A performance-based grid intrusion detection system

Distributed denial-of-service (DDoS) and denial-of-service (DoS) are the most dreadful network threats in recent years. In this paper, we propose a grid-based IDS, called performance-based grid intrusion detection system (PGIDS), which exploits grid´s abundant computing resources to detect enormous intrusion packets and improve the drawbacks of traditional IDSs which suffer from losing their detection effectiveness and capability when processing massive network traffic. For balancing detection load and accelerating the performance of allocating detection node (DN), we use exponential average to predict network traffic and then assign the collected actual traffic to the most suitable DN. In addition, score subtraction algorithm (SSA) and score addition algorithm (SAA) are deployed to update and reflect the current performance of a DN. PGIDS detects not only DoS/DDoS attacks but also logical attacks. Experimental results show that PGIDS is truly an outstanding system in detecting attacks.