防范针对超级计算基础设施攻击的安全测试平台

Phuong Cao, Zbigniew Kalbarczyk, Ravishankar Iyer
{"title":"防范针对超级计算基础设施攻击的安全测试平台","authors":"Phuong Cao, Zbigniew Kalbarczyk, Ravishankar Iyer","doi":"arxiv-2409.09602","DOIUrl":null,"url":null,"abstract":"Preempting attacks targeting supercomputing systems before damage remains the\ntop security priority. The main challenge is that noisy attack attempts and\nunreliable alerts often mask real attacks, causing permanent damages such as\nsystem integrity violations and data breaches. This paper describes a security\ntestbed embedded in live traffic of a supercomputer at the National Center for\nSupercomputing Applications (NCSA). The objective is to demonstrate attack\npreemption, i.e., stopping system compromise and data breaches at petascale\nsupercomputers. Deployment of our testbed at NCSA enables the following key\ncontributions: 1) Insights from characterizing unique attack patterns found in real security\nlogs of over 200 security incidents curated in the past two decades at NCSA. 2) Deployment of an attack visualization tool to illustrate the challenges of\nidentifying real attacks in HPC environments and to support security operators\nin interactive attack analyses. 3) Demonstrate the testbed's utility by running novel models, such as Factor\nGraph-Based models, to preempt a real-world ransomware family.","PeriodicalId":501280,"journal":{"name":"arXiv - CS - Networking and Internet Architecture","volume":"36 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Security Testbed for Preempting Attacks against Supercomputing Infrastructure\",\"authors\":\"Phuong Cao, Zbigniew Kalbarczyk, Ravishankar Iyer\",\"doi\":\"arxiv-2409.09602\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Preempting attacks targeting supercomputing systems before damage remains the\\ntop security priority. The main challenge is that noisy attack attempts and\\nunreliable alerts often mask real attacks, causing permanent damages such as\\nsystem integrity violations and data breaches. This paper describes a security\\ntestbed embedded in live traffic of a supercomputer at the National Center for\\nSupercomputing Applications (NCSA). The objective is to demonstrate attack\\npreemption, i.e., stopping system compromise and data breaches at petascale\\nsupercomputers. Deployment of our testbed at NCSA enables the following key\\ncontributions: 1) Insights from characterizing unique attack patterns found in real security\\nlogs of over 200 security incidents curated in the past two decades at NCSA. 2) Deployment of an attack visualization tool to illustrate the challenges of\\nidentifying real attacks in HPC environments and to support security operators\\nin interactive attack analyses. 3) Demonstrate the testbed's utility by running novel models, such as Factor\\nGraph-Based models, to preempt a real-world ransomware family.\",\"PeriodicalId\":501280,\"journal\":{\"name\":\"arXiv - CS - Networking and Internet Architecture\",\"volume\":\"36 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Networking and Internet Architecture\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.09602\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Networking and Internet Architecture","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.09602","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

在超级计算系统受到攻击之前先发制人仍然是安全领域的首要任务。主要的挑战在于,嘈杂的攻击企图和不可靠的警报往往会掩盖真实的攻击,造成永久性破坏,如系统完整性破坏和数据泄露。本文介绍了嵌入美国国家超级计算应用中心(NCSA)超级计算机实时流量中的安全测试平台。其目的是演示攻击防御(attackpreemption),即在千万亿次超级计算机上阻止系统破坏和数据泄露。在 NCSA 部署我们的测试平台可做出以下重要贡献:1) 对 NCSA 在过去二十年中策划的 200 多起安全事件的真实安全日志中发现的独特攻击模式进行特征描述,并从中获得见解。2) 部署攻击可视化工具,以说明在高性能计算环境中识别真实攻击所面临的挑战,并支持安全操作员进行交互式攻击分析。3) 通过运行新颖的模型(如基于因子图的模型),展示测试平台的实用性,以预先防范现实世界中的勒索软件家族。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Security Testbed for Preempting Attacks against Supercomputing Infrastructure
Preempting attacks targeting supercomputing systems before damage remains the top security priority. The main challenge is that noisy attack attempts and unreliable alerts often mask real attacks, causing permanent damages such as system integrity violations and data breaches. This paper describes a security testbed embedded in live traffic of a supercomputer at the National Center for Supercomputing Applications (NCSA). The objective is to demonstrate attack preemption, i.e., stopping system compromise and data breaches at petascale supercomputers. Deployment of our testbed at NCSA enables the following key contributions: 1) Insights from characterizing unique attack patterns found in real security logs of over 200 security incidents curated in the past two decades at NCSA. 2) Deployment of an attack visualization tool to illustrate the challenges of identifying real attacks in HPC environments and to support security operators in interactive attack analyses. 3) Demonstrate the testbed's utility by running novel models, such as Factor Graph-Based models, to preempt a real-world ransomware family.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信