Christopher Kunz, Nina Tahmasebi, T. Risse, Matthew Smith
{"title":"利用贝叶斯网络检测网格中的证书滥用","authors":"Christopher Kunz, Nina Tahmasebi, T. Risse, Matthew Smith","doi":"10.1109/Grid.2011.23","DOIUrl":null,"url":null,"abstract":"Proxy Credentials serve as a principal for authentication and authorization in the Grid. Despite their limited lifetime, they can be intercepted and abused by an attacker. We counter this threat by enabling Grid users to track their credentials' use in Grid infrastructures, reporting all authentication and delegation operations to an auditing service. Our approach combines modifications to the security infrastructure with a Bayesian classifier in order to provide a reliable method for detecting abusive Grid credential usage and alerting the legitimate user. To validate this approach we created an extensive Grid simulation, simulating different types of legitimate and illegitimate use of credentials. Our experiments show that we can detect 99.5% of all abuse and our solution can thus help to increase security in the Grid.","PeriodicalId":308086,"journal":{"name":"2011 IEEE/ACM 12th International Conference on Grid Computing","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Detecting Credential Abuse in the Grid Using Bayesian Networks\",\"authors\":\"Christopher Kunz, Nina Tahmasebi, T. Risse, Matthew Smith\",\"doi\":\"10.1109/Grid.2011.23\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Proxy Credentials serve as a principal for authentication and authorization in the Grid. Despite their limited lifetime, they can be intercepted and abused by an attacker. We counter this threat by enabling Grid users to track their credentials' use in Grid infrastructures, reporting all authentication and delegation operations to an auditing service. Our approach combines modifications to the security infrastructure with a Bayesian classifier in order to provide a reliable method for detecting abusive Grid credential usage and alerting the legitimate user. To validate this approach we created an extensive Grid simulation, simulating different types of legitimate and illegitimate use of credentials. Our experiments show that we can detect 99.5% of all abuse and our solution can thus help to increase security in the Grid.\",\"PeriodicalId\":308086,\"journal\":{\"name\":\"2011 IEEE/ACM 12th International Conference on Grid Computing\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE/ACM 12th International Conference on Grid Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/Grid.2011.23\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE/ACM 12th International Conference on Grid Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Grid.2011.23","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Detecting Credential Abuse in the Grid Using Bayesian Networks
Proxy Credentials serve as a principal for authentication and authorization in the Grid. Despite their limited lifetime, they can be intercepted and abused by an attacker. We counter this threat by enabling Grid users to track their credentials' use in Grid infrastructures, reporting all authentication and delegation operations to an auditing service. Our approach combines modifications to the security infrastructure with a Bayesian classifier in order to provide a reliable method for detecting abusive Grid credential usage and alerting the legitimate user. To validate this approach we created an extensive Grid simulation, simulating different types of legitimate and illegitimate use of credentials. Our experiments show that we can detect 99.5% of all abuse and our solution can thus help to increase security in the Grid.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
