitoring of a Process in a Computational Grid Using Hidden Markov Model
Author Name:Shaik Naseera
Synopsis:
Job outsourcing in grid computing generally face the problem of security threats and doubtful trustworthiness of remote resources. On the other hand, the scheduled processes at the remote host may exploit the given privileges and misuse the services of the remote host. We developed a monitoring system using Hidden Markov Model to detect such anomalous behavior of the processes at the remote host. The main objective of this paper is to build a monitoring system, a predictive model capable of discriminating between normal and abnormal behavior of a process in its run-time. The model is built with the parameters derived from the type of operations performed by the process. The monitoring system flags any observation that has a significant deviation from the observed model. The system is built using Hidden Markov Model (HMM) and the parameters are identified for building the monitoring system includes CPU-Limit, Memory-Limit, File- Limit, File-Size- Limit, Process-Limit etc. An HMM is initially trained with the normal flow of operations of a process. The incoming process operation is rejected when it is not accepted by the trained HMM with sufficiently high probability and also we extract the state sequence followed by the process in its run-time. From this state sequence, we determine the number of violations in resource access than permitted or allowed. At the same time we try to ensure that genuine processes are not rejected. The system is implemented in UNIX environment.
Year:2013
Issue:Sep-Nov
Title:Behavior Monitoring of a Process in a Computational Grid Using Hidden Markov Model
Author Name:Shaik Naseera
Synopsis:
Job outsourcing in grid computing generally face the problem of security threats and doubtful trustworthiness of remote resources. On the other hand, the scheduled processes at the remote host may exploit the given privileges and misuse the services of the remote host. We developed a monitoring system using Hidden Markov Model to detect such anomalous behavior of the processes at the remote host. The main objective of this paper is to build a monitoring system, a predictive model capable of discriminating between normal and abnormal behavior of a process in its run-time. The model is built with the parameters derived from the type of operations performed by the process. The monitoring system flags any observation that has a significant deviation from the observed model. The system is built using Hidden Markov Model (HMM) and the parameters are identified for building the monitoring system includes CPU-Limit, Memory-Limit, File- Limit, File-Size- Limit, Process-Limit etc. An HMM is initially trained with the normal flow of operations of a process. The incoming process operation is rejected when it is not accepted by the trained HMM with sufficiently high probability and also we extract the state sequence followed by the process in its run-time. From this state sequence, we determine the number of violations in resource access than permitted or allowed. At the same time we try to ensure that genuine processes are not rejected. The system is implemented in UNIX environment.
No comments:
Post a Comment