HPC2M: SCALABLE HPC CONTINUOUS MONITORING FOR REAL-TIME RISK ASSESSMENT USING DISTRIBUTED BAYESIAN ATTACK GRAPH
Continuous monitoring capability is mandatory in FISAM and NIST Cybersecurity Framework specified in NIST SP 800-53 v4 in 2018. Despite substantial work has been proposed for continuous monitoring in the desktop network, e.g., Ipost, many shortcomings have not well addressed for HPC system. Infobeyond advocates HPC2M to address the technical challenges of continuous monitoring of large-scale HPC networks for cybersecurity. By using Bayesian attack graph (BAG), the proposed HPC2M system is designed as software to perform collection, aggregation, analysis, and presentation of security-related data of the large-scale HPC network for real-time risk assessment. Innovatively, HPC2M is deployed in a distributed network to generate and update the partial BAG of the sub-network and they are merged at a central point to generate the BAG of the entire HPC network. Quantitative risk metrics are calculated and visualized to enable in-depth awareness of cybersecurity of entire HPC system. We have developed the HPC2M algorithms and integrated them as a software tool using real-world security data. In addition, we have conducted extensive experiments and case studies to verify the security continuous monitoring capability and the tool is installed in our real Company network.
- Research Organization:
- InfoBeyond Technology LLC
- Sponsoring Organization:
- USDOE Office of Science (SC)
- DOE Contract Number:
- SC0018478
- OSTI ID:
- 1493755
- Type / Phase:
- SBIR (Phase I)
- Report Number(s):
- DOE-InfoBeyond-SC0018478; 5023710907
- Country of Publication:
- United States
- Language:
- English
Similar Records
Enabling Intelligent Security Assessment for HPC Systems via Automated Learning and Data Analytics
Large-Scale Intelligent Intrusion Detection System