Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIDDLEWARE SYSTEMS RESEARCH GROUP 20071 Denial of Service in Content-based Publish/Subscribe Systems M.A.Sc. Candidate: Alex Wun Thesis Supervisor: Hans-Arno.

Published byBruno Gray Modified over 8 years ago

Similar presentations

Presentation on theme: "MIDDLEWARE SYSTEMS RESEARCH GROUP 20071 Denial of Service in Content-based Publish/Subscribe Systems M.A.Sc. Candidate: Alex Wun Thesis Supervisor: Hans-Arno."— Presentation transcript:

1 MIDDLEWARE SYSTEMS RESEARCH GROUP 20071 Denial of Service in Content-based Publish/Subscribe Systems M.A.Sc. Candidate: Alex Wun Thesis Supervisor: Hans-Arno Jacobsen Department of Electrical and Computer Engineering Department of Computer Science University of Toronto v0.4

2 RESEARCH GROUP MIDDLEWARE SYSTEMS 20072 Background Context of Thesis Work PADRES middleware platform  Content-based Publish/Subscribe (CPS)  Originally inspired by distributed dashboard and job scheduling requirements  Increasingly motivated by enterprise application integration Need to investigate different facets of security for CPS systems  Security amongst top concern in many application scenarios

3 RESEARCH GROUP MIDDLEWARE SYSTEMS 20073 Contributions of Thesis Work DoS Characteristics Attack Taxonomy Attack Experiments DoS Resilience Commonality Model Matching Algorithm DoS Prevention Policy Model Policy Framework

4 RESEARCH GROUP MIDDLEWARE SYSTEMS 20074 Content-based Publish/Subscribe SS P Publishers P Subscribers Broker Network Subscrip- tions Publication (Tuple) Subscriptions (Boolean Functions) Storing Filters (Functions) [(event=prescription), (age>50)] [(event,prescription), (patientID,123), (age,63), (drug,X) …] [(event=prescription), (drug=Y)] “Matching”

5 RESEARCH GROUP MIDDLEWARE SYSTEMS 20075 Matching Performance Optimizations Often based on exploiting similarities (overlap) between subscriptions  Avoid unnecessary subscription and predicate evaluations Can we abstract these optimizations?  Formalize content-based Matching Plans (order of subscription and predicate evaluations)  Quantify performance of existing optimizations  Discover future potential optimizations

6 RESEARCH GROUP MIDDLEWARE SYSTEMS 20076 Commonality Model For a subscription set or Disjunctive Commonality Expression Conjunctive Commonality Expression A set of commonality expressions is a subscription topology. Per-Link Matching DNF Subscriptions Shared predicates Clustering on subscription classes or attributes “Pruning” strategies (e.g., number of attributes)

7 RESEARCH GROUP MIDDLEWARE SYSTEMS 20077 Example: Link-Group Topology Depth First Algorithm to determine probabilistically optimal matching plan [Greiner2006] in

8 8 Example: Link-Group Topology Low Selectivity X X High Selectivity o o

9 9 Example: Cluster Topology Dramatic scalability effects of clustering in CPS Observed trend depends on proportion of commonalities not number of predicates... X o SimulationExperimental (in PADRES)

10 RESEARCH GROUP MIDDLEWARE SYSTEMS 200710 Extended Implication Relationships Between subscriptionsBetween predicates Between commonalities

11 RESEARCH GROUP MIDDLEWARE SYSTEMS 200711 Simple Implication Expressions Mixed operator lists currently not supported

12 RESEARCH GROUP MIDDLEWARE SYSTEMS 200712 Matching Engine Architecture … Shared pred. index (conj. comm.) … Subscription index … … All predicates index Predicate pool Subscription pool Overlay links (disj. comm.) Map Sorted List (Map) Node elements

13 RESEARCH GROUP MIDDLEWARE SYSTEMS 200713 Matching Engine Architecture True False D.C. True False D.C. Node Element Subscription Predicate Overlay link (conj. comm.) (DNF subs) Implication Lists Node Elements

14 RESEARCH GROUP MIDDLEWARE SYSTEMS 200714 Subscription Insertion Predicate Insertion … Shared pred. index (conj. comm.) … Subscription index … … All predicates index Predicate pool Conj. Comm. Subscription pool Overlay links (disj. comm.) Unknown predicate priorities default to head of list

15 RESEARCH GROUP MIDDLEWARE SYSTEMS 200715 Subscription Insertion Implication List Update a > 3456798 P’s True -> True list P 3456798 X i ’s False -> False list 3456798 P’s False -> False list

16 RESEARCH GROUP MIDDLEWARE SYSTEMS 200716 Performance Experiments Generated subscription workloads from ~50 to ~200,000 predicates  {5,10,15,20} Avg. Predicates x {10,100,1000,10000} Subscriptions 4 Different subscription topologies  Low/High clustering (5/200 classes)  Low/High sharing (subscription overlap) Randomly generated and matched 100 publications

17 17 Low Sharing High Sharing High Cluster Low Cluster

18 18 Low Sharing High Sharing High Cluster Low Cluster

19 RESEARCH GROUP MIDDLEWARE SYSTEMS 200719 Cross-cluster Attributes

20 RESEARCH GROUP MIDDLEWARE SYSTEMS 200720 Cross-cluster Attributes

21 21 Low Sharing High Sharing High Cluster Low Cluster

22 22 Low Sharing High Sharing High Cluster Low Cluster

23 RESEARCH GROUP MIDDLEWARE SYSTEMS 200723 Conclusions Model captures many existing and potential optimization techniques Implication list approach significantly reduces number of predicate evaluations in all workloads  Superior for expensive predicates Implementation trade-off: Control cascade overhead/usage  Cluster/Index implication lists as well  Optimize iteration over marked nodes  Additional clustering/indexing beyond only event class Future work  Additional conjunctive/disjunctive commonalities, implication relationships?  Implication relationships relevant to message distribution?  Rule-based implementation of implication/commonality algorithm? Thank You – Questions?

24 MIDDLEWARE SYSTEMS RESEARCH GROUP 200724 *** Extra Slides ***

25 25 High clustering, High sharing

26 26 Low clustering, High sharing

27 27 Low clustering, Low sharing

28 28 High clustering, Low sharing

29 RESEARCH GROUP MIDDLEWARE SYSTEMS 200729 Publication matching Commonality Phase … Shared pred. index (conj. comm.) … Subscription index … … All predicates index Predicate pool Subscription pool Overlay links (disj. comm.) Termination Condition: All overlay links have been decided Iterate and evaluate while TC is false

30 RESEARCH GROUP MIDDLEWARE SYSTEMS 200730 Publication Matching Implication Cascade True False D.C. True False D.C. If not already determined, Evaluate Cascade and Mark True FalseD.C. “Advanced” implications handled with a method call triggered by state change (e.g. Predicate becomes true, calls countTruePredicate() on subscriptions)

31 RESEARCH GROUP MIDDLEWARE SYSTEMS 200731 Publication Matching Subscription Phase … Shared pred. index (conj. comm.) … Subscription index … … All predicates index Predicate pool Subscription pool Overlay links (disj. comm.) Iterate and evaluate while TC is false + Cascade and Mark + Cascade and Count

32 RESEARCH GROUP MIDDLEWARE SYSTEMS 200732 Publication Matching Cleanup Phase There is no cleanup phase  A counter (Vm) is incremented at the start of each publication matching phase  All determined results are versioned (Vd)  A determined result is stale if Vd < Vm To avoid overflow, reset counter every:  64bit counter ~= 16x10^18 pubs  @1000 pub/s ~ 16x10^15 s  ~32x10^6 s/year ~ 0.5x10^9 years

33 RESEARCH GROUP MIDDLEWARE SYSTEMS 200733 Publication Matching Sorted Lists Commonality/predicate lists sorted by (p+1/N)  p is the predicate selectivity  N is the number of subscriptions sharing the predicate Subscriptions sorted by (1-p)n  p is average predicate selectivity  n is number of predicates Predicate hash sorted by predicate value Commonality/predicate/subscription sorting is meant to be extendable with different priority equations  Include predicate cost, length of implication lists, etc …

34 RESEARCH GROUP MIDDLEWARE SYSTEMS 200734 Low Sharing High Sharing High Cluster Low Cluster

35 RESEARCH GROUP MIDDLEWARE SYSTEMS 200735 Low Sharing High Sharing High Cluster Low Cluster

36 RESEARCH GROUP MIDDLEWARE SYSTEMS 200736 Tables Query (Boolean Function) DB Rows (Tuples) Subscrip- tions Publication (Tuple) Subscriptions (Boolean Functions) Storing Functions Storing Data Databases Content-based Publish/Subscribe Inverse Problems Query Plans Matching Plans? Scalable Performance

Download ppt "MIDDLEWARE SYSTEMS RESEARCH GROUP 20071 Denial of Service in Content-based Publish/Subscribe Systems M.A.Sc. Candidate: Alex Wun Thesis Supervisor: Hans-Arno."

Similar presentations

Efficient Event-based Resource Discovery Wei Yan*, Songlin Hu*, Vinod Muthusamy +, Hans-Arno Jacobsen +, Li Zha* * Chinese Academy of Sciences, Beijing.

Efficient Event-based Resource Discovery Wei Yan*, Songlin Hu*, Vinod Muthusamy +, Hans-Arno Jacobsen +, Li Zha* * Chinese Academy of Sciences, Beijing.
Alex Cheung and Hans-Arno Jacobsen August, 14 th 2009 MIDDLEWARE SYSTEMS RESEARCH GROUP.

Alex Cheung and Hans-Arno Jacobsen August, 14 th 2009 MIDDLEWARE SYSTEMS RESEARCH GROUP.
Pete Bohman Adam Kunk.  Introduction  Related Work  System Overview  Indexing Scheme  Ranking  Evaluation  Conclusion.

Pete Bohman Adam Kunk.  Introduction  Related Work  System Overview  Indexing Scheme  Ranking  Evaluation  Conclusion.
An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.

An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.
Small-Scale Peer-to-Peer Publish/Subscribe

Small-Scale Peer-to-Peer Publish/Subscribe
Transactional Mobility in Distributed Content-Based Publish/Subscribe Systems Songlin Hu*, Vinod Muthusamy +, Guoli Li +, Hans-Arno Jacobsen + * Chinese.

Transactional Mobility in Distributed Content-Based Publish/Subscribe Systems Songlin Hu*, Vinod Muthusamy +, Guoli Li +, Hans-Arno Jacobsen + * Chinese.
MIDDLEWARE SYSTEMS RESEARCH GROUP A Taxonomy for Denial of Service Attacks in Content-based Publish/Subscribe Systems Alex Wun, Alex Cheung, Hans-Arno.

MIDDLEWARE SYSTEMS RESEARCH GROUP A Taxonomy for Denial of Service Attacks in Content-based Publish/Subscribe Systems Alex Wun, Alex Cheung, Hans-Arno.
Using Trees to Depict a Forest Bin Liu, H. V. Jagadish EECS, University of Michigan, Ann Arbor Presented by Sergey Shepshelvich 1.

Using Trees to Depict a Forest Bin Liu, H. V. Jagadish EECS, University of Michigan, Ann Arbor Presented by Sergey Shepshelvich 1.
Subscription Subsumption Evaluation for Content-Based Publish/Subscribe Systems Hojjat Jafarpour, Bijit Hore, Sharad Mehrotra, and Nalini Venkatasubramanian.

Subscription Subsumption Evaluation for Content-Based Publish/Subscribe Systems Hojjat Jafarpour, Bijit Hore, Sharad Mehrotra, and Nalini Venkatasubramanian.
©NEC Laboratories America 1 Hui Zhang Samrat Ganguly Sudeept Bhatnagar Rauf Izmailov NEC Labs America Abhishek Sharma University of Southern California.

©NEC Laboratories America 1 Hui Zhang Samrat Ganguly Sudeept Bhatnagar Rauf Izmailov NEC Labs America Abhishek Sharma University of Southern California.
Carnegie Mellon University Complex queries in distributed publish- subscribe systems Ashwin R. Bharambe, Justin Weisz and Srinivasan Seshan.

Carnegie Mellon University Complex queries in distributed publish- subscribe systems Ashwin R. Bharambe, Justin Weisz and Srinivasan Seshan.
Darmstadt University of Technology CoopIS 2001, TrentoGero Mühl Generic Constraints for Content-Based Publish/Subscribe Gero Mühl PhD Program “Enabling.

Darmstadt University of Technology CoopIS 2001, TrentoGero Mühl Generic Constraints for Content-Based Publish/Subscribe Gero Mühl PhD Program “Enabling.
Weaving a Tapestry Distributed Algorithms for Secure Node Integration, Routing and Fault Handling Ben Y. Zhao (John Kubiatowicz, Anthony Joseph) Fault-tolerant.

Weaving a Tapestry Distributed Algorithms for Secure Node Integration, Routing and Fault Handling Ben Y. Zhao (John Kubiatowicz, Anthony Joseph) Fault-tolerant.
Hermes: A Distributed Event- Based Middleware Architecture Peter Pietzuch and Jean Bacon 1st DEBS Workshop, Vienna,

Hermes: A Distributed Event- Based Middleware Architecture Peter Pietzuch and Jean Bacon 1st DEBS Workshop, Vienna,
Fuego Event Service: Towards Modularity in Event Routing Sasu Tarkoma Rutgers-Helsinki Workshop 9.5.2006.

Fuego Event Service: Towards Modularity in Event Routing Sasu Tarkoma Rutgers-Helsinki Workshop
Team Dosen UMN Physical DB Design Connolly Book Chapter 18.

Team Dosen UMN Physical DB Design Connolly Book Chapter 18.
Minimal Probing: Supporting Expensive Predicates for Top-k Queries Kevin C. Chang Seung-won Hwang Univ. of Illinois at Urbana-Champaign.

Minimal Probing: Supporting Expensive Predicates for Top-k Queries Kevin C. Chang Seung-won Hwang Univ. of Illinois at Urbana-Champaign.
Achieving fast (approximate) event matching in large-scale content- based publish/subscribe networks Yaxiong Zhao and Jie Wu The speaker will be graduating.

Achieving fast (approximate) event matching in large-scale content- based publish/subscribe networks Yaxiong Zhao and Jie Wu The speaker will be graduating.
Alex King Yeung Cheung and Hans-Arno Jacobsen University of Toronto June, 24 th 2010 ICDCS 2010 MIDDLEWARE SYSTEMS RESEARCH GROUP.

Alex King Yeung Cheung and Hans-Arno Jacobsen University of Toronto June, 24 th 2010 ICDCS 2010 MIDDLEWARE SYSTEMS RESEARCH GROUP.
Managing Large RDF Graphs (Infinite Graph) Vaibhav Khadilkar Department of Computer Science, The University of Texas at Dallas FEARLESS engineering.

Managing Large RDF Graphs (Infinite Graph) Vaibhav Khadilkar Department of Computer Science, The University of Texas at Dallas FEARLESS engineering.

Similar presentations

Ads by Google