1. Technical Field
The present invention relates generally to an improved data processing system, and in particular, to a method and apparatus for handling intrusions. Still more particularly, the present invention provides a method and apparatus for identifying the source of an intrusion into a network data processing system.
2. Description of Related Art
Network data processing systems are commonly used in all aspects of business and research. These networks are used for communicating data and ideas as well as providing a repository to store information. Further, in many cases the different nodes making up a network data processing system may be employed to process information. Individual nodes may have different tasks to perform. Additionally, it is becoming more common to have the different nodes work towards solving a common problem, such as a complex calculation. A set of nodes participating in a resource sharing scheme is also referred to as a “grid” or “grid network”. For example, nodes in a grid network may share processing resources to perform a complex computation, such as deciphering keys.
The nodes in a grid network may be contained within a network data processing system, such as a local area network (LAN) or a wide area network (WAN). These nodes also may be located in different geographically diverse locations. For example, different computers connected to the Internet may provide processing resources to a grid network. By applying the use of thousands of individual computers, large problems can be solved quickly. Grids are used in many areas, such as cancer research, physics, and geosciences. One problem with grids is that they are inherently vulnerable to network hacking because of the larger number of nodes typically present in grids.
Currently, hackers attack victim computers through a maze of network hops to mask the true location and identity of the source of the attacks. Typically, a hacker or other unauthorized user will take over one node and then from that node take over another node. This series of takeovers occurs until reaching a targeted victim. Current computer forensic methods may take months to track down a hacker if identifying a source is even possible. Therefore, it would be advantageous to have an improved method, apparatus, and computer instructions for identifying and tracking intrusions into nodes in a network data processing system, such as a grid.