An Approach to Designing Clusters for Large Data Processing

Cloud computing is increasingly being adopted due to its cost savings and abilities to scale. As data continues to grow rapidly, an increasing amount of institutions are adopting non standard SQL clusters to address the storage and processing demands of large data. However, evaluating and modelling non SQL clusters presents many challenges. In order to address some of these challenges, this thesis proposes a methodology for designing and modelling large scale processing configurations that respond to the end user requirements. Firstly, goals are established for the big data cluster. In this thesis, we use performance and cost as our goals. Secondly, the data is transformed from relational data schema to an appropriate HBase schema. In the third step, we iteratively deploy different clusters. We then model the clusters and evaluate different topologies (size of instances, number of instances, number of clusters, etc.). We use HBase as the large data processing cluster and we evaluate our methodology on traffic data from a large city and on a distributed community cloud infrastructure

Intrusion Detection and Countermeasure of Virtual Cloud Systems - State of the Art and Current Challenges

Clouds are distributed Internet-based platforms that provide highly resilient and scalable environments to be used by enterprises in a multitude of ways. Cloud computing offers enterprises technology innovation that business leaders and IT infrastructure managers can choose to apply based on how and to what extent it helps them fulfil their business requirements. It is crucial that all technical consultants have a rigorous understanding of the ramifications of cloud computing as its influence is likely to spread the complete IT landscape. Security is one of the major concerns that is of practical interest to decision makers when they are making critical strategic operational decisions. Distributed Denial of Service (DDoS) attacks are becoming more frequent and effective over the past few years, since the widely publicised DDoS attacks on the financial services industry that came to light in September and October 2012 and resurfaced in the past two years. In this paper, we introduce advanced cloud security technologies and practices as a series of concepts and technology architectures, from an industry-centric point of view. This is followed by classification of intrusion detection and prevention mechanisms that can be part of an overall strategy to help understand identify and mitigate potential DDoS attacks on business networks. The paper establishes solid coverage of security issues related to DDoS and virtualisation with a focus on structure, clarity, and well-defined blocks for mainstream cloud computing security solutions and platforms. In doing so, we aim to provide industry technologists, who may not be necessarily cloud or security experts, with an effective tool to help them understand the security implications associated with cloud adoption in their transition towards more knowledge-based systems

Ataques de negação de serviço na camada de aplicação : estudo de ataques lentos ao protocolo HTTP

Monografia (graduação)—Universidade de Brasília, Faculdade de Tecnologia, Departamento de Engenharia Elétrica, 2015.O assombroso desenvolvimento das redes de comunicação desencadeou um crescimento alarmante de diferentes tipos de investidas com pretensões maliciosas vinculadas à Internet. Entre elas, encaixam-se os ataques de negação de serviço, os quais, distinguindo-se de técnicas de invasão, tem como meta a interrupção de serviços. Os gigantescos prejuízos de ordem comercial e financeira resultantes desse modelo de ataque geram uma motivação de busca por conhecer suas características, levantar as formas de acometimento e diagnosticar os danos. Para tal, realizou-se um estudo voltado à descrição das práticas ofensivas, vulnerabilidades dos sistemas, métodos de mitigação e ferramentas de contenção. Foram praticadas simulações de ataques DDoS com foco em Slow DoS, apresentados os resultados advindos dos experimentos em questão e analisados os dados coletados no decorrer das experiências.The amazing development of communication networks has unleashed a alarming growth of different types of assaults with malicious intents related to Internet. Among them, denial of service attacks, different than invasion techniques, it has the intention of interrupting services. The huge comercial and financial damage of this model motivates many others to know the features, understand how these attacks affect the systems and how to diagnose the damages. This study is a research of offensive uses, vulnerabilities, mitigation methods e contention tools. Many simulations were perfomed in a DDoS scenario including mainly Slow DDoS, then presented the results of the experiments and their analysis