Abstract not found

Redundant task allocation with majority voting is a common technique for result verification in grid computing. The technique fails though in cases where a majority of colluding clients returns collectively the same incorrect result. We therefore propose a mechanism that tries to identify collectives of colluding clients. The mechanism bases on the observation that in all cases where colluders succeed, they are together in the majority whereas all the honest clients are together in the minority. By looking at this “correlation” in voting-outcomes of any two clients we can estimate whether they are both malicious, both honest, or one is malicious and one is honest. This allows us to partition the set of all clients into clusters containing the malicious clients and clusters containing the honest clients. To substantiate the functioning of the proposed mechanism, we theoretically show that for specific collusion strategies the correlation of two clients actually is a good indicator for them having the same or different attitudes (honest/malicious).

A common technique for result verification in grid computing is to delegate a computation redundantly to different workers and apply majority voting to the returned results. However, the technique is sensitive to “collusion” where a majority of malicious workers collectively returns the same incorrect result. In this paper, we propose a mechanism that identifies groups of colluding workers. The mechanism is based on the fact that colluders can succeed in a vote only when they hold the majority. This information allows us to build clusters of workers that voted similarly in the past, and so detect collusion. We find that the more strongly workers collude, the better they can be identified.

Abstract—MapReduce has become increasingly popular as a powerful parallel data processing model. To deploy MapReduce as a data processing service over open systems such as service oriented architecture, cloud computing, and volunteer computing, we must provide necessary security mechanisms to protect the integrity of MapReduce data processing services. In this paper, we present SecureMR, a practical service integrity assurance framework for MapReduce. SecureMR consists of five security components, which provide a set of practical security mechanisms that not only ensure MapReduce service integrity as well as to prevent replay and Denial of Service (DoS) attacks, but also preserve the simplicity, applicability and scalability of MapReduce. We have implemented a prototype of SecureMR based on Hadoop, an open source MapReduce implementation. Our analytical study and experimental results show that SecureMR can ensure data processing service integrity while imposing low performance overhead. I.

The scalability and computing power of large-scale computational platforms that harness processing cycles from distributed nodes has made them attractive for hosting compute-intensive time-critical applications. Many of these applications are composed of computational tasks that require specific deadlines to be met for successful completion. In scheduling such tasks, replication becomes necessary due to the heterogeneity and dynamism inherent in these computational platforms. In this paper, we show that combining redundant scheduling with deadline-based scheduling in these systems leads to a fundamental tradeoff between throughput and fairness. We propose a new scheduling algorithm called Limited Resource Earliest Deadline (LRED) that couples redundant scheduling with deadline-driven scheduling in a flexible way by using a simple tunable parameter to exploit this tradeoff. Our evaluation of LRED using trace-driven and synthetic simulations shows that LRED provides a powerful mechanism to achieve desired throughput or fairness under high loads and low timeliness environments, where these tradeoffs are most critical. 1

Abstract. Our work proposes a generic architecture for runtime monitoring and optimization of IDS based on the challenge insertion. The challenges, known instances of malicious or legitimate behavior, are inserted into the network traffic represented by NetFlow records, processed with the current traffic and the system’s response to the challenges is used to determine its effectiveness and to fine-tune its parameters. The insertion of challenges is based on the threat models expressed as attack trees with attached risk/loss values. The use of threat model allows the system to measure the expected undetected loss and to improve its performance with respect to the relevant threats, as we have verified in the experiments performed on live network traffic. 1

Many evidence-based trust models require the adjustment of parameters such as aging- or exploration-factors. What the literature often does not address is the systematic choice of these parameters. In our work, we propose a generic procedure for finding trust model parameters that maximize the expected utility to the trust model user. The procedure is based on gametheoretic considerations and uses a genetic algorithm to cope with the vast number of possible attack strategies. To demonstrate the feasibility of the approach, we apply our procedure to a concrete trust model and optimize the parameters of this model.

Abstract not found

For applications in large-scale distributed systems, it is becoming increasingly important to provide reliable scheduling by evaluating the reliability of resources. However, most existing reputation models used for reliability evaluation ignore the critical influence of task runtime. In addition, most previous work uses list heuristics to optimize the makespan and reliability of workflow applications instead of Genetic Algorithms (GAs), which can give several satisfying solutions for choice. Hence, in this paper, we first propose the Reliability-Driven (RD) reputation, which is time-dependent and can be used to effectively evaluate the reliability of a resource in widely distributed systems. We then propose Look-Ahead Genetic Algorithm (LAGA) which utilizes the RD reputation to optimize both makespan and reliability of a workflow application. LAGA uses a novel evolution and evaluation mechanism: (i) the evolution operators evolve the task-resource mapping of a scheduling solution and (ii) the evaluation step determines the task order of solutions by using our proposed max-min strategy, which is the first two-phase strategy that can work with GAs. Our experiments show that the RD reputation improves the reliability of an application with more accurate reputations, while LAGA provides better solutions than existing list heuristics and evolves to better solutions more quickly than a traditional GA. Keywords: reliability, reputation, workflow scheduling, genetic algorithm, heuristic

apport de recherche