Advertisement

Security Monitoring and Analytics in the Context of HPC Processing Model

  • Mikołaj Dobski
  • Gerard Frankowski
  • Norbert Meyer
  • Maciej Miłostan
  • Michał PilcEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10777)

Abstract

In this paper an overview of the problem of cybersecurity monitoring and analytics in HPC centers is performed from two intersecting points of view: challenges of assuring the necessary security level of HPC infrastructures themselves as well as new, not available earlier, opportunities to effectively analyze large volumes of heterogeneous data, facilitated by using large HPC clusters together with scalable analytic software. A major part of this paper is devoted to the most relevant methodologies and solutions that can be used by security analytics in order to at least partially face the challenge of analyzing large volumes of data potentially related with cyber-security events, in real-time or quasi-real-time. Particular solutions are considered in the context of their applicability in an HPC infrastructure. Relying on the results of experiments conducted within the SECOR project we have shown an approach of further development of the prepared architecture in HPC environment – within the confines of another R&D project, PROTECTIVE.

Keywords

Cybersecurity HPC Monitoring Threat detection Scalability 

References

  1. 1.
    Balcerek, B., Frankowski, G., Kwiecień, A., Meyer, N., Nowak, M., Smutnicki, A.: Multilayered IT security requirements and measures for the complex protection of polish domain-specific grid infrastructure. In: Bubak, M., Kitowski, J., Wiatr, K. (eds.) eScience on Distributed Computing Infrastructure. LNCS, vol. 8500, pp. 61–79. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-10894-0_5 CrossRefGoogle Scholar
  2. 2.
    Bhatt, S., Manadhata, P., Zomlot, L.: The operational role of security information and event management systems. IEEE Secur. Priv. 12(5), 35–41 (2014)CrossRefGoogle Scholar
  3. 3.
    Brueckner, R.: Deploying Hadoop on Lustre Storage: Lessons Learned and Best Practices (2015). http://insidehpc.com/2015/04/deploying-hadoop-on-lustre-storage-lessons-learned-and-best-practices/. Accessed 05 May 2017
  4. 4.
    Elastic: The Elastic Stack. https://www.elastic.co/products. Accessed 05 May 2017
  5. 5.
    Erdogan, O., Frankowski, G., Meyer, N., Nowak, M., Yilmaz, E.: Security in HPC Centers, PRACE (2013). http://www.prace-ri.eu/IMG/pdf/wp79.pdf. Accessed 04 May 2017
  6. 6.
    Frankowski, G., Jerzak, M., Miłostan, M., Nowak, T., Pawłowski, M.: Application of the complex event processing system for anomaly detection and network monitoring. Comput. Sci. J. 16(4), 351–372 (2015)CrossRefGoogle Scholar
  7. 7.
    Hecht, R., Jablonski, S.: NoSQL evaluation: a use case oriented survey. In: Cloud and Service Computing (CSC), pp. 336–341 (2011)Google Scholar
  8. 8.
    Holzschuher, F., Peinl, R.: Performance of graph query languages: comparison of cypher, gremlin and native access in Neo4j. In: Proceedings of the Joint EDBT/ICDT 2013 Workshops (EDBT 2013), pp. 195–204. ACM, New York (2013)Google Scholar
  9. 9.
    (White Paper) IBM: Hadoop connector scripts for IBM Platform LSF (2014)Google Scholar
  10. 10.
    Intel Corporation Case study: Intel Enterprise Edition for Lustre Strengthens Oil and Gas Exploration (2015). http://www.intel.com/content/www/us/en/high-performance-computing/intel-enterprise-edition-for-lustre-strengthens-oil-and-gas-exploration.html. Accessed 05 May 2017
  11. 11.
    Kaur, S., Singh, M.: Automatic attack signature generation systems: a review. IEEE Secur. Priv. 11(6), 54–61 (2013)CrossRefGoogle Scholar
  12. 12.
    Kliarsky, A., Atlasis, A.: Responding to Zero Day Threats, pp. 7–8, SANS Institute (2011). http://www.sans.org/reading-room/whitepapers/incident/respondingzero-day-threats-33709. Accessed 05 May 2017
  13. 13.
    Kruegel, C., Valeur, F., Vigna, G.: Intrusion detection and correlation: challenges and solutions. Adv. Inf. Secur. 14, 31 (2005)zbMATHGoogle Scholar
  14. 14.
    (White Paper) Securosis L.L.C.: Security Analytics with Big Data, version 1.1 (2014). https://securosis.com/assets/library/reports/SecurityAnalytics_BigData_V2.pdf. Accessed 05 May 2017
  15. 15.
    Lawrence Livermore National Laboratory: Advancing Technology for Uncertainty Quantification and Science at Scale (2012). https://asc.llnl.gov/publications/Sequoia2012.pdf. Accessed 05 May 2017
  16. 16.
    Mandiant Consulting: M-Trends 2016. Special Report, p. 2 (2016). https://www2.fireeye.com/rs/848-DID-242/images/Mtrends2016.pdf. Accessed 05 May 2017
  17. 17.
    Mandiant Consulting: MTrends 2017. A View from the Front Lines, p. 7 (2017). https://www.fireeye.com/current-threats/annual-threat-report/mtrends.html. Accessed 05 May 2017
  18. 18.
    Marty, R.: The security Data Lake: Leveraging Big Data technologies to Build a Common Repository for Security. OReilly, Newton (2015)Google Scholar
  19. 19.
    NASA: Pleiades Lustre Filesystems (2016, updated 2017). http://www.nas.nasa.gov/hecc/support/kb/pleiades-lustre-filesystems_225.html. Accessed 05 May 2017
  20. 20.
    PL-Grid Consortium: PL-Grid: Opis zasobw storage (in Polish). http://www.plgrid.pl/oferta/zasoby_obliczeniowe/opis_zasobow/storage. Accessed 05 May 2017
  21. 21.
    Horizon 2020 PROTECTIVE project homepage. https://protective-h2020.eu/. Accessed 04 May 2017
  22. 22.
    Raciti, M., Cucurull, J., Nadjm-Tehrani, S.: Anomaly detection in water management systems. In: Lopez, J., Setola, R., Wolthusen, S.D. (eds.) Critical Infrastructure Protection 2011. LNCS, vol. 7130, p. 100. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-28920-0_6 CrossRefGoogle Scholar
  23. 23.
    Ravindra, S., Dayarathna, M.: Distributed Scaling of WSO2 Complex Event Processor, WSO2 (2015). http://wso2.com/library/articles/2015/12/article-distributed-scaling-of-wso2-complex-event-processor/. Accessed 05 May 2017
  24. 24.
    Sapegin, A., Gawron, M., Jaeger, D., Cheng, F., Meinel, C.: High-speed security analytics powered by in-memory machine learning engine. In: 14th International Symposium on Parallel and Distributed Computing, pp. 74–81 (2015)Google Scholar
  25. 25.
    Vasilomanolakis, E., Habib, S.M., Milaszewicz, P., Malik, R.S., Mühlhäuser, M.: Towards trust-aware collaborative intrusion detection: challenges and solutions. In: Steghöfer, J.-P., Esfandiari, B. (eds.) IFIPTM 2017. IAICT, vol. 505, pp. 94–109. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-59171-1_8 CrossRefGoogle Scholar
  26. 26.
    Viega, J., McGraw, G.: Building Secure Software: How to Avoid Security Problems the Right Way, pp. 96–97. Addison-Wesley, Boston (2002)Google Scholar
  27. 27.
    Wartel, R., Valsan, L.: Dealing with Cyberthreats a European perspective, NSF Cyber-security Summit (2015)Google Scholar
  28. 28.
    Ying, L: Hadoop on Lustre, Breakthrough Storage Performance, LUG (2014). http://cdn.opensfs.org/wp-content/uploads/2014/10/8-Hadoop_on_lustre-CLUG2014.pdf. Accessed 05 May 2017
  29. 29.
    https://onedata.org. Accessed 02 Nov 2017
  30. 30.
    Horizon 2020 PROTECTIVE project: deliverable D3.2: meta-alerts ranking and prioritisation mechanisms report, August 2017Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.IBCh PAS - Poznań Supercomputing and Networking Center (PSNC)PoznańPoland
  2. 2.Institute of Computing SciencePoznan University of TechnologyPoznańPoland

Personalised recommendations