Secure Network Provenance
|
|
- Caroline Boyd
- 8 years ago
- Views:
Transcription
1 Secure Network Provenance Wenchao Zhou *, Qiong Fei*, Arjun Narayan*, Andreas Haeberlen*, Boon Thau Loo*, Micah Sherr + * University of Pennsylvania + Georgetown University
2 Motivation Why did my route to foo.com change?! D Route r 2 E Innocent Reason? Malicious Attack? Alice Route r 1 A foo.com An example scenario: network routing System administrator observes strange behavior Example: the route to foo.com has suddenly changed What exactly happened (innocent reason or malicious attack)? B C 2
3 We Need Secure Forensics For network routing Example: incident in March 2010 Traffic from Capitol Hill got redirected but also for other application scenarios Distributed hash table: Eclipse attack Cloud computing: misbehaving machines Online multi player gaming: cheating Goal: secure forensics in adversarial scenarios 3
4 Ideal Solution Q: Explain why the route to foo.com changed to r2. D Route r 2 E Alice A B C foo.com The Network Not realistic: adversary can tell lies A: Because someone accessed Router D and changed the configuration from X to Y. 4
5 Challenge: Adversaries Can Lie Everything is fine. Router E advertised a new route. Q: Explain why the route to foo.com changed to r2. D Route r 2 E Alice A B C foo.com The Network Problem: adversary can... fabricate plausible (yet incorrect) response point accusation towards innocent nodes 5
6 Existing Solutions Existing systems assume trusted components Trusted OS kernel, monitor, or hardware E.g. Backtracker [OSDI 06], PASS [USENIX ATC 06], ReVirt [OSDI 02], A2M [SOSP 07] These components may have bugs or be compromised Are there alternatives that do not require such trust? Our solution: We assume no trusted components; Adversary has full control over an arbitrary subset of the network (Byzantine faults). 6
7 Ideal Guarantees Ideally: explanation is always complete and accurate Fundamental limitations E.g. Faulty nodes secretly exchange messages E.g. Faulty nodes communicate outside the system What guarantees can we provide? Fundamentally impossible 7
8 Realistic Guarantees Q: Why did my route to foo.com change to r2? D Route r 2 E Alice A B The Network C foo.com Aha, at least I know which node is compromised. A: Because someone accessed Router D and changed its router configuration from X to Y. No faults: Explanation is complete and accurate Byzantine fault: Explanation identifies at least one faulty node Formal definitions and proofs in the paper 8
9 Outline Goal: A secure forensics system that works in an adversarial environment Explains unexpected behavior No faults: explanation is complete and accurate Byzantine fault: exposes at least one faulty node with evidence Model: Secure Network Provenance Tamper-evident Maintenance and Processing Evaluation Conclusion 9
10 Provenance as Explanations Alice A D route(a, foo.com) link(a, B) B route(d, foo.com) link(d, E) Origin: data provenance in databases foo.com route(c, foo.com) link(c, foo.com) Explains the derivation of tuples (ExSPAN [SIGMOD 10]) Captures the dependencies between tuples as a graph Explanation of a tuple is a tree rooted at the tuple E route(b, foo.com) link(b, C) C route(e, foo.com) link(e, B) 10
11 Provenance as Explanations route(d, foo.com) link(d, E) route(e, foo.com) link(e, B) route(a, foo.com) link(a, B) route(b, foo.com) route(c, foo.com) link(b, C) Origin: data provenance in databases link(c, foo.com) Explains the derivation of tuples (ExSPAN [SIGMOD 10]) Captures the dependencies between tuples as a graph Explanation of a tuple is a tree rooted at the tuple 11
12 Secure Network Provenance route(a, foo.com) link(a, B) route(b, foo.com) route(c, foo.com) link(b, C) link(c, foo.com) Challenge #1. Handle past and transient behavior Traditional data provenance targets current, stable state What if the system never converges? What if the state no longer exists? 12
13 Secure Network Provenance Time = t1 Time = t2 Time = t3 route(a, foo.com) route(c, foo.com) route(b, foo.com) route(c, foo.com) link(a, B) route(b, foo.com) route(c, foo.com) link(c, foo.com) link(b, C) link(c, foo.com) link(b, C) link(c, foo.com) Challenge #1. Handle past and transient behavior Timeline Traditional data provenance targets current, stable state What if the system never converges? What if the state no longer exists? Solution: Add a temporal dimension 13
14 Secure Network Provenance Time = t1 Time = t2 Time = t3 route(c, foo.com) route(b, foo.com) route(c, foo.com) +route(a, foo.com) +route(b, foo.com) link(a, B) +route(c, foo.com) link(c, foo.com) link(b, C) link(c, foo.com) link(b, C) +link(c, foo.com) Challenge #2. Explain changes, not just state Traditional data provenance targets system state Often more useful to ask why a tuple (dis)appeared Solution: Include deltas in provenance Timeline 14
15 Secure Network Provenance route(d, foo.com) link(d, E) route(e, foo.com) link(e, B) route(a, foo.com) link(a, B) route(b, foo.com) route(c, foo.com) link(b, C) link(c, foo.com) Challenge #3. Partition and secure provenance A trusted node would be ideal, but we don t have one Need to partition the graph among the nodes themselves Prevent nodes from altering the graph 15
16 Partitioning the Provenance Graph Step 1: Each node keeps vertices about local actions Split cross node communications 16
17 Partitioning the Provenance Graph RECV SEND Step 1: Each node keeps vertices about local actions Split cross node communications Step 2: Make the graph tamper evident 17
18 Securing Cross Node Edges Signed commitment from B RECEIVE SEND Signed ACK from A RECV SEND Router A Router B Step 1: Each node keeps vertices about local actions Split cross node communications Step 2: Make the graph tamper evident Secure cross node edges (evidence of omissions) 18
19 Outline Goal: A secure forensics system that works in an adversarial environment Explains unexpected behavior No faults: explanation is complete and accurate Byzantine fault: exposes at least one faulty node with evidence Model: Secure Network Provenance Tamper-evident Maintenance and Processing Evaluation Conclusion 19
20 System Overview Users Primary system Application Provenance system Query engine Maintenance engine Operator Extract provenance Maintain provenance Query provenance Network Stand alone provenance system On demand provenance reconstruction Provenance graph can be huge (with temporal dimension) Rebuild only the parts needed to answer a query 20
21 Extracting Dependencies Option 1: Inferred provenance Declarative specifications explicitly capture provenance E.g. Declarative networking, SQL queries, etc. Option 2: Reported provenance Modified source code reports provenance Option 3: External specification Defined on observed I/Os of a black box system 21
22 Secure Provenance Maintenance Maintain sufficient information for reconstruction I/O and non deterministic events are sufficient Logs are maintained using tamper evident logging Based on ideas from PeerReview [SOSP 07] D E Alice A RECV ACK B C SEND RCV ACK foo.com 22
23 Secure Provenance Querying Recursively construct the provenance graph Retrieve secure logs from remote nodes Check for tampering, omission, and equivocation Replay the log to regenerate the provenance graph D E Alice A route(a, foo.com) RECV (from B) link(a, B) foo.com Explain the route from A to foo.com. B C 23
24 Secure Provenance Querying Recursively construct the provenance graph Retrieve secure logs from remote nodes Check for tampering, omission, and equivocation Replay the log to regenerate the provenance graph D E Alice A route(a, foo.com) link(a, B) route(b, foo.com) RECV (from C) foo.com B link(b, C) C 24
25 Secure Provenance Querying Recursively construct the provenance graph Retrieve secure logs from remote nodes Check for tampering, omission, and equivocation Replay the log to regenerate the provenance graph D E Alice A OK. Now I know how the route was derived. route(a, foo.com) link(a, B) B route(b, foo.com) C link(b, C) foo.com route(c, foo.com) link(c, foo.com) 25
26 Outline Goal: A secure forensics system that works in an adversarial environment Explains unexpected behavior No faults: explanation is complete and accurate Byzantine fault: exposes at least one faulty node with evidence Model: Secure Network Provenance Tamper-evident Maintenance and Processing Evaluation Conclusion 26
27 Evaluation Results Prototype implementation (SNooPy) How useful is SNP? Is it applicable to different systems? How expensive is SNP at runtime? Traffic overhead, storage cost, additional CPU overhead? Does SNP affect scalability? What is the querying performance? Per query traffic overhead? Turnaround time for each query? 27
28 Usability: Applications We evaluated SNooPy with Quagga BGP: RouteView (external specification) Explains oscillation caused by router misconfiguration Hadoop MapReduce: (reported provenance) Detects a tampered Mapper that returns inaccurate results Declarative Chord DHT: (inferred provenance) Detects an Eclipse attacker that always returns its own ID SNooPy solves problems reported in existing work 28
29 Runtime Overhead: Storage Over 50% of the overhead was due to signatures and acks. Batching messages would help. Manageable storage overhead One week of data: E.g. Quagga 7.3GB; Chord 665MB 29
30 Query Latency largely due to replaying logs Verification Replay Download dominated by verifying logs and snapshots Query latency varies from application to application Reasonable overhead 30
31 Summary Secure network provenance in untrusted environments Requires no trusted components Strong guarantees even in the presence of Byzantine faults Formal proof in a technical report Significantly extends traditional provenance model Past and transient state, provenance of change, Efficient storage: reconstructs provenance graph on demand Application independent (Quagga, Hadoop, and Chord) Questions? Project website: 31
Let SDN Be Your Eyes: Secure Forensics in Data Center Networks
Let SDN Be Your Eyes: Secure Forensics in Data Center Networks Adam Bates University of Oregon Kevin Butler University of Oregon Andreas Haeberlen University of Pennsylvania Micah Sherr Georgetown University
More informationPLUMgrid Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure
Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure Introduction The concept of Virtual Networking Infrastructure (VNI) is disrupting the networking space and is enabling
More informationHow To Ensure Correctness Of Data In The Cloud
Ensuring Data Storage Security in Cloud Computing ABSTRACT Cloud computing has been envisioned as the next-generation architecture of IT enterprise. In contrast to traditional solutions, where the IT services
More informationUniversity of Pennsylvania. This work was partially supported by ONR MURI N00014-07-0907, NSF CNS-0721845 and NSF IIS-0812270.
DMaC: : Distributed Monitoring and Checking Wenchao Zhou, Oleg Sokolsky, Boon Thau Loo, Insup Lee University of Pennsylvania This work was partially supported by ONR MURI N00014-07-0907, NSF CNS-0721845
More informationSoftware Execution Protection in the Cloud
Software Execution Protection in the Cloud Miguel Correia 1st European Workshop on Dependable Cloud Computing Sibiu, Romania, May 8 th 2012 Motivation clouds fail 2 1 Motivation accidental arbitrary faults
More informationAutomated Formal Analysis of Internet Routing Systems
Automated Formal Analysis of Internet Routing Systems Boon Thau Loo University of Pennsylvania [Joint work with Anduo Wang (Penn -> UIUC), Wenchao Zhou (Georgetown), Andre Scedrov (Penn), Limin Jia (CMU),
More informationReliable Client Accounting for P2P-Infrastructure Hybrids
Reliable Client Accounting for P2P-Infrastructure Hybrids Paarijaat Aditya, Ming-Chen Zhao, Yin Lin *, Andreas Haeberlen, Peter Druschel, Bruce Maggs *, Bill Wishon Max Planck Institute for Software Systems
More informationEnsuring Data Storage Security in Cloud Computing
Ensuring Data Storage Security in Cloud Computing Cong Wang 1, Qian Wang 1, Kui Ren 1, and Wenjing Lou 2 1 ECE Department, Illinois Institute of Technology 2 ECE Department, Worcester Polytechnic Institute
More informationChronon: A modern alternative to Log Files
Chronon: A modern alternative to Log Files A. The 5 fundamental flows of Log Files Log files, Old School, are a relic from the 1970s, however even today in 2012, IT infrastructure monitoring relies on
More informationAn Integrated CyberSecurity Approach for HEP Grids. Workshop Report. http://hpcrd.lbl.gov/hepcybersecurity/
An Integrated CyberSecurity Approach for HEP Grids Workshop Report http://hpcrd.lbl.gov/hepcybersecurity/ 1. Introduction The CMS and ATLAS experiments at the Large Hadron Collider (LHC) being built at
More informationTracking Anti-Malware Protection 2015
Tracking Anti-Malware Protection 2015 A TIME-TO-PROTECT ANTI-MALWARE COMPARISON TEST Dennis Technology Labs www.dennistechnologylabs.com Follow @DennisTechLabs on Twitter.com This report aims to measure
More informationHow to Secure Infrastructure Clouds with Trusted Computing Technologies
How to Secure Infrastructure Clouds with Trusted Computing Technologies Nicolae Paladi Swedish Institute of Computer Science 2 Contents 1. Infrastructure-as-a-Service 2. Security challenges of IaaS 3.
More informationBest Practices for Hadoop Data Analysis with Tableau
Best Practices for Hadoop Data Analysis with Tableau September 2013 2013 Hortonworks Inc. http:// Tableau 6.1.4 introduced the ability to visualize large, complex data stored in Apache Hadoop with Hortonworks
More informationDifferential Provenance: Better Network Diagnostics with Reference Events
Differential Provenance: Better Network Diagnostics with Reference Events Andreas Haeberlen Ang Chen Wenchao Zhou Georgetown University Yang Wu Boon Thau Loo ABSTRACT In this paper, we propose a new approach
More informationMassive Cloud Auditing using Data Mining on Hadoop
Massive Cloud Auditing using Data Mining on Hadoop Prof. Sachin Shetty CyberBAT Team, AFRL/RIGD AFRL VFRP Tennessee State University Outline Massive Cloud Auditing Traffic Characterization Distributed
More informationCertifying Program Execution with Secure Processors
Certifying Program Execution with Secure Processors Benjie Chen Robert Morris MIT Laboratory for Computer Science {benjie,rtm}@lcs.mit.edu Abstract Cerium is a trusted computing architecture that protects
More informationCSE-E5430 Scalable Cloud Computing Lecture 2
CSE-E5430 Scalable Cloud Computing Lecture 2 Keijo Heljanko Department of Computer Science School of Science Aalto University keijo.heljanko@aalto.fi 14.9-2015 1/36 Google MapReduce A scalable batch processing
More informationHow To Ensure Correctness Of Data In The Cloud
A MECHANICS FOR ASSURING DATA STORAGE SECURITY IN CLOUD COMPUTING 1, 2 Pratibha Gangwar, 3 Mamta Gadoria 1 M. Tech. Scholar, Jayoti Vidyapeeth Women s University, Jaipur, priya25mehta@gmail.com 2 M. Tech.
More informationPresenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013
Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013 Outline Genesis - why we built it, where and when did the idea begin Issues
More informationImproving data integrity on cloud storage services
International Journal of Engineering Science Invention ISSN (Online): 2319 6734, ISSN (Print): 2319 6726 Volume 2 Issue 2 ǁ February. 2013 ǁ PP.49-55 Improving data integrity on cloud storage services
More informationParallel Databases. Parallel Architectures. Parallelism Terminology 1/4/2015. Increase performance by performing operations in parallel
Parallel Databases Increase performance by performing operations in parallel Parallel Architectures Shared memory Shared disk Shared nothing closely coupled loosely coupled Parallelism Terminology Speedup:
More informationwww.basho.com Technical Overview Simple, Scalable, Object Storage Software
www.basho.com Technical Overview Simple, Scalable, Object Storage Software Table of Contents Table of Contents... 1 Introduction & Overview... 1 Architecture... 2 How it Works... 2 APIs and Interfaces...
More informationibigtable: Practical Data Integrity for BigTable in Public Cloud
ibigtable: Practical Data Integrity for BigTable in Public Cloud Wei Wei North Carolina State University 890 Oval Drive Raleigh, North Carolina, United States wwei5@ncsu.edu Ting Yu North Carolina State
More informationDistributed File System. MCSN N. Tonellotto Complements of Distributed Enabling Platforms
Distributed File System 1 How do we get data to the workers? NAS Compute Nodes SAN 2 Distributed File System Don t move data to workers move workers to the data! Store data on the local disks of nodes
More informationBigData. An Overview of Several Approaches. David Mera 16/12/2013. Masaryk University Brno, Czech Republic
BigData An Overview of Several Approaches David Mera Masaryk University Brno, Czech Republic 16/12/2013 Table of Contents 1 Introduction 2 Terminology 3 Approaches focused on batch data processing MapReduce-Hadoop
More informationExploiting peer group concept for adaptive and highly available services
Exploiting peer group concept for adaptive and highly available services Muhammad Asif Jan Centre for European Nuclear Research (CERN) Switzerland Fahd Ali Zahid, Mohammad Moazam Fraz Foundation University,
More informationSecurity and Privacy in Public Clouds. David Lie Department of Electrical and Computer Engineering University of Toronto
Security and Privacy in Public Clouds David Lie Department of Electrical and Computer Engineering University of Toronto 1 Cloud Computing Cloud computing can (and is) applied to almost everything today.
More informationApache Hadoop. Alexandru Costan
1 Apache Hadoop Alexandru Costan Big Data Landscape No one-size-fits-all solution: SQL, NoSQL, MapReduce, No standard, except Hadoop 2 Outline What is Hadoop? Who uses it? Architecture HDFS MapReduce Open
More informationSecurity of Cloud Storage: - Deduplication vs. Privacy
Security of Cloud Storage: - Deduplication vs. Privacy Benny Pinkas - Bar Ilan University Shai Halevi, Danny Harnik, Alexandra Shulman-Peleg - IBM Research Haifa 1 Remote storage and security Easy to encrypt
More informationPeer-to-peer Cooperative Backup System
Peer-to-peer Cooperative Backup System Sameh Elnikety Mark Lillibridge Mike Burrows Rice University Compaq SRC Microsoft Research Abstract This paper presents the design and implementation of a novel backup
More informationIoT Security Platform
IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there
More informationCloud Computing Backgrounder
Cloud Computing Backgrounder No surprise: information technology (IT) is huge. Huge costs, huge number of buzz words, huge amount of jargon, and a huge competitive advantage for those who can effectively
More informationIntroduction to Hadoop. New York Oracle User Group Vikas Sawhney
Introduction to Hadoop New York Oracle User Group Vikas Sawhney GENERAL AGENDA Driving Factors behind BIG-DATA NOSQL Database 2014 Database Landscape Hadoop Architecture Map/Reduce Hadoop Eco-system Hadoop
More informationVerification of Data Reliability and Secure Service for Dynamic Data in Cloud Storage
Verification of Data Reliability and Secure Service for Dynamic Data in Cloud Storage Nithiavathy.R 1, Suresh.J 2 Department of Computer Science &Engineering, Coimbatore Institute of Engineering and Technology
More informationEnsuring Security in Cloud with Multi-Level IDS and Log Management System
Ensuring Security in Cloud with Multi-Level IDS and Log Management System 1 Prema Jain, 2 Ashwin Kumar PG Scholar, Mangalore Institute of Technology & Engineering, Moodbidri, Karnataka1, Assistant Professor,
More informationScalable Cloud Computing Solutions for Next Generation Sequencing Data
Scalable Cloud Computing Solutions for Next Generation Sequencing Data Matti Niemenmaa 1, Aleksi Kallio 2, André Schumacher 1, Petri Klemelä 2, Eija Korpelainen 2, and Keijo Heljanko 1 1 Department of
More informationNetwork Security. Mobin Javed. October 5, 2011
Network Security Mobin Javed October 5, 2011 In this class, we mainly had discussion on threat models w.r.t the class reading, BGP security and defenses against TCP connection hijacking attacks. 1 Takeaways
More informationSecure cloud access system using JAR ABSTRACT:
Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that
More informationSecurity in Structured P2P Systems
P2P Systems, Security and Overlays Presented by Vishal thanks to Dan Rubenstein Columbia University 1 Security in Structured P2P Systems Structured Systems assume all nodes behave Position themselves in
More informationBig Systems, Big Data
Big Systems, Big Data When considering Big Distributed Systems, it can be noted that a major concern is dealing with data, and in particular, Big Data Have general data issues (such as latency, availability,
More informationBig Data. A general approach to process external multimedia datasets. David Mera
Big Data A general approach to process external multimedia datasets David Mera Laboratory of Data Intensive Systems and Applications (DISA) Masaryk University Brno, Czech Republic 7/10/2014 Table of Contents
More informationA Performance Analysis of Distributed Indexing using Terrier
A Performance Analysis of Distributed Indexing using Terrier Amaury Couste Jakub Kozłowski William Martin Indexing Indexing Used by search
More informationSecure Cloud Storage and Computing Using Reconfigurable Hardware
Secure Cloud Storage and Computing Using Reconfigurable Hardware Victor Costan, Brandon Cho, Srini Devadas Motivation Computing is more cost-efficient in public clouds but what about security? Cloud Applications
More informationROCANA WHITEPAPER How to Investigate an Infrastructure Performance Problem
ROCANA WHITEPAPER How to Investigate an Infrastructure Performance Problem INTRODUCTION As IT infrastructure has grown more complex, IT administrators and operators have struggled to retain control. Gone
More informationOutline. Clouds of Clouds lessons learned from n years of research Miguel Correia
Dependability and Security with Clouds of Clouds lessons learned from n years of research Miguel Correia WORKSHOP ON DEPENDABILITY AND INTEROPERABILITY IN HETEROGENEOUS CLOUDS (DIHC13) August 27 th 2013,
More informationData Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System
Data Storage Security in Cloud Computing for Ensuring Effective and Flexible Distributed System 1 K.Valli Madhavi A.P vallimb@yahoo.com Mobile: 9866034900 2 R.Tamilkodi A.P tamil_kodiin@yahoo.co.in Mobile:
More informationThreatSpike Dome: A New Approach To Security Monitoring
ThreatSpike Dome: A New Approach To Security Monitoring 2015 ThreatSpike Labs Limited The problem with SIEM Hacking, insider and advanced persistent threats can be difficult to detect with existing product
More informationDecoding DNS data. Using DNS traffic analysis to identify cyber security threats, server misconfigurations and software bugs
Decoding DNS data Using DNS traffic analysis to identify cyber security threats, server misconfigurations and software bugs The Domain Name System (DNS) is a core component of the Internet infrastructure,
More informationDistributed Aggregation in Cloud Databases. By: Aparna Tiwari tiwaria@umail.iu.edu
Distributed Aggregation in Cloud Databases By: Aparna Tiwari tiwaria@umail.iu.edu ABSTRACT Data intensive applications rely heavily on aggregation functions for extraction of data according to user requirements.
More informationSecuring Elastic Applications for Cloud Computing. Many to One Virtualization
Securing Elastic Applications for Cloud Computing Many to One Virtualization Xinwen Zhang, Joshua Schiffman, Simon Gibbs, Anugeetha Kunjithapatham, and Sangoh Jeong Samsung Information Systems America
More informationLarge-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop
Large-Scale TCP Packet Flow Analysis for Common Protocols Using Apache Hadoop R. David Idol Department of Computer Science University of North Carolina at Chapel Hill david.idol@unc.edu http://www.cs.unc.edu/~mxrider
More informationFinding the Evidence in Tamper-Evident Logs
Finding the Evidence in Tamper-Evident Logs Daniel Sandler dsandler@cs.rice.edu Scott Crosby scrosby@cs.rice.edu Kyle Derr derrley@cs.rice.edu Dan S. Wallach dwallach@cs.rice.edu Abstract Secure logs are
More informationAchieving Real-Time Business Solutions Using Graph Database Technology and High Performance Networks
WHITE PAPER July 2014 Achieving Real-Time Business Solutions Using Graph Database Technology and High Performance Networks Contents Executive Summary...2 Background...3 InfiniteGraph...3 High Performance
More informationIndex Terms Cloud Storage Services, data integrity, dependable distributed storage, data dynamics, Cloud Computing.
Volume 3, Issue 5, May 2013 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Privacy - Preserving
More informationNoSQL for SQL Professionals William McKnight
NoSQL for SQL Professionals William McKnight Session Code BD03 About your Speaker, William McKnight President, McKnight Consulting Group Frequent keynote speaker and trainer internationally Consulted to
More informationIBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop
Planning a data security and auditing deployment for Hadoop 2 1 2 3 4 5 6 Introduction Architecture Plan Implement Operationalize Conclusion Key requirements for detecting data breaches and addressing
More informationSecure Way of Storing Data in Cloud Using Third Party Auditor
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661, p- ISSN: 2278-8727Volume 12, Issue 4 (Jul. - Aug. 2013), PP 69-74 Secure Way of Storing Data in Cloud Using Third Party Auditor 1 Miss.
More informationWatchGuard Dimension v1.1 Update 1 Release Notes
WatchGuard Dimension v1.1 Update 1 Release Notes Build Number 442674 Revision Date March 25, 2014 WatchGuard Dimension is the next-generation cloud-ready visibility solution for our Unified Threat Management
More informationBIG DATA IN THE CLOUD : CHALLENGES AND OPPORTUNITIES MARY- JANE SULE & PROF. MAOZHEN LI BRUNEL UNIVERSITY, LONDON
BIG DATA IN THE CLOUD : CHALLENGES AND OPPORTUNITIES MARY- JANE SULE & PROF. MAOZHEN LI BRUNEL UNIVERSITY, LONDON Overview * Introduction * Multiple faces of Big Data * Challenges of Big Data * Cloud Computing
More informationMAUI: Dynamically Splitting Apps Between the Smartphone and Cloud
MAUI: Dynamically Splitting Apps Between the Smartphone and Cloud Brad Karp UCL Computer Science CS M038 / GZ06 28 th February 2012 Limited Smartphone Battery Capacity iphone 4 battery: 1420 mah (@ 3.7
More informationUsing distributed technologies to analyze Big Data
Using distributed technologies to analyze Big Data Abhijit Sharma Innovation Lab BMC Software 1 Data Explosion in Data Center Performance / Time Series Data Incoming data rates ~Millions of data points/
More informationNear Sheltered and Loyal storage Space Navigating in Cloud
IOSR Journal of Engineering (IOSRJEN) e-issn: 2250-3021, p-issn: 2278-8719 Vol. 3, Issue 8 (August. 2013), V2 PP 01-05 Near Sheltered and Loyal storage Space Navigating in Cloud N.Venkata Krishna, M.Venkata
More informationThe Reduced Address Space (RAS) for Application Memory Authentication
The Reduced Address Space (RAS) for Application Memory Authentication David Champagne, Reouven Elbaz and Ruby B. Lee Princeton University, USA Introduction Background: TPM, XOM, AEGIS, SP, SecureBlue want
More informationEnergy Efficiency in Secure and Dynamic Cloud Storage
Energy Efficiency in Secure and Dynamic Cloud Storage Adilet Kachkeev Ertem Esiner Alptekin Küpçü Öznur Özkasap Koç University Department of Computer Science and Engineering, İstanbul, Turkey {akachkeev,eesiner,akupcu,oozkasap}@ku.edu.tr
More informationEnhancing Dataset Processing in Hadoop YARN Performance for Big Data Applications
Enhancing Dataset Processing in Hadoop YARN Performance for Big Data Applications Ahmed Abdulhakim Al-Absi, Dae-Ki Kang and Myong-Jong Kim Abstract In Hadoop MapReduce distributed file system, as the input
More informationSecurity Toolsets for ISP Defense
Security Toolsets for ISP Defense Backbone Practices Authored by Timothy A Battles (AT&T IP Network Security) What s our goal? To provide protection against anomalous traffic for our network and it s customers.
More informationDistributed Data Management
Introduction Distributed Data Management Involves the distribution of data and work among more than one machine in the network. Distributed computing is more broad than canonical client/server, in that
More informationWhat Is Specific in Load Testing?
What Is Specific in Load Testing? Testing of multi-user applications under realistic and stress loads is really the only way to ensure appropriate performance and reliability in production. Load testing
More informationNetwork Instruments white paper
Network Instruments white paper ANALYZING FULL-DUPLEX NETWORKS There are a number ways to access full-duplex traffic on a network for analysis: SPAN or mirror ports, aggregation TAPs (Test Access Ports),
More informationBusiness Application Services Testing
Business Application Services Testing Curriculum Structure Course name Duration(days) Express 2 Testing Concept and methodologies 3 Introduction to Performance Testing 3 Web Testing 2 QTP 5 SQL 5 Load
More informationADVANCE SECURITY TO CLOUD DATA STORAGE
Journal homepage: www.mjret.in ADVANCE SECURITY TO CLOUD DATA STORAGE ISSN:2348-6953 Yogesh Bhapkar, Mitali Patil, Kishor Kale,Rakesh Gaikwad ISB&M, SOT, Pune, India Abstract: Cloud Computing is the next
More informationBuilding Scalable Applications Using Microsoft Technologies
Building Scalable Applications Using Microsoft Technologies Padma Krishnan Senior Manager Introduction CIOs lay great emphasis on application scalability and performance and rightly so. As business grows,
More informationTechnische Herausforderungen der Cloud-Forensik
Technische Herausforderungen der Cloud-Forensik Dominik Birk Horst Görtz Institute for IT Security Bochum (Germany) Anwendertag IT-Forensik 2011 April 12 th, 2011, Darmstadt The Speaker Dominik Birk Ph.D.
More informationHDFS Users Guide. Table of contents
Table of contents 1 Purpose...2 2 Overview...2 3 Prerequisites...3 4 Web Interface...3 5 Shell Commands... 3 5.1 DFSAdmin Command...4 6 Secondary NameNode...4 7 Checkpoint Node...5 8 Backup Node...6 9
More informationCiteSeer x in the Cloud
Published in the 2nd USENIX Workshop on Hot Topics in Cloud Computing 2010 CiteSeer x in the Cloud Pradeep B. Teregowda Pennsylvania State University C. Lee Giles Pennsylvania State University Bhuvan Urgaonkar
More informationQuick Deployment Step-by-step instructions to deploy Oracle Big Data Lite Virtual Machine
Quick Deployment Step-by-step instructions to deploy Oracle Big Data Lite Virtual Machine Version 3.0 Please note: This appliance is for testing and educational purposes only; it is unsupported and not
More informationFault Tolerance in Hadoop for Work Migration
1 Fault Tolerance in Hadoop for Work Migration Shivaraman Janakiraman Indiana University Bloomington ABSTRACT Hadoop is a framework that runs applications on large clusters which are built on numerous
More informationDatabase Application Developer Tools Using Static Analysis and Dynamic Profiling
Database Application Developer Tools Using Static Analysis and Dynamic Profiling Surajit Chaudhuri, Vivek Narasayya, Manoj Syamala Microsoft Research {surajitc,viveknar,manojsy}@microsoft.com Abstract
More informationCloud Computing Now and the Future Development of the IaaS
2010 Cloud Computing Now and the Future Development of the IaaS Quanta Computer Division: CCASD Title: Project Manager Name: Chad Lin Agenda: What is Cloud Computing? Public, Private and Hybrid Cloud.
More informationHadoop and Map-Reduce. Swati Gore
Hadoop and Map-Reduce Swati Gore Contents Why Hadoop? Hadoop Overview Hadoop Architecture Working Description Fault Tolerance Limitations Why Map-Reduce not MPI Distributed sort Why Hadoop? Existing Data
More informationTechnical Brief Distributed Trusted Computing
Technical Brief Distributed Trusted Computing Josh Wood Look inside to learn about Distributed Trusted Computing in Tectonic Enterprise, an industry-first set of technologies that cryptographically verify,
More informationFast Prototyping Network Data Mining Applications. Gianluca Iannaccone Intel Research Berkeley
Fast Prototyping Network Data Mining Applications Gianluca Iannaccone Intel Research Berkeley Motivation Developing new network monitoring apps is unnecessarily time-consuming Familiar development steps
More informationSoftware tools for Complex Networks Analysis. Fabrice Huet, University of Nice Sophia- Antipolis SCALE (ex-oasis) Team
Software tools for Complex Networks Analysis Fabrice Huet, University of Nice Sophia- Antipolis SCALE (ex-oasis) Team MOTIVATION Why do we need tools? Source : nature.com Visualization Properties extraction
More informationCyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014
Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014 Introduction: Cyber attack is an unauthorized access to a computer
More informationA Guide to Understanding SNMP
A Guide to Understanding SNMP Read about SNMP v1, v2c & v3 and Learn How to Configure SNMP on Cisco Routers 2013, SolarWinds Worldwide, LLC. All rights reserved. Share: In small networks with only a few
More informationDeveloping MapReduce Programs
Cloud Computing Developing MapReduce Programs Dell Zhang Birkbeck, University of London 2015/16 MapReduce Algorithm Design MapReduce: Recap Programmers must specify two functions: map (k, v) * Takes
More informationDigital Forensics Tutorials Acquiring an Image with FTK Imager
Digital Forensics Tutorials Acquiring an Image with FTK Imager Explanation Section Digital Forensics Definition The use of scientifically derived and proven methods toward the preservation, collection,
More informationA Study on Workload Imbalance Issues in Data Intensive Distributed Computing
A Study on Workload Imbalance Issues in Data Intensive Distributed Computing Sven Groot 1, Kazuo Goda 1, and Masaru Kitsuregawa 1 University of Tokyo, 4-6-1 Komaba, Meguro-ku, Tokyo 153-8505, Japan Abstract.
More informationEfficient Integrity Checking Technique for Securing Client Data in Cloud Computing
International Journal of Electrical & Computer Sciences IJECS-IJENS Vol: 11 No: 05 41 Efficient Integrity Checking Technique for Securing Client Data in Cloud Computing Abstract-- It has been widely observed
More informationCyberNEXS Global Services
CyberNEXS Global Services CYBERSECURITY A cyber training, exercising, competition and certification product for maximizing the cyber skills of your workforce The Cyber Network EXercise System CyberNEXS
More informationMulti Factor Authentication API
GEORGIA INSTITUTE OF TECHNOLOGY Multi Factor Authentication API Yusuf Nadir Saghar Amay Singhal CONTENTS Abstract... 3 Motivation... 3 Overall Design:... 4 MFA Architecture... 5 Authentication Workflow...
More informationCloud Computing and Advanced Relationship Analytics
Cloud Computing and Advanced Relationship Analytics Using Objectivity/DB to Discover the Relationships in your Data By Brian Clark Vice President, Product Management Objectivity, Inc. 408 992 7136 brian.clark@objectivity.com
More informationOn- Prem MongoDB- as- a- Service Powered by the CumuLogic DBaaS Platform
On- Prem MongoDB- as- a- Service Powered by the CumuLogic DBaaS Platform Page 1 of 16 Table of Contents Table of Contents... 2 Introduction... 3 NoSQL Databases... 3 CumuLogic NoSQL Database Service...
More informationTowards a virtualized Internet for computer networking assignments
Towards a virtualized Internet for computer networking assignments Luis Bellido, David Fernández, Encama Pastor Abstract By combining virtualization technologies, virtual private network techniques and
More informationApplication Security Testing. Generic Test Strategy
Application Security Testing Generic Test Strategy Page 2 of 8 Contents 1 Introduction 3 1.1 Purpose: 3 1.2 Application Security Testing: 3 2 Audience 3 3 Test Strategy guidelines 3 3.1 Authentication
More informationApplication of Predictive Analytics for Better Alignment of Business and IT
Application of Predictive Analytics for Better Alignment of Business and IT Boris Zibitsker, PhD bzibitsker@beznext.com July 25, 2014 Big Data Summit - Riga, Latvia About the Presenter Boris Zibitsker
More informationDaniel J. Adabi. Workshop presentation by Lukas Probst
Daniel J. Adabi Workshop presentation by Lukas Probst 3 characteristics of a cloud computing environment: 1. Compute power is elastic, but only if workload is parallelizable 2. Data is stored at an untrusted
More informationDeveloping for the App Store. (Legacy)
Developing for the App Store (Legacy) Contents About the Application Development Process 5 At a Glance 5 Developing for Apple s Platforms Is a Mix of Administrative and Coding Tasks 5 Apps Published on
More informationANATOMY OF A DDoS ATTACK AGAINST THE DNS INFRASTRUCTURE
ANATOMY OF A DDoS ATTACK AGAINST THE DNS INFRASTRUCTURE ANATOMY OF A DDOS ATTACK AGAINST THE DNS INFRASTRUCTURE The Domain Name System (DNS) is part of the functional infrastructure of the Internet and
More informationA very short history of networking
A New vision for network architecture David Clark M.I.T. Laboratory for Computer Science September, 2002 V3.0 Abstract This is a proposal for a long-term program in network research, consistent with the
More information