An elastic software architecture for extreme-scale big data analytics

This chapter describes a software architecture for processing big-data analytics considering the complete compute continuum, from the edge to the cloud. The new generation of smart systems requires processing a vast amount of diverse information from distributed data sources. The software architecture presented in this chapter addresses two main challenges. On the one hand, a new elasticity concept enables smart systems to satisfy the performance requirements of extreme-scale analytics workloads. By extending the elasticity concept (known at cloud side) across the compute continuum in a fog computing environment, combined with the usage of advanced heterogeneous hardware architectures at the edge side, the capabilities of the extreme-scale analytics can significantly increase, integrating both responsive data-in-motion and latent data-at-rest analytics into a single solution. On the other hand, the software architecture also focuses on the fulfilment of the non-functional properties inherited from smart systems, such as real-time, energy-efficiency, communication quality and security, that are of paramount importance for many application domains such as smart cities, smart mobility and smart manufacturing.The research leading to these results has received funding from the European Union’s Horizon 2020 Programme under the ELASTIC Project (www.elastic-project.eu), grant agreement No 825473.Peer ReviewedPostprint (published version

Architectural Enhancements for Data Transport in Datacenter Systems

Datacenter systems run myriad applications, which frequently communicate with each other and/or Input/Output (I/O) devices—including network adapters, storage devices, and accelerators. Due to the growing speed of I/O devices and the emergence of microservice-based programming models, the I/O software stacks have become a critical factor in end-to-end communication performance. As such, I/O software stacks have been evolving rapidly in recent years. Datacenters rely on fast, efficient “Software Data Planes”, which orchestrate data transfer between applications and I/O devices. The goal of this dissertation is to enhance the performance, efficiency, and scalability of software data planes by diagnosing their existing issues and addressing them through hardware-software solutions. In the first step, I characterize challenges of modern software data planes, which bypass the operating system kernel to avoid associated overheads. Since traditional interrupts and system calls cannot be delivered to user code without kernel assistance, kernel-bypass data planes use spinning cores on I/O queues to identify work/data arrival. Spin-polling obviously wastes CPU cycles on checking empty queues; however, I show that it entails even more drawbacks: (1) Full-tilt spinning cores perform more (useless) polling work when there is less work pending in the queues. (2) Spin-polling scales poorly with the number of polled queues due to processor cache capacity constraints, especially when traffic is unbalanced. (3) Spin-polling also scales poorly with the number of cores due to the overhead of polling and operation rate limits. (4) Whereas shared queues can mitigate load imbalance and head-of-line blocking, synchronization overheads of spinning on them limit their potential benefits. Next, I propose a notification accelerator, dubbed HyperPlane, which replaces spin-polling in software data planes. Design principles of HyperPlane are: (1) not iterating on empty I/O queues to find work/data in ready ones, (2) blocking/halting when all queues are empty rather than spinning fruitlessly, and (3) allowing multiple cores to efficiently monitor a shared set of queues. These principles lead to queue scalability, work proportionality, and enjoying theoretical merits of shared queues. HyperPlane is realized with a programming model front-end and a hardware microarchitecture back-end. Evaluation of HyperPlane shows its significant advantage in terms of throughput, average/tail latency, and energy efficiency over a state-of-the-art spin-polling-based software data plane, with very small power and area overheads. Finally, I focus on the data transfer aspect in software data planes. Cache misses incurred by accessing I/O data are a major bottleneck in software data planes. Despite considerable efforts put into delivering I/O data directly to the last-level cache, some access latency is still exposed. Cores cannot prefetch such data to nearer caches in today's systems because of the complex access pattern of data buffers and the lack of an appropriate notification mechanism that can trigger the prefetch operations. As such, I propose HyperData, a data transfer accelerator based on targeted prefetching. HyperData prefetches exact (rather than predicted) data buffers (or a required subset to avoid cache pollution) to the L1 cache of the consumer core at the right time. Prefetching can be done for both core-peripheral and core-core communications. HyperData's prefetcher is programmable and supports various queue formats—namely, direct (regular), indirect (Virtio), and multi-consumer queues. I show that with a minor overhead, HyperData effectively hides data access latency in software data planes, thereby improving both application- and system-level performance and efficiency.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/169826/1/hosseing_1.pd

4. generációs mobil rendszerek kutatása = Research on 4-th Generation Mobile Systems

A 3G mobil rendszerek szabványosítása a végéhez közeledik, legalábbis a meghatározó képességek tekintetében. Ezért létfontosságú azon technikák, eljárások vizsgálata, melyek a következő, 4G rendszerekben meghatározó szerepet töltenek majd be. Több ilyen kutatási irányvonal is létezik, ezek közül projektünkben a fontosabbakra koncentráltunk. A következőben felsoroljuk a kutatott területeket, és röviden összegezzük az elért eredményeket. Szórt spektrumú rendszerek Kifejlesztettünk egy új, rádiós interfészen alkalmazható hívásengedélyezési eljárást. Szimulációs vizsgálatokkal támasztottuk alá a megoldás hatékonyságát. A projektben kutatóként résztvevő Jeney Gábor sikeresen megvédte Ph.D. disszertációját neurális hálózatokra épülő többfelhasználós detekciós technikák témában. Az elért eredmények Imre Sándor MTA doktori disszertációjába is beépültek. IP alkalmazása mobil rendszerekben Továbbfejlesztettük, teszteltük és általánosítottuk a projekt keretében megalkotott új, gyűrű alapú topológiára épülő, a jelenleginél nagyobb megbízhatóságú IP alapú hozzáférési koncepciót. A témakörben Szalay Máté Ph.D. disszertációja már a nyilvános védésig jutott. Kvantum-informatikai módszerek alkalmazása 3G/4G detekcióra Új, kvantum-informatikai elvekre épülő többfelhasználós detekciós eljárást dolgoztunk ki. Ehhez új kvantum alapú algoritmusokat is kifejlesztettünk. Az eredményeket nemzetközi folyóiratok mellett egy saját könyvben is publikáltuk. | The project consists of three main research directions. Spread spectrum systems: we developed a new call admission control method for 3G air interfaces. Project member Gabor Jeney obtained the Ph.D. degree and project leader Sandor Imre submitted his DSc theses from this area. Application of IP in mobile systems: A ring-based reliable IP mobility mobile access concept and corresponding protocols have been developed. Project member Máté Szalay submitted his Ph.D. theses from this field. Quantum computing based solutions in 3G/4G detection: Quantum computing based multiuser detection algorithm was developed. Based on the results on this field a book was published at Wiley entitled: 'Quantum Computing and Communications - an engineering approach'

Prototype on FreeRTOS and RISC-V of the application software of the EPD ICU onboard Solar Orbiter

Solar Orbiter es un ambicioso proyecto desarrollado por la Agencia Espacial Europea que tiene como objetivo investigar más cercanamente nuestro sol. La ICU de su instrumento EPD corre su software de aplicación en RTEMS, el cual se ha demostrado que es confiable. Sin embargo, podemos tratar de mejorarlo desarrollando un puerto en FreeRTOS, el cual es más popular y puede proporcionar más escalabilidad. Este software correrá en una novedosa arquitectura llamada RISC-V. Para lograr esto, construiremos un prototipo y lo probaremos en la placa RV32M1-VEGA desarrollada por OpenISA.Solar Orbiter is an ambitious project developed by the European Space Agency which aims to investigate our sun more closely. Its Energetic Particle Detector ICU runs its application software with RTEMS, which is proven to be reliable. However, we aim to potentially improve it by building a port in FreeRTOS, which is a more popular and scalable RTOS and testing this software in a modern hardware architecture called RISC-V which is lightweight and fast. To do this, we will build a prototype and test it in the RV32M1-VEGA board developed by OpenISA.Grado en Ingeniería Informátic

DECEPTION BASED TECHNIQUES AGAINST RANSOMWARES: A SYSTEMATIC REVIEW

Ransomware is the most prevalent emerging business risk nowadays. It seriously affects business continuity and operations. According to Deloitte Cyber Security Landscape 2022, up to 4000 ransomware attacks occur daily, while the average number of days an organization takes to identify a breach is 191. Sophisticated cyber-attacks such as ransomware typically must go through multiple consecutive phases (initial foothold, network propagation, and action on objectives) before accomplishing its final objective. This study analyzed decoy-based solutions as an approach (detection, prevention, or mitigation) to overcome ransomware. A systematic literature review was conducted, in which the result has shown that deception-based techniques have given effective and significant performance against ransomware with minimal resources. It is also identified that contrary to general belief, deception techniques mainly involved in passive approaches (i.e., prevention, detection) possess other active capabilities such as ransomware traceback and obstruction (thwarting), file decryption, and decryption key recovery. Based on the literature review, several evaluation methods are also analyzed to measure the effectiveness of these deception-based techniques during the implementation process

A Taxonomy of Virtualization Security Issues in Cloud Computing Environments

Objectives: To identify the main challenges and security issues of virtualization in cloud computing environments. It reviews the alleviation techniques for improving the security of cloud virtualization systems. Methods/ Statistical Analysis: Virtualization is a fundamental technology for cloud computing, and for this reason, any cloud vulnerabilities and threats affect virtualization. In this study, the systematic literature review is performed to find out the vulnerabilities and risks of virtualization in cloud computing and to identify threats, and attacks result from those vulnerabilities. Furthermore, we discover and analyze the effective mitigation techniques that are used to protect, secure, and manage virtualization environments. Findings: Thirty vulnerabilities are identified, explained, and classified into six proposed classes. Furthermore, fifteen main virtualization threats and attacks ar defined according to exploited vulnerabilities in a cloud environment. Application/Improvements: A set of common mitigation solutions are recognized and discovered to alleviate the virtualization security risks. These reviewed techniques are analyzed and evaluated according to five specified security criteria

Intrusion Detection and Countermeasure of Virtual Cloud Systems - State of the Art and Current Challenges

Clouds are distributed Internet-based platforms that provide highly resilient and scalable environments to be used by enterprises in a multitude of ways. Cloud computing offers enterprises technology innovation that business leaders and IT infrastructure managers can choose to apply based on how and to what extent it helps them fulfil their business requirements. It is crucial that all technical consultants have a rigorous understanding of the ramifications of cloud computing as its influence is likely to spread the complete IT landscape. Security is one of the major concerns that is of practical interest to decision makers when they are making critical strategic operational decisions. Distributed Denial of Service (DDoS) attacks are becoming more frequent and effective over the past few years, since the widely publicised DDoS attacks on the financial services industry that came to light in September and October 2012 and resurfaced in the past two years. In this paper, we introduce advanced cloud security technologies and practices as a series of concepts and technology architectures, from an industry-centric point of view. This is followed by classification of intrusion detection and prevention mechanisms that can be part of an overall strategy to help understand identify and mitigate potential DDoS attacks on business networks. The paper establishes solid coverage of security issues related to DDoS and virtualisation with a focus on structure, clarity, and well-defined blocks for mainstream cloud computing security solutions and platforms. In doing so, we aim to provide industry technologists, who may not be necessarily cloud or security experts, with an effective tool to help them understand the security implications associated with cloud adoption in their transition towards more knowledge-based systems

Modeling web applications infrastructure with ASMs

We describe via Abstract State Machines the major ingredients of contemporary web applications: a web browser running JavaScript programs and a web server dispatching requests to one of several modules, each one representing a class of established web application frameworks. The web browser model comes in four levels, namely transport, stream, context and browser level, and is focussed on the interaction with possibly multiple servers (which requires a concurrent computation model) and on script execution (which requires a dynamic assignment of agents to programs). The server model is focussed on the Request–Reply pattern, and specifies a delegation strategy where the handling of a request is entrusted to a module. We show how several major frameworks for web applications can be described as progressive refinements of a number of basic modules. Three modules are further detailed: static file transfer, CGI and generic scripting modules