Behavior Monitoring of a Process in a Computational Grid Using Hidden Markov Model

Shaik Naseera*
Department of Computer Science & Engineering, Sreenivasa Institute of Technology and Management Studies, Chittoor, A.P, India.
Periodicity:September - November'2013
DOI : https://doi.org/10.26634/jcom.1.3.2546

Abstract

Job outsourcing in grid computing generally face the problem of security threats and doubtful trustworthiness of remote resources. On the other hand, the scheduled processes at the remote host may exploit the given privileges and misuse the services of the remote host. We developed a monitoring system using Hidden Markov Model to detect such anomalous behavior of the processes at the remote host. The main objective of this paper is to build a monitoring system, a predictive model capable of discriminating between normal and abnormal behavior of a process in its run-time. The model is built with the parameters derived from the type of operations performed by the process. The monitoring system flags any observation that has a significant deviation from the observed model. The system is built using Hidden Markov Model (HMM) and the parameters are identified for building the monitoring system includes CPU-Limit, Memory-Limit, File- Limit, File-Size- Limit, Process-Limit etc. An HMM is initially trained with the normal flow of operations of a process. The incoming process operation is rejected when it is not accepted by the trained HMM with sufficiently high probability and also we extract the state sequence followed by the process in its run-time. From this state sequence, we determine the number of violations in resource access than permitted or allowed. At the same time we try to ensure that genuine processes are not rejected. The system is implemented in UNIX environment.

Keywords

Grid Resource Monitoring, Process Migration, Hidden Markov Model.

How to Cite this Article?

Naseera, S. (2013). Behavior Monitoring of a Process in a Computational Grid using Hidden Markov Model. i-manager’s Journal on Computer Science, 1(3), 22-30. https://doi.org/10.26634/jcom.1.3.2546

References

[1]. Daniel Minoly, (2004). “A Networking Approach to Grid Computing”, Wiley Publications, ISBN: 978-0-471- 68756-6, November 2004.
[2]. Herv'e Debar, Marc Dacier and Andreas Wespi, (1999). “Towards a Taxonomy of Intrusion Detection Systems”, Computer Networks, 31(8):805–822,April 1999.Elsevier Science, 1999.
[3]. H.S. Vaccaro, G.E. Liepins, (1989). “Detection of Anomalous Computer Session Activity”, In Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages 280–289, Oakland, California, 1–3May 1989.
[4]. Sandeep Kumar, (1995). “Classification and Detection of Computer Intrusions”, PhD thesis, Purdue University, West Lafayette, Indiana, August 1995.
[5]. Jai Sundar Balasubramaniyan, Jose Omar Garcia Fernandez, David Isaco, Eugene Spafford, Diego Zamboni, (1998). “An Architecture for Intrusion Detection Using Autonomous Agents”, In Proceedings of 14th annual computer security 1998.>
[6]. A. L. Prodromidis and S. J. Stolfo, (1999). “Agentbased distributed learning applied to fraud detection.” Technical Report CUCS-014-99, 1999.
[7]. Erik Ehmroth and Johan Tordsson, (2006). “A grid Resource Broker: Supporting advance Reservations and Benchmark-Based Resource Selection”, in State-of-theart in Scientific Computing, ser. LNCS. Springer-Verlag, Berlin, Germany, 2006, Vol. 3732, pp. 1061–1070.
[8]. Rena Hexon and Gruenbacher D.M, (2004). “Markov Chains in network intrusion detection”, In Workshop on information assurance, United states military academy, west point, Ny, 2004.
[9]. L. R. Rabiner, (1989). “A Tutorial on Hidden Markov Models and Selected Applications in Speech Recognition,” Proc. IEEE, Vol. 77, No. 2, pp. 257–285, Feb. 1989.
[10]. S.S. Joshi and V.V. Phoba, (2005). “Investigating Hidden Markov Models Capabilities in Anomaly Detection”, Proc. 43rd ACM Annual South East Regional Conference, Vol.1, pp. 98-103, 2005.
[11]. X.D. Hoang, J. Hu, and P. Bertok, (2003). “A Multi- Layer Model for Anomaly Intrusion Detection Using Program Sequences of System Calls”, In Proceedings of 11th IEEE International Conference on Networks, pp. 531- 536, 2003.
[12]. Abhinav Srivastava, Amlan Kundu, Shamik Sural, (2008). “Credit Card Fraud Detection Using Hidden Markov Model”, IEEE Transactions on Dependable and Secure Computing, pp. 37-48, Vol. 5 No. 1, January- March 2008.
[13]. T. Lane, (1999). “Hidden Markov Models for Human/ Computer Interface Modeling,” Proc. Int'l Joint Conf. Artificial Intelligence, Workshop Learning about Users, pp. 35-44, 1999.
[14]. Aisha Naseer and Lampros K. Stergioulas, (2006). “Resource discovery in Grids and Other Distributed Environments: States of the Art.”, Multi-agent and Grid Systems – An International Journal (2006) 163–182 163, IOS Press.
[15]. D. Ourston, S. Matzner, W. Stump, and B. Hopkins, (2003). “Applications of Hidden Markov Models to Detecting Multi-Stage Network Attacks,” Proc. 36th Ann. Hawaii Int'l Conf. System Sciences, Vol. 9, pp. 334-344, 2003.
[16]. S. Forrest, S. A. Hofmeyr, and A. Somayaji, (1998). “Intrusion detection using sequences of system calls”, Journal of Computer Security, Vol. 6, pp.151-180, 1998.
[17]. L.R. Rabiner and B.H. Juang, (1996). “An Introduction to Hidden Markov Models”, in IEEE ASSP Magazine, Jan 1996.
[18]. Klaus Krauter, Rajkumar Buyya, and Muthucumaru Maheswaran, (2000). “A taxonomy and Survey of Grid Resource Management Systems”, Technical Report, Manitoba and Monash Universities, 2000.
[19]. I. Foster, C.Kesselman and G. Tsudik, (1998). “The Security Architecture for Open Grid Services”, The 5th ACM Conference on Computer and Communications Security Conference, pp 83-92, 1998
[20]. S.J. Stolfo, D.W. Fan, W. Lee, A. Prodromidis, and P.K. Chan, (2000). “Cost-Based Modeling for Fraud and Intrusion Detection: Results from the JAM Project,” Proc. DARPA Information Survivability Conf. and Exposition, Vol. 2, pp. 130-144, 2000.
[21]. Rui Min and Muthucumaru Maheswaran, (2002). “Scheduling Co-reservations with priorities in grid Computing Systems ”, Proc. Of 2nd IEEE/ACM International symposium on cluster computing and the Grid, CCGRID, 2002.
[22]. Warren Smith, Ian Foster and Valerie Taylor, (2000). “Scheduling With Advanced Reservations”, Proc. of the Int. Parallel and Distributed Processing Symposium (IPDPS) Conf., Cancun, Mexico, 2000,127–132.
[23]. I. Foster, C. Kesselman, C. Lee, B. Lindell, K. Nahrstedt, and A. Raoy, (1999). “A Distributed resource management architecture that supports advanced reservation and co-allocation”, Seventh IEEE International Workshop on Quality of Service (IWQoS 99), May 1999.
[24]. W. Smith, I. Foster and V. Taylor, (2000). “Scheduling with advanced reservations”, International Parallel and Distributed Processing Symposium (IPDPS '00), May 2000.
[25]. Shaik Naseera, T. Vivekanandan and K.V. Madhumurthy, (2008). “Data replication using experience based trust in a data grid environment,” Springer verlag's LNCS, Vol. 5375, pp. 39-50x, 2008.
[26]. Shaik Naseera and K.V.Madhumurthy, (2009). “Agent Based Replica placement in a data grid,” in Proc. IEEE Int'l Conf. on Communicational Intelligence, Systems and networking (CICSYN), pp. 426-430, 2009.
[27]. Shaik Naseera and K.V.Madhumurthy, (2010). “Trust based load distribution in a grid environment,” International Journal of computer science & engineering, ISSN: 0975–3397 Vol. 2s, No.1, pp. 24-29, 2010.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.