Cluster Security as an Emergent Property
Cluster computing has provided a path to supercomputing for the masses due to its incredible performance/price ratio, a small investment in commodity components can be grown incrementally to approach the cycle performance of a vector machine costing order(s) of magnitude more. Some even predict that in the near future everyone will have their own personal cluster for continuous background transactions on their behalf such as entertainment, purchasing, sending messages, gathering information, etc... However, even as clusters are being ubiquitously deployed, they are also difficult to manage. This management difficulty is only amplified as clusters grow in size from tens of nodes to thousands of nodes.

NCSA is uniquely qualified to perform this research due its dynamic variety, size, and critical mass of clusters. NCSA is a pioneer in the area of cluster design and deployment. NCSA has more than 30 teraflops of computing power, making it the single largest facility serving open scientific research in the world including Tungsten (2nd most powerful cluster and 5th fastest supercomputer in the world) and Mercury (a cluster that is the largest computational resource on the Teragrid). A founding member of the Open Cluster Group and the Gelato Federation, NCSA is working in partnership with other institutions to develop software (e.g. OSCAR and OSCAR Gold) that greatly simplifies the task of installing and running clusters that are compatible with large-scale production systems. A key component of this work is cluster security.

Security is core to cluster management but there has been little or no work on cluster security prior to this project (this project was funded as a separate TRECC project in March 2003 although some work predates this funding). The Spring 2004 attacks on HPC computer centers worldwide showed that cluster security is not just of theoretical interest but attacks on clusters present real and present danger with significant consequences. For instance, clusters, whether in the role as an institutional supercomputer or joined together in grid computing, are currently the largest single investment NSF makes in high performance computing.

While we leave the technical details of our cluster security monitoring techniques to our research papers (see publications link below), we want to emphasize the over-riding vision we feel we have achieved: viewing a cluster as single cohesive unit instead of a massive collection of individual machines. When viewed as a whole, a cluster exhibits emergent security properties not found within its constituent components. This insight allows us to scale our security techniques to large clusters by leveraging inherent human visual processing abilities as well as adapting existing cluster monitoring techniques and enterprise security techniques to the unique cluster computing environment.

Our plans for Year 2 NCASSR funding include the following tasks:

* develop a cluster process monitor
* develop a cluster file integrity monitor
* develop a cluster port scanning monitor
* develop a cluster privilege escalation monitor
* integrate all monitors within the NVisionCC visualization framework
 
Project Leads
Bill Yurcik, NCSA
Greg Pluta, NCSA

Return to Projects list


The National Center for Advanced Secure Systems Research NCASSR) at the University of Illinois at Urbana-Champaign (UIUC) is a multi-institutional cybersecurity research team. NCASSR focuses basic and applied research necessary to develop next generation information security technologies that address national cybersecurity needs. NCASSR is led by the National Center for Supercomputing Applications (NCSA) and supported by funding from the Office of Naval Research (ONR).


SELS 0.7 released
Secure Email List Services (SELS) is an open source software for creating and developing secure email list services among user communities.
 
Strong community engagement strengthens cybersecurity research and development
NCASSR-supported exploratory research at NCSA and elsewhere has sparked additional external funding and development opportunities as well as successful deployment and adoption by users ranging from the defense sector to state law enforcement to the utilities industry.
 
NCASSR Collaborator Goes To Washington
Carl Gunter, a professor in the University of Illinois Department of Computer Science and a project lead on NCASSR-supported work involving adaptive, secure messaging, recently spoke to an audience of congressional staffers and lobbyists on Capitol Hill regarding ways to address a variety of critical cybersecurity issues in areas such as healthcare and energy distribution.