The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Dynamic networks can be characterised by many factors such as changes (e.g., vulnerability change, update of applications and services, topology changes). It is of vital importance to assess the security of such dynamic networks in order to improve the security of them. One way to assess the security is to use a graphical security model. However, the existing graphical security models (e.g., attack...
Off-path round-trip time (RTT) measurement has many potential applications, including: improved geolocation capabilities, measuring the performance of parts of the Internet where there is not much measurement infrastructure (e.g., PlanetLab), and providing data plane measurements to better understand global Internet routing. Off-path means that the measurement machine is not on the path being measured...
Container technology has become popular in HPC applications because it offers easy customization and quick execution. However, container technology does not allow kernel-level optimization. It does not allow changing a kernel as well as loading/unloading a kernel module, thus it prevents the extraction of full performance on a target machine. In addition, container technology is designed for multi-tenancy...
This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a "predator searching for a prey" search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system...
A fork bomb attack is a denial of service attack. An attacker generates many processes rapidly, exhausting the resources of the target computer systems. There are several previous work to detect and remove the processes that cause fork bomb attacks. However, the operating system with the previous methods have the risks to terminate inappropriate processes that do not fork bomb processes. In this paper,...
Android operating system has become one of the most popular smartphone platforms. A large number of applications are developed for the operating system. Monitoring application behaviors with practical execution requires severely long time. Thus, reducing monitoring time is an important issue. In this paper, we propose a method for decreasing this time by accelerating the speed of time flow in Linux...
Operating system (OS) experiments consolidate the understanding of the OS concepts and cultivate good engineering practices. Major challenges, however, including large class sizes, diverse software versions, and timely identification of difficulties from lab reports, hurt teaching quality. To address these, we designed an integrated environment to support OS experiments and automated the release and...
Cloud computing is a relatively new idea where virtualized computers communicating with each other perform a multitude of services such as general purpose computing, cloud services to local applications for storage or processing power, and hosting services for entire applications executed within the cloud. This paper focuses on network bandwidth utilization within the cloud-computing environment and...
The underlying operating system of transparent computing system TcOS is booting slowly and is taking up too much memory space. To solve these problems, this paper proposes a method of optimizing the kernel and application layer. It includes recompiling the kernel, modifying the kernel configuration, simplifying services and gnome desktop of the operating system. Experimental results show that the...
In this paper we show an SDN controller implementation named Basebox that listens to Linux Netlink and translates commands into OpenFlow rules to control a domain of OF-DPA based switches in an OpenStack cluster.
The project aims to develop a professional Virtual Machine Manager for the KVM hypervisor. It will be a libvirt-based Web Interface for managing virtual machines. It allows creating and configuring new domains, and adjusting a domain's allocation of the underlying hardware resources. A VNC viewer will present a full graphical console to the end-users in the guest domain. To work with this service...
This paper compares the I/O performance, flexibility and ease of use features of Linux file systems; Ext4, XFS, BtrFS running on storage stack systems namely LVM and ZFS with RADOS Block Devices (RBD) as the underlying block devices as replacement to physical disks. Experiment sets that have been conducted to evaluate performance of selected file systems; Ext4, XFS, BtrFS and ZFS are presented and...
Among the different existing cryptographic file systems, EncFS has a unique feature that makes it attractive for backup setups involving untrusted (cloud) storage. It is a file-based overlay file system in normal operation (i.e., it maintains a directory hierarchy by storing encrypted representations of files and folders in a specific source folder), but its reverse mode allows to reverse this process:...
Linux containers showed great superiority when compared to virtual machines and hypervisors in terms of networking, disk and memory management, start-up and compilation speed, and overall processing performance. In this research, we are questioning whether it is more secure to run services inside Linux containers than running them directly on a host base operating system or not. We used Docker v1...
Android lacks fine-grained permission control for the external storage. Under the current coarse-grained mechanism, any application is able to access all the data on the external storage very easily. At the same time, many applications store sensitive data into the external storage, and some of these data are highly concerned with user privacy, which could bring severe security problems. In this paper,...
In computing era, a virtual version of a stratagem or resource, such as computer network resources, server, storage device, or a combination of these usually refers as virtualization where the framework segregates the resources into one or more execution instances. A Virtual Machine (VM) created on the host hardware as a software is called a hypervisor or a VM manager. Nowadays, hypervisor based virtualization...
In cloud computing, multiple servers are consolidated into a physical machine in order to reduce the cost of deploying the servers. Guaranteeing the service level objective (SLO) of each server is one of the most important factors in a virtualization system. Particularly, isolating the I/O resources among VMs competing for a shared storage system is challenging. Recently, use of flash based Solid...
Significant research effort has been made on formulating new topologies to meet the requirements of current and future large-scale data centers. Nowadays data centers may include tens of thousands of servers, leading to an urgent need for higher bandwidth, better reliability, easier management and lower latency. This paper investigates the potential of using software-defined networks (SDNs) in Extreme...
Data leakage has become a problem of epidemic proportions with very serious consequences for businesses and their customers. Experts warn that it is very difficult for organisations to avoid infiltration and that they should be prepared for such events. Proactive detection of ongoing attacks is therefore critically important. In this paper we describe the design and implementation of Peeper, a policy...
Data acquisition systems are fundamental components of modern distributed monitoring and control systems. The wide-spreading use of standard networking technologies in industrial scenarios, such as Ethernet, and the consolidation of web-based communication protocols, architectures and tools suggest the possibility to integrate out-of-the-box components to build a robust and reliable data acquisition...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.