Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse

An "optimistic" acknowledgment (OptAck) is an acknowledgment sent by a misbehaving client for a data segment that it has not received. Whereas previous work has focused on OptAck as a means to greedily improve end-to-end performance, we study OptAck exclusively as a denial of service attack. Specifically, an attacker sends optimistic acknowledgments to many victims in parallel, thereby amplifying its effective bandwidth by a factor of 30 million (worst case). Thus, even a relatively modest attacker can totally saturate the paths from many victims back to the attacker. Worse, a distributed network of compromised machines (``zombies'') can exploit this attack in parallel to bring about wide-spread, sustained congestion collapse. We implement this attack both in simulation and in a wide-area network, and show it severity both in terms of number of packets and total traffic generated. We engineer and implement a novel solution that does not require client or network modifications allowing for practical deployment. Additionally, we demonstrate the solution's efficiency on a real network

Slurpie: A Cooperative Bulk Data Transfer Protocol

We present Slurpie: a peer-to-peer protocol for bulk data transfer. Slurpie is specifically designed to reduce client download times for large, popular files, and to reduce load on servers that serve these files. Slurpie employs a novel adaptive downloading strategy to increase client performance, and employs a randomized backoff strategy to precisely control load on the server. We describe a full implementation of the Slurpie protocol, and present results from both controlled localarea and wide-area testbeds. Our results show that Slurpie clients improve performance as the size of the network increases, and the server is completely insulated from large flash crowds entering the Slurpie network

HIV-1 Env associates with HLA-C free-chains at the cell membrane modulating viral infectivity

HLA-C has been demonstrated to associate with HIV-1 envelope glycoprotein (Env). Virions lacking HLA-C have reduced infectivity and increased susceptibility to neutralizing antibodies. Like all others MHC-I molecules, HLA-C requires \u3b22-microglobulin (\u3b22m) for appropriate folding and expression on the cell membrane but this association is weaker, thus generating HLA-C free-chains on the cell surface. In this study, we deepen the understanding of HLA-C and Env association by showing that HIV-1 specifically increases the amount of HLA-C free chains, not bound to \u3b22m, on the membrane of infected cells. The association between Env and HLA-C takes place at the cell membrane requiring \u3b22m to occur. We report that the enhanced infectivity conferred to HIV-1 by HLA-C specifically involves HLA-C free chain molecules that have been correctly assembled with \u3b22m. HIV-1 Env-pseudotyped viruses produced in the absence of \u3b22m are less infectious than those produced in the presence of \u3b22m. We hypothesize that the conformation and surface expression of HLA-C molecules could be a discriminant for the association with Env. Binding stability to \u3b22m may confer to HLA-C the ability to preferentially act either as a conventional immune-competent molecule or as an accessory molecule involved in HIV-1 infectivity

Query-based debugging of distributed systems

One of the most challenging aspects of debugging distributed systems is understanding system behavior in the period leading up to a bug. Since traditional debuggers such as gdb are not well suited to distributed system debugging, developers often resort to annotating their code with log statements and then writing one-off scripts that perform ad-hoc searches through the logged data. To improve this cumbersome process, we propose that the state of a distributed system execution should be programmatically and interactively available for postmortem analysis. We observe that the three defining properties of entries in a distributed system's log are "time," "node identifier," and "event type," and treat the log as a logical cube with these dimensions. By exploiting the structure of this state matrix, developers can use a high-level query language to efficiently extract information instead of manually inspecting log files or writing log processing scripts. In this dissertation, we describe the debugging process based on a query-oriented approach. We begin with an introduction of the state matrix abstraction and show how it can capture useful properties of distributed systems' executions. We then present NyQL, an object-oriented query language operating over the contents of the state matrix and describe one possible implementation as a translation to SQL queries executed over a relational database. Next, we present an implementation of a logging system that generates queryable logs in Mace, a source-to-source translator and library for building distributed systems. We present techniques for mitigating the logging overhead by giving NyQL queries to the \mace translator and show that in many cases queries can be resolved in a few seconds. We then demonstrate how using NyQL simplified debugging a handful of bugs in two different distributed systems. Finally, we extend our logging techniques to systems without source-to -source translators by developing two general-purpose libraries &mdash one in C++ and one in Java. We describe the differences between all three systems in terms of functionality and ease of use and then conclude with some future directions for distributed systems debuggin

Remote Control: Distributed Application Configuration, Management, and Visualization with Plush Abstract

Support for distributed application management in large-scale networked environments remains in its early stages. Although a number of solutions exist for subtasks of application deployment, monitoring, maintenance, and visualization in distributed environments, few tools provide a unified framework for application management. Many of the existing tools address the management needs of a single type of application or service that runs in a specific environment, and these tools are not adaptable enough to be used for other applications or platforms. In this paper, we present the design and implementation of Plush, a fully configurable application management infrastructure designed to meet the general requirements of several different classes of distributed applications and execution environments. Plush allows developers to specifically define the flow of control needed by their computations using application building blocks. Through an extensible resource management interface, Plush supports execution in a variety of environments, including both live deployment platforms and emulated clusters. To gain an understanding of how Plush manages different classes of distributed applications, we take a closer look at specific applications and evaluate how Plush provides support for each.

Scalable resilient media streaming

We present a low-overhead media streaming system, called SRMS (Scalable Resilient Media Streaming) that can be used to scalably deliver streaming data to a large group of receivers. SRMS uses overlay multicast for data distribution. SRMS leverages a probabilistic loss recovery technique to provide high data delivery guarantees even under large network losses and overlay node failures. The clients in the SRMS system are able to interoperate with existing media streaming servers that use RTP for data transport. One of the interesting features of SRMS is that it can simultaneously support clients with disparate access bandwidths. It enables the necessary bandwidth adaptations using standard Real-time Transport Protocol (RTP) mechanisms, e.g. RTP translators. We have implemented and evaluated the SRMS system in detail on an emulated network as well as on a wide-area testbed with up to 128 clients. Our results show that clients using SRMS achieve high (> 97%) data delivery ratios with low overheads (< 5%) even for a very dynamic network (up to five membership changes per minute)