A Survey of Fault-Tolerance and Fault-Recovery Techniques in Parallel Systems

Supercomputing systems today often come in the form of large numbers of commodity systems linked together into a computing cluster. These systems, like any distributed system, can have large numbers of independent hardware components cooperating or collaborating on a computation. Unfortunately, any of this vast number of components can fail at any time, resulting in potentially erroneous output. In order to improve the robustness of supercomputing applications in the presence of failures, many techniques have been developed to provide resilience to these kinds of system faults. This survey provides an overview of these various fault-tolerance techniques.Comment: 11 page

A Survey of Distributed Intrusion Detection Approaches

Distributed intrustion detection systems detect attacks on computer systems by analyzing data aggregated from distributed sources. The distributed nature of the data sources allows patterns in the data to be seen that might not be detectable if each of the sources were examined individually. This paper describes the various approaches that have been developed to share and analyze data in such systems, and discusses some issues that must be addressed before fully decentralized distributed intrusion detection systems can be made viable

A Distributed Economics-based Infrastructure for Utility Computing

Existing attempts at utility computing revolve around two approaches. The first consists of proprietary solutions involving renting time on dedicated utility computing machines. The second requires the use of heavy, monolithic applications that are difficult to deploy, maintain, and use. We propose a distributed, community-oriented approach to utility computing. Our approach provides an infrastructure built on Web Services in which modular components are combined to create a seemingly simple, yet powerful system. The community-oriented nature generates an economic environment which results in fair transactions between consumers and providers of computing cycles while simultaneously encouraging improvements in the infrastructure of the computational grid itself.Comment: 8 pages, 1 figur

ContagAlert: Using Contagion Theory for Adaptive, Distributed Alert Propagation

The widespread uses of large-scale distributed systems, e.g., Grid networks and distributed storage systems, raise the possibilities of large-scale attacks on such systems. Although current technology for detecting worms and viruses in the Internet can be applied, few existing systems support fast propagation of alerts during the attack itself. This paper proposes and studies a new system towards this problem. The system, called "ContagAlert", uses contagion spreading behavior, somewhat like the spread of fads in society, in order to spread alerts. ContagAlert is able to propagate an alert while the attack is in progress, while at the same time suppressing disruptive signals generated by adversaries or false positives. The core contagion protocols in the system are completely localized, involving simple threshold checks at each node, but resulting in desired emergent threshold behavior at the network scale. Signals with too few sources fail to spread, and signals exceeding the threshold propagate across the entire network. Contagion protocols can be analyzed using bootstrap percolation models. We also present experimental results from contagion protocols running in a wide variety of topologies. Finally, we present experiments based on two real-life applications: Internet worm attacks and DoS attacks on p2p systems

VisFlowConnect: NetFlow Visualizations of Link Relationships for Security Situational Awareness

We present a visualization design to enhance the ability of an administrator to detect and investigate anomalous tra#c between a local network and external domains. Central to the design is a parallel axes view which displays NetFlow records as links between two machines or domains while employing a variety of visual cues to assist the user. We describe several filtering options that can be employed to hide uninteresting or innocuous tra#c such that the user can focus his or her attention on the more unusual network flows

Detection of Privilege Escalation for Linux Cluster Security

Cluster computing systems can be among the most valuable resources owned by an organization

Cluster Security Research Challenges

In this paper, we share insights from our group experience building and experimenting on high performance computing clusters to support our research developing novel cluster security protection techniques and tools

Kansas Law Review Criminal Procedure Survey, vol. 57 no. 5

This is the published version