Implications and Limitations of Securing an InfiniBand Network

The InfiniBand Architecture is one of the leading network interconnects used in high performance computing, delivering very high bandwidth and low latency. As the popularity of InfiniBand increases, the possibility for new InfiniBand applications arise outside the domain of high performance computing, thereby creating the opportunity for new security risks. In this work, new security questions are considered and addressed. The study demonstrates that many common traffic analyzing tools cannot monitor or capture InfiniBand traffic transmitted between two hosts. Due to the kernel bypass nature of InfiniBand, many host-based network security systems cannot be executed on InfiniBand applications. Those that can impose a significant performance loss for the network. The research concludes that not all network security practices used for Ethernet translate to InfiniBand as previously suggested and that an answer to meeting specific security requirements for an InfiniBand network might reside in hardware offload

Harnessing low-level tuning in modern architectures for high-performance network monitoring in physical and virtual platforms

Tesis doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Tecnología Electrónica y de las Comunicaciones. Fecha de lectura: 02-07-201

CHARM-Card: Hardware Based Cluster Control And Management System

Die Selektion und Analyse von Ereignisdaten des Schwerionen-Experiments ALICE am CERN werden durch sogenannte Triggerstufen vorgenommen. Der High Level Trigger (HLT) ist die letzte Triggerstufe des Experimentes. Er besteht aus einer Rechnerfarm von zur Zeit über 120 Computer, die auf 300 Rechner ausgebaut werden soll. Die manuelle Installation, Konfiguration und Wartung einer Rechnerfarm dieser Größe sind dabei jedoch sehr aufwändig und zeitintensiv. Die vorliegende Arbeit beschreibt die Implementierung und Funktionsweise einer autonomen Steuereinheit, die in jedem Rechner des HLT Computer Clusters eingebaut wurde. Die Hauptaufgaben der Steuereinheit sind die Fernsteuerung der Knoten und die automatische Installation, Überwachung und Wartung derselben. Ein weiteres erreichtes Ziel ist die universelle Nutzung der Steuereinheit: Denn aufgrund der heterogenen Clusterstruktur durfte es keine Einschränkungen für den Betrieb der Steuereinheit bezüglich des Rechnermodells oder des Betriebssystems der Clusterknoten geben. Dadurch lassen sich auch kostengünstige COTS (commercial-off-the-shelf) Rechner als Knoten einsetzen, ohne dabei auf die Fernwartungsfunktionen zu verzichten, wie sie in teuren Serverrechner zu finden sind. Die Steuereinheit ist bereits im Einsatz und ermöglicht die Fernwartung aller Rechner des HLT Clusters. Des Weiteren wurde die gesamte HLT Rechnerfarm mit Hilfe der Steuereinheit automatisch installiert, getestet und konfiguriert

Traffic classification with passive measurement

This is a master thesis from a collaboration between Oslo University College and Uninett Research. Uninett have a passive monitoring device on a 2.5 Gbps backbone link between Trondheim and Narvik. They uses measurement with optical splitters and specialized measuring interfaces to trace traffic with Gigabit speed. We would like to investigate the structure and patterns in these data. It is of special interest to classify the traffic belonging to different services and protocols. Traffic classification enables a variety of other applications and topics, including Quality of Service, security, monitoring, and intrusion-detection that are of use to research, accountants, network operators and end users. The ability to accurately identify the network traffic associated with different applications is therefore important. However, traditional traffic to higher-level application classification techniques such as port-based is highly inaccurate for some applications. In this thesis, we provide an efficient approach for identifying different applications through our classification methodology. Our results indicate that with our technique we achieves less than 6.5% unknown type in most cases compared to the port-based which is 46.6%. The project is divided into three phases. First we will have a look at the problems dealing with collecting data traces in high speed network system. Second we will explore how we can identify and classify the data into different categories. Finally we will try to analyse our results offline.Master i nettverks- og systemadministrasjo

The ALICE experiment at the CERN LHC

ALICE (A Large Ion Collider Experiment) is a general-purpose, heavy-ion detector at the CERN LHC which focuses on QCD, the strong-interaction sector of the Standard Model. It is designed to address the physics of strongly interacting matter and the quark-gluon plasma at extreme values of energy density and temperature in nucleus-nucleus collisions. Besides running with Pb ions, the physics programme includes collisions with lighter ions, lower energy running and dedicated proton-nucleus runs. ALICE will also take data with proton beams at the top LHC energy to collect reference data for the heavy-ion programme and to address several QCD topics for which ALICE is complementary to the other LHC detectors. The ALICE detector has been built by a collaboration including currently over 1000 physicists and engineers from 105 Institutes in 30 countries. Its overall dimensions are 161626 m3 with a total weight of approximately 10 000 t. The experiment consists of 18 different detector systems each with its own specific technology choice and design constraints, driven both by the physics requirements and the experimental conditions expected at LHC. The most stringent design constraint is to cope with the extreme particle multiplicity anticipated in central Pb-Pb collisions. The different subsystems were optimized to provide high-momentum resolution as well as excellent Particle Identification (PID) over a broad range in momentum, up to the highest multiplicities predicted for LHC. This will allow for comprehensive studies of hadrons, electrons, muons, and photons produced in the collision of heavy nuclei. Most detector systems are scheduled to be installed and ready for data taking by mid-2008 when the LHC is scheduled to start operation, with the exception of parts of the Photon Spectrometer (PHOS), Transition Radiation Detector (TRD) and Electro Magnetic Calorimeter (EMCal). These detectors will be completed for the high-luminosity ion run expected in 2010. This paper describes in detail the detector components as installed for the first data taking in the summer of 2008