D. Anantha, B. Ramamurthy, B. Bockelman, D. Swanson
{"title":"Identifying Anomalies in GridFTP transfers for Data-Intensive Science through Application-Awareness","authors":"D. Anantha, B. Ramamurthy, B. Bockelman, D. Swanson","doi":"10.1145/3180465.3180469","DOIUrl":null,"url":null,"abstract":"Network anomaly detection systems can be used to identify anomalous transfers or threats, which, when undetected, can trigger large-scale malicious events. Data-intensive science projects rely on high-throughput computing and high-speed networking resources for data analysis and processing. In this paper, we propose an anomaly detection framework and architecture for identifying anomalies in GridFTP transfers. Application-awareness plays an important role in our proposed architecture and is used to communicate GridFTP application metadata to the machine learning and anomaly detection system. We demonstrate the effectiveness of our architecture by evaluating the framework with a real-world, large-scale dataset of GridFTP transfers. Preliminary results show that our framework can be used to develop novel anomaly detection services with diverse feature sets for distributed and data-intensive projects.","PeriodicalId":20513,"journal":{"name":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","volume":"84 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2018-03-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3180465.3180469","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Network anomaly detection systems can be used to identify anomalous transfers or threats, which, when undetected, can trigger large-scale malicious events. Data-intensive science projects rely on high-throughput computing and high-speed networking resources for data analysis and processing. In this paper, we propose an anomaly detection framework and architecture for identifying anomalies in GridFTP transfers. Application-awareness plays an important role in our proposed architecture and is used to communicate GridFTP application metadata to the machine learning and anomaly detection system. We demonstrate the effectiveness of our architecture by evaluating the framework with a real-world, large-scale dataset of GridFTP transfers. Preliminary results show that our framework can be used to develop novel anomaly detection services with diverse feature sets for distributed and data-intensive projects.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
