首页 > 最新文献

2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)最新文献

英文 中文
PULP: Achieving Privacy and Utility Trade-Off in User Mobility Data 在用户移动数据中实现隐私和效用的权衡
Pub Date : 2017-09-27 DOI: 10.1109/SRDS.2017.25
Sophie Cerf, Vincent Primault, A. Boutet, Sonia Ben Mokhtar, R. Birke, S. Bouchenak, L. Chen, N. Marchand, B. Robu
Leveraging location information in location-based services leads to improving service utility through geocontextualization. However, this raises privacy concerns as new knowledge can be inferred from location records, such as user's home and work places, or personal habits. Although Location Privacy Protection Mechanisms (LPPMs) provide a means to tackle this problem, they often require manual configuration posing significant challenges to service providers and users. Moreover, their impact on data privacy and utility is seldom assessed. In this paper, we present PULP, a model-driven system which automatically provides user-specific privacy protection and contributes to service utility via choosing adequate LPPM and configuring it. At the heart of PULP is nonlinear models that can capture the complex dependency of data privacy and utility for each individual user under given LPPM considered, i.e., Geo-Indistinguishability and Promesse. According to users' preferences on privacy and utility, PULP efficiently recommends suitable LPPM and corresponding configuration. We evaluate the accuracy of PULP's models and its effectiveness to achieve the privacy-utility trade-off per user, using four real-world mobility traces of 770 users in total. Our extensive experimentation shows that PULP ensures the contribution to location service while adhering to privacy constraints for a great percentage of users, and is orders of magnitude faster than non-model based alternatives.
在基于位置的服务中利用位置信息可以通过地理环境化来改进服务效用。然而,这引起了隐私问题,因为新的知识可以从位置记录推断出来,比如用户的家庭和工作地点,或者个人习惯。尽管位置隐私保护机制(LPPMs)提供了一种解决此问题的方法,但它们通常需要手动配置,这对服务提供商和用户构成了重大挑战。此外,它们对数据隐私和效用的影响很少被评估。在本文中,我们提出了一个模型驱动的系统PULP,该系统通过选择适当的LPPM和配置来自动提供特定于用户的隐私保护,并有助于服务效用。PULP的核心是非线性模型,它可以捕获给定LPPM下每个用户的数据隐私和实用程序的复杂依赖关系,即地理不可分辨性和承诺。PULP根据用户对隐私和实用性的偏好,高效地推荐合适的LPPM和相应的配置。我们使用总共770个用户的四个真实移动跟踪来评估PULP模型的准确性及其实现每个用户隐私-效用权衡的有效性。我们广泛的实验表明,PULP保证了对位置服务的贡献,同时遵守了很大比例用户的隐私约束,并且比非基于模型的替代方案快几个数量级。
{"title":"PULP: Achieving Privacy and Utility Trade-Off in User Mobility Data","authors":"Sophie Cerf, Vincent Primault, A. Boutet, Sonia Ben Mokhtar, R. Birke, S. Bouchenak, L. Chen, N. Marchand, B. Robu","doi":"10.1109/SRDS.2017.25","DOIUrl":"https://doi.org/10.1109/SRDS.2017.25","url":null,"abstract":"Leveraging location information in location-based services leads to improving service utility through geocontextualization. However, this raises privacy concerns as new knowledge can be inferred from location records, such as user's home and work places, or personal habits. Although Location Privacy Protection Mechanisms (LPPMs) provide a means to tackle this problem, they often require manual configuration posing significant challenges to service providers and users. Moreover, their impact on data privacy and utility is seldom assessed. In this paper, we present PULP, a model-driven system which automatically provides user-specific privacy protection and contributes to service utility via choosing adequate LPPM and configuring it. At the heart of PULP is nonlinear models that can capture the complex dependency of data privacy and utility for each individual user under given LPPM considered, i.e., Geo-Indistinguishability and Promesse. According to users' preferences on privacy and utility, PULP efficiently recommends suitable LPPM and corresponding configuration. We evaluate the accuracy of PULP's models and its effectiveness to achieve the privacy-utility trade-off per user, using four real-world mobility traces of 770 users in total. Our extensive experimentation shows that PULP ensures the contribution to location service while adhering to privacy constraints for a great percentage of users, and is orders of magnitude faster than non-model based alternatives.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"1 1","pages":"164-173"},"PeriodicalIF":0.0,"publicationDate":"2017-09-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82720834","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
On Availability for Blockchain-Based Systems 关于基于区块链系统的可用性
Pub Date : 2017-09-26 DOI: 10.1109/SRDS.2017.15
I. Weber, V. Gramoli, A. Ponomarev, M. Staples, Ralph Holz, An Binh Tran, Paul Rimba
Blockchain has recently gained momentum. Startups, enterprises, banks, and government agencies around the world are exploring the use of blockchain for broad applications including public registries, supply chains, health records, and voting. Dependability properties, like availability, are critical for many of these applications, but the guarantees offered by the blockchain technology remain unclear, especially from an application perspective. In this paper, we identify the availability limitations of two mainstream blockchains, Ethereum and Bitcoin. We demonstrate that while read availability of blockchains is typically high, write availability - for transaction management - is actually low. For Ethereum, we collected 6 million transactions over a period of 97 days. First, we measured the time for transactions to commit as required by the applications. Second, we observed that some transactions never commit, due to the inherent blockchain design. Third and perhaps even more dramatically, we identify the consequences of the lack of built-in options for explicit abort or retry that can maintain the application in an uncertain state, where transactions remain pending (neither aborted nor committed) for an unknown duration. Finally we propose techniques to mitigate the availability limitations of existing blockchains, and experimentally test the efficacy of these techniques.
区块链最近势头强劲。世界各地的初创公司、企业、银行和政府机构都在探索区块链的广泛应用,包括公共注册、供应链、健康记录和投票。可靠性属性,如可用性,对许多这些应用程序至关重要,但区块链技术提供的保证仍然不清楚,特别是从应用程序的角度来看。在本文中,我们确定了两种主流区块链,以太坊和比特币的可用性限制。我们证明,虽然区块链的读可用性通常很高,但写可用性(用于事务管理)实际上很低。对于以太坊,我们在97天内收集了600万笔交易。首先,我们根据应用程序的要求测量事务提交的时间。其次,我们观察到,由于固有的区块链设计,一些交易从未提交。第三,也许是更引人注目的,我们确定了缺乏显式中止或重试的内置选项的后果,这些选项可能使应用程序处于不确定状态,在这种状态下,事务在未知的持续时间内保持挂起(既不中止也不提交)。最后,我们提出了减轻现有区块链可用性限制的技术,并通过实验测试了这些技术的有效性。
{"title":"On Availability for Blockchain-Based Systems","authors":"I. Weber, V. Gramoli, A. Ponomarev, M. Staples, Ralph Holz, An Binh Tran, Paul Rimba","doi":"10.1109/SRDS.2017.15","DOIUrl":"https://doi.org/10.1109/SRDS.2017.15","url":null,"abstract":"Blockchain has recently gained momentum. Startups, enterprises, banks, and government agencies around the world are exploring the use of blockchain for broad applications including public registries, supply chains, health records, and voting. Dependability properties, like availability, are critical for many of these applications, but the guarantees offered by the blockchain technology remain unclear, especially from an application perspective. In this paper, we identify the availability limitations of two mainstream blockchains, Ethereum and Bitcoin. We demonstrate that while read availability of blockchains is typically high, write availability - for transaction management - is actually low. For Ethereum, we collected 6 million transactions over a period of 97 days. First, we measured the time for transactions to commit as required by the applications. Second, we observed that some transactions never commit, due to the inherent blockchain design. Third and perhaps even more dramatically, we identify the consequences of the lack of built-in options for explicit abort or retry that can maintain the application in an uncertain state, where transactions remain pending (neither aborted nor committed) for an unknown duration. Finally we propose techniques to mitigate the availability limitations of existing blockchains, and experimentally test the efficacy of these techniques.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"45 1","pages":"64-73"},"PeriodicalIF":0.0,"publicationDate":"2017-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87899882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 137
Fault-Tolerant Pattern Formation by Multiple Robots: A Learning Approach 多机器人的容错模式形成:一种学习方法
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.42
Jia Wang, Jiannong Cao, Shan Jiang
In the field of multi-robot system, the problem of pattern formation has attracted considerable attention. However, the faulty sensor input of each robot is crucial for such system to act reliably in practice. Existing works focus on assuming certain noise model and reducing the noise impact. In this work, we propose to use a learning-based method to overcome this kind of barrier. By interacting with the environment, each robot learns to adapt its behavior to eliminate the malfunctions in the sensors and the actuators. Moreover, we plan to evaluate the proposed algorithms by deploying it into the multi-robot platform developed in our research lab
在多机器人系统领域中,模式形成问题引起了广泛的关注。然而,每个机器人的故障传感器输入对该系统在实践中可靠运行至关重要。现有的工作重点是假设一定的噪声模型,减少噪声的影响。在这项工作中,我们建议使用基于学习的方法来克服这种障碍。通过与环境的互动,每个机器人学会调整自己的行为,以消除传感器和执行器的故障。此外,我们计划通过将其部署到我们研究实验室开发的多机器人平台来评估所提出的算法
{"title":"Fault-Tolerant Pattern Formation by Multiple Robots: A Learning Approach","authors":"Jia Wang, Jiannong Cao, Shan Jiang","doi":"10.1109/SRDS.2017.42","DOIUrl":"https://doi.org/10.1109/SRDS.2017.42","url":null,"abstract":"In the field of multi-robot system, the problem of pattern formation has attracted considerable attention. However, the faulty sensor input of each robot is crucial for such system to act reliably in practice. Existing works focus on assuming certain noise model and reducing the noise impact. In this work, we propose to use a learning-based method to overcome this kind of barrier. By interacting with the environment, each robot learns to adapt its behavior to eliminate the malfunctions in the sensors and the actuators. Moreover, we plan to evaluate the proposed algorithms by deploying it into the multi-robot platform developed in our research lab","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"56 1","pages":"268-269"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77433726","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Performance Modeling of PBFT Consensus Process for Permissioned Blockchain Network (Hyperledger Fabric) 许可区块链网络(Hyperledger Fabric) PBFT共识过程的性能建模
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.36
H. Sukhwani, J. M. Martínez, Xiaolin Chang, Kishor S. Trivedi, A. Rindos
While Blockchain network brings tremendous benefits, there are concerns whether their performance would match up with the mainstream IT systems. This paper aims to investigate whether the consensus process using Practical Byzantine Fault Tolerance (PBFT) could be a performance bottleneck for networks with a large number of peers. We model the PBFT consensus process using Stochastic Reward Nets (SRN) to compute the mean time to complete consensus for networks up to 100 peers. We create a blockchain network using IBM Bluemix service, running a production-grade IoT application and use the data to parameterize and validate our models. We also conduct sensitivity analysis over a variety of system parameters and examine the performance of larger networks
虽然区块链网络带来了巨大的好处,但人们担心它们的性能是否能与主流IT系统相匹配。本文旨在研究使用实用拜占庭容错(PBFT)的共识过程是否会成为具有大量对等节点的网络的性能瓶颈。我们使用随机奖励网络(SRN)对PBFT共识过程进行建模,以计算多达100个节点的网络完成共识的平均时间。我们使用IBM Bluemix服务创建区块链网络,运行生产级物联网应用程序,并使用数据参数化和验证我们的模型。我们还对各种系统参数进行敏感性分析,并检查大型网络的性能
{"title":"Performance Modeling of PBFT Consensus Process for Permissioned Blockchain Network (Hyperledger Fabric)","authors":"H. Sukhwani, J. M. Martínez, Xiaolin Chang, Kishor S. Trivedi, A. Rindos","doi":"10.1109/SRDS.2017.36","DOIUrl":"https://doi.org/10.1109/SRDS.2017.36","url":null,"abstract":"While Blockchain network brings tremendous benefits, there are concerns whether their performance would match up with the mainstream IT systems. This paper aims to investigate whether the consensus process using Practical Byzantine Fault Tolerance (PBFT) could be a performance bottleneck for networks with a large number of peers. We model the PBFT consensus process using Stochastic Reward Nets (SRN) to compute the mean time to complete consensus for networks up to 100 peers. We create a blockchain network using IBM Bluemix service, running a production-grade IoT application and use the data to parameterize and validate our models. We also conduct sensitivity analysis over a variety of system parameters and examine the performance of larger networks","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"107 1","pages":"253-255"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74218686","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 279
AutoFlowLeaker: Circumventing Web Censorship through Automation Services AutoFlowLeaker:通过自动化服务规避网络审查
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.30
Shengtuo Hu, Xiaobo Ma, Muhui Jiang, Xiapu Luo, M. Au
By hiding messages inside existing network protocols, anti-censorship tools could empower censored users to visit blocked websites. However, existing solutions generally suffer from two limitations. First, they usually need the support of ISP or the deployment of many customized hosts to conceal the communication between censored users and blocked websites. Second, their manipulations of normal network traffic may result in detectable features, which could be captured by the censorship system. In this paper, to tackle these limitations, we propose a novel framework that exploits the publicly available automation services and the plenty of web services and contents to circumvent web censorship, and realize it in a practical tool named AutoFlowLeaker. Moreover, we conduct extensive experiments to evaluate AutoFlowLeaker, and the results show that it has promising performance and can effectively evade realworld web censorship.
通过在现有的网络协议中隐藏信息,反审查工具可以授权被审查的用户访问被封锁的网站。然而,现有的解决方案通常有两个限制。首先,他们通常需要ISP的支持或部署许多定制主机来隐藏被审查用户和被封锁网站之间的通信。其次,他们对正常网络流量的操纵可能会产生可检测的特征,这些特征可能会被审查系统捕获。在本文中,为了解决这些限制,我们提出了一个新的框架,利用公开可用的自动化服务和大量的网络服务和内容来规避网络审查,并在一个名为AutoFlowLeaker的实用工具中实现它。此外,我们进行了大量的实验来评估AutoFlowLeaker,结果表明它具有良好的性能,可以有效地逃避现实世界的网络审查。
{"title":"AutoFlowLeaker: Circumventing Web Censorship through Automation Services","authors":"Shengtuo Hu, Xiaobo Ma, Muhui Jiang, Xiapu Luo, M. Au","doi":"10.1109/SRDS.2017.30","DOIUrl":"https://doi.org/10.1109/SRDS.2017.30","url":null,"abstract":"By hiding messages inside existing network protocols, anti-censorship tools could empower censored users to visit blocked websites. However, existing solutions generally suffer from two limitations. First, they usually need the support of ISP or the deployment of many customized hosts to conceal the communication between censored users and blocked websites. Second, their manipulations of normal network traffic may result in detectable features, which could be captured by the censorship system. In this paper, to tackle these limitations, we propose a novel framework that exploits the publicly available automation services and the plenty of web services and contents to circumvent web censorship, and realize it in a practical tool named AutoFlowLeaker. Moreover, we conduct extensive experiments to evaluate AutoFlowLeaker, and the results show that it has promising performance and can effectively evade realworld web censorship.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"35 1","pages":"214-223"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89476600","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
PITR: An Efficient Single-Failure Recovery Scheme for PIT-Coded Cloud Storage Systems PITR:用于PITR编码云存储系统的高效单故障恢复方案
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.38
Peng Li, Jiaxiang Dong, Xueda Liu, G. Wang, Zhongwei Li, X. Liu
In cloud storage systems, the use of erasure coding results in high read latency and long recovery time when drive or node failure happens. In this paper, we design a parity independent array codes (PIT), a variation of STAR code, which is triple fault tolerant and nearly space-optimal, and also propose an efficient single-failure recovery scheme (PITR) for them to mitigate the problem. In addition, we present a "shortened" version of PIT (SPIT) to further reduce the recovery cost. In this way, less disk I/O and network resources are used, thereby reducing the recovery time and achieving a high system reliability and availability.
在云存储系统中,当硬盘或节点发生故障时,使用erasure编码会导致读取延迟高,恢复时间长。在本文中,我们设计了一种奇偶无关阵列码(PIT),它是STAR码的一种变体,具有三重容错性和接近空间最优性,并提出了一种有效的单故障恢复方案(PITR)来缓解这一问题。此外,我们提出了一个“缩短”版本的PIT (SPIT),以进一步降低回收成本。这样可以减少磁盘I/O和网络资源的使用,从而减少恢复时间,提高系统的可靠性和可用性。
{"title":"PITR: An Efficient Single-Failure Recovery Scheme for PIT-Coded Cloud Storage Systems","authors":"Peng Li, Jiaxiang Dong, Xueda Liu, G. Wang, Zhongwei Li, X. Liu","doi":"10.1109/SRDS.2017.38","DOIUrl":"https://doi.org/10.1109/SRDS.2017.38","url":null,"abstract":"In cloud storage systems, the use of erasure coding results in high read latency and long recovery time when drive or node failure happens. In this paper, we design a parity independent array codes (PIT), a variation of STAR code, which is triple fault tolerant and nearly space-optimal, and also propose an efficient single-failure recovery scheme (PITR) for them to mitigate the problem. In addition, we present a \"shortened\" version of PIT (SPIT) to further reduce the recovery cost. In this way, less disk I/O and network resources are used, thereby reducing the recovery time and achieving a high system reliability and availability.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"43 1","pages":"259-261"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89083723","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
An Unsupervised Multi-Detector Approach for Identifying Malicious Lateral Movement 一种无监督多检测器的恶意横向移动识别方法
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.31
Atul Bohara, Mohammad A. Noureddine, Ahmed M. Fawaz, W. Sanders
Lateral movement-based attacks are increasingly leading to compromises in large private and government networks, often resulting in information exfiltration or service disruption. Such attacks are often slow and stealthy and usually evade existing security products. To enable effective detection of such attacks, we present a new approach based on graph-based modeling of the security state of the target system and correlation of diverse indicators of anomalous host behavior. We believe that irrespective of the specific attack vectors used, attackers typically establish a command and control channel to operate, and move in the target system to escalate their privileges and reach sensitive areas. Accordingly, we identify important features of command and control and lateral movement activities and extract them from internal and external communication traffic. Driven by the analysis of the features, we propose the use of multiple anomaly detection techniques to identify compromised hosts. These methods include Principal Component Analysis, k-means clustering, and Median Absolute Deviation-based outlier detection. We evaluate the accuracy of identifying compromised hosts by using injected attack traffic in a real enterprise network dataset, for various attack communication models. Our results show that the proposed approach can detect infected hosts with high accuracy and a low false positive rate.
基于横向移动的攻击越来越多地导致大型私人和政府网络的妥协,通常导致信息泄露或服务中断。这种攻击通常是缓慢而隐蔽的,通常会避开现有的安全产品。为了能够有效地检测此类攻击,我们提出了一种基于目标系统安全状态的基于图形的建模和异常主机行为各种指标的相关性的新方法。我们认为,无论使用何种特定的攻击媒介,攻击者通常会建立一个命令和控制通道来操作,并在目标系统中移动以提升其特权并到达敏感区域。据此,我们确定了指挥控制和横向移动活动的重要特征,并从内部和外部通信流量中提取了它们。通过对这些特征的分析,我们建议使用多种异常检测技术来识别被入侵的主机。这些方法包括主成分分析、k均值聚类和基于中位数绝对偏差的离群检测。我们通过在真实的企业网络数据集中使用注入的攻击流量来评估识别受损主机的准确性,用于各种攻击通信模型。实验结果表明,该方法检测感染宿主的准确率高,假阳性率低。
{"title":"An Unsupervised Multi-Detector Approach for Identifying Malicious Lateral Movement","authors":"Atul Bohara, Mohammad A. Noureddine, Ahmed M. Fawaz, W. Sanders","doi":"10.1109/SRDS.2017.31","DOIUrl":"https://doi.org/10.1109/SRDS.2017.31","url":null,"abstract":"Lateral movement-based attacks are increasingly leading to compromises in large private and government networks, often resulting in information exfiltration or service disruption. Such attacks are often slow and stealthy and usually evade existing security products. To enable effective detection of such attacks, we present a new approach based on graph-based modeling of the security state of the target system and correlation of diverse indicators of anomalous host behavior. We believe that irrespective of the specific attack vectors used, attackers typically establish a command and control channel to operate, and move in the target system to escalate their privileges and reach sensitive areas. Accordingly, we identify important features of command and control and lateral movement activities and extract them from internal and external communication traffic. Driven by the analysis of the features, we propose the use of multiple anomaly detection techniques to identify compromised hosts. These methods include Principal Component Analysis, k-means clustering, and Median Absolute Deviation-based outlier detection. We evaluate the accuracy of identifying compromised hosts by using injected attack traffic in a real enterprise network dataset, for various attack communication models. Our results show that the proposed approach can detect infected hosts with high accuracy and a low false positive rate.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"70 1","pages":"224-233"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86193107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
A Simulation Analysis of Reliability in Erasure-Coded Data Centers 擦除编码数据中心可靠性仿真分析
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.19
Mi Zhang, Shujie Han, P. Lee
Erasure coding has been widely adopted to protect data storage against failures in production data centers. Given the hierarchical nature of data centers, characterizing the effects of erasure coding and redundancy placement on the reliability of erasure-coded data centers is critical yet largely unexplored. This paper presents a comprehensive simulation analysis of reliability on erasure-coded data centers. We conduct the analysis by building a discrete-event simulator called SIMEDC, which reports reliability metrics of an erasure-coded data center based on the configurable inputs of the data center topology, erasure codes, redundancy placement, and failure/repair patterns of different subsystems obtained from statistical models or production traces. Our simulation results show that placing erasure-coded data in fewer racks generally improves reliability by reducing cross-rack repair traffic, even though it sacrifices rack-level fault tolerance in the face of correlated failures.
在生产数据中心中,Erasure编码被广泛用于保护数据存储免受故障的影响。考虑到数据中心的分层性质,描述擦除编码和冗余放置对擦除编码数据中心可靠性的影响至关重要,但在很大程度上尚未得到探索。本文对擦除编码数据中心的可靠性进行了全面的仿真分析。我们通过构建一个名为SIMEDC的离散事件模拟器来进行分析,该模拟器根据从统计模型或生产轨迹获得的数据中心拓扑、擦除代码、冗余位置和不同子系统的故障/修复模式的可配置输入,报告擦除编码数据中心的可靠性指标。我们的仿真结果表明,将擦除编码的数据放置在较少的机架上通常可以通过减少跨机架的修复流量来提高可靠性,即使它在面对相关故障时牺牲了机架级别的容错能力。
{"title":"A Simulation Analysis of Reliability in Erasure-Coded Data Centers","authors":"Mi Zhang, Shujie Han, P. Lee","doi":"10.1109/SRDS.2017.19","DOIUrl":"https://doi.org/10.1109/SRDS.2017.19","url":null,"abstract":"Erasure coding has been widely adopted to protect data storage against failures in production data centers. Given the hierarchical nature of data centers, characterizing the effects of erasure coding and redundancy placement on the reliability of erasure-coded data centers is critical yet largely unexplored. This paper presents a comprehensive simulation analysis of reliability on erasure-coded data centers. We conduct the analysis by building a discrete-event simulator called SIMEDC, which reports reliability metrics of an erasure-coded data center based on the configurable inputs of the data center topology, erasure codes, redundancy placement, and failure/repair patterns of different subsystems obtained from statistical models or production traces. Our simulation results show that placing erasure-coded data in fewer racks generally improves reliability by reducing cross-rack repair traffic, even though it sacrifices rack-level fault tolerance in the face of correlated failures.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"24 1","pages":"144-153"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90815099","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
A Statistical Framework on Software Aging Modeling with Continuous-Time Hidden Markov Model 基于连续时间隐马尔可夫模型的软件老化建模统计框架
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.24
H. Okamura, Junjun Zheng, T. Dohi
This paper considers the statistical approach to model software degradation process from time series data of system attributes. We first develop the continuous-time Markov chain (CTMC) model to represent the degradation level of system. By combining the CTMC with system attributes distributions, a continuous-time hidden Markov model (CT-HMM) is proposed as the basic model to represent the degradation level of system. To estimate model parameters, we develop the EM algorithm for CT-HMM. The advantage of this modeling is that the estimated model is directly applied to existing CTMC-based software aging and rejuvenation models. In numerical experiments, we exhibit the performance of our method by simulated data and also demonstrate estimating the software degradation process with experimental data in MySQL database system.
本文考虑用统计方法从系统属性的时间序列数据中对软件退化过程进行建模。首先建立了连续时间马尔可夫链(CTMC)模型来表示系统的退化程度。将CTMC与系统属性分布相结合,提出连续时间隐马尔可夫模型(CT-HMM)作为表示系统退化程度的基本模型。为了估计模型参数,我们开发了CT-HMM的EM算法。该建模的优点是将估算模型直接应用于现有的基于ctmc的软件老化与年轻化模型。在数值实验中,我们通过模拟数据证明了我们的方法的性能,并演示了在MySQL数据库系统中使用实验数据估计软件退化过程。
{"title":"A Statistical Framework on Software Aging Modeling with Continuous-Time Hidden Markov Model","authors":"H. Okamura, Junjun Zheng, T. Dohi","doi":"10.1109/SRDS.2017.24","DOIUrl":"https://doi.org/10.1109/SRDS.2017.24","url":null,"abstract":"This paper considers the statistical approach to model software degradation process from time series data of system attributes. We first develop the continuous-time Markov chain (CTMC) model to represent the degradation level of system. By combining the CTMC with system attributes distributions, a continuous-time hidden Markov model (CT-HMM) is proposed as the basic model to represent the degradation level of system. To estimate model parameters, we develop the EM algorithm for CT-HMM. The advantage of this modeling is that the estimated model is directly applied to existing CTMC-based software aging and rejuvenation models. In numerical experiments, we exhibit the performance of our method by simulated data and also demonstrate estimating the software degradation process with experimental data in MySQL database system.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"57 1","pages":"114-123"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85658432","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
A Resilient Auction Framework for Deadline-Aware Jobs in Cloud Spot Market 云现货市场中截止日期敏感工作的弹性拍卖框架
Pub Date : 2017-09-01 DOI: 10.1109/SRDS.2017.34
A. S. Sabyasachi, H. M. D. Kabir, A. Abdelmoniem, S. Mondal
Public cloud providers, such as Amazon EC2, offer idle computing resources known as spot instances at a much cheaper rate compared to On-Demand instances. Spot instance prices are set dynamically according to market demand. Cloud users request spot instances by submitting their bid, and if user's bid price exceeds current spot price then a spot instance is assigned to that user. The problem however is that while spot instances are executing their jobs, they can be revoked whenever the spot price rises above the current bid of the user. In such scenarios and to complete jobs reliably, we propose a set of improvements for the cloud spot market which benefits both the provider and users. Typically, the new framework allows users to bid different prices depending on their perceived urgency and nature of the running job. Hence, it practically allow them to negotiate the current bid price in a way that guarantees the timely completion of their jobs. To complement our intuition, we have conducted an empirical study using real cloud spot price traces to evaluate our framework strategies which aim to achieve a resilient deadline-aware auction framework.
公共云提供商,如Amazon EC2,以比按需实例便宜得多的价格提供空闲的计算资源,即spot实例。现货价格是根据市场需求动态设定的。云用户通过提交投标请求现货实例,如果用户的投标价格超过当前现货价格,则将一个现货实例分配给该用户。然而,问题是,当现货实例正在执行它们的作业时,只要现货价格高于用户的当前出价,它们就会被撤销。在这种情况下,为了可靠地完成工作,我们提出了一组对云现货市场的改进,这对提供商和用户都有利。通常,新框架允许用户根据他们感知到的紧迫性和运行任务的性质来出价不同的价格。因此,它实际上允许他们以保证及时完成工作的方式谈判当前的投标价格。为了补充我们的直觉,我们使用真实的云现货价格轨迹进行了一项实证研究,以评估我们的框架策略,旨在实现有弹性的截止日期感知拍卖框架。
{"title":"A Resilient Auction Framework for Deadline-Aware Jobs in Cloud Spot Market","authors":"A. S. Sabyasachi, H. M. D. Kabir, A. Abdelmoniem, S. Mondal","doi":"10.1109/SRDS.2017.34","DOIUrl":"https://doi.org/10.1109/SRDS.2017.34","url":null,"abstract":"Public cloud providers, such as Amazon EC2, offer idle computing resources known as spot instances at a much cheaper rate compared to On-Demand instances. Spot instance prices are set dynamically according to market demand. Cloud users request spot instances by submitting their bid, and if user's bid price exceeds current spot price then a spot instance is assigned to that user. The problem however is that while spot instances are executing their jobs, they can be revoked whenever the spot price rises above the current bid of the user. In such scenarios and to complete jobs reliably, we propose a set of improvements for the cloud spot market which benefits both the provider and users. Typically, the new framework allows users to bid different prices depending on their perceived urgency and nature of the running job. Hence, it practically allow them to negotiate the current bid price in a way that guarantees the timely completion of their jobs. To complement our intuition, we have conducted an empirical study using real cloud spot price traces to evaluate our framework strategies which aim to achieve a resilient deadline-aware auction framework.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":"79 1","pages":"247-249"},"PeriodicalIF":0.0,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90503337","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
期刊
2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1