发布求助
文献互助 智能选刊 最新文献

2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)最新文献

筛选
英文 中文
Efficient Resources Utilization by Different Microservices Deployment Models 不同微服务部署模型对资源的有效利用
2018 IEEE 17th International Symposium on Network Computing and Applications (NCA) Pub Date : 2018-11-01 DOI: 10.1109/NCA.2018.8548346
Fernando H. L. Buzato, A. Goldman, D. Batista
{"title":"Efficient Resources Utilization by Different Microservices Deployment Models","authors":"Fernando H. L. Buzato, A. Goldman, D. Batista","doi":"10.1109/NCA.2018.8548346","DOIUrl":"https://doi.org/10.1109/NCA.2018.8548346","url":null,"abstract":"The adoption of microservice-based architecture has become increasingly popular. Microservice containerization is a technique used by developers to facilitate the deployment process of applications based on this architecture. There are several implementation models for microservices. In this paper we study and analyze the performance of these models in terms of the use of network, CPU, memory and disk. Pros and cons related to the development process are also discussed. Among the results obtained with measurements made in a public cloud, the significant reductions in network consumption (up to 99%) are noteworthy when using one container per microservice.","PeriodicalId":268662,"journal":{"name":"2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132534204","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Gwardar: Towards Protecting a Software-Defined Network from Malicious Network Operating Systems 保护软件定义网络免受恶意网络操作系统的侵害
2018 IEEE 17th International Symposium on Network Computing and Applications (NCA) Pub Date : 2018-09-19 DOI: 10.1109/NCA.2018.8548074
Arash Shaghaghi, S. Kanhere, M. Kâafar, Sanjay Jha
{"title":"Gwardar: Towards Protecting a Software-Defined Network from Malicious Network Operating Systems","authors":"Arash Shaghaghi, S. Kanhere, M. Kâafar, Sanjay Jha","doi":"10.1109/NCA.2018.8548074","DOIUrl":"https://doi.org/10.1109/NCA.2018.8548074","url":null,"abstract":"A Software-Defined Network (SDN) controller (aka. Network Operating System or NOS) is regarded as the brain of the network and is the single most critical element responsible to manage an SDN. Complimentary to existing solutions that aim to protect a NOS, we propose an intrusion protection system designed to protect an SDN against a controller that has been successfully compromised. Gwardar maintains a virtual replica of the data plane by intercepting the OpenFlow messages exchanged between the control and data plane. By observing the long-term flow of the packets, Gwardar learns the normal set of trajectories in the data plane for distinct packet headers. Upon detecting an unexpected packet trajectory, it starts by verifying the data plane forwarding devices by comparing the actual packet trajectories with the expected ones computed over the virtual replica. If the anomalous trajectories match the NOS instructions, Gwardar inspects the NOS itself. For this, it submits policies matching the normal set of trajectories and verifies whether the controller submits matching flow rules to the data plane and whether the network view provided to the application plane reflects the changes. Our evaluation results prove the practicality of Gwardar with a high detection accuracy in a reasonable time-frame.","PeriodicalId":268662,"journal":{"name":"2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129248867","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Toward Incremental FIB Aggregation with Quick Selections (FAQS) 基于快速选择的增量FIB聚合(FAQS)
2018 IEEE 17th International Symposium on Network Computing and Applications (NCA) Pub Date : 2018-07-23 DOI: 10.1109/NCA.2018.8548101
Yaoqing Liu, Garegin Grigoryan
{"title":"Toward Incremental FIB Aggregation with Quick Selections (FAQS)","authors":"Yaoqing Liu, Garegin Grigoryan","doi":"10.1109/NCA.2018.8548101","DOIUrl":"https://doi.org/10.1109/NCA.2018.8548101","url":null,"abstract":"Several approaches to mitigating the Forwarding Information Base (FIB) overflow problem were developed and software solutions using FIB aggregation are of particular interest. One of the greatest concerns to deploy these algorithms to real networks is their high running time and heavy computational overhead to handle thousands of FIB updates every second. In this work, we manage to use a single tree traversal to implement faster aggregation and update handling algorithm with much lower memory footprint than other existing work. We utilize 6-year realistic IPv4 and IPv6 routing tables from 2011 to 2016 to evaluate the performance of our algorithm with various metrics. To the best of our knowledge, it is the first time that IPv6 FIB aggregation has been performed. Our new solution is 2.53 and 1.75 times as fast as the-state-of-the-art FIB aggregation algorithm for IPv4 and IPv6 FIBs, respectively, while achieving a near-optimal FIB aggregation ratio.","PeriodicalId":268662,"journal":{"name":"2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)","volume":"252 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134316911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes LAMP:使用可编程数据平面提示第7层攻击缓解
2018 IEEE 17th International Symposium on Network Computing and Applications (NCA) Pub Date : 2018-07-23 DOI: 10.1109/NCA.2018.8548136
Garegin Grigoryan, Yaoqing Liu
{"title":"LAMP: Prompt Layer 7 Attack Mitigation with Programmable Data Planes","authors":"Garegin Grigoryan, Yaoqing Liu","doi":"10.1109/NCA.2018.8548136","DOIUrl":"https://doi.org/10.1109/NCA.2018.8548136","url":null,"abstract":"While there are various methods to detect application layer attacks or intrusion attempts on an individual end host, it is not efficient to provide all end hosts in the network with heavy-duty defense systems or software firewalls. In this work, we leverage a new concept of programmable data planes, to directly react on alerts raised by a victim and prevent further attacks on the whole network by blocking the attack at the network edge. We call our design LAMP, Layer 7 Attack Mitigation with Programmable data planes. We implemented LAMP using the P4 data plane programming language and evaluated its effectiveness and efficiency in the Behavioral Model (bmv2) environment.","PeriodicalId":268662,"journal":{"name":"2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121630918","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Leveraging Intel SGX Technology to Protect Security-Sensitive Applications 利用英特尔SGX技术保护对安全敏感的应用
2018 IEEE 17th International Symposium on Network Computing and Applications (NCA) Pub Date : 2018-01-29 DOI: 10.1109/NCA.2018.8548184
Joseph Sobchuk, Sean R. O'Melia, Daniil M. Utin, R. Khazan
{"title":"Leveraging Intel SGX Technology to Protect Security-Sensitive Applications","authors":"Joseph Sobchuk, Sean R. O'Melia, Daniil M. Utin, R. Khazan","doi":"10.1109/NCA.2018.8548184","DOIUrl":"https://doi.org/10.1109/NCA.2018.8548184","url":null,"abstract":"This paper explains the process by which Intel Software Guard Extensions (SGX) can be leveraged into an existing codebase to protect a security-sensitive application. Intel SGX provides user-level applications with hardware-enforced confidentiality and integrity protections and incurs manageable impact on performance. These protections apply to all three phases of the operational data lifecycle: at rest, in use, and in transit. SGX shrinks the trusted computing base (and therefore the attack surface) of the application to only the hardware on the CPU chip and the portion of the application's software that is executed within the protected enclave. The SDK enables SGX integration into existing C/C++ codebases while still ensuring program support for legacy and non-Intel platforms. This paper is the first published work to walk through the step-by-step process of Intel SGX integration with examples and performance results from an actual cryptographic application produced in a standard Linux development environment.","PeriodicalId":268662,"journal":{"name":"2018 IEEE 17th International Symposium on Network Computing and Applications (NCA)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133627101","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信