{"title":"防范针对超级计算基础设施攻击的安全测试平台","authors":"Phuong Cao, Zbigniew Kalbarczyk, Ravishankar Iyer","doi":"arxiv-2409.09602","DOIUrl":null,"url":null,"abstract":"Preempting attacks targeting supercomputing systems before damage remains the\ntop security priority. The main challenge is that noisy attack attempts and\nunreliable alerts often mask real attacks, causing permanent damages such as\nsystem integrity violations and data breaches. This paper describes a security\ntestbed embedded in live traffic of a supercomputer at the National Center for\nSupercomputing Applications (NCSA). The objective is to demonstrate attack\npreemption, i.e., stopping system compromise and data breaches at petascale\nsupercomputers. Deployment of our testbed at NCSA enables the following key\ncontributions: 1) Insights from characterizing unique attack patterns found in real security\nlogs of over 200 security incidents curated in the past two decades at NCSA. 2) Deployment of an attack visualization tool to illustrate the challenges of\nidentifying real attacks in HPC environments and to support security operators\nin interactive attack analyses. 3) Demonstrate the testbed's utility by running novel models, such as Factor\nGraph-Based models, to preempt a real-world ransomware family.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":"36 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Security Testbed for Preempting Attacks against Supercomputing Infrastructure\",\"authors\":\"Phuong Cao, Zbigniew Kalbarczyk, Ravishankar Iyer\",\"doi\":\"arxiv-2409.09602\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Preempting attacks targeting supercomputing systems before damage remains the\\ntop security priority. The main challenge is that noisy attack attempts and\\nunreliable alerts often mask real attacks, causing permanent damages such as\\nsystem integrity violations and data breaches. This paper describes a security\\ntestbed embedded in live traffic of a supercomputer at the National Center for\\nSupercomputing Applications (NCSA). The objective is to demonstrate attack\\npreemption, i.e., stopping system compromise and data breaches at petascale\\nsupercomputers. Deployment of our testbed at NCSA enables the following key\\ncontributions: 1) Insights from characterizing unique attack patterns found in real security\\nlogs of over 200 security incidents curated in the past two decades at NCSA. 2) Deployment of an attack visualization tool to illustrate the challenges of\\nidentifying real attacks in HPC environments and to support security operators\\nin interactive attack analyses. 3) Demonstrate the testbed's utility by running novel models, such as Factor\\nGraph-Based models, to preempt a real-world ransomware family.\",\"PeriodicalId\":501280,\"journal\":{\"name\":\"arXiv - CS - Networking and Internet Architecture\",\"volume\":\"36 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Networking and Internet Architecture\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.09602\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Networking and Internet Architecture","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.09602","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security Testbed for Preempting Attacks against Supercomputing Infrastructure
Preempting attacks targeting supercomputing systems before damage remains the
top security priority. The main challenge is that noisy attack attempts and
unreliable alerts often mask real attacks, causing permanent damages such as
system integrity violations and data breaches. This paper describes a security
testbed embedded in live traffic of a supercomputer at the National Center for
Supercomputing Applications (NCSA). The objective is to demonstrate attack
preemption, i.e., stopping system compromise and data breaches at petascale
supercomputers. Deployment of our testbed at NCSA enables the following key
contributions: 1) Insights from characterizing unique attack patterns found in real security
logs of over 200 security incidents curated in the past two decades at NCSA. 2) Deployment of an attack visualization tool to illustrate the challenges of
identifying real attacks in HPC environments and to support security operators
in interactive attack analyses. 3) Demonstrate the testbed's utility by running novel models, such as Factor
Graph-Based models, to preempt a real-world ransomware family.