2019 IEEE International Conference on Cloud Engineering (IC2E)最新文献

{"title":"Edge-Assisted Detection and Summarization of Key Global Events from Distributed Crowd-Sensed Data","authors":"Abdelrahman Fahim, Ajaya Neupane, E. Papalexakis, Lance M. Kaplan, S. Krishnamurthy, T. Abdelzaher","doi":"10.1109/IC2E.2019.00021","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00021","url":null,"abstract":"This paper introduces a novel service for distributed detection and summarization of crowd-sensed events. The work is motivated by the proliferation of microblogging media, such as Twitter, that can be used to detect and describe events in the physical world, such as protests, disasters, or civil unrest. Since crowd-sensed data is likely to be distributed, we consider an architecture, where the data first accumulates across a plurality of edge servers (e.g. cloudlets or repositories) and is then summarized, rather than being shipped directly to its ultimate destination (e.g., in a remote cloud). The architecture allows graceful handling of overload and bandwidth limitations (e.g., in scenarios where capacity is impaired, as the case might be after a disaster). When bandwidth is scarce, our service, BigEye, only transfers very limited metadata from the distributed edge repositories to the central summarizer and yet supports highly accurate detection and concise summarization of key events of global interest. These summaries can then be sent to consumers (e.g., rescue personnel). Our emulations show that BigEye achieves the same precision and recall values in detecting key events as a system where all data is available centrally, while consuming only 1% of the bandwidth needed to transmit all raw data.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"1917 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128010446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Detecting IoT Malware by Markov Chain Behavioral Models","authors":"M. Ficco","doi":"10.1109/IC2E.2019.00037","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00037","url":null,"abstract":"Internet of Things (IoT) is become one of the most important technological sector in recent years, and the focus of attention in many fields, including military applications, healthcare, agriculture, industry, and space science, made it very attractive for cyber-attacks. Especially for the wide diffusion of the Adroid platform, the IoT devices are become one of the main targets of malware threats. Considering the great Android market share, it is needed to build effective tools able of detecting zero-day malware. Therefore, several static and dynamic analysis methods have been proposed in the literature. In this work, the sequences of API calls invoked by apps during their execution are modeled by Markov chains, and used to extract features of the apps through the time, needed for malware classification. The considered dataset includes 22K benign applications and 24K malware collected over different shared datasets. Experimental results show that the Markov chain approach detects malware with up to 89% F-measure and outperforms approaches based on API calls frequency.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121629579","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Edge Intelligence: The Convergence of Humans, Things, and AI","authors":"T. Rausch, S. Dustdar","doi":"10.1109/IC2E.2019.00022","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00022","url":null,"abstract":"Edge AI and Human Augmentation are two major technology trends, driven by recent advancements in edge computing, IoT, and AI accelerators. As humans, things, and AI continue to grow closer together, systems engineers and researchers are faced with new and unique challenges. In this paper, we analyze the role of edge computing and AI in the cyber-human evolution, and identify challenges that edge computing systems will consequently be faced with. We take a closer look at how a cyber-physical fabric will be complemented by AI operationalization to enable seamless end-to-end edge intelligence systems.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121850365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Study on Container Vulnerability Exploit Detection","authors":"Olufogorehan Tunde-Onadele, Jingzhu He, Ting Dai, Xiaohui Gu","doi":"10.1109/IC2E.2019.00026","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00026","url":null,"abstract":"Containers have become increasingly popular for deploying applications in cloud computing infrastructures. However, recent studies have shown that containers are prone to various security attacks. In this paper, we conduct a study on the effectiveness of various vulnerability detection schemes for containers. Specifically, we implement and evaluate a set of static and dynamic vulnerability attack detection schemes using 28 real world vulnerability exploits that widely exist in docker images. Our results show that the static vulnerability scanning scheme only detects 3 out of 28 tested vulnerabilities and dynamic anomaly detection schemes detect 22 vulnerability exploits. Combining static and dynamic schemes can further improve the detection rate to 86% (i.e., 24 out of 28 exploits). We also observe that the dynamic anomaly detection scheme can achieve more than 20 seconds lead time (i.e., a time window before attacks succeed) for a group of commonly seen attacks in containers that try to gain a shell and execute arbitrary code.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"375 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133939977","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A secure inter-domain communication for IoT devices","authors":"A. Anand, A. Galletta, A. Celesti, M. Fazio, M. Villari","doi":"10.1109/IC2E.2019.00038","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00038","url":null,"abstract":"Nowadays, a multitude of sensors are used to gather data in several fields from smart buildings, to industries, to cars, etc.. These sensor data are instrumental in making smart decisions. In order to send data to end users, these sensors are connected to the Internet of Things (IoT) devices. Usually, the intra-domain data transmission is secure, indeed sensors and consumers of data can belong to the same Virtual Private Network (VPN). Security problems can be raised in the inter-domain data transmission because the transmitting channel is not ciphered nor is the identity of devices certain. Therefore, in case of attack, for consumers of data is not possible to recognize real data gathered from devices from fake data sent by attackers. In order to address this challenge, in this paper we present a novel method to secure data acquired from sensors connected to IoT devices. In particular, utilizing a Public Key Infrastructure (PKI) and the ESP32 microcontroller, we can send data privately to each recipient. In order to validate the system, we performed specific analysis considering different levels of security (512, 1024, 2048 bits key length) and increasing number of connected sensors (0, 1, 5, 10, 20). In particular, we considered the time to set up the IoT device and to cipher packets. Experiments have shown that the time required for the setup increases with the increase of the key length. Considering the 512 and 1024 bits keys, the time required to cipher data coming from sensors increase with the increasing of sensors. Instead, for the 2048 bits key length the ciphering time is almost constant, this because packet size and key length are comparable.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114389279","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ContainerVisor: Customized Control of Container Resources","authors":"Tianlin Li, Kartik Gopalan, Ping Yang","doi":"10.1109/IC2E.2019.00033","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00033","url":null,"abstract":"Cloud platforms are increasingly using containers for lightweight virtualization. Unlike full system virtual machines (VMs) that each runs its own operating system, containers share a stateful operating system to reduce their memory footprint and execution overheads. However, mainstream operating systems are currently limited in their ability to customize a container's memory management, since they lack the necessary abstractions and mechanisms to accurately track and isolate a container's memory footprint. We propose a new abstraction, called the Container-Level Address Space (CLAS), that provides a unified view of a container's memory across all of its constituent processes. We present the design of ContainerVisor, a per-container resource management system that leverages CLAS to provide customized memory management services. We describe a ContainerVisor prototype on Linux for running unmodified applications and demonstrate three proof-of-concept customized services, namely process-level memory limits and reservations, container-specific page replacement policies, and privacy-aware memory de-allocation. Our evaluations show that ContainerVisor can provide these customized services within reasonable overheads.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124381059","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Benchmarking physical and virtual IoT platforms","authors":"S. Venticinque","doi":"10.1109/IC2E.2019.00040","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00040","url":null,"abstract":"The continuous feedback from the testing environment has always been a valuable support for the developer to optimize software design and implementation. Virtualization technologies offer the possibility to emulate the operating environments and to replicate various deployment configurations. They allow for collecting benchmark results which are relevant for tuning and optimizing the application and for predicting its performance in the target execution environment. In this paper we present experimental activities of benchmarking of an embedded platform in virtual and physical environments. A qualitative and quantitative comparison of collected measures will be discussed in order to understand how they would affect precision prediction.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128047644","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"FECBench: A Holistic Interference-aware Approach for Application Performance Modeling","authors":"Yogesh D. Barve, Shashank Shekhar, A. Chhokra, S. Khare, Anirban Bhattacharjee, Zhuangwei Kang, Hongyang Sun, A. Gokhale","doi":"10.1109/IC2E.2019.00035","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00035","url":null,"abstract":"Services hosted in multi-tenant cloud platforms often encounter performance interference due to contention for non-partitionable resources, which in turn causes unpredictable behavior and degradation in application performance. To grapple with these problems and to define effective resource management solutions for their services, providers often must expend significant efforts and incur prohibitive costs in developing performance models of their services under a variety of interference scenarios on different hardware. This is a hard problem due to the wide range of possible co-located services and their workloads, and the growing heterogeneity in the runtime platforms including the use of fog and edge-based resources, not to mention the accidental complexities in performing application profiling under a variety of scenarios. To address these challenges, we present FECBench (Fog/Edge/Cloud Benchmarking), an open source framework comprising a set of 106 applications covering a wide range of application classes to guide providers in building performance interference prediction models for their services without incurring undue costs and efforts. Through the design of FECBench, we make the following contributions. First, we develop a technique to build resource stressors that can stress multiple system resources all at once in a controlled manner, which helps to gain insights into the impact of interference on an application's performance. Second, to overcome the need for exhaustive application profiling, FECBench intelligently uses the design of experiments (DoE) approach to enable users to build surrogate performance models of their services. Third, FECBench maintains an extensible knowledge base of application combinations that create resource stresses across the multi-dimensional resource design space. Empirical results using real-world scenarios to validate the efficacy of FECBench show that the predicted application performance has a median error of only 7.6% across all test cases, with 5.4% in the best case and 13.5% in the worst case.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123448799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"BARISTA: Efficient and Scalable Serverless Serving System for Deep Learning Prediction Services","authors":"Anirban Bhattacharjee, A. Chhokra, Zhuangwei Kang, Hongyang Sun, A. Gokhale, G. Karsai","doi":"10.1109/IC2E.2019.00-10","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00-10","url":null,"abstract":"Pre-trained deep learning models are increasingly being used to offer a variety of compute-intensive predictive analytics services such as fitness tracking, speech, and image recognition. The stateless and highly parallelizable nature of deep learning models makes them well-suited for serverless computing paradigm. However, making effective resource management decisions for these services is a hard problem due to the dynamic workloads and diverse set of available resource configurations that have different deployment and management costs. To address these challenges, we present a distributed and scalable deep-learning prediction serving system called Barista and make the following contributions. First, we present a fast and effective methodology for forecasting workloads by identifying various trends. Second, we formulate an optimization problem to minimize the total cost incurred while ensuring bounded prediction latency with reasonable accuracy. Third, we propose an efficient heuristic to identify suitable compute resource configurations. Fourth, we propose an intelligent agent to allocate and manage the compute resources by horizontal and vertical scaling to maintain the required prediction latency. Finally, using representative real-world workloads for an urban transportation service, we demonstrate and validate the capabilities of Barista.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"123 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126055024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MESH: A Flexible Distributed Hypergraph Processing System","authors":"Benjamin Heintz, Rankyung Hong, Shivangi Singh, G. Khandelwal, Corey Tesdahl, A. Chandra","doi":"10.1109/IC2E.2019.00-11","DOIUrl":"https://doi.org/10.1109/IC2E.2019.00-11","url":null,"abstract":"With the rapid growth of large online social networks, the ability to analyze large-scale social structure and behavior has become critically important, and this has led to the development of several scalable graph processing systems. In reality, however, social interaction takes place not only between pairs of individuals as in the graph model, but rather in the context of multi-user groups. Research has shown that such group dynamics can be better modeled through a more general hypergraph model, resulting in the need to build scalable hypergraph processing systems. In this paper, we present MESH, a flexible distributed framework for scalable hypergraph processing. MESH provides an easy-to-use and expressive application programming interface that naturally extends the \"think like a vertex\" model common to many popular graph processing systems. Our framework provides a flexible implementation based on an underlying graph processing system, and enables different design choices for the key implementation issues of partitioning a hypergraph representation. We implement MESH on top of the popular GraphX graph processing framework in Apache Spark. Using a variety of real datasets and experiments conducted on a local 8-node cluster as well as a 65-node Amazon AWS testbed, we demonstrate that MESH provides flexibility based on data and application characteristics, as well as scalability with cluster size. We further show that it is competitive in performance to HyperX, another hypergraph processing system based on Spark, while providing a much simpler implementation (requiring about 5X fewer lines of code), thus showing that simplicity and flexibility need not come at the cost of performance.","PeriodicalId":226094,"journal":{"name":"2019 IEEE International Conference on Cloud Engineering (IC2E)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128790370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}