IEEE 23- Dynamic detection and tolerance of attacks in Storage Area Networks


Due to the increasing amount of data handled by business
applications and the need of an easy way to access
data by multiple servers, Storage Area Networks (SANs)
have been proposed as a solution to be deployed in enterprises
networks. Despite their advantages, a set of security
issues are related to these next generation high speed network
architectures and that may be a threat to the performance
and the availability of such networks. In this paper,
we propose an intrusion detection and tolerance system that
ensures protection of the SANs against attacks. The proposed
solution is based on: a) the management of two areas
(virtual area and protected area) at each storage node; b)
the cooperation of detection modules running on each SAN
component; and c) the use of distributed set of rules that are
updated and managed in a secure manner. A case study is
given to illustrate the proposed system capabilities in terms
of intrusion detection and tolerance.