The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
As computer systems increase in size and complexity, bugs become ever subtler and more difficult to detect and diagnose. A bug could exist at different layers of computer systems (e.g., applications, shared libraries, file systems, device firmware), or could be caused by the incompatibility among layers. In many cases, bugs would require a very specific combination of events to be triggered and are...
In this paper, a general design scheme of universal video monitoring System is introduced based on the Hi3520D hardware platform and the Embedded Linux Operating System, describing the design and implementation of the overall structure and the major function module. The embedded, as the video monitor terminal, implements the function of video data gathering, coding, decoding and transmission, and...
Linux kernel feature of Cgroups (Control Groups) is being increasingly adopted for running applications in multi-tenanted environments. Many projects (e.g., Docker) rely on cgroups to isolate resources such as CPU and memory. It is critical to ensure high performance for such deployments. At LinkedIn, we have been using Cgroups and investigated its performance. This work presents our findings about...
Cloud computing is one of the most popular Internet concepts, and many large companies provide cloud services to users. These large companies have built their own data centers to support upper layers of cloud services. To save cost and increase flexibility, SDN and virtualization technologies are widely used in data centers. Open vSwitch is an open source virtual switch that supports the OpenFlow...
Malicious processes usually cooperate with concealing technology to hide themselves. The detection against hidden processes can effectively narrow the range of malicious processes. Behavior analysis is then implemented on the filtered process to finally locate the malicious one. In this paper, a method of hidden process detection and behavior forensics based on memory analysis is proposed. It uses...
Attacks on an operating system kernel using kernel rootkits pose a particularly serious threat. Detecting an attack is difficult when the operating system kernel is infected with a kernel rootkit. For this reason, handling an attack will be delayed causing an increase in the amount of damage done to a computer system. In this paper, we discuss KRGuard (Kernel Rootkits Guard), which is a new method...
Currently, container technology has increasingly grown up in cloud environment. However, the research related with resource management for container has not been considered actively. To manage resources on cloud with container efficiently, we present the GPSF, General-Purpose Scheduling Framework. This framework provides useful resource management functions, and more importantly it is possible to...
21st century is best known as technology centaury and the advancement in technology has helped in close knit networking of people in the world. With the advent of internet & social networking sites, connecting with people is a click away. These advancements warranted deep research in social networking [1] and its related technologies. The social networking sites store humongous data and when a...
Embedded systems are proliferating with their growing hardware capabilities. Their application areas include internet of things, cellular devices, network devices, etc. Application development and testing natively on such embedded hardware is expensive, time consuming, and challenging. In this case, system emulation is a cost-effective alternative. We have extended Quick Emulator (QEMU) to support...
Container based virtualization is rapidly growing in popularity for cloud deployments and applications as a virtualization alternative due to the ease of deployment coupled with high-performance. Emerging byte-addressable, nonvolatile memories, commonly called Storage Class Memory or SCM, technologies are promising both byte-addressability and persistence near DRAM speeds operating on the main memory...
Container technology has become popular in HPC applications because it offers easy customization and quick execution. However, container technology does not allow kernel-level optimization. It does not allow changing a kernel as well as loading/unloading a kernel module, thus it prevents the extraction of full performance on a target machine. In addition, container technology is designed for multi-tenancy...
The time spent by an application can broadly be classified into two main categories — user mode and kernel mode. In order to optimize applications from a performance perspective, it is critical to know the code regions where they spend the bulk of their time. With datacenter applications becoming more I/O intensive and storage devices attaining higher performance with each generation, the contribution...
Successful software is often enhanced and adapted to the needs of new users. During evolution, a software system grows in size, becomes more complex, and costly to maintain. In this paper, we point to big clones—large granular duplicated program structures such as files or directories—as one of many reasons why this happens. Using the Linux kernel as an example, we show that big clones arise in the...
This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a "predator searching for a prey" search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system...
Processor hardware performance counters have recently improved in quality and features, while performance monitoring support in Linux has been significantly revamped with the development of the perf_events subsystem, which contributed in making performance analysis an increasingly common practice among developers. However, no performance analysis is possible without an efficient monitoring interface...
Building secure systems used to mean ensuring a secure perimeter, but that is no longer the case. Today's systems are ill-equipped to deal with attackers that are able to pierce perimeter defenses. Data provenance is a critical technology in building resilient systems that will allow systems to recover from attackers that manage to overcome the "hard-shell" defenses. In this paper, we provide...
We present our experiences using cloud computing to support data-intensive analytics on satellite imagery for commercial applications. Drawing from our background in highperformance computing, we draw parallels between the early days of clustered computing systems and the current state of cloud computing and its potential to disrupt the HPC market. Using our own virtual file system layer on top of...
A fork bomb attack is a denial of service attack. An attacker generates many processes rapidly, exhausting the resources of the target computer systems. There are several previous work to detect and remove the processes that cause fork bomb attacks. However, the operating system with the previous methods have the risks to terminate inappropriate processes that do not fork bomb processes. In this paper,...
Companies developing and maintaining software-only products like web shops aim for establishing persistent links to their software running in the field. Monitoring data from real usage scenarios allows for a number of improvements in the software life-cycle, such as quick identification and solution of issues, and elicitation of requirements from previously unexpected usage. While the processes of...
Android operating system has become one of the most popular smartphone platforms. A large number of applications are developed for the operating system. Monitoring application behaviors with practical execution requires severely long time. Thus, reducing monitoring time is an important issue. In this paper, we propose a method for decreasing this time by accelerating the speed of time flow in Linux...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.