DOCSLIB.ORG

UC San Diego Electronic Theses and Dissertations

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
UC San Diego Electronic Theses and Dissertations UC San Diego UC San Diego Electronic Theses and Dissertations Title Scalable Traffic Management for Data Centers and Logging Devices Permalink https://escholarship.org/uc/item/2hp6b5sm Author Lam, Vinh The Publication Date 2013 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA, SAN DIEGO Scalable Traffic Management for Data Centers and Logging Devices A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science by Vinh The Lam Committee in charge: Professor George Varghese, Chair Professor Tara Javidi Professor Bill Lin Professor Amin Vahdat Professor Geoffrey Voelker 2013 Copyright Vinh The Lam, 2013 All rights reserved. The Dissertation of Vinh The Lam is approved, and it is acceptable in quality and form for publication on microfilm and electronically: Chair University of California, San Diego 2013 iii DEDICATION To my parents iv EPIGRAPH Science is what we understand well enough to explain to a computer. Art is everything else we do. Donald Knuth Simplicity is prerequisite for reliability. Edsger Dijkstra v TABLE OF CONTENTS SignaturePage...................................... ................................. iii Dedication ......................................... ................................. iv Epigraph........................................... ................................. v TableofContents .................................... ................................ vi ListofFigures ...................................... ................................. viii ListofTables....................................... ................................. x Acknowledgements................................... ................................ xi Vita............................................... ................................. xiii AbstractoftheDissertation .......................... .................................. xiv Chapter1 Introduction............................... ............................... 1 Chapter 2 Carousel: Scalable Logging for Intrusion PreventionSystems .................... 5 2.1 Introduction.................................... ............................. 5 2.2 Model........................................... ........................... 8 2.3 AnalysisofaNa¨ıveLogger ......................... ........................... 10 2.3.1 TheNa¨ıveLoggerAlone .......................... ..................... 10 2.3.2 TheNa¨ıveLoggerwithaBloomFilter ............... ..................... 14 2.4 ScalableloggingusingCarousel .................... ............................ 15 2.4.1 Partitioningandlogging ........................ ........................ 15 2.4.2 CollectionTimesforCarousel .................... ....................... 17 2.5 CarouselImplementations ......................... ............................ 21 2.5.1 SnortImplementation ........................... ....................... 21 2.5.2 HardwareImplementation ........................ ...................... 23 2.6 SimulationEvaluation............................ ............................. 24 2.6.1 BaselineExperiment............................ ....................... 24 2.6.2 LoggerPerformancewithLogisticModel ............ ..................... 25 2.6.3 Non-uniformsourcearrivals..................... ........................ 28 2.6.4 EffectofChangingHashFunctions................. ...................... 28 2.6.5 AdaptivelyAdjustingSamplingBits ............... ....................... 32 2.7 SnortEvaluation ................................. ............................ 33 2.8 RelatedWork..................................... ........................... 34 2.9 Summary ......................................... .......................... 36 Chapter 3 Flame: Efficient and Robust Hardware Load BalancingforDataCenterRouters ..... 38 3.1 Introduction.................................... ............................. 38 3.2 RelatedWork..................................... ........................... 42 3.3 Mechanisms...................................... ........................... 44 3.3.1 DiscountingRateEstimator(DRE) ................. ...................... 44 3.3.2 Choosingtheleastloadedlink .................... ....................... 47 3.3.3 Statetabledesign.............................. ........................ 49 vi 3.3.4 Handlingheavy-hitters ......................... ........................ 52 3.3.5 Profile-basedrebalancing ....................... ........................ 55 3.4 Hardwareimplementation .......................... ........................... 56 3.5 Analysis........................................ ............................ 58 3.5.1 DREanalysis ................................... ...................... 58 3.5.2 AnalysisofFlamestatetabledesign ............... ....................... 60 3.6 Evaluation ...................................... ............................ 63 3.6.1 Loadbalancinggoodnessmetrics .................. ...................... 64 3.6.2 Simulationsetup ............................... ....................... 65 3.6.3 Simulationresults ............................. ........................ 66 3.6.4 ImpactofpacketreorderingonTCP ................. ..................... 68 3.7 Summary ......................................... .......................... 73 Chapter 4 NetShare and Stochastic NetShare: Predictable Bandwidth Allocation for Data Centers 74 4.1 Introduction.................................... ............................. 74 4.2 NetShareSpecification ............................ ............................ 76 4.3 NetShareAlgorithms .............................. ........................... 78 4.3.1 GroupAllocationLeveragingTCP .................. ..................... 78 4.3.2 StochasticNetShare............................ ........................ 80 4.3.3 RateThrottlingforUDP.......................... ...................... 82 4.3.4 CentralizedBandwidthAllocator................. ........................ 84 4.4 Analysis........................................ ............................ 86 4.4.1 StochasticNetShareModel....................... ....................... 86 4.4.2 StabilityofCentralizedAllocation .............. ......................... 87 4.5 Implementation .................................. ............................ 88 4.6 Evaluation ...................................... ............................ 89 4.6.1 SinglePathExperiments......................... ....................... 89 4.6.2 MultipathExperiments .......................... ....................... 92 4.6.3 HowEffectiveisRateThrottling? ................. ....................... 93 4.6.4 ScalingtoLargerTopologies ..................... ....................... 96 4.6.5 ScalabilityofStochasticNetShare............... ......................... 98 4.7 AutomaticWeightAssignment ....................... .......................... 100 4.8 RelatedWork..................................... ........................... 101 4.9 Summary ......................................... .......................... 102 Chapter5 Conclusions................................ .............................. 103 Bibliography ....................................... ................................. 104 vii LIST OF FIGURES Figure1.1. LoggingprobleminChapter2................. ............................ 2 Figure1.2. LoadbalancingprobleminChapter3........... ............................ 3 Figure1.3. GroupQoSprobleminChapter4 ................ .......................... 4 Figure 2.1. IPS logical model with logging componentthat is oftenimplementedna¨ıvely ..... 6 Figure 2.2. IPS hardware model with Carousel scalable logger............................ 8 Figure2.3. Abstractloggingmodel ..................... ............................. 9 Figure 2.4. Model of na¨ıve logging using an optimistic randommodel..................... 11 Figure 2.5. Portion of timeline for randommodel shown in Figure2.4 ..................... 12 Figure 2.6. Flowchart of Carousel within Snort packet flow .. ............................ 21 Figure 2.7. Schematic of the Carousel Loggerlogic as part of anIPSChip. ................. 23 Figure 2.8. Performance of Carousel with different logging populations ................... 25 Figure 2.9. Performanceof the Carousel scalable logger. .. .............................. 27 Figure2.10. Highscanrate(60scans/s)................. ............................... 27 Figure2.11. Reducedmonitoringspace(50%) ............. ............................. 27 Figure 2.12. Logistic model of propagation- fast worm... .. .............................. 29 Figure 2.13. Logistic model of propagation- slow worm.. ... ............................. 29 Figure 2.14. Scaling up the vulnerablepopulation ........ ............................... 29 Figure 2.15. Logger performance under non-uniform source arrivals........................ 30 Figure 2.16. Dynamicsource samplingin Carousel ......... ............................. 30 Figure 2.17. Comparison of fixed vs. changing hash functions inCarousel................... 31 Figure 2.18. Logging performance of Snort instrumented with Carousel under a random traffic pattern............................................ ..................... 33 Figure 2.19. Logging performance of Snort instrumented with Carousel under a periodic traffic pattern............................................ ..................... 34 Figure 2.20. Snort under non-uniformsource arrivals .... ..............................
Load more

Recommended publications
  • Communications Cacm.Acm.Org of Theacm 06/2009 Vol.52 No.06
    COMMUNICATIONS CACM.ACM.ORG OF THEACM 06/2009 VOL.52 NO.06 One Laptop Per Child: Vision vs. Reality Hard-Disk Drives: The Good, The Bad, and the Ugly How CS Serves The Developing World Network Front-End Processors The Claremont Report On Database Research Autonomous Helicopters Association for Computing Machinery Think Parallel..... It’s not just what we make. It’s what we make possible. Advancing Technology Curriculum Driving Software Evolution Fostering Tomorrow’s Innovators Learn more at: www.intel.com/thinkparallel ACM Ad.indd 1 4/17/2009 11:20:03 AM ABCD springer.com Noteworthy Computer Science Journals Autonomous Biological Personal and Robots Cybernetics Ubiquitous G. Sukhatme, University W. Senn, Universität Bern, Computing of Southern California, Physiologisches Institut; ACM Viterbi School of Engi- J. Rinzel, National neering, Dept. Computer Institutes of Health (NIH), P. Thomas, Univ. Coll. Science Dept. Health Education & London Interaction Centre Autonomous Robots Welfare; J. L. van Hemmen, reports on the theory and TU München, Abt. Physik Personal and Ubiquitous applications of robotic systems capable of Biological Cybernetics is an interdisciplinary Computing publishes peer-reviewed some degree of self-sufficiency. It features medium for experimental, theoretical and international research on handheld, wearable papers that include performance data on actual application-oriented aspects of information and mobile information devices and the robots in the real world. The focus is on the processing in organisms, including sensory, pervasive communications infrastructure that ability to move and be self-sufficient, not on motor, cognitive, and ecological phenomena. supports them to enable the seamless whether the system is an imitation of biology.
    [Show full text]
  • 40Th ACM Symposium on Theory of Computing (STOC 2008) Saturday
    40th ACM Symposium on Theory of Computing (STOC 2008) Saturday, May 17, 2008 7:00pm – 10:00pm Registration (Conference Centre) 8:00pm – 10:00pm Reception (Palm Court) Sunday, May 18, 2008 8:00am – 5:00pm Registration (Conference Centre) 8:10am – 8:35am Breakfast (Conference Centre) Session 1A Session 1B (Theatre) (Saanich Room) Chair: Venkat Guruswami Chair: David Shmoys (Cornell (University of Washington and University) Institute for Advanced Study) 8:35am - 8:55am Parallel Repetition in Projection The Complexity of Temporal Games and a Concentration Bound Constraint Satisfaction Problems Anup Rao Manuel Bodirsky, Jan Kara 9:00am - 9:20am SDP Gaps and UGC Hardness for An Effective Ergodic Theorem Multiway Cut, 0-Extension and and Some Applications Metric Labeling Satyadev Nandakumar Rajeskar Manokaran, Joseph (Seffi) Naor, Prasad Raghavendra, Roy Schwartz 9:25am – 9:45am Unique Games on Expanding Algorithms for Subset Selection Constraint Graphs are Easy in Linear Regression Sanjeev Arora, Subhash A. Khot, Abhimanyu Das, David Kempe Alexandra Kolla, David Steurer, Madhur Tulsiani, Nisheeth Vishnoi 9:45am - 10:10am Break Session 2 (Theatre) Chair: Joan Feigenbaum (Yale University) 10:10am - 11:10am Rethinking Internet Routing Invited talk by Jennifer Rexford (Princeton University) 11:10am - 11:20am Break Session 3A Session 3B (Theatre) (Saanich Room) Chair: Xiaotie Deng (City Chair: Anupam Gupta (Carnegie University of Hong Kong) Mellon University) The Pattern Matrix Method for 11:20am – 11:40am Interdomain Routing and Games Lower Bounds on Quantum Hagay Levin, Michael Schapira, Communication Aviv Zohar Alexander A. Sherstov 11:45am – 12:05pm Optimal approximation for the Classical Interaction Cannot Submodular Welfare Problem in Replace a Quantum Message the value oracle model Dmitry Gavinsky Jan Vondrak 12:10pm – 12:30pm Optimal Mechanism Design and Span-program-based quantum Money Burning algorithm for evaluating formulas Jason Hartline, Tim Ben W.
    [Show full text]
  • Computer Networking a Top-Down Approach 6Th Edition
    COMPUTER SIXTH EDITION NETWORKING A Top-Down Approach James F. Kurose University of Massachusetts, Amherst Keith W. Ross Polytechnic Institute of NYU Boston Columbus Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montréal Toronto Delhi Mexico City São Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo Vice President and Editorial Director, ECS: Art Director, Cover: Anthony Gemmellaro Marcia Horton Art Coordinator: Janet Theurer/ Editor in Chief: Michael Hirsch Theurer Briggs Design Editorial Assistant: Emma Snider Art Studio: Patrice Rossi Calkin/ Vice President Marketing: Patrice Jones Rossi Illustration and Design Marketing Manager: Yez Alayan Cover Designer: Liz Harasymcuk Marketing Coordinator: Kathryn Ferranti Text Designer: Joyce Cosentino Wells Vice President and Director of Production: Cover Image: ©Fancy/Alamy Vince O’Brien Media Editor: Dan Sandin Managing Editor: Jeff Holcomb Full-Service Vendor: PreMediaGlobal Senior Production Project Manager: Senior Project Manager: Andrea Stefanowicz Marilyn Lloyd Printer/Binder: Edwards Brothers Manufacturing Manager: Nick Sklitsis Cover Printer: Lehigh-Phoenix Color Operations Specialist: Lisa McDowell This book was composed in Quark. Basal font is Times. Display font is Berkeley. Copyright © 2013, 2010, 2008, 2005, 2003 by Pearson Education, Inc., publishing as Addison-Wesley. All rights reserved. Manufactured in the United States of America. This publication is protected by Copyright, and permission should be obtained from the pub- lisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or like- wise. To obtain permission(s) to use material from this work, please submit a written request to Pearson Education, Inc., Permissions Department, One Lake Street, Upper Saddle River, New Jersey 07458, or you may fax your request to 201-236-3290.
    [Show full text]
  • Contents U U U
    Contents u u u ACM Awards Reception and Banquet, June 2018 .................................................. 2 Introduction ......................................................................................................................... 3 A.M. Turing Award .............................................................................................................. 4 ACM Prize in Computing ................................................................................................. 5 ACM Charles P. “Chuck” Thacker Breakthrough in Computing Award ............. 6 ACM – AAAI Allen Newell Award .................................................................................. 7 Software System Award ................................................................................................... 8 Grace Murray Hopper Award ......................................................................................... 9 Paris Kanellakis Theory and Practice Award ...........................................................10 Karl V. Karlstrom Outstanding Educator Award .....................................................11 Eugene L. Lawler Award for Humanitarian Contributions within Computer Science and Informatics ..........................................................12 Distinguished Service Award .......................................................................................13 ACM Athena Lecturer Award ........................................................................................14 Outstanding Contribution
    [Show full text]
  • SIGCOMM): a Bibliometric Perspective
    Five Decades of the ACM Special Interest Group on Data Communications (SIGCOMM): A Bibliometric Perspective Waleed Iqbal Junaid Qadir Saeed-Ul Hassan Information Technology University Information Technology University Information Technology University (ITU)-Punjab, Lahore, Pakistan (ITU)-Punjab, Lahore, Pakistan (ITU)-Punjab, Lahore, Pakistan [email protected] [email protected] [email protected] Rana Tallal Javed Adnan Noor Mian Jon Crowcroft∗ Information Technology University Computer Laboratory, University of Computer Laboratory, University of (ITU)-Punjab, Lahore, Pakistan Cambridge, United Kingdom Cambridge, United Kingdom [email protected] [email protected] [email protected] Gareth Tyson∗ Queen Mary University of London, United Kingdom [email protected] This article is an editorial note submitted to CCR. It has NOT been peer reviewed. The authors take full responsibility for this article’s technical content. Comments can be posted through CCR Online. ABSTRACT 1 INTRODUCTION The ACM Special Interest Group on Data Communications (SIG- The ACM’s Special Interest Group on Data Communications (SIG- COMM) has been a major research forum for fifty years. This com- COMM) has performed a pivotal role in the development of com- munity has had a major impact on the history of the Internet, and puter networking. The research area has grown over decades, bridg- therefore we argue its exploration may reveal fundamental insights ing work from three major domains: Computer Science, Electrical into the evolution of networking technologies around the globe. Engineering, and Computer Engineering. On the 50th anniversary Hence, on the 50th anniversary of SIGCOMM, we take this opportu- of SIGCOMM’s foundation, we believe it is timely and worthwhile nity to reflect upon its progress and achievements, through the lens to explore its history and role, via the publication of cutting edge of its various publication outlets, e.g., the SIGCOMM conference, research.
    [Show full text]
  • Return of Organization Exempt from Income
    r OMB NO 1545-004 Return of Organization Exempt From Income Tax Form Under section 501(c), 527, or 4947(a)(1) of the Internal Revenue Code (except black lung 2004 990 benefit trust or private foundation) Department of the Treasury Open to Public Internal Revenue Service " The organization may have to use a copy of this return to satisfy state reporting requirements. Inspection A For the 2004 calendar year, or tax year beginning JAN 1 2004 and B Check .r C Name of organization D Employer identification number applicable please, use IRS ssociation for Computing Address label or change print or Machinery, Inc . 1J -171+1J Name type =change Number and street (or P.O. box if mail is not delivered to street address) Room/suite E Telephone number Initial See return Specific 1515 Broadway 17th Floor Final Instruc- ~return lions City or town, state or country, and ZIP + 4 F Accounting method U IC-171 $ Accrual aAmended return New York NY 10036 - 5701 Application pending 0 Section 501(c)(3) organizations and 4947(a)(1) nonexempt charitable trusts H and I are not applicable to section 527 organizations. must attach pleted Schedule A (Foror 990-EZ) . H(a) Is this a group return for affiliates? Yes No H(b) If "Yes ;" enter number of affdiates " J Organization type (cneckonly one)10- LXJ 501(c) ( 3 ) 1 cnsert no) L_j 4947(a)(1)orU 52 H(c) Are all affiliates included? N/A D Yes 0 No (If "No ;' attach a list.) K Check here 1[:j if the organization's gross receipts are normally not more than $25,000 .
    [Show full text]
  • Patterns and Interactions in Network Security
    Patterns and Interactions in Network Security PAMELA ZAVE and JENNIFER REXFORD, Princeton University Networks play a central role in cyber-security: networks deliver security attacks, suffer from them, defend against them, and sometimes even cause them. This article is a concise tutorial on the large subject of net- works and security, written for all those interested in networking, whether their specialty is security or not. To achieve this goal, we derive our focus and organization from two perspectives. The first perspective is that, although mechanisms for network security are extremely diverse, they are all instances of a few patterns. Consequently, after a pragmatic classification of security attacks, the main sections of the tutorial cover the four patterns for providing network security, of which the familiar three are cryptographic protocols, packet filtering, and dynamic resource allocation. Although cryptographic protocols hide the data contents ofpack- ets, they cannot hide packet headers. When users need to hide packet headers from adversaries, which may include the network from which they are receiving service, they must resort to the pattern of compound ses- sions and overlays. The second perspective comes from the observation that security mechanisms interact in important ways, with each other and with other aspects of networking, so each pattern includes a discussion of its interactions. CCS Concepts: • Networks → Network design principles; Network protocol design; Network security;•Se- curity and privacy → Network security; Cryptography; Formal methods and theory of security; Security services; Systems security; Intrusion detection systems; Additional Key Words and Phrases: Network security ACM Reference format: Pamela Zave and Jennifer Rexford. 2020.
    [Show full text]
  • Ieee-Level Awards
    IEEE-LEVEL AWARDS The IEEE currently bestows a Medal of Honor, fifteen Medals, thirty-three Technical Field Awards, two IEEE Service Awards, two Corporate Recognitions, two Prize Paper Awards, Honorary Memberships, one Scholarship, one Fellowship, and a Staff Award. The awards and their past recipients are listed below. Citations are available via the “Award Recipients with Citations” links within the information below. Nomination information for each award can be found by visiting the IEEE Awards Web page www.ieee.org/awards or by clicking on the award names below. Links are also available via the Recipient/Citation documents. MEDAL OF HONOR Ernst A. Guillemin 1961 Edward V. Appleton 1962 Award Recipients with Citations (PDF, 26 KB) John H. Hammond, Jr. 1963 George C. Southworth 1963 The IEEE Medal of Honor is the highest IEEE Harold A. Wheeler 1964 award. The Medal was established in 1917 and Claude E. Shannon 1966 Charles H. Townes 1967 is awarded for an exceptional contribution or an Gordon K. Teal 1968 extraordinary career in the IEEE fields of Edward L. Ginzton 1969 interest. The IEEE Medal of Honor is the highest Dennis Gabor 1970 IEEE award. The candidate need not be a John Bardeen 1971 Jay W. Forrester 1972 member of the IEEE. The IEEE Medal of Honor Rudolf Kompfner 1973 is sponsored by the IEEE Foundation. Rudolf E. Kalman 1974 John R. Pierce 1975 E. H. Armstrong 1917 H. Earle Vaughan 1977 E. F. W. Alexanderson 1919 Robert N. Noyce 1978 Guglielmo Marconi 1920 Richard Bellman 1979 R. A. Fessenden 1921 William Shockley 1980 Lee deforest 1922 Sidney Darlington 1981 John Stone-Stone 1923 John Wilder Tukey 1982 M.
    [Show full text]
  • Association for Computing Machinery 2 Penn Plaza, Suite 701, New York
    ACM A N W N A N R N D N S Association for Computing Machinery 2 Penn Plaza, Suite 701, New York, NY 10121-0701 USA +1-212-869-7440 www.acm.org Contents N N N ACM Awards Reception and Banquet, June 2017 . .2 Introduction . .3 A.M. Turing Award . .4 ACM Prize in Computing . .5 ACM – AAAI Allen Newell Award . .6 Software System Award . .7 Grace Murray Hopper Award . .8 Paris Kanellakis Theory and Practice Award . .9 Karl V. Karlstrom Outstanding Educator Award . .10 ACM Policy Award . .11 Distinguished Service Award . .12 ACM Athena Lecturer Award . .13 Outstanding Contribution to ACM Award . .14 ACM Presidential Award . .15-17 Doctoral Dissertation Award . .18 ACM Student Research Competition . .19 ACM Fellows . .20 Eugene L. Lawler Award for Humanitarian Contributions within Computer Science and Informatics . .21 ACM Gordon Bell Prize . .21 ACM – IEEE CS Eckert-Mauchly Award . .22 ACM – IEEE CS Ken Kennedy Award . .22 ACM – IEEE CS George Michael HPC Memorial Fellowships . .23 SIAM – ACM Prize in Computational Science and Engineering . .23 ACM – CSTA Cutler-Bell Prize . .24 ACM India Doctoral Dissertation Award . .24 ACM China Doctoral Dissertation Award . .25 ACM China Rising Star Award . .25 IPSJ/ACM Award for Early Career Contributions to Global Research . .25 ACM Special Interest Group Awards . .26-27 2017 ACM Award Subcommittee Chairs . .28 ACM Award Nomination Submission Procedures . .29 2018 ACM Award Subcommittee Chairs and Members . .30-31 Past Recipients . .32-36 ACM Fellows . .37-43 In Memoriam, ACM Fellows . .44 1 ACM Awards Reception & Banquet ACM AWARDS N N N N N N The Westin St.
    [Show full text]