Interested in understanding the inner workings of Google? The latest research advances from Microsoft? The most interesting academic research on how to build computer systems, from Wisconsin and abroad? Then come to the Systems seminar, every Monday at 4pm in 2310. It is an opportunity to meet other people interested in distributed systems, operating systems, and other computer systems in general.
This semester, we plan to have a mix of invited talks from other universi- ties, talks by faculty and students from the University of Wisconsin, and discussions about newly published research.
We begin this week with an introduction and organization meeting.
Peer-to-peer (P2P) systems, such as BitTorrent, use decentralization to enable a wide range of important, scalable and reliable services such as data sharing, voice-over-IP and video streaming. These systems are so prevalent that reports indicate they generate as much as 70% of Internet traffic worldwide. Their popularity has yielded significant revenues for Internet Service Providers (ISPs), as users upgrade to broadband for improved performance. However, by connecting peers in ways that are oblivious to the underlying Internet topology and routing these systems have also become one of the greatest traffic-engineering challenges for ISPs and the source of costly data traffic flows. In an attempt to reduce their operational costs, ISPs have tried to shape, block or otherwise limit P2P traffic, much to the chagrin of their subscribers, who consistently find ways to eschew these controls or simply switch providers.
In this talk, I present a new approach for reducing this costly cross-ISP traffic without sacrificing system performance. The approach requires neither cooperation nor trust between ISPs and their P2P users, no additional infrastructure and no network topology information. It relies, instead, on recycled network views gathered at low cost from content distribution networks (CDNs) to drive biased neighbor selection without any path monitoring or probing. We have implemented this approach in Ono, an extension to a popular BitTorrent client, and have made it available to the general community beginning in April 2007. Since then, our extension has been installed by over 200,000 users distributed over nearly 3,000 networks and more than 100 countries worldwide. With their help, we have performed extensive evaluation of the effectiveness of our approach at reducing network costs and, key to ensuring its wide adoption, shown that it significantly improves users' downloading experiences.
This work is part of 3R - a larger research effort driven by the observation that a significant fraction of wide-area systems can be built to ensure sustainable scalability by strategically reusing the view of the network gathered by long-running, pervasive services such as CDNs and P2P systems.
Bio:
Fabian Bustamante is an associate professor in the EECS Department at Northwestern University. He joined Northwestern in 2002, after receiving his Ph.D. from the College of Computing at Georgia Tech. Among other honors, Fabian has been the recipient of the National Science Foundation CAREER award and the E.T.S. Watson Fellowship Award from the Science Foundation of Ireland. He is the head of the AquaLab group at Northwestern, which researches systems issues in large-scale distributed computing. For more detailed information and a list of publications, please visit: www.aqualab.cs.northwestern.edu.
This week we will discuss a forthcoming OSDI paper.
abstract:
Multiprocessor operating system kernels typically provide complex abstractions implemented with shared data structures protected by locks. On multicore systems this design may cause the kernel to be a bottleneck due to the costs of contention for shared data and locks, and the costs of inter-core TLB invalidation.
Corey is a new operating system based on the principle that applications should control all sharing: all kernel data structures should be local to a processor core unless directed otherwise by the application. Corey is an exokernel-like operating system with new low-level abstractions (shares, address trees, and kernel cores) that allow library operating systems and applications to control all inter-core sharing. Corey also takes advantage of the likely abundance of cores by allowing library operating systems to dedicate cores to handling specific functions and data.
A Corey prototype runs on 16-core AMD and Intel machines. Measurements of MapReduce and Web server applications demonstrate that Corey can scale better and achieve better performance than Linux (9% for a MapReduce application, and a factor of 50% for a kernelintensive synthetic Web benchmark). Microbenchmarks and performance counters confirm that these improvements are due to avoiding operations that are expensive on multicore machines.
This week we will discuss a forthcoming OSDI paper.
abstract:
Device drivers typically execute in supervisor mode and thus must be fully trusted. This paper describes how to move them out of the trusted computing base, by running them without supervisor privileges and constraining their interactions with hardware devices. An implementation of this approach in the Nexus operating system executes drivers in user space, leveraging hardware isolation and subjecting them to reference validation. These Nexus drivers exhibit performance nearly as fast as earlier inkernel, trusted drivers. For example, the monitored driver for an Intel e1000 Ethernet card has throughput comparable to a trusted driver for the same hardware under Linux. And a monitored driver for the Intel i810 sound card provides continuous playback. Drivers for a disk and a USB mouse have also been moved successfully to operate in Nexus user space with reference validation.
http://www.cs.cornell.edu/~kwalsh/Research/nexus-ddrm-tr.pdf
abstract:
Making vital disk data recoverable even in the event of OS compromises has become a necessity, in view of the increased prevalence of OS vulnerability exploits over the recent years. We present the design and implementation of a secure disk system, SVSDS, that performs selective, flexible, and transparent versioning of stored data, at the disk-level. In addition to versioning, SVSDS actively enforces constraints to protect executables and system log files. Most existing versioning solutions that operate at the disk-level are unaware of the higher-level abstractions of data, and hence are not customizable. We evolve a hybrid solution that combines the advantages of disk-level and file system-level versioning systems thereby ensuring security, while at the same time allowing flexible policies. We implemented and evaluated a software-level prototype of SVSDS in the Linux kernel and it shows that the space and performance overheads associated with selective versioning at the disk level are minimal.
abstract:
Last month Panda Security reported that 90% of new malware binaries are using code packing and obfuscation techniques to protect their code from analysis. Eighty percent of these binaries use code packing techniques, wherein all or part of the binary's code is compressed (or encrypted) and packaged with an unpacking loop that decompresses it into memory at runtime. The coverage of static analysis techniques are are further reduced by control-transfer obfuscations, while their accuracy is often affected by code being overwritten at runtime. The number of distinct code packing techniques is growing at a rate of 6-8% per month, yet security companies continue to reverse-engineer packed malware through labor-intensive processes that are becoming increasingly untenable.
This talk will present ongoing work that allows us to identify, analyze, and instrument the code in program binaries despite control-transfer obfuscations and a dynamically changing codebase. We approach the problem by augmenting an initial static analysis with instrumentation-based monitoring to discover, analyze, and instrument new code before it executes. We provide a control-flow graph that is updated dynamically in response to code discovery and modification events, allowing the analyst to use the analysis as a guide to the instrumentation of the binary.