The Experts below are selected from a list of 27651 Experts worldwide ranked by ideXlab platform
Sergio Loureiro - One of the best experts on this subject based on the ideXlab platform.
-
a security analysis of amazon s elastic compute cloud service
ACM Symposium on Applied Computing, 2012Co-Authors: Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio LoureiroAbstract:Cloud services such as Amazon's Elastic Compute Cloud and IBM's SmartCloud are quickly changing the way organizations are dealing with IT infrastructures and are providing online services. Today, if an organization needs computing power, it can simply buy it online by instantiating a Virtual Server image on the cloud. Servers can be quickly launched and shut down via application programming interfaces, offering the user a greater flexibility compared to traditional Server rooms. This paper explores the general security risks associated with using Virtual Server images from the public catalogs of cloud service providers. In particular, we investigate in detail the security problems of public images that are available on the Amazon EC2 service. We describe the design and implementation of an automated system that we used to instantiate and analyze the security of public AMIs on the Amazon EC2 platform, and provide detailed descriptions of the security tests that we performed on each image. Our findings demonstrate that both the users and the providers of public AMIs may be vulnerable to security risks such as unauthorized access, malware infections, and loss of sensitive information. The Amazon Web Services Security Team has acknowledged our findings, and has already taken steps to properly address all the security risks we present in this paper.
-
a security analysis of amazon s elastic compute cloud service
ACM Symposium on Applied Computing, 2012Co-Authors: Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio LoureiroAbstract:Cloud services such as Amazon's Elastic Compute Cloud and IBM's SmartCloud are quickly changing the way organizations are dealing with IT infrastructures and are providing online services. Today, if an organization needs computing power, it can simply buy it online by instantiating a Virtual Server image on the cloud. Servers can be quickly launched and shut down via application programming interfaces, offering the user a greater flexibility compared to traditional Server rooms. This paper explores the general security risks associated with using Virtual Server images from the public catalogs of cloud service providers. In particular, we investigate in detail the security problems of public images that are available on the Amazon EC2 service. We describe the design and implementation of an automated system that we used to instantiate and analyze the security of public AMIs on the Amazon EC2 platform, and provide detailed descriptions of the security tests that we performed on each image. Our findings demonstrate that both the users and the providers of public AMIs may be vulnerable to security risks such as unauthorized access, malware infections, and loss of sensitive information. The Amazon Web Services Security Team has acknowledged our findings, and has already taken steps to properly address all the security risks we present in this paper.
Chengzhong Xu - One of the best experts on this subject based on the ideXlab platform.
-
Coordinated Self-Configuration of Virtual Machines and Appliances Using a Model-Free Learning Approach
IEEE Transactions on Parallel and Distributed Systems, 2013Co-Authors: Xiangping Bu, Chengzhong XuAbstract:Cloud computing has a key requirement for resource configuration in a real-time manner. In such Virtualized environments, both Virtual machines (VMs) and hosted applications need to be configured on-the-fly to adapt to system dynamics. The interplay between the layers of VMs and applications further complicates the problem of cloud configuration. Independent tuning of each aspect may not lead to optimal system wide performance. In this paper, we propose a framework, namely CoTuner, for coordinated configuration of VMs and resident applications. At the heart of the framework is a model-free hybrid reinforcement learning (RL) approach, which combines the advantages of Simplex method and RL method and is further enhanced by the use of system knowledge guided exploration policies. Experimental results on Xen-based Virtualized environments with TPC-W and TPC-C benchmarks demonstrate that CoTuner is able to drive a Virtual Server cluster into an optimal or near-optimal configuration state on the fly, in response to the change of workload. It improves the systems throughput by more than 30 percent over independent tuning strategies. In comparison with the coordinated tuning strategies based on basic RL or Simplex algorithm, the hybrid RL algorithm gains 25 to 40 percent throughput improvement.
-
elastic routing table with provable performance for congestion control in dht networks
IEEE Transactions on Parallel and Distributed Systems, 2010Co-Authors: Haiying Shen, Chengzhong XuAbstract:Consistent hashing-based DHT networks have an inherent load balancing problem. The problem becomes more severe in heterogeneous networks with nonuniform and time-varying popular files. Existing DHT load balancing algorithms are mainly focused on the issues caused by node heterogeneity. To deal with skewed lookups, this paper presents an elastic routing table (ERT) mechanism for query load balancing, based on the observation that high-degree nodes tend to receive more traffic load. The mechanism allows each node to have a routing table of variable size corresponding to node capacities. The indegree and outdegree of the routing table can also be adjusted dynamically in response to the change of file popularity and network churn. Theoretical analysis proves that the routing table degree is bounded. The ERT mechanism facilitates locality-aware randomized query forwarding to further improve lookup efficiency. By relating query forwarding to a supermarket customer service model, we prove that a two-way randomized query forwarding policy should lead to an exponential improvement in query processing time over random walking. Simulation results demonstrate the effectiveness of the ERT mechanism and its related query forwarding policy for congestion and query load balancing. In comparison with existing "Virtual-Server?-based load balancing algorithms and other routing table control approaches, the ERT-based congestion control protocol yields significant improvement in query lookup efficiency.
-
elastic routing table with provable performance for congestion control in dht networks
International Conference on Distributed Computing Systems, 2006Co-Authors: Haiying Shen, Chengzhong XuAbstract:Distributed hash table (DHT) networks based on consistent hashing functions have an inherent load balancing problem. The problem becomes more severe due to the heterogeneity of network nodes and the non-uniform and timevarying file popularity. Existing DHT load balancing algorithms are mainly focused on the issues caused by node heterogeneity. To deal with skewed lookups, this paper presents an elastic routing table (ERT) mechanism for query load balancing, based on the observation that high degree nodes tend to experience more traffic load. The mechanism allows each node to have a routing table of variable size corresponding to its capacity. The indegree and outdegree of the routing table can also be adjusted dynamically in response to the change of file popularity and network churn. Theoretical analysis proves the routing table degree is bounded. The ERT mechanism facilitates locality-aware randomized query forwarding to further improve lookup efficiency. By relating query forwarding to a supermarket customer service model, we prove a 2-way randomized query forwarding policy leads to an exponential improvement in query processing time over random walking. Simulation results demonstrate the effectiveness of the ERT mechanism and its related query forwarding policy for congestion and query load balancing. In comparison with the existing "Virtual-Server"-based load balancing algorithm and other routing table control approaches, the ERT-based congestion control protocol yields significant improvements in query lookup efficiency.
Marco Balduzzi - One of the best experts on this subject based on the ideXlab platform.
-
a security analysis of amazon s elastic compute cloud service
ACM Symposium on Applied Computing, 2012Co-Authors: Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio LoureiroAbstract:Cloud services such as Amazon's Elastic Compute Cloud and IBM's SmartCloud are quickly changing the way organizations are dealing with IT infrastructures and are providing online services. Today, if an organization needs computing power, it can simply buy it online by instantiating a Virtual Server image on the cloud. Servers can be quickly launched and shut down via application programming interfaces, offering the user a greater flexibility compared to traditional Server rooms. This paper explores the general security risks associated with using Virtual Server images from the public catalogs of cloud service providers. In particular, we investigate in detail the security problems of public images that are available on the Amazon EC2 service. We describe the design and implementation of an automated system that we used to instantiate and analyze the security of public AMIs on the Amazon EC2 platform, and provide detailed descriptions of the security tests that we performed on each image. Our findings demonstrate that both the users and the providers of public AMIs may be vulnerable to security risks such as unauthorized access, malware infections, and loss of sensitive information. The Amazon Web Services Security Team has acknowledged our findings, and has already taken steps to properly address all the security risks we present in this paper.
-
a security analysis of amazon s elastic compute cloud service
ACM Symposium on Applied Computing, 2012Co-Authors: Marco Balduzzi, Jonas Zaddach, Davide Balzarotti, Engin Kirda, Sergio LoureiroAbstract:Cloud services such as Amazon's Elastic Compute Cloud and IBM's SmartCloud are quickly changing the way organizations are dealing with IT infrastructures and are providing online services. Today, if an organization needs computing power, it can simply buy it online by instantiating a Virtual Server image on the cloud. Servers can be quickly launched and shut down via application programming interfaces, offering the user a greater flexibility compared to traditional Server rooms. This paper explores the general security risks associated with using Virtual Server images from the public catalogs of cloud service providers. In particular, we investigate in detail the security problems of public images that are available on the Amazon EC2 service. We describe the design and implementation of an automated system that we used to instantiate and analyze the security of public AMIs on the Amazon EC2 platform, and provide detailed descriptions of the security tests that we performed on each image. Our findings demonstrate that both the users and the providers of public AMIs may be vulnerable to security risks such as unauthorized access, malware infections, and loss of sensitive information. The Amazon Web Services Security Team has acknowledged our findings, and has already taken steps to properly address all the security risks we present in this paper.
Charles Border - One of the best experts on this subject based on the ideXlab platform.
-
The Development and Deployment of a Multi-User, Remote Access Virtualization System for
2014Co-Authors: Charles BorderAbstract:We have combined four industry standard technologies to create a flexible, modular and easily extensible Virtual Server environment for both distance and local students to use in our networking, security, and system administration classes. By combining the remote access technologies of Remote Desktop, the multi-user capabilities of Microsoft Terminal Services, the ability to share sessions of Remote Assistance, and the ability to manipulate Virtual machines and Virtual networks using VMWare Workstation, the Remote Laboratory Emulation System (RLES) allows students to conduct labs very similar to our local labs from either inside or outside our lab facility. While other people have been experimenting with various combinations of these technologies we have aggressively developed and implemented this system and feel that it has become a very important tool in our ability to cost-effectively provide computing infrastructure for local and distant students, and student and faculty research
-
the development and deployment of a multi user remote access Virtualization system for networking security and system administration classes
Technical Symposium on Computer Science Education, 2007Co-Authors: Charles BorderAbstract:We have combined four industry standard technologies to create a flexible, modular and easily extensible Virtual Server environment for both distance and local students to use in our networking, security, and system administration classes. By combining the remote access technologies of Remote Desktop, the multi-user capabilities of Microsoft Terminal Services, the ability to share sessions of Remote Assistance, and the ability to manipulate Virtual machines and Virtual networks using VMWare Workstation, the Remote Laboratory Emulation System (RLES) allows students to conduct labs very similar to our local labs from either inside or outside our lab facility. While other people have been experimenting with various combinations of these technologies we have aggressively developed and implemented this system and feel that it has become a very important tool in our ability to cost-effectively provide computing infrastructure for local and distant students, and student and faculty research.
Haiying Shen - One of the best experts on this subject based on the ideXlab platform.
-
iask a distributed q a system incorporating social community and global collective intelligence
IEEE Transactions on Parallel and Distributed Systems, 2017Co-Authors: Guoxin Liu, Haiying ShenAbstract:Traditional web-based Question and Answer (Q&A) websites cannot easily solve non-factual questions to match askers’ preference. Recent research efforts begin to study social-based Q&A systems that rely on an asker's social friends to provide answers. However, this method cannot find answerers for a question not belonging to the asker's interests. To solve this problem, we propose a distributed Q&A system incorporating both social community intelligence and global collective intelligence, named as iASK. iASK improves the response latency and answer quality in both the social domain and global domain. It uses a neural network based friend ranking method to identify answerer candidates by considering social closeness and Q&A activities. To efficiently identify answerers in the global user base, iASK builds a Virtual Server tree that embeds the hierarchical structure of interests, and also maps users to the tree based on user interests. To accurately locate the cooperative experts, iASK has a fine-grained reputation system to evaluate user reputation based on their cooperativeness and expertise, and uses a reputation based reward strategy to encourage users to be cooperative. To further improve the performance of iASK, we propose a weak tie assisted social based potential answerer location algorithm and an interest coefficient based uncategorized question forwarding algorithm. To further improve the response quality and cooperativeness, we propose a reputation based reward strategy that motivates users to answer questions from unknown users. Experimental results from large-scale trace-driven simulation and real-world daily usages of the iASK prototype show the superior performance of iASK. It achieves high answer quality with 24 percent higher accuracy, short response latency with 53 percent less delay and effective cooperative incentives with 16 percent more answers compared to other social-based Q&A systems. The results also show the effectiveness of the enhancement algorithms in improving the performance of iASK.
-
iask a distributed q a system incorporating social community and global collective intelligence
International Conference on Peer-to-Peer Computing, 2015Co-Authors: Guoxin Liu, Haiying ShenAbstract:Traditional web-based Question and Answer (Q&A) websites cannot easily solve non-factual questions to match askers’ preference. Recent research efforts begin to study social-based Q&A systems that rely on an asker’s social friends to provide answers. However, this method cannot find answerers for a question not belonging to the asker’s interests. To solve this problem, we propose a distributed Q&A system incorporating both social community intelligence and global collective intelligence, named as iASK. iASK improves the response latency and answer quality in both the social domain and global domain. It uses a neural network based friend ranking method to identify answerer candidates by considering social closeness and Q&A activities. To efficiently identify answerers in the global user base, iASK builds a Virtual Server tree that embeds the hierarchical structure of interests, and also maps users to the tree based on user interests. To accurately locate the cooperative experts, iASK has a fine-grained reputation system to evaluate user reputation based on their cooperativeness and expertise. Experimental results from large-scale trace-driven simulation and realworld daily usages of the iASK prototype show the superior performance of iASK. It achieves high answer quality with 24% higher accuracy, short response latency with 53% less delay and effective cooperative incentives with 16% more answers compared to other social-based Q&A systems.
-
elastic routing table with provable performance for congestion control in dht networks
IEEE Transactions on Parallel and Distributed Systems, 2010Co-Authors: Haiying Shen, Chengzhong XuAbstract:Consistent hashing-based DHT networks have an inherent load balancing problem. The problem becomes more severe in heterogeneous networks with nonuniform and time-varying popular files. Existing DHT load balancing algorithms are mainly focused on the issues caused by node heterogeneity. To deal with skewed lookups, this paper presents an elastic routing table (ERT) mechanism for query load balancing, based on the observation that high-degree nodes tend to receive more traffic load. The mechanism allows each node to have a routing table of variable size corresponding to node capacities. The indegree and outdegree of the routing table can also be adjusted dynamically in response to the change of file popularity and network churn. Theoretical analysis proves that the routing table degree is bounded. The ERT mechanism facilitates locality-aware randomized query forwarding to further improve lookup efficiency. By relating query forwarding to a supermarket customer service model, we prove that a two-way randomized query forwarding policy should lead to an exponential improvement in query processing time over random walking. Simulation results demonstrate the effectiveness of the ERT mechanism and its related query forwarding policy for congestion and query load balancing. In comparison with existing "Virtual-Server?-based load balancing algorithms and other routing table control approaches, the ERT-based congestion control protocol yields significant improvement in query lookup efficiency.
-
elastic routing table with provable performance for congestion control in dht networks
International Conference on Distributed Computing Systems, 2006Co-Authors: Haiying Shen, Chengzhong XuAbstract:Distributed hash table (DHT) networks based on consistent hashing functions have an inherent load balancing problem. The problem becomes more severe due to the heterogeneity of network nodes and the non-uniform and timevarying file popularity. Existing DHT load balancing algorithms are mainly focused on the issues caused by node heterogeneity. To deal with skewed lookups, this paper presents an elastic routing table (ERT) mechanism for query load balancing, based on the observation that high degree nodes tend to experience more traffic load. The mechanism allows each node to have a routing table of variable size corresponding to its capacity. The indegree and outdegree of the routing table can also be adjusted dynamically in response to the change of file popularity and network churn. Theoretical analysis proves the routing table degree is bounded. The ERT mechanism facilitates locality-aware randomized query forwarding to further improve lookup efficiency. By relating query forwarding to a supermarket customer service model, we prove a 2-way randomized query forwarding policy leads to an exponential improvement in query processing time over random walking. Simulation results demonstrate the effectiveness of the ERT mechanism and its related query forwarding policy for congestion and query load balancing. In comparison with the existing "Virtual-Server"-based load balancing algorithm and other routing table control approaches, the ERT-based congestion control protocol yields significant improvements in query lookup efficiency.
