Pub Date : 2020-06-01DOI: 10.48550/arXiv.2204.06652
Hanlin Lu, Changchang Liu, Shiqiang Wang, T. He, V. Narayanan, Kevin S. Chan, Stephen Pasteris
Coresets are small, weighted summaries of larger datasets, aiming at providing provable error bounds for machine learning (ML) tasks while significantly reducing the communication and computation costs. To achieve a better trade-off between ML error bounds and costs, we propose the first framework to incorporate quantization techniques into the process of coreset construction. Specifically, we theoretically analyze the ML error bounds caused by a combination of coreset construction and quantization. Based on that, we formulate an optimization problem to minimize the ML error under a fixed budget of communication cost. To improve the scalability for large datasets, we identify two proxies of the original objective function, for which efficient algorithms are developed. For the case of data on multiple nodes, we further design a novel algorithm to allocate the communication budget to the nodes while minimizing the overall ML error. Through extensive experiments on multiple real-world datasets, we demonstrate the effectiveness and efficiency of our proposed algorithms for a variety of ML tasks. In particular, our algorithms have achieved more than 90% data reduction with less than 10% degradation in ML performance in most cases.
{"title":"Joint Coreset Construction and Quantization for Distributed Machine Learning","authors":"Hanlin Lu, Changchang Liu, Shiqiang Wang, T. He, V. Narayanan, Kevin S. Chan, Stephen Pasteris","doi":"10.48550/arXiv.2204.06652","DOIUrl":"https://doi.org/10.48550/arXiv.2204.06652","url":null,"abstract":"Coresets are small, weighted summaries of larger datasets, aiming at providing provable error bounds for machine learning (ML) tasks while significantly reducing the communication and computation costs. To achieve a better trade-off between ML error bounds and costs, we propose the first framework to incorporate quantization techniques into the process of coreset construction. Specifically, we theoretically analyze the ML error bounds caused by a combination of coreset construction and quantization. Based on that, we formulate an optimization problem to minimize the ML error under a fixed budget of communication cost. To improve the scalability for large datasets, we identify two proxies of the original objective function, for which efficient algorithms are developed. For the case of data on multiple nodes, we further design a novel algorithm to allocate the communication budget to the nodes while minimizing the overall ML error. Through extensive experiments on multiple real-world datasets, we demonstrate the effectiveness and efficiency of our proposed algorithms for a variety of ML tasks. In particular, our algorithms have achieved more than 90% data reduction with less than 10% degradation in ML performance in most cases.","PeriodicalId":231191,"journal":{"name":"2020 IFIP Networking Conference (Networking)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122227166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Getoar Gallopeni, B. Rodrigues, M. Franco, B. Stiller
Distributed Denial-of-Service (DDoS) attacks are one of the biggest threats to the availability of Internet services. Behind these attacks are Botnets, such as Mirai, which exploits default and weak security credentials to take control of the host and spreads itself to other devices. This paper demonstrates a Mirai traffic analysis based on on DNS heavy-hitters streams and Mirai scanning patterns by simulating an attack and the extraction of traffic data. The Mirai Command-and-Control (CnC) traffic as well as its scanning traffic are analyzed in a local Testbed composed of six ASUS Tinker Board devices (RaspberryPi like devices) cluster nodes and a MikroTik’s RouterOS to route traffic in different internal networks. In addition to the analysis of traffic flow patterns a real-time mitigation is demonstrated in the experiments.
{"title":"A Practical Analysis on Mirai Botnet Traffic","authors":"Getoar Gallopeni, B. Rodrigues, M. Franco, B. Stiller","doi":"10.5281/ZENODO.3966899","DOIUrl":"https://doi.org/10.5281/ZENODO.3966899","url":null,"abstract":"Distributed Denial-of-Service (DDoS) attacks are one of the biggest threats to the availability of Internet services. Behind these attacks are Botnets, such as Mirai, which exploits default and weak security credentials to take control of the host and spreads itself to other devices. This paper demonstrates a Mirai traffic analysis based on on DNS heavy-hitters streams and Mirai scanning patterns by simulating an attack and the extraction of traffic data. The Mirai Command-and-Control (CnC) traffic as well as its scanning traffic are analyzed in a local Testbed composed of six ASUS Tinker Board devices (RaspberryPi like devices) cluster nodes and a MikroTik’s RouterOS to route traffic in different internal networks. In addition to the analysis of traffic flow patterns a real-time mitigation is demonstrated in the experiments.","PeriodicalId":231191,"journal":{"name":"2020 IFIP Networking Conference (Networking)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128799976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
O. Fonseca, Ítalo F. S. Cunha, E. Fazzion, Brivaldo Junior, R. Ferreira, Ethan Katz-Bassett
The lack of authentication in the Internet’s data plane allows hosts to falsify (spoof) the source IP address in packet headers, which forms the basis for amplification denialof-service (DoS) attacks. Current approaches to locate sources of spoofed traffic lack coverage or are not deployable today. We propose a mechanism that a network with multiple peering links can use to coarsely locate the sources of spoofed traffic in the Internet. More precisely, the network can monitor and map spoofed traffic arriving on a peering link to the set of sources routed toward that link. We propose mechanisms the network can use to systematically vary BGP announcement configurations to induce changes to Internet routes and to the set of sources routed to each peering link. A network using our technique can correlate observations over multiple configurations to more precisely delineate regions sending spoofed traffic. Evaluation of our techniques on the Internet shows that they can partition the Internet into small regions, allowing targeted intervention.
{"title":"Tracking Down Sources of Spoofed IP Packets","authors":"O. Fonseca, Ítalo F. S. Cunha, E. Fazzion, Brivaldo Junior, R. Ferreira, Ethan Katz-Bassett","doi":"10.1145/3360468.3368175","DOIUrl":"https://doi.org/10.1145/3360468.3368175","url":null,"abstract":"The lack of authentication in the Internet’s data plane allows hosts to falsify (spoof) the source IP address in packet headers, which forms the basis for amplification denialof-service (DoS) attacks. Current approaches to locate sources of spoofed traffic lack coverage or are not deployable today. We propose a mechanism that a network with multiple peering links can use to coarsely locate the sources of spoofed traffic in the Internet. More precisely, the network can monitor and map spoofed traffic arriving on a peering link to the set of sources routed toward that link. We propose mechanisms the network can use to systematically vary BGP announcement configurations to induce changes to Internet routes and to the set of sources routed to each peering link. A network using our technique can correlate observations over multiple configurations to more precisely delineate regions sending spoofed traffic. Evaluation of our techniques on the Internet shows that they can partition the Internet into small regions, allowing targeted intervention.","PeriodicalId":231191,"journal":{"name":"2020 IFIP Networking Conference (Networking)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115829003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: