Covert timing channels using HTTP cache headersyalegko
This document discusses using HTTP cache headers to create covert timing channels for transmitting information between hosts without detection. It provides examples of encoding data in the Accept-Language header and describes how headers like Last-Modified and ETag can be used to transmit bits by checking if the page has changed. Issues in implementation are addressed, like needing synchronization. Evaluation shows channels can transmit over 1 bit/second over local networks and around 5 bits/second over the internet. Browser-based channels in JavaScript are also proposed.
The document discusses load balancing techniques used to distribute workloads across multiple servers or resources. It begins with an introduction to load balancing and its benefits, such as increased capacity and continued service during failures. It then describes three main methods for load balancing in Linux: virtual server via NAT (VS/NAT), virtual server via tunneling (VS/TUN), and virtual server via direct routing (VS/DR). Each method forwards requests to servers differently while maintaining a single virtual IP address for clients. VS/NAT rewrites packets, VS/TUN uses encapsulation, and VS/DR directly routes packets on a shared LAN. The document provides examples and compares the advantages and disadvantages of each approach.
What is the difference between the way Ruby and Erlang processes are scheduled? I explore the differences in latency and where this can lead to issues in industries like payments.
The document discusses using a composite source scope in Mule ESB to listen for incoming messages from multiple channels. A composite source can wrap multiple inbound endpoints, such as HTTP listeners and a file connector. This allows a single flow to be triggered regardless of which endpoint receives the message. The document provides an example XML configuration that defines two HTTP listeners and a file inbound endpoint wrapped within a composite source. It also describes how to test the application by sending messages to the different endpoints.
an overview from the HTTP2 protocol including comparison with previous version, a deeper look over the protocol enhancements, compatibility matrix with the internet ecosystem and set of online demos that can show the performance optimization.
Covert Timing Channels using HTTP Cache HeadersDenis Kolegov
In this presentation covert timing channels using HTTP cache headers are described. Peculiarities of programming implementation of the covert channels depending on HTTP cache headers, threat model, programming language (C, JavaScript, Python, Ruby) and environment (web-browser, malicious software) are considered. The basic characteristics of the implemented covert channels are provided. Module and extension implementing ETag-based covert timing channels that were implemented in BeEF framework are discussed.
Covert timing channels using HTTP cache headersyalegko
This document discusses using HTTP cache headers to create covert timing channels for transmitting information between hosts without detection. It provides examples of encoding data in the Accept-Language header and describes how headers like Last-Modified and ETag can be used to transmit bits by checking if the page has changed. Issues in implementation are addressed, like needing synchronization. Evaluation shows channels can transmit over 1 bit/second over local networks and around 5 bits/second over the internet. Browser-based channels in JavaScript are also proposed.
The document discusses load balancing techniques used to distribute workloads across multiple servers or resources. It begins with an introduction to load balancing and its benefits, such as increased capacity and continued service during failures. It then describes three main methods for load balancing in Linux: virtual server via NAT (VS/NAT), virtual server via tunneling (VS/TUN), and virtual server via direct routing (VS/DR). Each method forwards requests to servers differently while maintaining a single virtual IP address for clients. VS/NAT rewrites packets, VS/TUN uses encapsulation, and VS/DR directly routes packets on a shared LAN. The document provides examples and compares the advantages and disadvantages of each approach.
What is the difference between the way Ruby and Erlang processes are scheduled? I explore the differences in latency and where this can lead to issues in industries like payments.
The document discusses using a composite source scope in Mule ESB to listen for incoming messages from multiple channels. A composite source can wrap multiple inbound endpoints, such as HTTP listeners and a file connector. This allows a single flow to be triggered regardless of which endpoint receives the message. The document provides an example XML configuration that defines two HTTP listeners and a file inbound endpoint wrapped within a composite source. It also describes how to test the application by sending messages to the different endpoints.
an overview from the HTTP2 protocol including comparison with previous version, a deeper look over the protocol enhancements, compatibility matrix with the internet ecosystem and set of online demos that can show the performance optimization.
Covert Timing Channels using HTTP Cache HeadersDenis Kolegov
In this presentation covert timing channels using HTTP cache headers are described. Peculiarities of programming implementation of the covert channels depending on HTTP cache headers, threat model, programming language (C, JavaScript, Python, Ruby) and environment (web-browser, malicious software) are considered. The basic characteristics of the implemented covert channels are provided. Module and extension implementing ETag-based covert timing channels that were implemented in BeEF framework are discussed.
Load Balanced DNS Server A server which cycles through IP ...webhostingguy
The document discusses different methods of load balancing servers, including DNS load balancing and IP spoofing. It focuses on implementing DNS load balancing for a server that cycles through IP addresses of web servers when responding to DNS requests for a particular hostname. A massive DNS client was created to send many requests to the DNS server to test the load balancing.
This document discusses network application performance and ways to improve it. It covers topics like delay, throughput, jitter, quality of service (QoS), and performance measurement tools. Key points include identifying various sources of delay like processing, retransmissions, queueing, and propagation. It also discusses transport protocols TCP and UDP, and ways to optimize TCP performance through techniques like jumbo frames, path MTU discovery, window scaling, and selective acknowledgements. The roles of different network stakeholders in ensuring good performance are also mentioned.
The HTTP/2 protocol is the latest evolution of the HTTP protocol addressing the issue of HTTP/TCP impedance mismatch. Web applications have been working around this problem for years employing techniques like concatenation or css spriting to reduce page load time and improve user experience. HTTP/2 is also a game changer on the server enabling increased concurrency. This talk will focus on the impact HTTP/2 will have on the server and examine how particularly well adapted the Vert.x concurrency model is to serve HTTP/2 applications.
The document provides biographical information about Brandon Kang in Korean. It lists his previous work experiences at Samsung SDS and Microsoft Korea, as well as his current role at Akamai Korea. It also outlines his areas of focus, which include writing books and translating on topics such as IT trends, web programming, mobile apps, and games.
Java RMI allows objects residing on one machine to invoke methods on objects residing on another machine across a network. It works by having the client invoke methods on a stub object that passes the request to a remote reference layer, which sends it to the actual remote object on the server machine. To use RMI, developers must define interfaces, implement server and client classes, start the rmiregistry, run the server and client, and have the client look up remote objects via the registry.
The document discusses using alternative infrastructures like Nginx and Redis instead of traditional Apache and MySQL. It describes building a Twitter clone called "Retwis" using Sinatra and Redis, and compares the performance of Nginx to Apache when serving static and dynamic content. Nginx generally outperforms Apache, especially for static files, due to its asynchronous and event-based architecture avoiding context switches. Load testing revealed issues with current practices for MySQL dumps and load testing that do not properly simulate high concurrency or isolate variables.
- Designed and developed simplified version of single thread event-based web server engine with Java
- Designed overall architectures and implemented event loop and socket programming
- Attained higher amount of throughput and lower error rate of http request handling comparing with NodeJS
This document describes a custom reliable file transfer protocol over UDP that is designed to perform better than TCP in lossy network conditions. It discusses the protocol design which uses sequence numbers and negative acknowledgements to provide reliability over UDP. The protocol is tested on a simulated network with varying packet loss rates and delays. Results show the protocol achieves higher throughput than TCP-based file transfer methods on lossy links.
HTTP/2 is a new version of the HTTP network protocol that makes web content delivery faster and more efficient. It introduces features like multiplexing, header compression, and server push that fix limitations in HTTP/1.1 like head-of-line blocking and slow start. HTTP/2 is now supported in all major browsers and servers and provides performance improvements over HTTP/1.1 without requiring workarounds. The presentation provided an overview of HTTP/2 concepts and how to troubleshoot using developer tools.
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...Continuent
In this advanced session we take a look at the various options and steps for installing a Tungsten Clustering in place of native MySQL replication. This training is aimed at anyone new to Tungsten Clustering without prior experience, however it is recommended that you have watched the following previous training sessions to understand how Tungsten Clustering works.
Course Prerequisite Learning
- Basics: Introduction to Clustering
- Basics: The Power of the Connector
AGENDA
- Review the cluster architecture
- Discuss upgrade methods
- In Place Conversion
- New Cluster with Direct Feed
- Review prerequisites required
- Walkthrough an upgrade (full end to end demo)
- Recap key resources and tools
(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...BIOVIA
AEP 9.0 will see several changes to the core infrastructure which will require changes to the way the server is managed as well as new deployment options that may affect the ways that protocol developers deliver content to their users. We will cover the addition of Tomcat as a new side by side service with Apache, new administration features: exporting and importing server configurations, maintenance mode, and new deployment options: HTTPS and HTTP only modes, deploying behind reverse proxies, and HTTP load balancing.
Building scalable network applications with Netty (as presented on NLJUG JFal...Jaap ter Woerds
The presentation I gave on creating server application with Netty, including an example of how it is used to power XMS the mobile messaging platform of eBuddy.
Example code is on github: https://github.com/jaapterwoerds/jfall-netty4
More information on eBuddy: xms.me and tech.ebuddy.com
Boyan Ivanov - latency, the #1 metric of your cloudShapeBlue
No two clouds are the same. Yet the leading clouds all have one thing in common: they deliver on metrics, which matter to the customer. In this session we'll dissect leading clouds, to show why low latency is the thing that makes a cloud stand out.
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...Edward Burns
Servlet is very easily the most important standard in server-side Java. The much awaited HTTP/2 standard is now complete, was fifteen years in the making and promises to radically speed up the entire web through a series of fundamental protocol optimizations.
In this session we will take a detailed look at the changes in HTTP/2 and discuss how it may change the Java ecosystem including the foundational Servlet 4 specification included in Java/Jakarta EE 8.
This document discusses high availability, load balancing, and how Apache 2.2 and Tomcat 6.0 work together to provide a highly available and load balanced solution. It provides an overview of horizontal and vertical scaling. It then demonstrates a live example of configuring Apache as a load balancer for two Tomcat instances. The presentation concludes with a live demo of the load balancer manager interface.
Denial of Service Mitigation Tactics in FreeBSDSteven Kreuzer
Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing.
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...Denis Kolegov
The document describes research into new covert timing channels based on HTTP cache headers. The researchers discovered previously unknown techniques and implemented most efficient channels using the ETag header in the Browser Exploitation Framework and Google Drive environment. They classified channels as client-server or server-client, and explored channels using headers like Last-Modified, ETag, If-Modified-Since and If-None-Match. The software implementation addressed issues like server-client synchronization, varying request times, and high CPU load during sleep cycles.
The document discusses benchmarking the performance of compute and database services on the cloud. It outlines procedures to test IOPS, network performance, and CPU usage of a compute instance and database throughput, connections, and queries per second of a DB service. Tests were run varying threads, block sizes, and parallel connections. The compute instance showed optimal IOPS at specific block sizes and higher write than read performance. Database performance increased with more connections but was limited by the server. Issues noted were inability to directly measure IOPS and lack of short-term monitoring data. Finally, a WordPress application was deployed on a compute instance connected to a database service to test performance.
This document summarizes a presentation on improvements to RMF's Parallel Sysplex instrumentation over recent years. Some key points covered include:
1) Structure-level CPU reporting in SMF 74-4 allows for capacity planning at the individual structure level and examining CPU consumption of different structures.
2) Enhancements help match CPU data between SMF 70-1 and 74-4 to get a complete picture of Coupling Facility CPU usage.
3) Additional instrumentation provides useful information on topics like structure duplexing performance, XCF traffic patterns, and Coupling Facility link details.
Load Balanced DNS Server A server which cycles through IP ...webhostingguy
The document discusses different methods of load balancing servers, including DNS load balancing and IP spoofing. It focuses on implementing DNS load balancing for a server that cycles through IP addresses of web servers when responding to DNS requests for a particular hostname. A massive DNS client was created to send many requests to the DNS server to test the load balancing.
This document discusses network application performance and ways to improve it. It covers topics like delay, throughput, jitter, quality of service (QoS), and performance measurement tools. Key points include identifying various sources of delay like processing, retransmissions, queueing, and propagation. It also discusses transport protocols TCP and UDP, and ways to optimize TCP performance through techniques like jumbo frames, path MTU discovery, window scaling, and selective acknowledgements. The roles of different network stakeholders in ensuring good performance are also mentioned.
The HTTP/2 protocol is the latest evolution of the HTTP protocol addressing the issue of HTTP/TCP impedance mismatch. Web applications have been working around this problem for years employing techniques like concatenation or css spriting to reduce page load time and improve user experience. HTTP/2 is also a game changer on the server enabling increased concurrency. This talk will focus on the impact HTTP/2 will have on the server and examine how particularly well adapted the Vert.x concurrency model is to serve HTTP/2 applications.
The document provides biographical information about Brandon Kang in Korean. It lists his previous work experiences at Samsung SDS and Microsoft Korea, as well as his current role at Akamai Korea. It also outlines his areas of focus, which include writing books and translating on topics such as IT trends, web programming, mobile apps, and games.
Java RMI allows objects residing on one machine to invoke methods on objects residing on another machine across a network. It works by having the client invoke methods on a stub object that passes the request to a remote reference layer, which sends it to the actual remote object on the server machine. To use RMI, developers must define interfaces, implement server and client classes, start the rmiregistry, run the server and client, and have the client look up remote objects via the registry.
The document discusses using alternative infrastructures like Nginx and Redis instead of traditional Apache and MySQL. It describes building a Twitter clone called "Retwis" using Sinatra and Redis, and compares the performance of Nginx to Apache when serving static and dynamic content. Nginx generally outperforms Apache, especially for static files, due to its asynchronous and event-based architecture avoiding context switches. Load testing revealed issues with current practices for MySQL dumps and load testing that do not properly simulate high concurrency or isolate variables.
- Designed and developed simplified version of single thread event-based web server engine with Java
- Designed overall architectures and implemented event loop and socket programming
- Attained higher amount of throughput and lower error rate of http request handling comparing with NodeJS
This document describes a custom reliable file transfer protocol over UDP that is designed to perform better than TCP in lossy network conditions. It discusses the protocol design which uses sequence numbers and negative acknowledgements to provide reliability over UDP. The protocol is tested on a simulated network with varying packet loss rates and delays. Results show the protocol achieves higher throughput than TCP-based file transfer methods on lossy links.
HTTP/2 is a new version of the HTTP network protocol that makes web content delivery faster and more efficient. It introduces features like multiplexing, header compression, and server push that fix limitations in HTTP/1.1 like head-of-line blocking and slow start. HTTP/2 is now supported in all major browsers and servers and provides performance improvements over HTTP/1.1 without requiring workarounds. The presentation provided an overview of HTTP/2 concepts and how to troubleshoot using developer tools.
Training Slides: Advanced 304: Upgrading From Native MySQL Replication To Tun...Continuent
In this advanced session we take a look at the various options and steps for installing a Tungsten Clustering in place of native MySQL replication. This training is aimed at anyone new to Tungsten Clustering without prior experience, however it is recommended that you have watched the following previous training sessions to understand how Tungsten Clustering works.
Course Prerequisite Learning
- Basics: Introduction to Clustering
- Basics: The Power of the Connector
AGENDA
- Review the cluster architecture
- Discuss upgrade methods
- In Place Conversion
- New Cluster with Direct Feed
- Review prerequisites required
- Walkthrough an upgrade (full end to end demo)
- Recap key resources and tools
(ATS4-PLAT01) Core Architecture Changes in AEP 9.0 and their Impact on Admini...BIOVIA
AEP 9.0 will see several changes to the core infrastructure which will require changes to the way the server is managed as well as new deployment options that may affect the ways that protocol developers deliver content to their users. We will cover the addition of Tomcat as a new side by side service with Apache, new administration features: exporting and importing server configurations, maintenance mode, and new deployment options: HTTPS and HTTP only modes, deploying behind reverse proxies, and HTTP load balancing.
Building scalable network applications with Netty (as presented on NLJUG JFal...Jaap ter Woerds
The presentation I gave on creating server application with Netty, including an example of how it is used to power XMS the mobile messaging platform of eBuddy.
Example code is on github: https://github.com/jaapterwoerds/jfall-netty4
More information on eBuddy: xms.me and tech.ebuddy.com
Boyan Ivanov - latency, the #1 metric of your cloudShapeBlue
No two clouds are the same. Yet the leading clouds all have one thing in common: they deliver on metrics, which matter to the customer. In this session we'll dissect leading clouds, to show why low latency is the thing that makes a cloud stand out.
HTTP/2 Comes to Java: Servlet 4.0 and what it means for the Java/Jakarta EE e...Edward Burns
Servlet is very easily the most important standard in server-side Java. The much awaited HTTP/2 standard is now complete, was fifteen years in the making and promises to radically speed up the entire web through a series of fundamental protocol optimizations.
In this session we will take a detailed look at the changes in HTTP/2 and discuss how it may change the Java ecosystem including the foundational Servlet 4 specification included in Java/Jakarta EE 8.
This document discusses high availability, load balancing, and how Apache 2.2 and Tomcat 6.0 work together to provide a highly available and load balanced solution. It provides an overview of horizontal and vertical scaling. It then demonstrates a live example of configuring Apache as a load balancer for two Tomcat instances. The presentation concludes with a live demo of the load balancer manager interface.
Denial of Service Mitigation Tactics in FreeBSDSteven Kreuzer
Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing.
Covert Timing Channels based on HTTP Cache Headers (Special Edition for Top 1...Denis Kolegov
The document describes research into new covert timing channels based on HTTP cache headers. The researchers discovered previously unknown techniques and implemented most efficient channels using the ETag header in the Browser Exploitation Framework and Google Drive environment. They classified channels as client-server or server-client, and explored channels using headers like Last-Modified, ETag, If-Modified-Since and If-None-Match. The software implementation addressed issues like server-client synchronization, varying request times, and high CPU load during sleep cycles.
The document discusses benchmarking the performance of compute and database services on the cloud. It outlines procedures to test IOPS, network performance, and CPU usage of a compute instance and database throughput, connections, and queries per second of a DB service. Tests were run varying threads, block sizes, and parallel connections. The compute instance showed optimal IOPS at specific block sizes and higher write than read performance. Database performance increased with more connections but was limited by the server. Issues noted were inability to directly measure IOPS and lack of short-term monitoring data. Finally, a WordPress application was deployed on a compute instance connected to a database service to test performance.
This document summarizes a presentation on improvements to RMF's Parallel Sysplex instrumentation over recent years. Some key points covered include:
1) Structure-level CPU reporting in SMF 74-4 allows for capacity planning at the individual structure level and examining CPU consumption of different structures.
2) Enhancements help match CPU data between SMF 70-1 and 74-4 to get a complete picture of Coupling Facility CPU usage.
3) Additional instrumentation provides useful information on topics like structure duplexing performance, XCF traffic patterns, and Coupling Facility link details.
Many applications are network I/O bound, including common database-based applications and service-based architectures. But operating systems and applications are often untuned to deliver high performance. This session uncovers hidden issues that lead to low network performance, and shows you how to overcome them to obtain the best network performance possible.
This document discusses Quality of Service (QoS) in converged networks. It describes how traffic characteristics have changed with converged networks, bringing together constant small-packet voice flows and bursty data flows. This requires that critical traffic like voice and video be prioritized to address issues like delays, jitter, and packet loss. The document then discusses various factors that can cause these quality issues, such as lack of bandwidth, end-to-end delay, jitter, and packet loss. It proposes different QoS mechanisms to classify traffic, prioritize time-sensitive traffic, and prevent congestion including IntServ, DiffServ, traffic policing, shaping, queuing techniques, and dropping policies. The goal is to apply these techniques to
A talk I gave at the Boston Web Performance Meetup in August 2014.
Performance is one of the most challenging issues in modern web app design, in large part because modeling, testing, and validating performance before deploying to production is so challenging. While many ops teams have nailed down the problem of re-creating pre-production environments that closely mimic production, those environments frequently rely on known-good components beyond the application code itself: AWS ELB, F5 load balancers, CDNs, Varnish, and more.
Testing plug-in components like that can be challenging, because their performance characteristics don't directly align with application metrics.
- How many simultaneous users can my load balancer support? - What sort of network load will I put on my CDN (i.e., how much will it cost?) - How do different user behavior patterns affect performance?
In this meetup, we'll introduce a novel tool in this toolbox: tcpreplay, an open-source tool for replaying packet capture files back at an application. By replaying user traffic to a staging environment, you can test the effects of
- Network saturation to the load balancer - High numbers of users / IPs - Lots of traffic to your other monitoring tools!
Aplication and Transport layer- a practical approachSarah R. Dowlath
This presentation was done for a Networking course. It really shows from a more practical standpoint how the application layer and the transport layer communicates with each other and operates on a whole to get the job done. It gives the reader more insight of how the pieces come together in an IT networking world.
Many applications are network I/O bound, including common database-based applications and service-based architectures. But operating systems and applications are often untuned to deliver high performance. This session uncovers hidden issues that lead to low network performance, and shows you how to overcome them to obtain the best network performance possible.
اِنجیناِکس (به انگلیسی: nginx) یک کارساز وب با حجم پایین و کارایی بالا است که تحت مجوز بیاسدی منتشر میشود. این کارساز وب در یونیکس، گنو/لینوکس، بیاسدی، مک او اس و ویندوز اجرا میشود. بر طبق گفتهٔ نتکرافت، در حال حاضر ۱۲.۰۷٪ از دامنههای اینترنت از این کارساز استفاده میکنند.
این پروژه در سال ۲۰۰۱ بنیان نهاده شد و توسط یک توسعهدهنده مستقل به نام ایگور سیسووف (به انگلیسی: Igor Sysoev) به مرحله اجرا درآمد تا در یکی از وبسایتهای پرترافیک به نام رامبرلر به خدمت گرفته شود که این وبسایت در تاریخ سپتامبر ۲۰۰۸، روزانه بیش از ۵۰۰ میلیون درخواست HTTP داشته است. در حال حاضر وبسایتهای سرشناسی همچون فیسبوک، نتفلیکس، وردپرس، سورسفورج و ... از انجیناکس استفاده میکنند.[۶] در نسخه ۵٫۲ اوپنبیاسده که در نوامبر ۲۰۱۲ عرضه شد هم نرمافزار انجیناکس به صورت پیشفرض در سیستم قرار داده شد تا جایگزینی باشد برای آپاچی ۱٫۳. در نهایت در سال ۲۰۱۴ آپاچی از درخت کد منبع اوپنبیاسدی حذف شد.
This document discusses integrated services and differentiated services for providing quality of service (QoS) on the internet. Integrated services uses resource reservation and traffic classification to provide guaranteed, controlled load, and best effort services. It requires per-flow state maintenance in routers. Differentiated services provides a simpler approach using traffic conditioning and per-hop behavior based on DS codepoints, without per-flow state. It aggregates traffic into behavior aggregates for forwarding.
This document discusses integrated services and differentiated services for providing quality of service (QoS) in IP networks. It introduces integrated services architecture (ISA) which allows applications to reserve resources. ISA uses RSVP for signaling and implements services like guaranteed service and controlled load service using queue management techniques like weighted fair queueing. Differentiated services provides QoS by classifying traffic into aggregates based on DS field values and applying different per-hop behaviors like assured forwarding and expedited forwarding. Interior routers apply simple queuing rules based on DS values while boundary routers do traffic conditioning functions like classification, metering, marking and shaping.
The document discusses remote procedure calls (RPC) and how they work. RPC allows a process on one machine to call a procedure on another machine. The calling process is suspended while the procedure executes remotely. RPC is implemented using request-reply protocols and stubs/proxies that marshal parameters and results between machines. The key steps in an RPC involve the client stub packaging arguments and sending a request, the server stub receiving it and calling the procedure, and reply messages being returned. RPC aims for syntactic and semantic transparency by making remote calls appear the same as local calls.
High Performance Communication for Oracle using InfiniBandwebhostingguy
The document discusses how InfiniBand provides benefits for Oracle databases by enabling higher performance communication within Oracle Real Application Clusters (RAC). InfiniBand allows for faster block transfers, lower CPU utilization, and higher throughput compared to Gigabit Ethernet. It also supports features like remote direct memory access that improve performance of Oracle RAC operations like locking and parallel queries.
Initially presented at Software Architecture Conference in Boston, MA on 3/18/15.
Distributed systems are complex beasts. Breaking your application into multiple services introduces new types of errors, cascading failures, and CAP theorem limitations. Unfortunately, your uptime and sanity both suffer. This session will focus on various tactics and learnings from Lucid Software's migration to a service oriented architecture.
Reduced network traffic provides benefits to end users on heavily used networks. In a client-server model, fewer network transmissions are required to complete a task since the client only receives data when the requested work is complete. Migrating reporting functions to the server maximizes the benefits of reduced network transmission costs by only returning the results of the report.
CDNs improve response times and enable streaming of audio/video by distributing content across multiple servers located close to users. DNS-based CDNs select the nearest surrogate server using DNS lookups, but this has delays. Service-oriented routers select servers based on packet contents and server loads, improving performance. NetServ routers can dynamically deploy "MicroCDN" modules to cache content on nearby routers for future user requests.
Building Asynchronous Microservices with ArmeriaLINE Corporation
Armeria is a microservices framework that focuses on asynchrony and reactive programming. It implements reactive streams and allows mixing different service types like HTTP, gRPC, and Thrift in a single server. Armeria uses Netty and is high-performance. It provides features like HTTP/2 support, distributed tracing, interceptors, and decorators. The documentation service allows browsing and invoking RPC services. Armeria aims to have an easy to use asynchronous API and be on par with popular web frameworks. It can be used to build asynchronous microservices and the documentation encourages contributing to the project.
The document discusses the development of a Netty 4-based RPC system. It describes using Netty 4 as a non-blocking I/O framework for building asynchronous network applications. It then outlines the design of the RPC system, including components like stubs, skeletons, command handling, and deployment. Finally, it discusses performance testing done on the RPC system to evaluate aspects like throughput, response times, resource usage and scalability under different loads.
This document presents application layer anycasting as a server selection architecture for replicated web services. It discusses problems with existing server selection methods and outlines an anycasting communication paradigm where a client connects to the best server in an anycast group. The proposed architecture uses anycast domain names and filters at clients and resolvers to select the optimal server. Experimental results show this approach improves response times over other selection methods and balances load more effectively as more clients are added.
High performance browser networking ch1,2,3Seung-Bum Lee
Presentation material including summary of "High Performance Browser Networking" by Ilya Grigorik. This book includes very good summary of computer network not only for internet browsing but also multimedia streaming.
Sharing is Caring: Toward Creating Self-tuning Multi-tenant Kafka (Anna Povzn...HostedbyConfluent
Deploying Kafka to support multiple teams or even an entire company has many benefits. It reduces operational costs, simplifies onboarding of new applications as your adoption grows, and consolidates all your data in one place. However, this makes applications sharing the cluster vulnerable to any one or few of them taking all cluster resources. The combined cluster load also becomes less predictable, increasing the risk of overloading the cluster and data unavailability.
In this talk, we will describe how to use quota framework in Apache Kafka to ensure that a misconfigured client or unexpected increase in client load does not monopolize broker resources. You will get a deeper understanding of bandwidth and request quotas, how they get enforced, and gain intuition for setting the limits for your use-cases.
While quotas limit individual applications, there must be enough cluster capacity to support the combined application load. Onboarding new applications or scaling the usage of existing applications may require manual quota adjustments and upfront capacity planning to ensure high availability.
We will describe the steps we took toward solving this problem in Confluent Cloud, where we must immediately support unpredictable load with high availability. We implemented a custom broker quota plugin (KIP-257) to replace static per broker quota allocation with dynamic and self-tuning quotas based on the available capacity (which we also detect dynamically). By learning our journey, you will have more insights into the relevant problems and techniques to address them.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
2. What is tracing?
- Follows a web request along its
critical path
- Records runtime parameters
that contribute to high latency
Source: Zipkin.io
3. Motivation
- Current web architecture makes
tail latency issues pervasive and
difficult to diagnose
- Microservice
architecture
- Asynchronous RPCs
Source: The Tail at Scale by Jeff Dean
4. Benchmark
Application
- EchoService
- Acts as a database
- HelloService
- Concatenates results
from 3 requests to
EchoService
- All requests are
asynchronous
- Written as Spring Boot
applications and deployed on
docker swarm
5. Methodology
- Single host
- Baseline measurement
- Minimize network fluctuation
- Measure instrumentation overhead only
- Multi-node cluster
- More realistic to real world deployment
- Load balanced service (replicas)
- Fan-out service (search engine)
8. Instrumented
with tracers
- Spring Cloud Sleuth
- mean: 7.29 ms
- stdev: 8.70 ms
- Jaeger
- mean: 3.75 ms
- stdev: 1.38 ms
- Minke
- mean: 3.75 ms
- stdev: 1.21 ms
- Baseline
- mean: 3.26 ms
- stdev: 0.99 ms
9. Increasing no. of
tracepoints
(Minke tracer)
- 1000
- mean: 46.79 ms
- stdev: 21.53 ms
- 100
- mean: 4.47 ms
- stdev: 2.38 ms
- 10
- mean: 3.75 ms
- stdev: 1.21 ms
- 0 (Baseline)
- mean: 3.26 ms
- stdev: 0.99 ms
10. Increasing no. of
tracepoints
(mean latency)
- Enclose instrumented method in
a for loop and vary loop count
- Biased towards logging
and instrumentation
overhead
- 12.5 ms wait time between
every request
- 4.47 ms mean response time @
100 tracepoints (server handles
only one request at a time)
- 46.79 ms mean response time @
1000 tracepoints (combined
effect of higher overhead and
queueing of requests)
12. Load balanced
service
- 90% requests complete within
20 ms @ 1000 tracepoints
- 90% requests took more than
50 ms on a single host
- The reduced mean response
time is likely a result of
distributing logging activities
across more nodes
14. Fan-out service
- 1 second latency outlier due to
TCP retransmission delay
- Reduced throughput to 10
requests per second to
eliminate effects from queueing
- Vary fan-out value by changing
query parameter
15. Fan-out service
- 1 second latency outlier due to
TCP retransmission delay
- Reduced throughput to 10
requests per second to
eliminate effects from queueing
- Vary fan-out value by changing
query parameter
TCP retransmission delay
16. Fan-out service
- 1 second latency outlier due to
TCP retransmission delay
- Reduced throughput to 10
requests per second to
eliminate effects from queueing
- Vary fan-out value by changing
query parameter
17. Fan-out service
- 1 second latency outlier due to
TCP retransmission delay
- Reduced throughput to 10
requests per second to
eliminate effects from queueing
- Vary fan-out value by changing
query parameter
18. Fan-out service
- 1 second latency outlier due to
TCP retransmission delay
- Reduced throughput to 10
requests per second to
eliminate effects from queueing
- Vary fan-out value by changing
query parameter
19. Usability comparison between different tracers
11
includes dependencies in docker base image
12
instruments concurrency libraries by default
13
logs to local disk and waits for collection event