HASLab - Indexed Articles in Conferences

Permanent URI for this collection

http://localhost:4000/handle/123456789/176

Browse

Browsing HASLab - Indexed Articles in Conferences by Author "5621"
  • Item
    Accelerating Deep Learning Training Through Transparent Storage Tiering
    ( 2022) Dantas,M ; Leitao,D ; Cui,P ; Ricardo Gonçalves Macedo ; Liu,XL ; Xu,WJ ; João Tiago Paulo ; 5621 ; 6941
  • Item
    BDUS: implementing block devices in user space
    ( 2021) José Orlando Pereira ; João Tiago Paulo ; Alberto Campinho Faria ; Ricardo Gonçalves Macedo ; 7204 ; 6941 ; 5621 ; 5602
  • Item
    The Case for Storage Optimization Decoupling in Deep Learning Frameworks
    ( 2021) Ricardo Gonçalves Macedo ; Correia,C ; Marco Filipe Dantas ; Cláudia Vanessa Brito ; Xu,WJ ; Tanimura,Y ; Haga,J ; João Tiago Paulo ; 7516 ; 8247 ; 6941 ; 5621
  • Item
    CAT: content-aware tracing and analysis for distributed systems
    ( 2021) Rui Carlos Oliveira ; João Tiago Paulo ; Francisco Teixeira Neves ; Tânia Conceição Araújo ; 5594 ; 5621 ; 6125 ; 7401
  • Item
    CRIBA: A Tool for Comprehensive Analysis of Cryptographic Ransomware's I/O Behavior
    ( 2023) Tânia Conceição Araújo ; Bruno Filipe Pereira ; João Tiago Paulo ; João Marco ; 7401 ; 8963 ; 5621 ; 6946
    Cryptographic ransomware attacks are constantly evolving by obfuscating their distinctive features (e.g., I/O patterns) to bypass detection mechanisms and to run unnoticed at infected servers. Thus, efficiently exploring the I/O behavior of ransomware families is crucial so that security analysts and engineers can better understand these and, with such knowledge, enhance existing detection methods. In this paper, we propose CRIBA, an open-source framework that simplifies the exploration, analysis, and comparison of I/O patterns for Linux cryptographic ransomware. Our solution combines the collection of comprehensive information about system calls issued by ransomware samples, with a customizable and automated analysis and visualization pipeline, including tailored correlation algorithms and visualizations. Our study, including 5 Linux ransomware families, shows that CRIBA provides comprehensive insights about the I/O patterns of these attacks while aiding in exploring common and differentiating traits across families.
  • Item
    Diagnosing applications' I/O behavior through system call observability
    ( 2023) João Tiago Paulo ; Ricardo Gonçalves Macedo ; Tânia Conceição Araújo ; Rui Carlos Oliveira ; 5621 ; 6941 ; 7401 ; 5594
    We present DIO, a generic tool for observing inefficient and erroneous I/O interactions between applications and in-kernel storage systems that lead to performance, dependability, and correctness issues. DIO facilitates the analysis and enables near real-time visualization of complex I/O patterns for data-intensive applications generating millions of storage requests. This is achieved by non-intrusively intercepting system calls, enriching collected data with relevant context, and providing timely analysis and visualization for traced events. We demonstrate its usefulness by analyzing two production-level applications. Results show that DIO enables diagnosing resource contention in multi-threaded I/O that leads to high tail latency and erroneous file accesses that cause data loss.
  • Item
    Diagnosing applications' I/O behavior through system call observability
    ( 2023) João Tiago Paulo ; Tânia Conceição Araújo ; Ricardo Gonçalves Macedo ; Rui Carlos Oliveira ; 5621 ; 7401 ; 6941 ; 5594
    We present DIO, a generic tool for observing inefficient and erroneous I/O interactions between applications and in-kernel storage systems that lead to performance, dependability, and correctness issues. DIO facilitates the analysis and enables near real-time visualization of complex I/O patterns for data-intensive applications generating millions of storage requests. This is achieved by non-intrusively intercepting system calls, enriching collected data with relevant context, and providing timely analysis and visualization for traced events. We demonstrate its usefulness by analyzing two production-level applications. Results show that DIO enables diagnosing resource contention in multi-threaded I/O that leads to high tail latency and erroneous file accesses that cause data loss.
  • Item
    MONARCH: Hierarchical Storage Management for Deep Learning Frameworks
    ( 2021) Dantas,M ; Diogo Luzio Leitão ; Cláudia Sofia Mendonça ; Ricardo Gonçalves Macedo ; Xu,WJ ; João Tiago Paulo ; 5621 ; 6941 ; 7785 ; 7971
  • Item
    On the Trade-Offs of Combining Multiple Secure Processing Primitives for Data Analytics
    ( 2020) Cruz,D ; Oliveira,R ; Carvalho,H ; João Tiago Paulo ; Pontes,R ; 5621
    Cloud Computing services for data analytics are increasingly being sought by companies to extract value from large quantities of information. However, processing data from individuals and companies in third-party infrastructures raises several privacy concerns. To this end, different secure analytics techniques and systems have recently emerged. These initial proposals leverage specific cryptographic primitives lacking generality and thus having their application restricted to particular application scenarios. In this work, we contribute to this thriving body of knowledge by combining two complementary approaches to process sensitive data. We present SafeSpark, a secure data analytics framework that enables the combination of different cryptographic processing techniques with hardware-based protected environments for privacy-preserving data storage and processing. SafeSpark is modular and extensible therefore adapting to data analytics applications with different performance, security and functionality requirements. We have implemented a SafeSpark’s prototype based on Spark SQL and Intel SGX hardware. It has been evaluated with the TPC-DS Benchmark under three scenarios using different cryptographic primitives and secure hardware configurations. These scenarios provide a particular set of security guarantees and yield distinct performance impact, with overheads ranging from as low as 10% to an acceptable 300% when compared to an insecure vanilla deployment of Apache Spark. © IFIP International Federation for Information Processing 2020.
  • Item
    PAIO: General, Portable I/O Optimizations With Minor Application Modifications
    ( 2022) Ricardo Gonçalves Macedo ; Tanimura,Y ; Haga,J ; Chidambaram,V ; José Orlando Pereira ; João Tiago Paulo ; 5621 ; 6941 ; 5602
  • Item
    Pods-as-Volumes: Effortlessly Integrating Storage Systems and Middleware into Kubernetes
    ( 2021) Alberto Campinho Faria ; Ricardo Gonçalves Macedo ; João Tiago Paulo ; 5621 ; 6941 ; 7204
  • Item
    Protecting Metadata Servers From Harm Through Application-level I/O Control
    ( 2022) Ricardo Gonçalves Macedo ; Miranda,M ; Tanimura,Y ; Haga,J ; Ruhela,A ; Harrell,SL ; Evans,RT ; João Tiago Paulo ; 6941 ; 5621
  • Item
    S2Dedup: SGX-enabled secure deduplication
    ( 2021) Miranda,M ; João Tiago Paulo ; Portela,B ; Esteves,T ; 5621
  • Item
    S2Dedup: SGX-enabled secure deduplication
    ( 2021) João Tiago Paulo ; Bernardo Luís Portela ; Mariana Martins Miranda ; Tânia Conceição Araújo ; 5621 ; 6060 ; 7969 ; 7401
    Secure deduplication allows removing duplicate content at third-party storage services while preserving the privacy of users' data. However, current solutions are built with strict designs that cannot be adapted to storage service and applications with different security and performance requirements. We present S2Dedup, a trusted hardware-based privacy-preserving deduplication system designed to support multiple security schemes that enable different levels of performance, security guarantees and space savings. An in-depth evaluation shows these trade-offs for the distinct Intel SGX-based secure schemes supported by our prototype. Moreover, we propose a novel Epoch and Exact Frequency scheme that prevents frequency analysis leakage attacks present in current deterministic approaches for secure deduplication while maintaining similar performance and space savings to state-of-the-art approaches.
  • Item
    TRUSTFS: An SGX-enabled Stackable File System Framework
    ( 2019) João Tiago Paulo ; José Orlando Pereira ; Bernardo Luís Portela ; Ricardo Gonçalves Macedo ; Alberto Campinho Faria ; Tânia Conceição Araújo ; 5621 ; 5602 ; 6060 ; 6941 ; 7204 ; 7401
    Data confidentiality in cloud services is commonly ensured by encrypting information before uploading it. However, this approach limits the use of content-aware functionalities, such as deduplication and compression. Although this issue has been addressed individually for some of these functionalities, no unified framework for building secure storage systems exists that can leverage such operations over encrypted data. We present TRUSTFS, a programmable and modular stackable file system framework for implementing secure content-aware storage functionalities over hardware-assisted trusted execution environments. This framework extends the original SAFEFS architecture to provide the isolated execution guarantees of Intel SGX. We demonstrate its usability by implementing an SGX-enabled stackable file system prototype while a preliminary evaluation shows that it incurs reasonable performance overhead when compared to conventional storage systems. Finally, we highlight open research challenges that must be further pursued in order for TRUSTFS to be fully adequate for building production-ready secure storage solutions.