22 research outputs found
A novel cost-based replica server placement for optimal service quality in cloud-based content delivery network
Replica server placement is one of the crucial concerns for a given geographic diversity associated with placement problems in content delivery network (CDN). After reviewing the existing literatures, it is noted that studies are more for solving placement problem in conventional CDN and not much over cloud-based CDN architectures, which some few studies are reported towards replica selection are much in its nascent stages of development. Moreover, such models are not benchmarked or practically assessed to prove its effectiveness. Hence, the proposed study introduces a novel design of computational framework associated with cloud-based CDN which can facilitate cost-effective replica server management for enhanced service delivery. Implemented using analytical research methodology, the simulated study outcome shows that proposed scheme offers reduced cost, reduced resource dependencies, reduced latency, and faster processing time in contrast to existing models of replica server placement
Energy-aware and adaptive fog storage mechanism with data replication ruled by spatio-temporal content popularity
Data traffic demand increases at a very fast pace in edge networking environments, with strict requisites on latency and throughput. To fulfil these requirements, among others, this paper proposes a fog storage system that incorporates mobile nodes as content providers. This fog storage system has a hybrid design because it does not only bring data closer to edge consumers but, as a novelty, it also incorporates in the system other relevant functional aspects. These novel aspects are the user data demand, the energy consumption, and the node distance. In this way, the decision whether to replicate data is based on an original edge service managed by an adaptive distance metric for node clustering. The adaptive distance is evaluated from several important system parameters like, distance from consumer to the data storage location, spatio-temporal data popularity, and the autonomy of each battery-powered node. Testbed results evidence that this flexible cluster-based proposal offers a more responsive data access to consumers, reduces core traffic, and depletes in a fair way the available battery energy of edge nodes.info:eu-repo/semantics/acceptedVersio
Data-Aware Scheduling in Datacenters
Datacenters have emerged as the dominant form of computing infrastructure over the last two decades. The tremendous increase in the requirements of data analysis has led to a proportional increase in power consumption and datacenters are now one of the fastest growing electricity consumers in the United States. Another rising concern is the loss of throughput due to network congestion. Scheduling models that do not explicitly account for data placement may lead to a transfer of large amounts of data over the network causing unacceptable delays. In this dissertation, we study different scheduling models that are inspired by the dual objectives of minimizing energy costs and network congestion in a datacenter.
As datacenters are equipped to handle peak workloads, the average server utilization in most datacenters is very low. As a result, one can achieve huge energy savings by selectively shutting down machines when demand is low. In this dissertation, we introduce the network-aware machine activation problem to find a schedule that simultaneously minimizes the number of machines necessary and the congestion incurred in the network. Our model significantly generalizes well-studied combinatorial optimization problems such as hard-capacitated hypergraph covering and is thus strongly NP-hard. As a result, we focus on finding good approximation algorithms.
Data-parallel computation frameworks such as MapReduce have popularized the design of applications that require a large amount of communication between different machines. Efficient scheduling of these communication demands is essential to guarantee efficient execution of the different applications. In the second part of the thesis, we study the approximability of the co-flow scheduling problem that has been recently introduced to capture these application-level demands.
Finally, we also study the question, "In what order should one process jobs?'' Often, precedence constraints specify a partial order over the set of jobs and the objective is to find suitable schedules that satisfy the partial order. However, in the presence of hard deadline constraints, it may be impossible to find a schedule that satisfies all precedence constraints. In this thesis we formalize different variants of job scheduling with soft precedence constraints and conduct the first systematic study of these problems
Recommended from our members
ALGORITHMS FOR MASSIVE, EXPENSIVE, OR OTHERWISE INCONVENIENT GRAPHS
A long-standing assumption common in algorithm design is that any part of the input is accessible at any time for unit cost. However, as we work with increasingly large data sets, or as we build smaller devices, we must revisit this assumption. In this thesis, I present some of my work on graph algorithms designed for circumstances where traditional assumptions about inputs do not apply. 1. Classical graph algorithms require direct access to the input graph and this is not feasible when the graph is too large to fit in memory. For computation on massive graphs we consider the dynamic streaming graph model. Given an input graph defined by as a stream of edge insertions and deletions, our goal is to approximate properties of this graph using space that is sublinear in the size of the stream. In this thesis, I present algorithms for approximating vertex connectivity, hypergraph edge connectivity, maximum coverage, unique coverage, and temporal connectivity in graph streams. 2. In certain applications the input graph is not explicitly represented, but its edges may be discovered via queries which require costly computation or measurement. I present two open-source systems which solve real-world problems via graph algorithms which may access their inputs only through costly edge queries. M ESH is a memory manager which compacts memory efficiently by finding an approximate graph matching subject to stringent time and edge query restrictions. PathCache is an efficiently scalable network measurement platform that outperforms the current state of the art
Nomadic fog storage
Mobile services incrementally demand for further processing and storage. However,
mobile devices are known for their constrains in terms of processing, storage, and energy.
Early proposals have addressed these aspects; by having mobile devices access remote
clouds. But these proposals suffer from long latencies and backhaul bandwidth limitations
in retrieving data. To mitigate these issues, edge clouds have been proposed. Using this
paradigm, intermediate nodes are placed between the mobile devices and the remote
cloud. These intermediate nodes should fulfill the end users’ resource requests, namely
data and processing capability, and reduce the energy consumption on the mobile devices’
batteries.
But then again, mobile traffic demand is increasing exponentially and there is a greater
than ever evolution of mobile device’s available resources. This urges the use of mobile
nodes’ extra capabilities for fulfilling the requisites imposed by new mobile applications.
In this new scenario, the mobile devices should become both consumers and providers of
the emerging services. The current work researches on this possibility by designing,
implementing and testing a novel nomadic fog storage system that uses fog and mobile
nodes to support the upcoming applications. In addition, a novel resource allocation
algorithm has been developed that considers the available energy on mobile devices and
the network topology. It also includes a replica management module based on data
popularity. The comprehensive evaluation of the fog proposal has evidenced that it is
responsive, offloads traffic from the backhaul links, and enables a fair energy depletion
among mobiles nodes by storing content in neighbor nodes with higher battery autonomy.Os serviços móveis requerem cada vez mais poder de processamento e armazenamento.
Contudo, os dispositivos mĂłveis sĂŁo conhecidos por serem limitados em termos de
armazenamento, processamento e energia. Como solução, os dispositivos móveis
começaram a aceder a estes recursos através de nuvens distantes. No entanto, estas sofrem
de longas latências e limitações na largura de banda da rede, ao aceder aos recursos. Para
resolver estas questões, foram propostas soluções de edge computing. Estas, colocam nós
intermediários entre os dispositivos móveis e a nuvem remota, que são responsáveis por
responder aos pedidos de recursos por parte dos utilizadores finais.
Dados os avanços na tecnologia dos dispositivos móveis e o aumento da sua utilização,
torna-se cada mais pertinente a utilização destes próprios dispositivos para fornecer os
serviços da nuvem. Desta forma, o dispositivo móvel torna-se consumidor e fornecedor
do serviço nuvem. O trabalho atual investiga esta vertente, implementado e testando um
sistema que utiliza dispositivos móveis e nós no “fog”, para suportar os serviços móveis
emergentes. Foi ainda implementado um algoritmo de alocação de recursos que considera
os nĂveis de energia e a topologia da rede, bem como um mĂłdulo que gere a replicação
de dados no sistema de acordo com a sua popularidade. Os resultados obtidos provam que
o sistema é responsivo, alivia o tráfego nas ligações no core, e demonstra uma distribuição
justa do consumo de energia no sistema através de uma disseminação eficaz de conteúdo
nos nĂłs da periferia da rede mais prĂłximos dos nĂłs consumidores
Modélisation formelle des systèmes de détection d'intrusions
L’écosystème de la cybersécurité évolue en permanence en termes du nombre, de la diversité, et de la complexité des attaques. De ce fait, les outils de détection deviennent inefficaces face à certaines attaques. On distingue généralement trois types de systèmes de détection d’intrusions : détection par anomalies, détection par signatures et détection hybride. La détection par anomalies est fondée sur la caractérisation du comportement habituel du système, typiquement de manière statistique. Elle permet de détecter des attaques connues ou inconnues, mais génère aussi un très grand nombre de faux positifs. La détection par signatures permet de détecter des attaques connues en définissant des règles qui décrivent le comportement connu d’un attaquant. Cela demande une bonne connaissance du comportement de l’attaquant. La détection hybride repose sur plusieurs méthodes de détection incluant celles sus-citées. Elle présente l’avantage d’être plus précise pendant la détection. Des outils tels que Snort et Zeek offrent des langages de bas niveau pour l’expression de règles de reconnaissance d’attaques. Le nombre d’attaques potentielles étant très grand, ces bases de règles deviennent rapidement difficiles à gérer et à maintenir. De plus, l’expression de règles avec état dit stateful est particulièrement ardue pour reconnaître une séquence d’événements. Dans cette thèse, nous proposons une approche stateful basée sur les diagrammes d’état-transition algébriques (ASTDs) afin d’identifier des attaques complexes. Les ASTDs permettent de représenter de façon graphique et modulaire une spécification, ce qui facilite la maintenance et la compréhension des règles. Nous étendons la notation ASTD avec de nouvelles fonctionnalités pour représenter des attaques complexes. Ensuite, nous spécifions plusieurs attaques avec la notation étendue et exécutons les spécifications obtenues sur des flots d’événements à l’aide d’un interpréteur pour identifier des attaques. Nous évaluons aussi les performances de l’interpréteur avec des outils industriels tels que Snort et Zeek. Puis, nous réalisons un compilateur afin de générer du code exécutable à partir d’une spécification ASTD, capable d’identifier de façon efficiente les séquences d’événements.Abstract : The cybersecurity ecosystem continuously evolves with the number, the diversity,
and the complexity of cyber attacks. Generally, we have three types of Intrusion
Detection System (IDS) : anomaly-based detection, signature-based detection, and
hybrid detection. Anomaly detection is based on the usual behavior description of
the system, typically in a static manner. It enables detecting known or unknown attacks
but also generating a large number of false positives. Signature based detection
enables detecting known attacks by defining rules that describe known attacker’s behavior.
It needs a good knowledge of attacker behavior. Hybrid detection relies on
several detection methods including the previous ones. It has the advantage of being
more precise during detection. Tools like Snort and Zeek offer low level languages to
represent rules for detecting attacks. The number of potential attacks being large,
these rule bases become quickly hard to manage and maintain. Moreover, the representation
of stateful rules to recognize a sequence of events is particularly arduous. In this thesis, we propose a stateful approach based on algebraic state-transition
diagrams (ASTDs) to identify complex attacks. ASTDs allow a graphical and modular
representation of a specification, that facilitates maintenance and understanding of
rules. We extend the ASTD notation with new features to represent complex attacks.
Next, we specify several attacks with the extended notation and run the resulting specifications
on event streams using an interpreter to identify attacks. We also evaluate
the performance of the interpreter with industrial tools such as Snort and Zeek. Then,
we build a compiler in order to generate executable code from an ASTD specification,
able to efficiently identify sequences of events