Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Software Failures in the OpenStack Cloud Computing Platform", published at ESEC/FSE 2019, Tallinn, Estonia.
EVIL: Exploiting Software via Natural LanguagePietro Liguori
Slide presentation of the paper "EVIL: Exploiting Software via Natural Language" accepted at The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021)
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Pietro Liguori
The slide presentation of the paper "Enhancing the Analysis of Software Failures in Cloud Computing Systems with Deep Learning" at The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021)
Enhancing Failure Propagation Analysis in Cloud Computing Systems - ISSRE 201...Pietro Liguori
Slide presentation of the paper "Enhancing Failure Propagation Analysis in Cloud Computing Systems", presented at the conference International Symposium on Software Reliability Engineering (ISSRE), Berlin, October 2019.
Finding Diversity In Remote Code Injection Exploitsamiable_indian
1. The document analyzes the diversity among remote code injection exploits by collecting exploit samples from network traces, extracting and emulating shellcodes, and clustering the shellcodes based on an exedit distance metric.
2. It finds that exploits can be grouped into families based on the vulnerability targeted. The LSASS and ISystemActivator exploit families show subtle variations among related exploits, while RemoteActivation exploits exhibit more diversity.
3. Analyzing exploit phylogenies reveals code sharing among families and subtle variations within families, providing insights into the emergence of polymorphism in malware payloads.
The document discusses intrusion alert correlation. It defines key terms like correlation, event, alert, and alert correlation. It outlines that the goals of correlation are to address weaknesses in individual intrusion detection systems like alert flooding, lack of context, and false positives/negatives. The main steps of the correlation process include alert collection, normalization, aggregation, verification, and producing high-level alert structures. Specific correlation techniques are also discussed.
This document provides an overview of intrusion detection systems (IDS), including their challenges, potential solutions, and future developments. It discusses how IDS aim to detect attacks against computer systems and networks. The challenges of high false alarm rates and dependency on the environment are outlined. Potential solutions explored include data mining, machine learning, and co-simulation mechanisms. Alarm correlation techniques are examined as ways to combine fragmented alert information to better interpret attack flows. Artificial intelligence is seen as important for improving IDS flexibility, adaptability, and pattern recognition.
This document discusses binary analysis for vulnerability detection. It describes research conducted at the National University of Singapore on binary analysis techniques like fuzz testing, comprehension, debugging, and patching. It outlines projects with DSO National Labs and the National Research Foundation of Singapore. The research aims to enhance capabilities in detecting vulnerabilities and securing software through automated binary analysis and techniques like fuzzing.
EVIL: Exploiting Software via Natural LanguagePietro Liguori
Slide presentation of the paper "EVIL: Exploiting Software via Natural Language" accepted at The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021)
Enhancing the Analysis of Software Failures in Cloud Computing Systems with D...Pietro Liguori
The slide presentation of the paper "Enhancing the Analysis of Software Failures in Cloud Computing Systems with Deep Learning" at The 32nd International Symposium on Software Reliability Engineering (ISSRE 2021)
Enhancing Failure Propagation Analysis in Cloud Computing Systems - ISSRE 201...Pietro Liguori
Slide presentation of the paper "Enhancing Failure Propagation Analysis in Cloud Computing Systems", presented at the conference International Symposium on Software Reliability Engineering (ISSRE), Berlin, October 2019.
Finding Diversity In Remote Code Injection Exploitsamiable_indian
1. The document analyzes the diversity among remote code injection exploits by collecting exploit samples from network traces, extracting and emulating shellcodes, and clustering the shellcodes based on an exedit distance metric.
2. It finds that exploits can be grouped into families based on the vulnerability targeted. The LSASS and ISystemActivator exploit families show subtle variations among related exploits, while RemoteActivation exploits exhibit more diversity.
3. Analyzing exploit phylogenies reveals code sharing among families and subtle variations within families, providing insights into the emergence of polymorphism in malware payloads.
The document discusses intrusion alert correlation. It defines key terms like correlation, event, alert, and alert correlation. It outlines that the goals of correlation are to address weaknesses in individual intrusion detection systems like alert flooding, lack of context, and false positives/negatives. The main steps of the correlation process include alert collection, normalization, aggregation, verification, and producing high-level alert structures. Specific correlation techniques are also discussed.
This document provides an overview of intrusion detection systems (IDS), including their challenges, potential solutions, and future developments. It discusses how IDS aim to detect attacks against computer systems and networks. The challenges of high false alarm rates and dependency on the environment are outlined. Potential solutions explored include data mining, machine learning, and co-simulation mechanisms. Alarm correlation techniques are examined as ways to combine fragmented alert information to better interpret attack flows. Artificial intelligence is seen as important for improving IDS flexibility, adaptability, and pattern recognition.
This document discusses binary analysis for vulnerability detection. It describes research conducted at the National University of Singapore on binary analysis techniques like fuzz testing, comprehension, debugging, and patching. It outlines projects with DSO National Labs and the National Research Foundation of Singapore. The research aims to enhance capabilities in detecting vulnerabilities and securing software through automated binary analysis and techniques like fuzzing.
Under-reported Security Defects in Kubernetes ManifestsAkond Rahman
This presentation discusses how frequently security defects are reported in Kubernetes manifests. The paper was presented at the ICSE EnCycris workshop in 2021.
The programming language Ada offers unique features to safely program a micro-controller. From the start, Ada was designed to make it difficult to introduce errors, and to make it easy to discover errors that were introduced. For example, language rules enforced at compile time make it possible to have safe concurrency by design. And run-time checking allows immediate detection of what would be "undefined behavior" in C/C++. In the first part of this presentation, we will present the benefits of using Ada for micro-controller programming, including support for debugging on a board. In the second part of this presentation, we will present how the Ada language and its subset SPARK provide a strong foundation for static analyzers, that make it possible to detect errors and provide guarantees on embedded software in Ada/SPARK.
This document examines whether detecting design-level antipatterns can help predict bugs. It studies two open-source projects to answer three research questions. For RQ1, the density of bugs in files with and without antipatterns is compared. For RQ2, new antipattern-based metrics are proposed and their explanatory power over traditional metrics is evaluated. For RQ3, traditional bug prediction models are improved with antipattern information. The key findings are that antipattern-based metrics provide additional explanatory power, and the Antipattern Recurrence Length metric in particular improves cross-system bug prediction.
Professor Abhik Roychoudhury discusses automated program repair through his research project TSUNAMi. The key points discussed are:
1) TSUNAMi is a national research project in Singapore from 2015-2020 focused on developing trustworthy systems from untrusted components through techniques like vulnerability discovery, binary hardening, verification, and data protection.
2) Automated program repair aims to automatically detect and fix vulnerabilities in software. This involves techniques like syntactic and semantic repair as well as specification inference to understand intended program behavior.
3) Challenges in automated program repair include weak specifications of intended behavior, large search spaces for candidate patches, and limited applicability of existing techniques. Roychoud
What Questions Do Programmers Ask About Configuration as Code?Akond Rahman
Presented at RCoSE2018. Summary: When working with tools like Puppet, programmers ask a lot of questions related to syntax, feasibility, and security. Despite advancements in Puppet, some fundamental challenges such as feasibility, installation, and security persist. Preprint: https://akondrahman.github.io/papers/rcose2018_cac.pdf.
The document discusses supply chain attacks and how they can affect open source projects. It describes common types of supply chain attacks like namespace confusion, typosquatting, and malicious code injection. It then discusses how the OpenSSF Security Metrics and Security Scorecards tools can help open source projects reduce risks from supply chain attacks by providing security data and scorecards that evaluate projects' security practices and posture.
The document proposes an architecture called IntelFlow that aims to integrate cyber threat intelligence into software defined networks. IntelFlow would introduce a knowledge plane that receives threat intelligence from various sources and allows the Bro IDS to query this intelligence. The knowledge plane would then export OpenFlow rules to implement countermeasures. The document outlines IntelFlow's components, how it would map intelligence indicators to OpenFlow flows, and presents initial results from a proof-of-concept showing IntelFlow can detect attacks faster than reactive approaches and successfully mitigated a DDoS attack in testing. Future work will further evaluate IntelFlow's effectiveness against other attacks.
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...Mahmud Hossain
This document presents a hardware and software co-verification based authentication scheme for the Internet of Things (IoT). The scheme uses a Physical Uncloneable Function (PUF) for hardware integrity verification and a Hardware Performance Counter (HPC) for software integrity verification to protect against node cloning and reprogramming attacks. It also allows for privacy-aware identity usage to prevent location tracking. The scheme provides resource efficient mutual authentication between IoT devices and an IoT Identity Provider for secure network admission and service access. Security and performance analyses show the scheme reduces computation and communication overhead compared to existing approaches.
AI & ML in Cyber Security - Why Algorithms are DangerousRaffael Marty
This document discusses the dangers of using algorithms in cybersecurity. It makes three key points:
1) Algorithms make assumptions about the data that may not always be valid, and they do not take important domain knowledge into account.
2) Throwing algorithms at security problems without proper understanding of the data and algorithms can be dangerous and lead to failures.
3) A Bayesian belief network approach that incorporates domain expertise may be better suited for security tasks than purely algorithmic approaches. It allows modeling relationships between different factors and computing probabilities.
Shhh!: Secret Management Practices for Infrastructure as Code Akond Rahman
We use grey literature review to identify 12 secret management practice for infrastructure as code (IaC). This paper was presented at the IEEE SecDev conference.
The document discusses a presentation given by Alexandre Borges on advanced malware threats at the DC2711 conference in Johannesburg, South Africa. Borges is a security researcher who has spoken at several security conferences. In his presentation, he covered topics including .NET malware, rootkits, BIOS/UEFI threats, and tools for analyzing malware. He discussed techniques used by malware to inject code, hide in memory, and evade detection.
The document discusses several security issues found in the Java Development Kit (JDK) code through auditing, including integer overflows that could allow denial of service attacks or privilege escalation. It presents an "integer overflow" antipattern found in classes like java.util.zip that failed to properly validate array indices, allowing a crash. The issue was later refactored to add proper validation checks to prevent overflow. The document advocates auditing one's own and third-party Java code to detect similar patterns that could enable vulnerabilities.
The Finest Penetration Testing Framework for Software-Defined NetworksPriyanka Aash
Software-Defined Networking (SDN) is getting attention for the next-generation networking today. The key concept of SDN is to decouple the control logic from the traditional network devices so that network developers can design innovative network functions in a more flexible and programmable way. However, SDN is not always bringing advantages to us. Security experts have constantly raised security concerns about SDN, and some vulnerabilities have been uncovered in the real world. If SDN is not secure, how can we measure the security level of SDN environments?
In this talk, we introduce a powerful penetration testing tool for SDN called DELTA, which is officially supported by Open Networking Foundation (ONF). First, DELTA can automate diverse published attack scenarios against various SDN components from testing to evaluating. Also, to discover unknown vulnerabilities that may exist in SDN, DELTA leverages a blackbox fuzzing technique that randomizes different control flows in SDN. It enables us to systemically reveal unknown security issues rather than the empirical and ad-hoc methods that most previous studies use. By using DELTA, anyone can easily and thoroughly test not only popular open source SDN controllers (i.e., ONOS, OpenDaylight, Floodlight, and Ryu), but also SDN-enabled switches (i.e., OpenvSwitch, HP, and Pica8) in the real world.
We will show nine new attack cases that have been found by DELTA but never been announced before.
Also, we will discuss:
- What control flows are in SDN, and why those are important as a key feature compared to the traditional networks.
- What key components and workflow of DELTA to attack the real SDN components.
- Which nine new attack cases have been discovered by DELTA, and we will demonstrate it. For example, one of the new attacks violates the table condition, leading to the black hole of handling packets in the switch.
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiKuniyasu Suzaki
Side of "Reboot-Oriented IoT: Life Cycle Management in Trusted Execution Environment for Disposable IoT devices" ACSAC (Annual Computer Security Applications Conference) 2020
I will talk about innovation in the area of cyber security analytics - developing machine learning methods to detect and block cyber attacks (e.g. detecting ransomware within 4 seconds of execution and killing the underlying processes). Rather than just focusing on this as a 'black box', I'll pull it apart and talk about how we can use these methods to enable security practitioners (SOC/CIRT etc) to ask and answer questions about 'what' and 'why' these methods are flagging attacks. I'll also talk about resilience of machine learning methods to manipulation and adversarial attacks - how stable these approaches are to diversity and evolution of malware for example.
Key Updating for Leakage Resiliency with Application to AES Modes of Operation1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
This document discusses developing new API extensions in OpenStack networking (Neutron). It begins by explaining how OpenStack APIs work and the API extension mechanism. It then provides an example use case around adding logging functionality for security groups. The remainder of the document outlines the steps to implement this new logging API extension, including modifying relevant classes, creating a database table, notifying agents, and adding driver functionality. It concludes by describing experiments conducted to test the new logging extension.
IRJET- Web Application Firewall: Artificial Intelligence ARCIRJET Journal
This document proposes developing a web application firewall using artificial intelligence to recognize attacks. It discusses using an AI architecture engine that integrates with OWASP and builds its own knowledge base to identify attack patterns. The firewall would contain modules for threat detection and mitigation. Packets would be analyzed based on predefined databases and behavioral patterns to detect attacks while reducing false positives. The system aims to provide an advanced layer of protection by learning from transaction experiences.
Dependability Benchmarking by Injecting Software BugsRoberto Natella
Benchmarks are an established practice for performance evaluation in the computer industry since decades. Examples of successful benchmarking initiatives are the TPC (Transaction Processing Performance Council) and the SPEC (Standard Performance Evaluation Corporation). More recently, the research community developed the notion of dependability benchmarking, which evaluates the quality of service (throughput, availability, etc.) of competing products in the presence of faults, by using fault injection. The idea of dependability benchmarking has been applied in several domains including transaction processing, telecom, automotive, etc.
Given that software faults (bugs) are a major cause of failures, it becomes important to assess dependability against these faults. However, emulating software faults in a controlled fault injection experiment is a difficult problem, since bugs originate from human error. This presentation discusses about the open challenges and the recent advances in the field of emulating software bugs in a representative way.
IRJET- Windows Log Investigator System for Faster Root Cause Detection of a D...IRJET Journal
This document describes a Windows Log Investigator System that was created to help developers more easily detect the root cause of defects. The system uses a log analysis algorithm and backtracking to determine the type of defect and possible solutions. It has a graphical user interface built with C# and WPF to provide an interactive experience for analyzing logs. The system aims to significantly reduce the difficulties faced by developers in solving defects.
ScaRR is a system that provides scalable runtime remote attestation to verify dynamic properties of complex systems. It uses offline analysis to generate measurements of expected execution paths that are verified online. ScaRR models programs as graphs of execution checkpoints and actions to handle complex control flows. It provides efficient verification by checking consistency between reported execution paths and pre-computed expected paths stored in a hashmap. An evaluation shows ScaRR can verify programs faster and with lower network overhead than previous work, while providing security against various attacks.
20090918 Agile Computer Control of a Complex ExperimentJonathan Blakes
The document summarizes a research paper that describes using Python and related tools like Traits and TraitsUI to build a flexible and reliable software system for controlling a complex experiment. It allows for interfacing with specialized hardware, unit testing components, running operations in parallel, building graphical user interfaces, and making the system data-driven and evolvable to change with experimental needs. Key advantages included pushing hardware interface code to a high-level language and automatically generating GUIs based on underlying data models.
Under-reported Security Defects in Kubernetes ManifestsAkond Rahman
This presentation discusses how frequently security defects are reported in Kubernetes manifests. The paper was presented at the ICSE EnCycris workshop in 2021.
The programming language Ada offers unique features to safely program a micro-controller. From the start, Ada was designed to make it difficult to introduce errors, and to make it easy to discover errors that were introduced. For example, language rules enforced at compile time make it possible to have safe concurrency by design. And run-time checking allows immediate detection of what would be "undefined behavior" in C/C++. In the first part of this presentation, we will present the benefits of using Ada for micro-controller programming, including support for debugging on a board. In the second part of this presentation, we will present how the Ada language and its subset SPARK provide a strong foundation for static analyzers, that make it possible to detect errors and provide guarantees on embedded software in Ada/SPARK.
This document examines whether detecting design-level antipatterns can help predict bugs. It studies two open-source projects to answer three research questions. For RQ1, the density of bugs in files with and without antipatterns is compared. For RQ2, new antipattern-based metrics are proposed and their explanatory power over traditional metrics is evaluated. For RQ3, traditional bug prediction models are improved with antipattern information. The key findings are that antipattern-based metrics provide additional explanatory power, and the Antipattern Recurrence Length metric in particular improves cross-system bug prediction.
Professor Abhik Roychoudhury discusses automated program repair through his research project TSUNAMi. The key points discussed are:
1) TSUNAMi is a national research project in Singapore from 2015-2020 focused on developing trustworthy systems from untrusted components through techniques like vulnerability discovery, binary hardening, verification, and data protection.
2) Automated program repair aims to automatically detect and fix vulnerabilities in software. This involves techniques like syntactic and semantic repair as well as specification inference to understand intended program behavior.
3) Challenges in automated program repair include weak specifications of intended behavior, large search spaces for candidate patches, and limited applicability of existing techniques. Roychoud
What Questions Do Programmers Ask About Configuration as Code?Akond Rahman
Presented at RCoSE2018. Summary: When working with tools like Puppet, programmers ask a lot of questions related to syntax, feasibility, and security. Despite advancements in Puppet, some fundamental challenges such as feasibility, installation, and security persist. Preprint: https://akondrahman.github.io/papers/rcose2018_cac.pdf.
The document discusses supply chain attacks and how they can affect open source projects. It describes common types of supply chain attacks like namespace confusion, typosquatting, and malicious code injection. It then discusses how the OpenSSF Security Metrics and Security Scorecards tools can help open source projects reduce risks from supply chain attacks by providing security data and scorecards that evaluate projects' security practices and posture.
The document proposes an architecture called IntelFlow that aims to integrate cyber threat intelligence into software defined networks. IntelFlow would introduce a knowledge plane that receives threat intelligence from various sources and allows the Bro IDS to query this intelligence. The knowledge plane would then export OpenFlow rules to implement countermeasures. The document outlines IntelFlow's components, how it would map intelligence indicators to OpenFlow flows, and presents initial results from a proof-of-concept showing IntelFlow can detect attacks faster than reactive approaches and successfully mitigated a DDoS attack in testing. Future work will further evaluate IntelFlow's effectiveness against other attacks.
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...Mahmud Hossain
This document presents a hardware and software co-verification based authentication scheme for the Internet of Things (IoT). The scheme uses a Physical Uncloneable Function (PUF) for hardware integrity verification and a Hardware Performance Counter (HPC) for software integrity verification to protect against node cloning and reprogramming attacks. It also allows for privacy-aware identity usage to prevent location tracking. The scheme provides resource efficient mutual authentication between IoT devices and an IoT Identity Provider for secure network admission and service access. Security and performance analyses show the scheme reduces computation and communication overhead compared to existing approaches.
AI & ML in Cyber Security - Why Algorithms are DangerousRaffael Marty
This document discusses the dangers of using algorithms in cybersecurity. It makes three key points:
1) Algorithms make assumptions about the data that may not always be valid, and they do not take important domain knowledge into account.
2) Throwing algorithms at security problems without proper understanding of the data and algorithms can be dangerous and lead to failures.
3) A Bayesian belief network approach that incorporates domain expertise may be better suited for security tasks than purely algorithmic approaches. It allows modeling relationships between different factors and computing probabilities.
Shhh!: Secret Management Practices for Infrastructure as Code Akond Rahman
We use grey literature review to identify 12 secret management practice for infrastructure as code (IaC). This paper was presented at the IEEE SecDev conference.
The document discusses a presentation given by Alexandre Borges on advanced malware threats at the DC2711 conference in Johannesburg, South Africa. Borges is a security researcher who has spoken at several security conferences. In his presentation, he covered topics including .NET malware, rootkits, BIOS/UEFI threats, and tools for analyzing malware. He discussed techniques used by malware to inject code, hide in memory, and evade detection.
The document discusses several security issues found in the Java Development Kit (JDK) code through auditing, including integer overflows that could allow denial of service attacks or privilege escalation. It presents an "integer overflow" antipattern found in classes like java.util.zip that failed to properly validate array indices, allowing a crash. The issue was later refactored to add proper validation checks to prevent overflow. The document advocates auditing one's own and third-party Java code to detect similar patterns that could enable vulnerabilities.
The Finest Penetration Testing Framework for Software-Defined NetworksPriyanka Aash
Software-Defined Networking (SDN) is getting attention for the next-generation networking today. The key concept of SDN is to decouple the control logic from the traditional network devices so that network developers can design innovative network functions in a more flexible and programmable way. However, SDN is not always bringing advantages to us. Security experts have constantly raised security concerns about SDN, and some vulnerabilities have been uncovered in the real world. If SDN is not secure, how can we measure the security level of SDN environments?
In this talk, we introduce a powerful penetration testing tool for SDN called DELTA, which is officially supported by Open Networking Foundation (ONF). First, DELTA can automate diverse published attack scenarios against various SDN components from testing to evaluating. Also, to discover unknown vulnerabilities that may exist in SDN, DELTA leverages a blackbox fuzzing technique that randomizes different control flows in SDN. It enables us to systemically reveal unknown security issues rather than the empirical and ad-hoc methods that most previous studies use. By using DELTA, anyone can easily and thoroughly test not only popular open source SDN controllers (i.e., ONOS, OpenDaylight, Floodlight, and Ryu), but also SDN-enabled switches (i.e., OpenvSwitch, HP, and Pica8) in the real world.
We will show nine new attack cases that have been found by DELTA but never been announced before.
Also, we will discuss:
- What control flows are in SDN, and why those are important as a key feature compared to the traditional networks.
- What key components and workflow of DELTA to attack the real SDN components.
- Which nine new attack cases have been discovered by DELTA, and we will demonstrate it. For example, one of the new attacks violates the table condition, leading to the black hole of handling packets in the switch.
ACSAC2020 "Return-Oriented IoT" by Kuniyasu SuzakiKuniyasu Suzaki
Side of "Reboot-Oriented IoT: Life Cycle Management in Trusted Execution Environment for Disposable IoT devices" ACSAC (Annual Computer Security Applications Conference) 2020
I will talk about innovation in the area of cyber security analytics - developing machine learning methods to detect and block cyber attacks (e.g. detecting ransomware within 4 seconds of execution and killing the underlying processes). Rather than just focusing on this as a 'black box', I'll pull it apart and talk about how we can use these methods to enable security practitioners (SOC/CIRT etc) to ask and answer questions about 'what' and 'why' these methods are flagging attacks. I'll also talk about resilience of machine learning methods to manipulation and adversarial attacks - how stable these approaches are to diversity and evolution of malware for example.
Key Updating for Leakage Resiliency with Application to AES Modes of Operation1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
This document discusses developing new API extensions in OpenStack networking (Neutron). It begins by explaining how OpenStack APIs work and the API extension mechanism. It then provides an example use case around adding logging functionality for security groups. The remainder of the document outlines the steps to implement this new logging API extension, including modifying relevant classes, creating a database table, notifying agents, and adding driver functionality. It concludes by describing experiments conducted to test the new logging extension.
IRJET- Web Application Firewall: Artificial Intelligence ARCIRJET Journal
This document proposes developing a web application firewall using artificial intelligence to recognize attacks. It discusses using an AI architecture engine that integrates with OWASP and builds its own knowledge base to identify attack patterns. The firewall would contain modules for threat detection and mitigation. Packets would be analyzed based on predefined databases and behavioral patterns to detect attacks while reducing false positives. The system aims to provide an advanced layer of protection by learning from transaction experiences.
Dependability Benchmarking by Injecting Software BugsRoberto Natella
Benchmarks are an established practice for performance evaluation in the computer industry since decades. Examples of successful benchmarking initiatives are the TPC (Transaction Processing Performance Council) and the SPEC (Standard Performance Evaluation Corporation). More recently, the research community developed the notion of dependability benchmarking, which evaluates the quality of service (throughput, availability, etc.) of competing products in the presence of faults, by using fault injection. The idea of dependability benchmarking has been applied in several domains including transaction processing, telecom, automotive, etc.
Given that software faults (bugs) are a major cause of failures, it becomes important to assess dependability against these faults. However, emulating software faults in a controlled fault injection experiment is a difficult problem, since bugs originate from human error. This presentation discusses about the open challenges and the recent advances in the field of emulating software bugs in a representative way.
IRJET- Windows Log Investigator System for Faster Root Cause Detection of a D...IRJET Journal
This document describes a Windows Log Investigator System that was created to help developers more easily detect the root cause of defects. The system uses a log analysis algorithm and backtracking to determine the type of defect and possible solutions. It has a graphical user interface built with C# and WPF to provide an interactive experience for analyzing logs. The system aims to significantly reduce the difficulties faced by developers in solving defects.
ScaRR is a system that provides scalable runtime remote attestation to verify dynamic properties of complex systems. It uses offline analysis to generate measurements of expected execution paths that are verified online. ScaRR models programs as graphs of execution checkpoints and actions to handle complex control flows. It provides efficient verification by checking consistency between reported execution paths and pre-computed expected paths stored in a hashmap. An evaluation shows ScaRR can verify programs faster and with lower network overhead than previous work, while providing security against various attacks.
20090918 Agile Computer Control of a Complex ExperimentJonathan Blakes
The document summarizes a research paper that describes using Python and related tools like Traits and TraitsUI to build a flexible and reliable software system for controlling a complex experiment. It allows for interfacing with specialized hardware, unit testing components, running operations in parallel, building graphical user interfaces, and making the system data-driven and evolvable to change with experimental needs. Key advantages included pushing hardware interface code to a high-level language and automatically generating GUIs based on underlying data models.
Incorporation of IoT in Assembly Line Monitoring SystemIRJET Journal
This document proposes incorporating IoT into assembly line monitoring systems to make them more efficient. It suggests using master and slave electronic trackers, where slaves at each assembly station update the master at the end of the line via the internet. This allows real-time data transfer without costly wired connections. The master display would show assembly progress and statistics for supervisors to remotely monitor production. The proposed system could reduce costs for many assembly lines compared to traditional hard-wired monitoring systems.
Slides for the presentation given at the Webist 2021 conference
Abstract:
A research team that wants to validate a new IoT solution has to implement a testbed. It is a complex step
since it must provide a realistic environment, and this may require skills that are not present in the team. This
paper explores the requirements of an IoT testbed and proposes an open-source solution based on low-cost
and widely available components and technologies. The testbed implements an architecture consisting of a
collector managing several edge devices. Security levels and duty-cycle are tunable depending on the specific
application. After analyzing the testbed requirements, the paper illustrates a template that uses WiFi for the
link layer, HTTPS for structured communication, an ESP8266 board for edge units, and a RaspberryPi for the
collector.
Cloud Reliability: Decreasing outage frequency using fault injectionJorge Cardoso
Invited Keynote at the 9th International Workshop on Software Engineering for Resilient Systems, September 4-5, 2017, Geneva, Switzerland
Title: Cloud Reliability: Decreasing outage frequency using fault injection
Abstract: In 2016, Google Cloud had 74 minutes of total downtime, Microsoft Azure had 270 minutes, and 108 minutes of downtime for Amazon Web Services (see cloudharmony.com). Reliability is one of the most important properties of a successful cloud platform. Several approaches can be explored to increase reliability ranging from automated replication, to live migration, and to formal system analysis. Another interesting approach is to use software fault injection to test a platform during prototyping, implementation and operation. Fault injection was popularized by Netflix and their Chaos Monkey fault-injection tool to test cloud applications. The main idea behind this technique is to inject failures in a controlled manner to guarantee the ability of a system to survive failures during operations. This talk will explain how fault injection can also be applied to detect vulnerabilities of OpenStack cloud platform and how to effectively and efficiently detect the damages caused by the faults injected.
IRJET- Design of Fault Injection Technique for Digital HDL ModelsIRJET Journal
This document discusses a design for a fault injection technique for digital HDL models. It aims to inject faults at the coding phase to evaluate testability before implementation. Common fault models like stuck-at-zero, stuck-at-one and bit flips are considered. Simulation-based fault injection provides high controllability and observability. Benchmark circuits like S27 and adders are used. Test patterns are generated randomly and the faulty outputs are compared to normal outputs to detect faults. The technique aims to automatically inject faults at all points to improve coverage and speed up testing.
IRJET- A Defense System Against Application Layer Ddos Attacks with Data Secu...IRJET Journal
This document proposes a defense system against application layer distributed denial of service (DDoS) attacks that uses data structures to quickly detect and mitigate such attacks. The system uses a CAPTCHA test to determine if a request is part of an attack. Requests from blacklisted IP addresses are blocked, while requests from whitelisted IP addresses are allowed. The experimental results show that the system can reduce malicious requests quickly while posing limited impact on normal users. The system also includes a honey pot technique for file security in cloud storage, where unique codes are generated for uploaded files and must be provided to download files, returning dummy files for invalid codes.
In pursuit of architectural agility: experimenting with microservicesAlberto Simioni
Modern enterprises need their IT infrastructure to be agile, for them to adapt smoothly and swiftly to how the business organization evolves in pursuit of the enterprise goals. Addressing that demand entails pursuing ”business and architecture isomorphism”. The modest offering of a good fraction of enterprise IT installations, however, suggests that such a tenet is easier said than done. At the same time, there is growing consensus that the microservices architecture style has propelling potential to seize that goal, especially now that stateof-the-art technology begins to match its demands proficiently.
We have experienced the latter claim to hold true in a Proofof-Concept implementation and quantitative evaluation performed for a medium-size enterprise seeking guidance on the
architecture concept to adopt for their new IT infrastructure.
Our project included a fair amount of technology scouting and
evaluation, whose principal outcomes, all most encouraging, we
report here. The conclusion we arrived at, which we believe
applies to numerous other enterprises, is that embracing the
microservices architecture style meets with solid technology
support, assures architectural agility, and yields satisfactory
returns for run-time performance.
IRJET- Analysis of Forensics Tools in Cloud EnvironmentIRJET Journal
This document analyzes and compares several forensic tools that can be used in a cloud environment. It discusses tools like EnCase, FTK, Oxygen Forensics, FROST, and SIFT. It also proposes two Python-based tools for cloud forensic analysis on AWS - AWS-IR, which automates initial response actions like disabling compromised keys, and Margarita Shotgun, which allows pulling memory from AWS systems. The document evaluates these tools based on factors like cost-effectiveness, data abundance, scalability, and analyzing forensics as a service on the cloud.
IRJET- Object Detection using Machine Learning TechniqueIRJET Journal
This document describes research on using machine learning techniques for object detection. Specifically, it uses the YOLO (You Only Look Once) algorithm with a convolutional neural network to perform object detection on images and video. The system draws bounding boxes around detected objects and classifies them into 80 predefined classes. The researchers tested the system on various image and video inputs and analyzed the results. While it was able to successfully detect objects in most cases, detection accuracy reduced for blurred images or ones with objects far from the camera. Overall, the system demonstrated effective real-time object detection but could be improved further by implementing it on a GPU for faster processing.
A SURVEY OF VIRTUAL PROTOTYPING TECHNIQUES FOR SYSTEM DEVELOPMENT AND VALIDATIONIJCSES Journal
Recently, different kinds of computer systems like smart phones, embedded systems and cloud servers, are more and more widely used and the system development and validation is under great pressure. Hardware device, firmware and device driver development account for a significant portion of system development and validation effort. In traditional device, firmware and driver development largely has to wait until a stable version of the device becomes available. This dependency often leaves not enough time for software validation.
Slides prepared for the worksop at the Macao Polytechnic Institute on 5th April, 2016.
Please get examples from the following URL:
https://github.com/kotobuki/esp8266_examples
Slides prepared for the worksop at the Macao Polytechnic Institute on 5th April, 2016.
Please get examples from the following URL:
https://github.com/kotobuki/esp8266_examples
The document summarizes the creation of a penetration testing laboratory by Thomas Butler for his master's degree project. It describes setting up three virtual machines - an "attack machine" running Backtrack5R3, and two "victim machines", one running Metasploitable and another running Badstore.net. Appendices cover the penetration testing methodology, reconnaissance, scanning, exploitation with Metasploit, and post-exploitation activities. The goal was to create a hands-on environment for practicing penetration testing skills.
Join us this month as we recap the Microsoft and 3rd Party security patches released on Patch Tuesday. We will discuss things to watch out for, products to be sure to test adequately, and which patches should be highest priority to roll out.
Cloud Operations and Analytics: Improving Distributed Systems Reliability usi...Jorge Cardoso
Lecture given at the Technical University of Munich, 12 December 2016, on Cloud Operations and Analytics: Improving Distributed Systems Reliability using Fault Injection.
Similar to Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Software Failures in the OpenStack Cloud Computing Platform" (20)
Accident detection system project report.pdfKamal Acharya
The Rapid growth of technology and infrastructure has made our lives easier. The
advent of technology has also increased the traffic hazards and the road accidents take place
frequently which causes huge loss of life and property because of the poor emergency facilities.
Many lives could have been saved if emergency service could get accident information and
reach in time. Our project will provide an optimum solution to this draw back. A piezo electric
sensor can be used as a crash or rollover detector of the vehicle during and after a crash. With
signals from a piezo electric sensor, a severe accident can be recognized. According to this
project when a vehicle meets with an accident immediately piezo electric sensor will detect the
signal or if a car rolls over. Then with the help of GSM module and GPS module, the location
will be sent to the emergency contact. Then after conforming the location necessary action will
be taken. If the person meets with a small accident or if there is no serious threat to anyone’s
life, then the alert message can be terminated by the driver by a switch provided in order to
avoid wasting the valuable time of the medical rescue team.
Particle Swarm Optimization–Long Short-Term Memory based Channel Estimation w...IJCNCJournal
Paper Title
Particle Swarm Optimization–Long Short-Term Memory based Channel Estimation with Hybrid Beam Forming Power Transfer in WSN-IoT Applications
Authors
Reginald Jude Sixtus J and Tamilarasi Muthu, Puducherry Technological University, India
Abstract
Non-Orthogonal Multiple Access (NOMA) helps to overcome various difficulties in future technology wireless communications. NOMA, when utilized with millimeter wave multiple-input multiple-output (MIMO) systems, channel estimation becomes extremely difficult. For reaping the benefits of the NOMA and mm-Wave combination, effective channel estimation is required. In this paper, we propose an enhanced particle swarm optimization based long short-term memory estimator network (PSOLSTMEstNet), which is a neural network model that can be employed to forecast the bandwidth required in the mm-Wave MIMO network. The prime advantage of the LSTM is that it has the capability of dynamically adapting to the functioning pattern of fluctuating channel state. The LSTM stage with adaptive coding and modulation enhances the BER.PSO algorithm is employed to optimize input weights of LSTM network. The modified algorithm splits the power by channel condition of every single user. Participants will be first sorted into distinct groups depending upon respective channel conditions, using a hybrid beamforming approach. The network characteristics are fine-estimated using PSO-LSTMEstNet after a rough approximation of channels parameters derived from the received data.
Keywords
Signal to Noise Ratio (SNR), Bit Error Rate (BER), mm-Wave, MIMO, NOMA, deep learning, optimization.
Volume URL: https://airccse.org/journal/ijc2022.html
Abstract URL:https://aircconline.com/abstract/ijcnc/v14n5/14522cnc05.html
Pdf URL: https://aircconline.com/ijcnc/V14N5/14522cnc05.pdf
#scopuspublication #scopusindexed #callforpapers #researchpapers #cfp #researchers #phdstudent #researchScholar #journalpaper #submission #journalsubmission #WBAN #requirements #tailoredtreatment #MACstrategy #enhancedefficiency #protrcal #computing #analysis #wirelessbodyareanetworks #wirelessnetworks
#adhocnetwork #VANETs #OLSRrouting #routing #MPR #nderesidualenergy #korea #cognitiveradionetworks #radionetworks #rendezvoussequence
Here's where you can reach us : ijcnc@airccse.org or ijcnc@aircconline.com
Sachpazis_Consolidation Settlement Calculation Program-The Python Code and th...Dr.Costas Sachpazis
Consolidation Settlement Calculation Program-The Python Code
By Professor Dr. Costas Sachpazis, Civil Engineer & Geologist
This program calculates the consolidation settlement for a foundation based on soil layer properties and foundation data. It allows users to input multiple soil layers and foundation characteristics to determine the total settlement.
An In-Depth Exploration of Natural Language Processing: Evolution, Applicatio...DharmaBanothu
Natural language processing (NLP) has
recently garnered significant interest for the
computational representation and analysis of human
language. Its applications span multiple domains such
as machine translation, email spam detection,
information extraction, summarization, healthcare,
and question answering. This paper first delineates
four phases by examining various levels of NLP and
components of Natural Language Generation,
followed by a review of the history and progression of
NLP. Subsequently, we delve into the current state of
the art by presenting diverse NLP applications,
contemporary trends, and challenges. Finally, we
discuss some available datasets, models, and
evaluation metrics in NLP.
Flow Through Pipe: the analysis of fluid flow within pipesIndrajeet sahu
Flow Through Pipe: This topic covers the analysis of fluid flow within pipes, focusing on laminar and turbulent flow regimes, continuity equation, Bernoulli's equation, Darcy-Weisbach equation, head loss due to friction, and minor losses from fittings and bends. Understanding these principles is crucial for efficient pipe system design and analysis.
This study Examines the Effectiveness of Talent Procurement through the Imple...DharmaBanothu
In the world with high technology and fast
forward mindset recruiters are walking/showing interest
towards E-Recruitment. Present most of the HRs of
many companies are choosing E-Recruitment as the best
choice for recruitment. E-Recruitment is being done
through many online platforms like Linkedin, Naukri,
Instagram , Facebook etc. Now with high technology E-
Recruitment has gone through next level by using
Artificial Intelligence too.
Key Words : Talent Management, Talent Acquisition , E-
Recruitment , Artificial Intelligence Introduction
Effectiveness of Talent Acquisition through E-
Recruitment in this topic we will discuss about 4important
and interlinked topics which are
Impartiality as per ISO /IEC 17025:2017 StandardMuhammadJazib15
This document provides basic guidelines for imparitallity requirement of ISO 17025. It defines in detial how it is met and wiudhwdih jdhsjdhwudjwkdbjwkdddddddddddkkkkkkkkkkkkkkkkkkkkkkkwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwioiiiiiiiiiiiii uwwwwwwwwwwwwwwwwhe wiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq gbbbbbbbbbbbbb owdjjjjjjjjjjjjjjjjjjjj widhi owqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq uwdhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhwqiiiiiiiiiiiiiiiiiiiiiiiiiiiiw0pooooojjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj whhhhhhhhhhh wheeeeeeee wihieiiiiii wihe
e qqqqqqqqqqeuwiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiqw dddddddddd cccccccccccccccv s w c r
cdf cb bicbsad ishd d qwkbdwiur e wetwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww w
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffw
uuuuhhhhhhhhhhhhhhhhhhhhhhhhe qiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii iqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc ccccccccccccccccccccccccccccccccccc bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbu uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuum
m
m mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm m i
g i dijsd sjdnsjd ndjajsdnnsa adjdnawddddddddddddd uw
Slide presentation of "How Bad Can a Bug Get? An Empirical Analysis of Software Failures in the OpenStack Cloud Computing Platform"
1. How Bad Can a Bug Get?
An Empirical Analysis of Software Failures
in the OpenStack Cloud Computing Platform
Domenico Cotroneo*, Luigi De Simone*, Pietro Liguori*,
Roberto Natella*, Nematollah Bidokhti**
*DIETI, Università degli Studi di Napoli Federico II, Italy
**Futurewei Technologies, Inc., USA
*{cotroneo, luigi.desimone, pietro.liguori, roberto.natella}@unina.it **nbidokht@futurewei.com
ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019
2. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 2
Problem: The fragility of cloud
computing infrastructure software
Gunawi et al., 2016. “Why Does the Cloud Stop Computing?
Lessons from Hundreds of Service Outages”. In Proc. SoCC
3. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 3
Our case study: OpenStack
Nova
Horizon
Cinder NeutronGlance
Keystone
Swift
1. Failure notified by a
timely API error
(Fail-stop)
instance creation request
2. Log messages with CRITICAL
or ERROR severity
2019-08-27 15:13:20.106 ERROR nova.api.openstack.extensions
Unexpected exception in API method …
3. Failure is isolated
4. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 4
Contribution
Empirical analysis of high-severity failures in the
OpenStack cloud computing platform:
RQ1: Are failures actually “fail-stop”?
RQ2: Are failures logged?
RQ3: Are failures propagated across sub-systems?
Artifacts for reproducing our experimental
environment in a virtual machine:
DOI: 10.6084/m9.figshare.8242877
7. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 7
0
5
10
15
20
25
Numberbugfixes
Fault type
API DICT SQL RPC SYSTEM AGENT/PLUGIN
We went through
problem reports on
Launchpad to identify
recurring bug-fixing
changes in OpenStack
Which bugs should we inject?
--- nova/virt/libvirt_conn.py 2011-01-25 12:44:26 +0000
+++ nova/virt/libvirt_conn.py 2011-01-25 20:42:26 +0000
@@ -1268,13 +1268,13 @@
if(ip_version == 4):
# Allow DHCP responses
dhcp_server = self._dhcp_server_for_instance(instance)
- our_rules += ['-A %s -s %s -p udp --sport 67 --dport 68' %
- (chain_name, dhcp_server)]
+ our_rules += ['-A %s -s %s -p udp --sport 67 --dport 68 '
+ '-j ACCEPT ' % (chain_name, dhcp_server)]
elif(ip_version == 6):
Sub-system
Fault type Nova Cinder Neutron ALL
MFC 110 55 36 201
WPV 60 40 36 136
MP 57 38 36 131
WRV 149 96 59 304
TE 63 40 36 139
ALL 439 269 203 911
8. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 8
Fail-stop Behavior
Add
Role
Create
Keypair
Create
Security
Group
Create
Router
Create
Networ
k
Create
Instance
Create
Floating IP
Create
Volume
Reboot
instance
Create
Image
Create
Domain
Create
Project
Create
User
Create
Subnetwork
Set
Gateway
Add
Floating IP
to Instance
Attach
Volume
to Instance
Cleanup
Resources
TIMELINE
API Error
openstack instance create
Workload
When an API call generates an
error, the workload is abortedAssertion Checks on the
status of the virtual resources
Network Status: Active
9. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 9
Non Fail-stop Behavior
API Error
Cannot 'attach_volume’ instanceID
while it is in vm_state error
Instance Status: Error
No API Error!
Failure delay
Workload
The workload continues the execution
regardless the assertion check(s)
Add
Role
Create
Keypair
Create
Security
Group
Create
Router
Create
Networ
k
Create
Instance
Create
Floating IP
Create
Volume
Reboot
instance
Create
Image
Create
Domain
Create
Project
Create
User
Create
Subnetwork
Set
Gateway
Add
Floating IP
to Instance
Attach
Volume
to Instance
Cleanup
Resources
TIMELINE
10. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 10
RQ1: Does OpenStack Show a Fail-Stop
Behavior?
40%
37%
23%
35%
46%
18%
60%
32%
7%
44%
38%
18%
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
API Error Only Assertion Failure(s) & API
Error
Assertion Failure(s) Only
PercentageExperiments
Failure Type
Nova Cinder Neutron All sub-systems
Failures notified by
a timely API error
Failures with no API error
(but virtual resources are
in incorrect state)
Failures that were
notified with a delay
Fail-Stop Non Fail-Stop
11. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 11
RQ1: Does OpenStack Show a Fail-Stop
Behavior?
Subsystem Median
Latency [s]
Assertion
Failure(s)
followed by
API Error
(Non Fail-stop)
Nova 152.25
Cinder 74.52
Neutron 144.72
API Error Only
(Fail-stop)
Nova 3.73
Cinder 0.30
Neutron 0.30
Long API error latency
(2 minutes on average)
0 100 200 300 400
time (s)
0
0.2
0.4
0.6
0.8
1
Probability
Nova
Neutron
Cinder
12. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 12
RQ2: Is OpenStack Able to Log Failures?
In 8.5% of experiments, no log messages with
CRITICAL or ERROR severity
Logging coverage
Subsystem API Errors Only
Assertion
Failure(s) and
API Errors
Assertion
Failure(s) Only
Nova 90.32% 82.56% 80.77%
Cinder 100% 100% 95.65%
Neutron 98.67% 95% 66.67%
13. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 13
8
Neutron
Injection in
Neutron
Injection in
Nova
Injection in
Cinder
Failure SSH
Failure Instance
Active
Failure Volume
Attached
Failure Volume
Created
Cinder API
Error
Nova API ErrorNeutron API
Error
Nova Cinder
RQ3: Do Failures Propagate Across
OpenStack?
Faulty Round
39
22
74
108
78
83
37
25
56
5555
The failures propagate across OpenStack services
in a significant amount of cases (37.5% of the failures)
14. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 14
RQ3: Do Failures Propagate Across
OpenStack?
Fault-Free Round
after fault removal
Neutron
Injection in
Neutron
Injection in
Nova
Injection in
Cinder
Failure SSH
Failure Instance
Active
Failure Volume
Attached
Failure Volume
Created
Cinder API
Error
Nova API ErrorNeutron API
Error
Nova Cinder
24
24
7
7
Persistent Failures
Even after that we disable the fault (fault-free round),
OpenStack still experiences failures (7.5% of the cases).
15. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 15
Conclusion (Answers) (1/2)
RQ1: Are failures actually “fail-stop”?
Answer: In the majority of the cases, OpenStack does not behave in a
«fail-stop» way (late or no API error)
Suggestions: Mitigate failures by actively checking the status of virtual
resources as in our assertion checks (e.g., checks incorporated in a
monitoring solution)
RQ2: Are failures logged?
Answer: In a small fraction of the experiments, there was no indication
of the failure in the logs
Suggestions: Improve logging in the source code (e.g., by checking for
errors returned by the faulty function calls)
16. ESEC/FSE 2019, Tallinn, Estonia, 26-30 August, 2019 pietro.liguori@unina.it - 16
RQ3: Are failures propagated across sub-systems?
Answer: In most of the failures, the injected bugs propagated across
several OpenStack sub-systems. There were also relevant cases of
failures that caused subtle residual effects on OpenStack
Suggestions: Improve resource clean-up on errors, to prevent
propagation across service API calls and across subsystems.
Conclusion (Answers) (2/2)
Use our artifact to support future research
on mitigating the impact of software bugs
(DOI: 10.6084/m9.figshare.8242877)