With the growth in server traffic and component diversity in cloud systems, administrators face the increasingly onerous task of monitoring system activity. Failure to keep track of the contents of virtual servers can limit overall efficiency and create security risks for users. Prior work in software discovery attempted to address this problem by identifying applications based on file system activity. While some of these methods have claimed to be extensible to detection of specific versions of an application, version detection has yet to be demonstrated. In this paper, we propose version detection algorithms that operate on top of Praxi, an existing open-source software discovery tool. These algorithms introduce a rule-based component to differentiate between versions, whose file system footprints can appear very similar. We find that our best method achieves up to 99.9% accuracy in version detection experiments compared to Praxi's original 94% accuracy, albeit at the cost of increased runtime. This work confirms the feasibility of version detection in software discovery and provides a starting point for implementing this feature in software discovery tools.
{"title":"Version Detection for Software Discovery in the Cloud","authors":"Sadie L. Allen, Anthony Byrne, A. Coskun","doi":"10.1145/3429358.3429372","DOIUrl":"https://doi.org/10.1145/3429358.3429372","url":null,"abstract":"With the growth in server traffic and component diversity in cloud systems, administrators face the increasingly onerous task of monitoring system activity. Failure to keep track of the contents of virtual servers can limit overall efficiency and create security risks for users. Prior work in software discovery attempted to address this problem by identifying applications based on file system activity. While some of these methods have claimed to be extensible to detection of specific versions of an application, version detection has yet to be demonstrated. In this paper, we propose version detection algorithms that operate on top of Praxi, an existing open-source software discovery tool. These algorithms introduce a rule-based component to differentiate between versions, whose file system footprints can appear very similar. We find that our best method achieves up to 99.9% accuracy in version detection experiments compared to Praxi's original 94% accuracy, albeit at the cost of increased runtime. This work confirms the feasibility of version detection in software discovery and provides a starting point for implementing this feature in software discovery tools.","PeriodicalId":117044,"journal":{"name":"Proceedings of the 21st International Middleware Conference Demos and Posters","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128632892","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
There are more and more IoT devices that produce and consume and ever increasing amount of data. Publish-subscribe (Pub/Sub) is a well known paradigm that simplifies the task of exchanging messages, as it decouples the communication between the entities that emit and consume messages. While traditionally deployed in a centralized cloud-based manner, the different components of a pub/sub system can be deployed directly onto the edge devices, in a peer-to-peer manner, to achieve the required low latency for most IoT applications. In this poster, we propose DynPubSub, a new peer-to-peer network overlay for topic based pub/sub systems deployed at the edge. DynPubSub provides fault tolerance and scalability, and aims at minimizing the latency while respecting the constraints of the edge devices and networks.
{"title":"DynPubSub","authors":"Chamseddine Bouallegue, Julien Gascon-Samson","doi":"10.1145/3429358.3429373","DOIUrl":"https://doi.org/10.1145/3429358.3429373","url":null,"abstract":"There are more and more IoT devices that produce and consume and ever increasing amount of data. Publish-subscribe (Pub/Sub) is a well known paradigm that simplifies the task of exchanging messages, as it decouples the communication between the entities that emit and consume messages. While traditionally deployed in a centralized cloud-based manner, the different components of a pub/sub system can be deployed directly onto the edge devices, in a peer-to-peer manner, to achieve the required low latency for most IoT applications. In this poster, we propose DynPubSub, a new peer-to-peer network overlay for topic based pub/sub systems deployed at the edge. DynPubSub provides fault tolerance and scalability, and aims at minimizing the latency while respecting the constraints of the edge devices and networks.","PeriodicalId":117044,"journal":{"name":"Proceedings of the 21st International Middleware Conference Demos and Posters","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114342464","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Publish/subscribe (pub/sub) message brokers are typically operated with multiple tenants and multiple topics per tenant. Messages sent by a producer to a topic are received by consumers who subscribed to the same topic. In many applications, topic hierarchies are a desired property. This is especially the case for geospatial applications in which regions are composed of smaller-scale regions. However, most message brokers do not support hierarchies natively. HTABroker demonstrates how a light-weight processing function deployed to an extensible message broker overcomes this limitation for several geospatial index systems.
{"title":"Hierarchical Topic Aggregation for Geospatial Applications through Processing Extensions in Message Brokers","authors":"Josef Spillner","doi":"10.1145/3429358.3429370","DOIUrl":"https://doi.org/10.1145/3429358.3429370","url":null,"abstract":"Publish/subscribe (pub/sub) message brokers are typically operated with multiple tenants and multiple topics per tenant. Messages sent by a producer to a topic are received by consumers who subscribed to the same topic. In many applications, topic hierarchies are a desired property. This is especially the case for geospatial applications in which regions are composed of smaller-scale regions. However, most message brokers do not support hierarchies natively. HTABroker demonstrates how a light-weight processing function deployed to an extensible message broker overcomes this limitation for several geospatial index systems.","PeriodicalId":117044,"journal":{"name":"Proceedings of the 21st International Middleware Conference Demos and Posters","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133579402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ensuring the integrity of executable binaries is of vital importance to systems that run and depend on them. Additionally, supply-chain attacks and security related bugs demonstrate that binaries, once deployed, may need to be revoked and replaced with updated versions. Recently, blockchain ecosystems have garnered broad attention as middlewares for decentralised solutions to existing problems. Stengele et al. [4] presented a concept how the Ethereum blockchain and peer-to-peer network can be used to ensure the integrity of binaries with timely, accurate, and machine-readable revocations. In this work, we show this concept in practice with a user client implementation in Go and demonstrate how revocations and updates can reliably reach a user client within minutes. We show the client's ability to ensure the integrity of multiple binaries and continuously monitor the Ethereum blockchain for updates and revocations via an unmodified Ethereum client. We also examine the trust relations and trade-offs through our use case. Since the user client fully relies on an Ethereum client as a gateway, the latter's resilience against malicious actors is crucial to consider in a practical deployment.
{"title":"Practical Trade-Offs in Integrity Protection for Binaries via Ethereum","authors":"O. Stengele, Jan Droll, H. Hartenstein","doi":"10.1145/3429358.3429374","DOIUrl":"https://doi.org/10.1145/3429358.3429374","url":null,"abstract":"Ensuring the integrity of executable binaries is of vital importance to systems that run and depend on them. Additionally, supply-chain attacks and security related bugs demonstrate that binaries, once deployed, may need to be revoked and replaced with updated versions. Recently, blockchain ecosystems have garnered broad attention as middlewares for decentralised solutions to existing problems. Stengele et al. [4] presented a concept how the Ethereum blockchain and peer-to-peer network can be used to ensure the integrity of binaries with timely, accurate, and machine-readable revocations. In this work, we show this concept in practice with a user client implementation in Go and demonstrate how revocations and updates can reliably reach a user client within minutes. We show the client's ability to ensure the integrity of multiple binaries and continuously monitor the Ethereum blockchain for updates and revocations via an unmodified Ethereum client. We also examine the trust relations and trade-offs through our use case. Since the user client fully relies on an Ethereum client as a gateway, the latter's resilience against malicious actors is crucial to consider in a practical deployment.","PeriodicalId":117044,"journal":{"name":"Proceedings of the 21st International Middleware Conference Demos and Posters","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132903145","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Panagiotis Gkikopoulos, C. Mateos, Josef Spillner, A. Teyseyre
We demonstrate the capabilities of the Microservice Artefact Observatory (MAO), a federated software quality assessment middleware. MAO's extensible assessment tools continuously scan for quality flaws, defects and inconsistencies in microservice artefacts and observe runtime behaviour. The federation reduces bias and also increases the resilience and overcomes per-site failures, leading to a single, merged timeline of software quality. Already serving concurrently by n = 3 observant operators in Argentina and Switzerland, the federation is designed to become a community-wide consensus voting-based ground truth repository with query interfaces for large-scale software quality and evolution insights. These insights can be exploited for excluding buggy software before or after deployment, for optimised resource allocation, and further software management tasks.
{"title":"Given 2n Eyeballs, All Quality Flaws Are Shallow","authors":"Panagiotis Gkikopoulos, C. Mateos, Josef Spillner, A. Teyseyre","doi":"10.1145/3429358.3429371","DOIUrl":"https://doi.org/10.1145/3429358.3429371","url":null,"abstract":"We demonstrate the capabilities of the Microservice Artefact Observatory (MAO), a federated software quality assessment middleware. MAO's extensible assessment tools continuously scan for quality flaws, defects and inconsistencies in microservice artefacts and observe runtime behaviour. The federation reduces bias and also increases the resilience and overcomes per-site failures, leading to a single, merged timeline of software quality. Already serving concurrently by n = 3 observant operators in Argentina and Switzerland, the federation is designed to become a community-wide consensus voting-based ground truth repository with query interfaces for large-scale software quality and evolution insights. These insights can be exploited for excluding buggy software before or after deployment, for optimised resource allocation, and further software management tasks.","PeriodicalId":117044,"journal":{"name":"Proceedings of the 21st International Middleware Conference Demos and Posters","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114912644","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: