Cornell Systems Lunch
CS 754 Spring 2004
Sponsored by the
Information Assurance Institute (IAI),
The Systems Lunch is a seminar for discussing recent, interesting papers in the systems area, broadly defined to span operating systems, distributed systems, networking, architecture, databases, and programming languages. The goal is to foster technical discussions among the Cornell systems research community. This spring, the Systems Lunch will focus on interesting papers from the upcoming SOSP, and recent Mobisys and Oakland conferences. We will meet once a week on Fridays at noon in Rhodes 655.
The systems lunch is open to all Cornell students interested in systems. First-year graduate students are especially welcome. Student participants are expected to sign up for CS 754, Systems Research Seminar, for one credit.
A Trusted Open Platform
Paul England, Butler W. Lampson, John Manferdelli, Marcus Peinado, Bryan Willman
MACEDON: Methodology for Automatically Creating, Evaluating, and Designing Overlay Networks
Adolfo Rodriguez, Charles Killian, Sooraj Bhat, Dejan Kostic, and Amin Vahdat
NSDI 2004, Technical Report CS-2003-09
PlanetLab: An Overlay Testbed for Broad-Coverage Services
Brent Chun, David Culler, Timothy Roscoe, Andy Bavier, Larry Peterson, Mike Wawrzoniak, Mic Bowman
Mobile File System Support for Collaborative Data Access
Mobile and wireless-enabled devices are becoming more and more common, but
applications running on them operate under constraints which can be very
different from those on desktop hosts. For example, unpredictable network
connectivity can lead to wide variations in available bandwidth, which a
mobile host must adapt to if it is to provide efficient, highly-consistent
access to shared data. Overcoming these constraints is a vital
prerequisite for supporting an emerging application environment of mobile,
collaborative data access in the workplace. This talk will describe MFS,
an adaptive distributed file system developed at Cornell, how MFS supports
this type of collaborative data access, and results from experimental
evaluation of the system.
Automatically characterizing large scale program behavior
Timothy Sherwood, Erez Perelman, Greg Hamerly, Brad Calder
King: Estimating Latency between Arbitrary Internet End Hosts
Gummadi, Saroiu, Gribble
Practical, Distributed Network Coordinates
Cox, Dabek, Kaashoek, Li, Morris
The thrifty barrier: Energy-aware synchronization in shared-memory multiprocessors
J. Li, J. F. Martínez, and M. C. Huang.
Service-Oriented Network Sockets
Saif and Paluska
|March 26||Spring break, no meeting.|
Low-Rate TCP-Targeted Denial of Service Attacks
Aleksandar Kuzmanovic and Edward W. Knightly
|April 9||ACSU/Faculty Lunch.|
Secure Infrastructure for Networked Systems (SINS)
With the increasing dominance of service-oriented architectures, both in Industry and in the military, there is a need for distributed trust management and enforcement of policies among principals at different clearance levels and needs to know, spanning several trust domains and distributed across spatially diverse physical locations. It is also important to police and protect such an infrastructure since distribution increases the vulnerabilities of systems, amplifies the possibility of attacks, and increases the difficulty of effective monitoring, analysis, and remediation.
Secure Infrastructure for Networked Systems (SINS) is an agent-based secure middleware project being executed at the Naval Research Laboratory to address some of these challenges. The SINS architecture comprises a distributed collection of agent interpreters, each capable of running agents written in the synchronous language SOL (Secure Operations Language), which has a well defined formal semantics and an associated automatic theorem proving system (Salsa). The author of each SOL agent provides an inductive invariant, using which the recipient can establish (with Salsa) its compliance with certain local policies. Other policies are enforced by locally deployed "security agents". The SINS middleware provides the necessary framework for agent deployment, communication, fault-tolerance, and migration. We are currently applying SINS to problems of Information Assurance for the US Navy's Open Architecture Computing Environment (OACE). In this talk I shall outline some of the concerns of OACE being addressed by SINS, and conclude with a set of interesting research issues.
|Ramesh Bharadwaj (Naval Research Labs)|
A Measurement-Based Analysis of Multihoming
Aditya Akella, Bruce Maggs, Srinivasan Seshan, Anees Shaikh, Ramesh Sitaraman
Efficient Context-Sensitive Intrusion Detection
Jonathon T. Giffin, Somesh Jha, Barton P. Miller
Pi: A Path Identification Mechanism to Defend against DDoS attacks
A. Yaar, A. Perrig, D. Song.
Oakland Security Conference 2003.
Defending against denial-of-service attacks with puzzle auctions
X. Wang, M. Reiter.
Oakland Security Conference 2003.