diff --git a/images/smb_2019_bytes_pdf.png b/images/smb_2019_bytes_pdf.png index 12433de..b581782 100644 Binary files a/images/smb_2019_bytes_pdf.png and b/images/smb_2019_bytes_pdf.png differ diff --git a/images/smb_2019_iats_pdf.png b/images/smb_2019_iats_pdf.png index f92e04e..a6c82f1 100644 Binary files a/images/smb_2019_iats_pdf.png and b/images/smb_2019_iats_pdf.png differ diff --git a/images/smb_2019_rts_cdf.png b/images/smb_2019_rts_cdf.png index dd11fb0..7781a37 100644 Binary files a/images/smb_2019_rts_cdf.png and b/images/smb_2019_rts_cdf.png differ diff --git a/images/smb_2019_rts_pdf.png b/images/smb_2019_rts_pdf.png index 43a6558..6fc9366 100644 Binary files a/images/smb_2019_rts_pdf.png and b/images/smb_2019_rts_pdf.png differ diff --git a/sigproc.bib b/sigproc.bib index d975791..f160317 100644 --- a/sigproc.bib +++ b/sigproc.bib @@ -570,6 +570,16 @@ year={2016} publisher={USENIX Association} } +@article{ellard2003passive, + title={Passive {NFS} tracing of email and research workloads}, + author={Ellard, Daniel and Ledlie, Jonathan and Malkani, Pia and Seltzer, Margo}, + journal={Proceedings of the {USENIX} Conference on File and Storage Technologies}, + month="March", + pages={203-Ð216}, + year={2003}, + publisher={USENIX Association} +} + @inproceedings{vogels1999file, title="File system usage in {Windows NT 4.0}", author={Vogels, Werner}, @@ -630,13 +640,6 @@ year={2016} publisher={ACM} } -%@article{malkani2003passive, -% title={Passive NFS tracing of email and research workloads}, -% author={Malkani, Pia and Ellard, Daniel and Ledlie, Jonathan and Seltzer, Margo}, -% year={2003}, -% publisher={USENIX Association} -%} - @article{baker1991measurements, title={Measurements of a distributed file system}, author={Baker, Mary G and Hartman, John H and Kupfer, Michael D and Shirriff, Ken W and Ousterhout, John K}, @@ -648,22 +651,15 @@ year={2016} organization={ACM} } -%@article{douceur1999large, -% title={A large-scale study of file-system contents}, -% author={Douceur, John R and Bolosky, William J}, -% journal={ACM SIGMETRICS Performance Evaluation Review}, -% volume={27}, -% number={1}, -% pages={59--70}, -% year={1999}, -% publisher={ACM} -%} - -@article{gribble1996self, - title={Self-similarity in File-systems: Measurements and Applications}, - author={Gribble, Steven D and Manku, Gurmeet Singh and Brewer, Eric A}, - journal={Unpublished Paper, Department of Computer Science, University of California, Berkeley}, - year={1996} +@article{gribble1998self, + title={Self-similarity in file systems}, + author={Gribble, Steven D and Manku, Gurmeet Singh and Roselli, Drew and Brewer, Eric A and Gibson, Timothy J and Miller, Ethan L}, + journal={ACM SIGMETRICS Performance Evaluation Review}, + volume={26}, + number={1}, + pages={141--150}, + year={1998}, + publisher={ACM New York, NY, USA} } @article{ousterhout1985trace, @@ -688,25 +684,6 @@ year={2016} organization={ACM} } -%@inproceedings{roselli2000comparison, -% title={A Comparison of File System Workloads.}, -% author={Roselli, Drew S and Lorch, Jacob R and Anderson, Thomas E and others}, -% booktitle={USENIX annual technical conference, general track}, -% pages={41--54}, -% year={2000} -%} - -%@inproceedings{vogels1999file, -% title={File system usage in Windows NT 4.0}, -% author={Vogels, Werner}, -% booktitle={ACM SIGOPS Operating Systems Review}, -% volume={33}, -% number={5}, -% pages={93--109}, -% year={1999}, -% organization={ACM} -%} - @inproceedings{zhou1999analysis, title={Analysis of personal computer workloads}, author={Zhou, Min and Smith, Alan Jay}, diff --git a/sigproc.bib.bck b/sigproc.bib.bck new file mode 100644 index 0000000..e5b4d43 --- /dev/null +++ b/sigproc.bib.bck @@ -0,0 +1,785 @@ +@INPROCEEDINGS{sara, +author={Tehranipoor, F. and Yan, W. and Chandy, J.}, +booktitle={Hardware-Oriented Security and Trust (HOST), 2016 IEEE International Symposium on}, +title={Robust Hardware True Random Number Generators using DRAM Remanence Effects}, +year={2016} +} + +@inproceedings{tehranipoor2015dram, + title="{DRAM} based intrinsic physical unclonable functions for system level security", + author={Tehranipoor, Fatemeh and Karimina, Nima and Xiao, Kan and Chandy, John}, + booktitle={Proceedings of the 25th edition on Great Lakes Symposium on VLSI}, + pages={15--20}, + year={2015}, + organization={ACM} +} + +@inproceedings{karimian2015genetic, + title={Genetic algorithm for hardware Trojan detection with ring oscillator network (RON)}, + author={Karimian, Nima and Tehranipoor, Fatemeh and Rahman, Md Tauhidur and Kelly, Shane and Forte, Domenic}, + booktitle={Technologies for Homeland Security (HST), 2015 IEEE International Symposium on}, + pages={1--6}, + year={2015}, + organization={IEEE} +} + +@inproceedings{yan2015novel, + title={A Novel Way to Authenticate Untrusted Integrated Circuits}, + author={Yan, Wei and Tehranipoor, Fatemeh and Chandy, John A}, + booktitle={Proceedings of the IEEE/ACM International Conference on Computer-Aided Design}, + pages={132--138}, + year={2015}, + organization={IEEE Press} +} + +@article{sangiovanni2002defining, + title={Defining platform-based design}, + author={Sangiovanni-Vincentelli, Alberto}, + journal={EEDesign of EETimes}, + year={2002} +} + +@article{schaumont2005platform, + title={Platform-based design for an embedded-fingerprint-authentication device}, + author={Schaumont, Patrick and Hwang, David and Verbauwhede, Ingrid}, + journal={Computer-Aided Design of Integrated Circuits and Systems, IEEE Transactions on}, + volume={24}, + number={12}, + pages={1929--1936}, + year={2005}, + publisher={IEEE} +} + +@techreport{benzel2005design, + title={Design principles for security}, + author={Benzel, Terry V and Irvine, Cynthia E and Levin, Timothy E and Bhaskara, Ganesha and Nguyen, Thuy D and Clark, Paul C}, + year={2005}, + institution={DTIC Document} +} + +@article{avivzienis2004basic, + title={Basic concepts and taxonomy of dependable and secure computing}, + author={Avi{\v{z}}ienis, Algirdas and Laprie, Jean-Claude and Randell, Brian and Landwehr, Carl}, + journal={Dependable and Secure Computing, IEEE Transactions on}, + volume={1}, + number={1}, + pages={11--33}, + year={2004}, + publisher={IEEE} +} + +@article{sangiovanni2007quo, + title="Quo vadis, {SLD? Reasoning} about the trends and challenges of system level design", + author={Sangiovanni-Vincentelli, Alberto}, + journal={Proceedings of the IEEE}, + volume={95}, + number={3}, + pages={467--506}, + year={2007}, + publisher={IEEE} +} + +@inproceedings{densmore2009platform, + title={A platform-based design environment for synthetic biological systems}, + author={Densmore, Douglas and Van Devender, Anne and Johnson, Matthew and Sritanyaratana, Nade}, + booktitle={The Fifth Richard Tapia Celebration of Diversity in Computing Conference: Intellect, Initiatives, Insight, and Innovations}, + pages={24--29}, + year={2009}, + organization={ACM} +} + +@article{teich2012hardware, + title={Hardware/software codesign: The past, the present, and predicting the future}, + author={Teich, J{\"u}rgen}, + journal={Proceedings of the IEEE}, + volume={100}, + number={Special Centennial Issue}, + pages={1411--1430}, + year={2012}, + publisher={IEEE} +} + +@article{keutzer2000system, + title={System-level design: orthogonalization of concerns and platform-based design}, + author={Keutzer, Kurt and Rabaey, Jan M and Sangiovanni-Vincentelli, A and others}, + journal={Computer-Aided Design of Integrated Circuits and Systems, IEEE Transactions on}, + volume={19}, + number={12}, + pages={1523--1543}, + year={2000}, + publisher={IEEE} +} + +@inproceedings{lin2013security, + title="Security-aware mapping for {CAN}-based real-time distributed automotive systems", + author={Lin, Chung-Wei and Zhu, Qi and Phung, Congchi and Sangiovanni-Vincentelli, Alberto}, + booktitle={Computer-Aided Design (ICCAD), 2013 IEEE/ACM International Conference on}, + pages={115--121}, + year={2013}, + organization={IEEE} +} + +@article{gerstlauer2009electronic, + title={Electronic system-level synthesis methodologies}, + author={Gerstlauer, Andreas and Haubelt, Christian and Pimentel, Andy D and Stefanov, Todor P and Gajski, Daniel D and Teich, J{\"u}rgen}, + journal={Computer-Aided Design of Integrated Circuits and Systems, IEEE Transactions on}, + volume={28}, + number={10}, + pages={1517--1530}, + year={2009}, + publisher={IEEE} +} + +@inproceedings{gronbaek2008architecture, + title="Architecture for the {Internet of Things (IoT): API} and interconnect", + author={Gronbaek, I}, + booktitle={Sensor Technologies and Applications, 2008. SENSORCOMM'08. Second International Conference on}, + pages={802--807}, + year={2008}, + organization={IEEE} +} + +@article{pimentel2006systematic, + title={A systematic approach to exploring embedded system architectures at multiple abstraction levels}, + author={Pimentel, Andy D and Erbas, Cagkan and Polstra, Simon}, + journal={Computers, IEEE Transactions on}, + volume={55}, + number={2}, + pages={99--112}, + year={2006}, + publisher={IEEE} +} + +@phdthesis{sedcole2006reconfigurable, + title={Reconfigurable platform-based design in FPGAs for video image processing}, + author={Sedcole, Nicholas Peter}, + year={2006}, + school={Department of Electrical and Electronic Engineering, Imperial College} +} + +@techreport{benveniste2012contracts, + title={Contracts for system design}, + author={Benveniste, Albert and Caillaud, Beno{\^\i}t and Nickovic, Dejan and Passerone, Roberto and Raclet, Jean-Baptiste and Reinkemeier, Philipp and Sangiovanni-Vincentelli, Alberto and Damm, Werner and Henzinger, Thomas and Larsen, Kim G}, + number="RR-8147", + institution="INRIA", + year={2012} +} + +@article{pinto2004system, + title={System level design paradigms: Platform-based design and communication synthesis}, + author={Pinto, Alessandro and Bonivento, Alvise and Sangiovanni-Vincentelli, Alberto L and Passerone, Roberto and Sgroi, Marco}, + journal={ACM Transactions on Design Automation of Electronic Systems (TODAES)}, + volume={11}, + number={3}, + pages={537--563}, + year={2004}, + organization={ACM} +} + +@article{bonivento2006platform, + title={Platform based design for wireless sensor networks}, + author={Bonivento, Alvise and Carloni, Luca P and Sangiovanni-Vincentelli, Alberto}, + journal={Mobile Networks and Applications}, + volume={11}, + number={4}, + pages={469--485}, + year={2006}, + publisher={Springer-Verlag New York, Inc.} +} + +@inproceedings{pellizzoni2009handling, + title={Handling mixed-criticality in SoC-based real-time embedded systems}, + author={Pellizzoni, Rodolfo and Meredith, Patrick and Nam, Min-Young and Sun, Mu and Caccamo, Marco and Sha, Lui}, + booktitle={Proceedings of the seventh ACM International Conference on Embedded software}, + pages={235--244}, + year={2009}, + organization={ACM} +} + +@article{kreku2008combining, + title="Combining {UML2} application and {SystemC} platform modelling for performance evaluation of real-time embedded systems", + author={Kreku, Jari and Hoppari, Mika and Kestil{\"a}, Tuomo and Qu, Yang and Soininen, Juha-Pekka and Andersson, Per and Tiensyrj{\"a}, Kari}, + journal={EURASIP Journal on Embedded Systems}, + volume={2008}, + number={1}, + pages={1--18}, + year={2008}, + publisher={Springer} +} + +@article{gamatie2011model, + title={A model-driven design framework for massively parallel embedded systems}, + author={Gamati{\'e}, Abdoulaye and Le Beux, S{\'e}bastien and Piel, {\'E}ric and Ben Atitallah, Rabie and Etien, Anne and Marquet, Philippe and Dekeyser, Jean-Luc}, + journal={ACM Transactions on Embedded Computing Systems (TECS)}, + volume={10}, + number={4}, + pages={39}, + year={2011}, + publisher={ACM} +} + +@article{gruttner2013complex, + title="The {COMPLEX} reference framework for {HW/SW} co-design and power management supporting platform-based design-space exploration", + author={Gr{\"u}ttner, Kim and Hartmann, Philipp A and Hylla, Kai and Rosinger, Sven and Nebel, Wolfgang and Herrera, Fernando and Villar, Eugenio and Brandolese, Carlo and Fornaciari, William and Palermo, Gianluca and others}, + journal={Microprocessors and Microsystems}, + volume={37}, + number={8}, + pages={966--980}, + year={2013}, + publisher={Elsevier} +} + +@phdthesis{lin2015security, + title={Security Mechanisms and Security-Aware Mapping for Real-Time Distributed Embedded Systems}, + author={Lin, Chung-Wei}, + school={University of California, Berkeley}, + year={2015} +} + +@inproceedings{danger2009overview, + title={Overview of Dual rail with Precharge logic styles to thwart implementation-level attacks on hardware cryptoprocessors}, + author={Danger, Jean-Luc and Guilley, Sylvain and Bhasin, Shivam and Nassar, Maxime and Sauvage, Laurent}, + booktitle = {Proceedings of International Confereonce on Signals, Circuits and Systems}, + year={2009} +} + +@techreport{ellison2015extending, + title="Extending {AADL} for Security Design Assurance of Cyber-Physical Systems", + author={Ellison, Robert and Householder, Allen and Hudak, John and Kazman, Rick and Woody, Carol}, + number={CMU/SEI-2015-TR-014}, + institution="Software Engineering Institute", + year={2015} +} + +@techreport{CommonCriteria, + title={Common Criteria for Information Technology Security Evaluation}, + institution={ISO/IEC}, + number={ISO/IEC 15408}, + month={July}, + year={2015} +} + +@misc{ThomasNoll, + author="Thomas Noll", + title="{D-MILS and MILS-AADL}", + howpublished="AADL Standards Meeting", + month=jan, + year="2016" +} + +@misc{SecurityInAADL, + author="Julien Delange", + title="Improving System and Software Security with {AADL}", + url="https://insights.sei.cmu.edu/sei_blog/2016/02/improving-system-and-software-security-with-aadl.html", + month=feb, + year="2016" +} + +@misc{jeepHack, + author="Alex Drozhzhin", + title="{Black Hat USA} 2015: The full story of how that {Jeep} was hacked", + howpublished="https://blog.kaspersky.com/blackhat-jeep -cherokee-hack-explained/9493/", + month=aug, + year="2015" +} + +@misc{planeHack, + author="Kim Zetter", + title="Feds say that banned researcher commandeered a plane", + url="http://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/", + month=may, + year="2015" +} + +@misc{superFish, + author="Paco Hope", + title="Superfish adware weakens security and injects ads on some {Lenovo} laptops", + howpublished="http://www.techrepublic.com/article/superfish-adware-weakens-security-and-injects-ads-on-some-lenovo-laptops/", + month=feb, + year="2015" +} + +@misc{lenovoWPBT, + author="James Sanders", + title="Windows and {UEFI} anti-theft mechanism makes systems less secure", + howpublished="http://www.techrepublic.com/article/windows-and -uefi-anti-theft-mechanism-makes-systems-less-secure/", + month=aug, + year="2015" +} + +@misc{govHack, + author="Toluse Olorunnipa", + title="Breach of Employee Data Wider Than Initial Report, {U.S.} Says", + howpublished="http://www.bloomberg.com/politics/articles/2015-06-12/white-house-says-personnel-records-possibly-breached-twice", + month=jun, + year="2015" +} + +@misc{stageFright, + author="Steven J. Vaughan-Nicholas", + title="Stagefright: Just how scary is it for {Android} users?", + howpublished="http://www.zdnet.com/article/stagefright-just-how-scary-is-it-for-android-users/", + month=jul, + year="2015" +} + +@misc{stageFright2, + author="Zack Whittaker", + title="Stagefright is back, and affecting millions of {Android} devices", + howpublished="http://www.zdnet.com/article/new-stagefright-2-0-flaws-affect-millions-of-android-devices/", + month=oct, + year="2015" +} + +@misc{androidUpdates, + author="Kevin Tofel", + title="{HTC} says monthly {Android} security updates are {``unrealistic''}", + howpublished="http://www.zdnet.com/article/htc-says-monthly-stagefright-android-security-updates-are-unrealistic/", + month=oct, + year="2015" +} + +@misc{androidMarshmallow, + author="Jack Wallen", + title="The woes of {Android} updates, and how to fix the process", + howpublished="http://www.techrepublic.com/article/the-woes-of-android-updates-and-how-to-fix-the-process/", + month=nov, + year="2015" +} + +@misc{googleAndroid, + author="James Sanders", + title="Google finally doubles down on security with monthly {Android} updates", + howpublished="http://www.techrepublic.com/article/google-and-some -android-phone-vendors-introduce-welcome-changes-to-security-update-process/", + month=aug, + year="2015" +} + +@article{denning1996location, + title={Location-based authentication: Grounding cyberspace for better security}, + author={Denning, Dorothy E and MacDoran, Peter F}, + journal={Computer Fraud \& Security}, + volume={1996}, + number={2}, + pages={12--16}, + year={1996}, + publisher={Elsevier} +} + +@article{mapayi2013evaluating, + title={Evaluating usability factors in different authentication methods using artificial neural network}, + author={Mapayi, T and Olaniyan, O and Isamotu, N and Moses, O}, + journal={African Journal of Computing \& ICT}, + volume={6}, + number={1}, + pages={69--78}, + year={2013}, + publisher={Citeseer} +} + +@article{shi2013new, + title={A new user authentication protocol for wireless sensor networks using elliptic curves cryptography}, + author={Shi, Wenbo and Gong, Peng}, + journal={International Journal of Distributed Sensor Networks}, + volume={2013}, + year={2013}, + publisher={Hindawi Publishing Corporation} +} + +@article{saito2015case, + title={A case-based management system for secure software development using software security knowledge}, + author={Saito, Masahito and Hazeyama, Atsuo and Yoshioka, Nobukazu and Kobashi, Takanori and Washizaki, Hironori and Kaiya, Haruhiko and Ohkubo, Takao}, + journal={Procedia Computer Science}, + volume={60}, + pages={1092--1100}, + year={2015}, + publisher={Elsevier} +} + +@article{son2015software, + title={A Software Weakness Analysis Technique for Secure Software}, + author={Son, Yunsik and Lee, Yangsun and Oh, Seman}, + journal={Advanced Science and Technology Letters}, + volume={93}, + pages={5--8}, + year={2015} +} + +@article{denning2015toward, + title={Toward more secure software}, + author={Denning, Dorothy E}, + journal={Communications of the ACM}, + volume={58}, + number={4}, + pages={24--26}, + year={2015}, + publisher={ACM} +} + +@phdthesis{nguyen2015model, + title={Model-Driven Security With Modularity and Reusability For Engineering Secure Software Systems}, + author={Nguyen, Phu}, + year={2015}, + school={University of Luxembourg} +} + +@article{ravi2004security, + title={Security in embedded systems: Design challenges}, + author={Ravi, Srivaths and Raghunathan, Anand and Kocher, Paul and Hattangady, Sunil}, + journal={ACM Transactions on Embedded Computing Systems (TECS)}, + volume={3}, + number={3}, + pages={461--491}, + year={2004}, + publisher={ACM} +} + +@article{gokhale2008model, + title={Model driven middleware: A new paradigm for developing distributed real-time and embedded systems}, + author={Gokhale, Aniruddha and Balasubramanian, Krishnakumar and Krishna, Arvind S and Balasubramanian, Jaiganesh and Edwards, George and Deng, Gan and Turkay, Emre and Parsons, Jeffrey and Schmidt, Douglas C}, + journal={Science of Computer programming}, + volume={73}, + number={1}, + pages={39--58}, + year={2008}, + publisher={Elsevier} +} + +@article{aaraj2008analysis, + title={Analysis and design of a hardware/software trusted platform module for embedded systems}, + author={Aaraj, Najwa and Raghunathan, Anand and Jha, Niraj K}, + journal={ACM Transactions on Embedded Computing Systems (TECS)}, + volume={8}, + number={1}, + pages={8}, + year={2008}, + publisher={ACM} +} + +@inproceedings{perez2006vtpm, + title={vTPM: virtualizing the trusted platform module}, + author={Perez, Ronald and Sailer, Reiner and van Doorn, Leendert and others}, + booktitle={Proc. 15th Conf. on USENIX Security Symposium}, + pages={305--320}, + year={2006} +} + +% ----------- New Sources for the Tracking paper -------------------------- +@misc{ntopWebsite, + title="ntop - High Performance Network Monitoring Solutions", + url="http://www.ntop.org/", +} + +@misc{pfringWebsite, + title="{PF\_RING} - High-speed packet capture, filtering and analysis", + url="http://www.ntop.org/products/packet-capture/pf_ring/", +} + +@misc{PFRINGMan, + title="{PF\_RING} User Guide", + url="https://svn.ntop.org/svn/ntop/trunk/PF_RING/doc/UsersGuide.pdf", +} + +@misc{dataseriesGit, + title="DataSeries: structured serial data library", + url="https://github.com/dataseries/DataSeries", +} + +@techreport{DataSeries, + Author = {Eric Anderson and Martin Arlitt and Morrey III, Charles B. and Alistair Veitch}, + Institution = {Hewlett-Packard}, + Month = "Sept.", + Number = {HPL-2009-323}, + Title = {DataSeries: An Efficient, Flexible Data Format for Structured Serial Data}, + Type = {Technical Report}, + Year = 2009} + + +@misc{pandasPythonWebsite, + title="pandas: Python Data Analysis Library", + url="http://pandas.pydata.org/", +} + +@inproceedings{leung2008measurement, + title={Measurement and Analysis of Large-Scale Network File System Workloads}, + author={Leung, Andrew W and Pasupathy, Shankar and Goodson, Garth R and Miller, Ethan L}, + booktitle={USENIX Annual Technical Conference}, + pages={213--226}, + year={2008} +} + +@inproceedings{anderson2004buttress, + title={Buttress: A toolkit for flexible and high fidelity {I/O} benchmarking}, + author={Anderson, Eric and Kallahalla, Mahesh and Uysal, Mustafa and Swaminathan, Ram}, + booktitle={Proceedings of the 3rd USENIX Conference on File and Storage Technologies}, + pages={4--4}, + year={2004}, + organization={USENIX Association} +} + +@inproceedings{Orosz2013, + title={Multi-threaded Packet Timestamping for End-to-End {QoS} Evaluation}, + author={Orosz, Peter and Skopko, Tamas}, + booktitle={ICSNC 2013, The Eighth International Conference on Systems and Networks Communications}, + year={2013} +} + +@inproceedings{dabir2007bottleneck, + title="Bottleneck analysis of traffic monitoring using {Wireshark}", + author={Dabir, Abes and Matrawy, Ashraf}, + booktitle={Innovations in Information Technology, 2007. IIT'07. 4th International Conference on}, + pages={158--162}, + year={2007}, + organization={IEEE} +} + +@inproceedings{narayan2010characterization, + title={I/O characterization on a parallel file system}, + author={Narayan, Sumit and Chandy, John A}, + booktitle={Performance Evaluation of Computer and Telecommunication Systems (SPECTS), 2010 International Symposium on}, + pages={133--140}, + year={2010}, + organization={IEEE} +} + +@article{skopko2012loss, + title={Loss analysis of the software-based packet capturing}, + author={Skopk{\'o}, Tam{\'a}s}, + journal={Carpathian Journal of Electronic and Computer Engineering}, + volume={5}, + pages={107}, + year={2012}, + publisher={North University of Baia Mare} +} + +@inproceedings{seltzer2003nfs, + title="{NFS} Tricks and Benchmarking Traps", + author={Seltzer, Margo and Ellard, Daniel}, + booktitle={Proceedings of the FREENIX track, USENIX Annual Technical Conference}, + year={2003}, + publisher={USENIX Association} +} + +@inproceedings{malkani2003passive, + title={Passive {NFS} tracing of email and research workloads}, + author={Malkani, Pia and Ellard, Daniel and Ledlie, Jonathan and Seltzer, Margo}, + booktitle={Proceedings of the USENIX Conference on File and Storage Technologies}, + month="March", + pages={203-Ð216}, + year={2003}, + publisher={USENIX Association} +} + +@article{ellard2003passive, + title={Passive {NFS} tracing of email and research workloads}, + author={Ellard, Daniel and Ledlie, Jonathan and Malkani, Pia and Seltzer, Margo}, + booktitle={Proceedings of the {USENIX} Conference on File and Storage Technologies}, + month="March", + pages={203-Ð216}, + year={2003}, + publisher={USENIX Association} +} + +@inproceedings{vogels1999file, + title="File system usage in {Windows NT 4.0}", + author={Vogels, Werner}, + booktitle={ACM SIGOPS Operating Systems Review}, + volume={33}, + number={5}, + pages={93--109}, + year={1999}, + organization={ACM} +} + +@article{traeger2008nine, + title={A nine year study of file system and storage benchmarking}, + author={Traeger, Avishay and Zadok, Erez and Joukov, Nikolai and Wright, Charles P}, + journal={ACM Transactions on Storage (TOS)}, + volume={4}, + number={2}, + pages={5}, + year={2008}, + publisher={ACM} +} + +@book{ruemmler1992unix, + title={UNIX disk access patterns}, + author={Ruemmler, Chris and Wilkes, John}, + year={1992}, + publisher={Hewlett-Packard Laboratories} +} + +@inproceedings{roselli2000comparison, + title={A Comparison of File System Workloads.}, + author={Roselli, Drew S and Lorch, Jacob R and Anderson, Thomas E}, + booktitle={USENIX Annual Technical Conference}, + pages={41--54}, + year={2000} +} + +@article{douceur1999large, + title={A large-scale study of file-system contents}, + author={Douceur, John R and Bolosky, William J}, + journal={ACM SIGMETRICS Performance Evaluation Review}, + volume={27}, + number={1}, + pages={59--70}, + year={1999}, + publisher={ACM} +} + +% Source for the Table of past examinations +@article{agrawal2007five, + title={A five-year study of file-system metadata}, + author={Agrawal, Nitin and Bolosky, William J and Douceur, John R and Lorch, Jacob R}, + journal={ACM Transactions on Storage (TOS)}, + volume={3}, + number={3}, + pages={9}, + year={2007}, + publisher={ACM} +} + +%@article{malkani2003passive, +% title={Passive NFS tracing of email and research workloads}, +% author={Malkani, Pia and Ellard, Daniel and Ledlie, Jonathan and Seltzer, Margo}, +% year={2003}, +% publisher={USENIX Association} +%} + +@article{baker1991measurements, + title={Measurements of a distributed file system}, + author={Baker, Mary G and Hartman, John H and Kupfer, Michael D and Shirriff, Ken W and Ousterhout, John K}, + journal={ACM SIGOPS Operating Systems Review}, + volume={25}, + number={5}, + pages={198--212}, + year={1991}, + organization={ACM} +} + +%@article{douceur1999large, +% title={A large-scale study of file-system contents}, +% author={Douceur, John R and Bolosky, William J}, +% journal={ACM SIGMETRICS Performance Evaluation Review}, +% volume={27}, +% number={1}, +% pages={59--70}, +% year={1999}, +% publisher={ACM} +%} + +%@article{gribble1996self, +% title={Self-similarity in File-systems: Measurements and Applications}, +% author={Gribble, Steven D and Manku, Gurmeet Singh and Brewer, Eric A}, +% journal={Unpublished Paper, Department of Computer Science, University of California, Berkeley}, +% year={1996} +%} + +@article{gribble1998self, + title={Self-similarity in file systems}, + author={Gribble, Steven D and Manku, Gurmeet Singh and Roselli, Drew and Brewer, Eric A and Gibson, Timothy J and Miller, Ethan L}, + journal={ACM SIGMETRICS Performance Evaluation Review}, + volume={26}, + number={1}, + pages={141--150}, + year={1998}, + publisher={ACM New York, NY, USA} +} + +@article{ousterhout1985trace, + title={A trace-driven analysis of the {UNIX 4.2 BSD} file system}, + author={Ousterhout, John K and Da Costa, Herve and Harrison, David and Kunze, John A and Kupfer, Mike and Thompson, James G}, + journal={ACM SIGOPS Operating Systems Review}, + volume={19}, + number={5}, + month="Dec.", + year={1985}, + publisher={ACM} +} + +@inproceedings{ramakrishnan1992analysis, + title={Analysis of file {I/O} traces in commercial computing environments}, + author={Ramakrishnan, KK and Biswas, Prabuddha and Karedla, Ramakrishna}, + booktitle={ACM SIGMETRICS Performance Evaluation Review}, + volume={20}, + number={1}, + pages={78--90}, + year={1992}, + organization={ACM} +} + +%@inproceedings{roselli2000comparison, +% title={A Comparison of File System Workloads.}, +% author={Roselli, Drew S and Lorch, Jacob R and Anderson, Thomas E and others}, +% booktitle={USENIX annual technical conference, general track}, +% pages={41--54}, +% year={2000} +%} + +%@inproceedings{vogels1999file, +% title={File system usage in Windows NT 4.0}, +% author={Vogels, Werner}, +% booktitle={ACM SIGOPS Operating Systems Review}, +% volume={33}, +% number={5}, +% pages={93--109}, +% year={1999}, +% organization={ACM} +%} + +@inproceedings{zhou1999analysis, + title={Analysis of personal computer workloads}, + author={Zhou, Min and Smith, Alan Jay}, + booktitle={Modeling, Analysis and Simulation of Computer and Telecommunication Systems, 1999. Proceedings. 7th International Symposium on}, + pages={208--217}, + year={1999}, + organization={IEEE} +} + +@article{vrable2009cumulus, + title={Cumulus: Filesystem backup to the cloud}, + author={Vrable, Michael and Savage, Stefan and Voelker, Geoffrey M}, + journal={ACM Transactions on Storage (TOS)}, + volume={5}, + number={4}, + pages={14}, + year={2009}, + publisher={ACM} +} + +@inproceedings{benson2010network, + title={Network traffic characteristics of data centers in the wild}, + author={Benson, Theophilus and Akella, Aditya and Maltz, David A}, + booktitle={Proceedings of the 10th ACM SIGCOMM conference on Internet measurement}, + pages={267--280}, + year={2010}, + organization={ACM} +} + +@article{chen2012interactive, + title={Interactive analytical processing in big data systems: A cross-industry study of mapreduce workloads}, + author={Chen, Yanpei and Alspaugh, Sara and Katz, Randy}, + journal={Proceedings of the VLDB Endowment}, + volume={5}, + number={12}, + pages={1802--1813}, + year={2012}, + publisher={VLDB Endowment} +} + +@misc{SMB1Spec, + author="{Microsoft Corporation}", + title="[{MS-SMB}]: Server Message Block ({SMB}) Protocol", + url="https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/f210069c-7086-4dc2-885e-861d837df688", + month=sep, + year="2018" +} + +@misc{SMB2Spec, + author="{Microsoft Corporation}", + title="[{MS-SMB2}]: Server Message Block ({SMB}) Protocol Versions 2 and 3", + url="https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/5606ad47-5ee0-437a-817e-70c366052962", + month=sep, + year="2019" +} \ No newline at end of file diff --git a/trackingPaper.tex b/trackingPaper.tex index 9e40930..a59718e 100644 --- a/trackingPaper.tex +++ b/trackingPaper.tex @@ -57,6 +57,11 @@ \usepackage[normalem]{ulem} \useunder{\uline}{\ul}{} +% Fixing type issue +\UseRawInputEncoding +%\usepackage[utf8]{inputenc} +%\usepackage[utf8x]{inputenc} + \definecolor{darkgreen}{rgb}{0,0.5,0} \definecolor{mygreen}{rgb}{0,0.6,0} \definecolor{mygray}{rgb}{0.5,0.5,0.5} @@ -216,13 +221,14 @@ Study & Date of Traces & FS/Protocol & Network FS & Trace A Ousterhout, \textit{et al.}~\cite{ousterhout1985trace} & 1985 & BSD & & Dynamic & Engineering \\ \hline Ramakrishnan, \textit{et al.}~\cite{ramakrishnan1992analysis} & 1988-89 & VAX/VMS & x & Dynamic & Engineering, HPC, Corporate \\ \hline Baker, \textit{et al.}~\cite{baker1991measurements} & 1991 & Sprite & x & Dynamic & Engineering \\ \hline -Gribble, \textit{et al.}~\cite{gribble1996self} & 1991-97 & Sprite, NFS, VxFS & x & Both & Engineering, Backup \\ \hline +Gribble, \textit{et al.}~\cite{gribble1998self} & 1991-97 & Sprite, NFS, VxFS & x & Both & Engineering, Backup \\ \hline Douceur and Bolosky~\cite{douceur1999large} & 1998 & FAT, FAT32, NTFS & & Snapshots & Engineering \\ \hline Vogels~\cite{vogels1999file} & 1998 & FAT, NTFS & & Both & Engineering, HPC \\ \hline Zhou and Smith~\cite{zhou1999analysis} & 1999 & VFAT & & Dynamic & PC \\ \hline Roselli, \textit{et al.}~\cite{roselli2000comparison} & 1997-00 & VxFS, NTFS & & Dynamic & Engineering, Server \\ \hline -Malkani, \textit{et al.}~\cite{malkani2003passive} & 2001 & NFS & x & Dynamic & Engineering, Email \\ \hline +%Malkani, \textit{et al.}~\cite{malkani2003passive} & 2001 & NFS & x & Dynamic & Engineering, Email \\ \hline Agrawal, \textit{et al.}~\cite{agrawal2007five} & 2000-2004 & FAT, FAT32, NTFS & & Snapshots & Engineering \\ \hline +Ellard, \textit{et al.}~\cite{ellard2003passive} & 2003 & NFS & x & Dynamic & Engineering, Email \\ \hline Leung, \textit{et al.}~\cite{leung2008measurement} & 2007 & CIFS & x & Dynamic & Corporate, Engineering \\ \hline %Traeger, \textit{et al.}~\cite{traeger2008nine} & 2008 & FUSE & x & Snapshots & Backup \\ \hline Vrable, \textit{et al.}~\cite{vrable2009cumulus} & 2009 & FUSE & x & Snapshots & Backup \\ \hline @@ -239,8 +245,8 @@ This paper & 2020 & SMB & x & Dynamic & We summarize major works in trace study in Table~\ref{tbl:studySummary}. %In addition we examine issues that occur with traces and the assumptions in their study. Tracing collection and analysis from previous studies have provided important insights and lessons such as an observations of read/write event changes, overhead concerns originating in system implementation, bottlenecks in communication, and other revelations found in the traces. -Previous tracing work has shown that one of the largest and broadest hurdles to tackle is that traces (and benchmarks) must be tailored to the system being tested. There are always some generalizations taken into account, but these generalizations can also be a major source of error (e.g. timing, accuracy, resource usage) ~\cite{vogels1999file,malkani2003passive,seltzer2003nfs,anderson2004buttress,Orosz2013,dabir2007bottleneck,skopko2012loss,traeger2008nine,ruemmler1992unix}. -To produce a benchmark with high fidelity one needs to understand not only the technology being used but how it is being implemented within the system~\cite{roselli2000comparison,traeger2008nine,ruemmler1992unix}. All these aspects lend to the behavior of the system; from timing and resource elements to how the managing software governs actions~\cite{douceur1999large,malkani2003passive,seltzer2003nfs}. Furthermore, in pursuing this work one may find unexpected results and learn new things through examination~\cite{leung2008measurement,roselli2000comparison,seltzer2003nfs}. +Previous tracing work has shown that one of the largest and broadest hurdles to tackle is that traces (and benchmarks) must be tailored to the system being tested. There are always some generalizations taken into account, but these generalizations can also be a major source of error (e.g. timing, accuracy, resource usage) ~\cite{vogels1999file,ellard2003passive,seltzer2003nfs,anderson2004buttress,Orosz2013,dabir2007bottleneck,skopko2012loss,traeger2008nine,ruemmler1992unix}. +To produce a benchmark with high fidelity one needs to understand not only the technology being used but how it is being implemented within the system~\cite{roselli2000comparison,traeger2008nine,ruemmler1992unix}. All these aspects lend to the behavior of the system; from timing and resource elements to how the managing software governs actions~\cite{douceur1999large,ellard2003passive,seltzer2003nfs}. Furthermore, in pursuing this work one may find unexpected results and learn new things through examination~\cite{leung2008measurement,roselli2000comparison,seltzer2003nfs}. These studies are required in order to evaluate the development of technologies and methodologies along with furthering knowledge of different system aspects and capabilities. As has been pointed out by past work, the design of systems is usually guided by an understanding of the file system workloads and user behavior. %It is for that reason that new studies are constantly performed by the science community, from large scale studies to individual protocol studies~\cite{leung2008measurement,vogels1999file,roselli2000comparison,seltzer2003nfs,anderson2004buttress}. Even within these studies, the information gleaned is only as meaningful as the considerations of how the data is handled. @@ -372,7 +378,6 @@ The \texttt{.pcap} files from \texttt{tshark} do not lend themselves to easy dat For our purposes, there is no need to track all data that is exchanged, only information that illuminates the behavior of the clients and servers that interact over the network (i.e. I/O transactions). It should also be noted that all sensitive information being captured by the tracing system is hashed to protect the privacy of the users of the storage system. Furthermore, the DataSeries file retains only the first 512 bytes of the SMB packet - enough to capture the SMB header information that contains the I/O information we seek, while the body of the SMB traffic is not retained in order to better ensure privacy. The reasoning for this limit was to allow for capture of longer SMB AndX message chains due to negotiated \textit{MaxBufferSize}. It is worth noting that in the case of larger SMB headers, some information is lost, however this is a trade-off by the university to provide, on average, the correct sized SMB header but does lead to scenarios where some information may be captured incompletely. This scenario only occurs in the cases of large AndX Chains in the SMB protocol, since the SMB header for SMB 2 is fixed at 72 bytes. In those scenarios the AndX messages specify only a single SMB header with the rest of the AndX Chain attached in a series of block pairs. \subsection{DataSeries Analysis} - Building upon existing code for the interpretation and dissection of the captured \texttt{.ds} files, we developed C/C++ code to examine the captured traffic information. From this analysis, we are able to capture read, write, create and general I/O information at both a global scale and individual tracking ID (UID/TID) level. In addition, read and write buffer size information is tracked, as well as the inter-arrival and response times. Also included in this data is oplock information and IP addresses. The main contribution of this step is to aggregate observed data for later interpretation of the results. This step also creates an easily digestible output that can be used to re-create all tuple information for SMB/SMB2 sessions that are witnessed over the entire time period. Sessions are any communication where a valid UID and TID is used. @@ -494,7 +499,10 @@ Cancel & \multicolumn{2}{|c|}{0} & 0.00\% \\ %\end{figure} Each SMB Read and Write command is associated with a data request size that indicates how many bytes are to be read or written as part of that command. Figure~\ref{fig:SMB-Bytes-IO} %and~\ref{fig:PDF-Bytes-Write} -shows the probability density function (PDF) of the different sizes of bytes transferred for read and write I/O operations respectively. The most noticeable aspect of these +shows the probability density function (PDF) of the different sizes of bytes transferred for read and write I/O operations respectively, as well as +%Figure~\ref{fig:SMB-Bytes-IO} %and~\ref{fig:CDF-Bytes-Write} +showing cumulative distribution functions (CDF) for bytes read and bytes written. +The most noticeable aspect of these graphs is that the majority of bytes transferred for read and write operations is around 64 bytes. It is worth noting that write I/Os also have a larger number of very small transfer amounts. This is unexpected in terms of the amount of data passed in a frame. Part of the reason is due to a large number of long-term %calculations/ scripts that only require small but frequent updates, as we observed several @@ -557,8 +565,9 @@ running scripts creating a large volume of files. A more significant reason was % \caption{CDF of Bytes Transferred for Read+Write I/O} % \label{fig:CDF-Bytes-RW} %\end{figure} -Figure~\ref{fig:SMB-Bytes-IO} %and~\ref{fig:CDF-Bytes-Write} -shows cumulative distribution functions (CDF) for bytes read and bytes written. As can be seen, almost no read transfer sizes are less than 32 bytes, whereas 20\% of the writes are smaller than 32 bytes. Table~\ref{fig:transferSizes} shows a tabular view of this data. For reads, $34.97$\% are between 64 and 512 bytes, with another $28.86$\% at 64-byte request sizes. There are a negligible percentage of read requests larger than 512. +%Figure~\ref{fig:SMB-Bytes-IO} %and~\ref{fig:CDF-Bytes-Write} +%shows cumulative distribution functions (CDF) for bytes read and bytes written. +Additionally almost no read transfer sizes are less than 32 bytes, whereas 20\% of the writes are smaller than 32 bytes. Table~\ref{fig:transferSizes} shows a tabular view of this data. For reads, $34.97$\% are between 64 and 512 bytes, with another $28.86$\% at 64-byte request sizes. There are a negligible percentage of read requests larger than 512. This read data differs from the size of reads observed by Leung et al. by a factor of four smaller. %This read data is similar to what was observed by Leung et al, however at an order of magnitude smaller. %Writes observed also differ from previous inspection of the protocol's usage. % are very different.