Analyzing Security and Energy Tradeoffs in Autonomic Capacity Management Wei Wu.

Slides:



Advertisements
Similar presentations
Adaptive QoS Control Based on Benefit Optimization for Video Servers Providing Differential Services Ing-Ray Chen, Sheng-Yun Li, I-Ling Yen Presented by.
Advertisements

Hadi Goudarzi and Massoud Pedram
SLA-Oriented Resource Provisioning for Cloud Computing
Anthony Sulistio 1, Kyong Hoon Kim 2, and Rajkumar Buyya 1 Managing Cancellations and No-shows of Reservations with Overbooking to Increase Resource Revenue.
CLOUD COMPUTING AN OVERVIEW & QUALITY OF SERVICE Hamzeh Khazaei University of Manitoba Department of Computer Science Jan 28, 2010.
Silberschatz, Galvin and Gagne  2002 Modified for CSCI 399, Royden, Operating System Concepts Operating Systems Lecture 19 Scheduling IV.
Data Communication and Networks Lecture 13 Performance December 9, 2004 Joseph Conron Computer Science Department New York University
Performance Evaluation of Peer-to-Peer Video Streaming Systems Wilson, W.F. Poon The Chinese University of Hong Kong.
1 Chapter 7 Dynamic Job Shops Advantages/Disadvantages Planning, Control and Scheduling Open Queuing Network Model.
Dynamic and Decentralized Approaches for Optimal Allocation of Multiple Resources in Virtualized Data Centers Wei Chen, Samuel Hargrove, Heh Miao, Liang.
1 An SLA-Oriented Capacity Planning Tool for Streaming Media Services Lucy Cherkasova, Wenting Tang, and Sharad Singhal HPLabs,USA.
1 Chapter 5 Flow Lines Types Issues in Design and Operation Models of Asynchronous Lines –Infinite or Finite Buffers Models of Synchronous (Indexing) Lines.
SLA-based Resource Allocation for Software as a Service Provider (SaaS) in Cloud Computing Environments Author Linlin Wu, Saurabh Kumar Garg and Rajkumar.
On QoS Guarantees with Reward Optimization for Servicing Multiple Priority Class in Wireless Networks YaoChing Peng Eunyoung Chang.
Budget-based Control for Interactive Services with Partial Execution 1 Yuxiong He, Zihao Ye, Qiang Fu, Sameh Elnikety Microsoft Research.
1 [3] Jorge Martinez-Bauset, David Garcia-Roger, M a Jose Domenech- Benlloch and Vicent Pla, “ Maximizing the capacity of mobile cellular networks with.
Utilizing Call Admission Control for Pricing Optimization of Multiple Service Classes in Wireless Cellular Networks Authors : Okan Yilmaz, Ing-Ray Chen.
Energy Aware Consolidation for Cloud Computing Srikanaiah, Kansal, Zhao Usenix HotPower 2008.
OPERETTA: An Optimal Energy Efficient Bandwidth Aggregation System Karim Habak†, Khaled A. Harras‡, and Moustafa Youssef† †Egypt-Japan University of Sc.
Network Design and Analysis-----Wang Wenjie Queuing Theory III: 1 © Graduate University, Chinese academy of Sciences. Network Design and Performance Analysis.
4th Annual INFORMS Revenue Management and Pricing Section Conference, June 2004 An Asymptotically-Optimal Dynamic Admission Policy for a Revenue Management.
Managing Server Energy and Operational Costs Chen, Das, Qin, Sivasubramaniam, Wang, Gautam (Penn State) Sigmetrics 2005.
Database replication policies for dynamic content applications Gokul Soundararajan, Cristiana Amza, Ashvin Goel University of Toronto Presented by Ahmed.
Optimal Resource Allocation for Protecting System Availability against Random Cyber Attack International Conference Computer Research and Development(ICCRD),
OPERATING SYSTEMS CS 3530 Summer 2014 Systems and Models Chapter 03.
Copyright © 2010, Performance and Power Management for Cloud Infrastructures Hien Nguyen Van; Tran, F.D.; Menaud, J.-M. Cloud Computing (CLOUD),
Example 14.3 Queuing | 14.2 | 14.4 | 14.5 | 14.6 | 14.7 |14.8 | Background Information n County Bank has several.
Flows and Networks Plan for today (lecture 6): Last time / Questions? Kelly / Whittle network Optimal design of a Kelly / Whittle network: optimisation.
SizeCap: Efficiently Handling Power Surges for Fuel Cell Powered Data Centers Yang Li, Di Wang, Saugata Ghose, Jie Liu, Sriram Govindan, Sean James, Eric.
Towards Robust Revenue Management: Capacity Control Using Limited Demand Information Michael Ball, Huina Gao, Yingjie Lan & Itir Karaesmen Robert H Smith.
Dynamic Resource Allocation for Shared Data Centers Using Online Measurements By- Abhishek Chandra, Weibo Gong and Prashant Shenoy.
McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. Chapter 18 Management of Waiting Lines.
Supplementary Chapter B Optimization Models with Uncertainty
Impact of Interference on Multi-hop Wireless Network Performance
OPERATING SYSTEMS CS 3502 Fall 2017
WAITING LINES AND SIMULATION
Performance Study of Congestion Price Based Adaptive Service
Dan C. Marinescu Office: HEC 439 B. Office hours: M, Wd 3 – 4:30 PM.
QoS & Queuing Theory CS352.
T-Share: A Large-Scale Dynamic Taxi Ridesharing Service
microeconomics spring 2016 the analytics of
A Scalable Routing Architecture for Prefix Tries
System Control based Renewable Energy Resources in Smart Grid Consumer
Flexible Forward Contracts for Renewable Energy Generators
Cloud Computing By P.Mahesh
Chapter 6: CPU Scheduling
Professor Arne Thesen, University of Wisconsin-Madison
CS 143A - Principles of Operating Systems
CPU Scheduling G.Anuradha
Module 5: CPU Scheduling
Andy Wang Operating Systems COP 4610 / CGS 5765
Dusit Niyato, Student Member, IEEE Ekram Hossain, Senior Member, IEEE
Authors: Ing-Ray Chen; Yating Wang Present by: Kaiqun Fu
Scheduling Algorithms in Broad-Band Wireless Networks
3: CPU Scheduling Basic Concepts Scheduling Criteria
Is Dynamic Multi-Rate Worth the Effort?
Chapter5: CPU Scheduling
CSCI1600: Embedded and Real Time Software
Chapter 6: CPU Scheduling
CPU SCHEDULING.
Networked Real-Time Systems: Routing and Scheduling
Process Scheduling Decide which process should run and for how long
Lecture 2 Part 3 CPU Scheduling
Chapter 6: CPU Scheduling
Prestented by Zhi-Sheng, Lin
Module 5: CPU Scheduling
Information Theoretical Analysis of Digital Watermarking
Chapter 6: CPU Scheduling
IIS Progress Report 2016/01/18.
Module 5: CPU Scheduling
Presentation transcript:

Analyzing Security and Energy Tradeoffs in Autonomic Capacity Management Wei Wu

Introduction Capacity management of hosting infrastructure Achieve performance goal traditionally QoS and the revenues impact of security attacks energy cost and constraints Cost effective solution Previous strategies: performance issue Self-adaptive capacity management framework: dynamically allocates capacity among applications so as to maximize the provider’s revenues a pricing model Service Level Agreement (SLA) contracts a queuing-based performance model an optimization model Energy-related costs Previous works simplified assumptions of single-tier platforms or guarantees only on average performance targets addressing security issues aim at improving robustness, and are disconnected from the capacity management goal Main goals: to build cost-effective framework to address jointly three issues that are key to capacity management

Background Autonomic Capacity Management for Multi-Tier Services The case of a provider hosting third-party applications on a shared infrastructure The customers, sign Service Level Agreement (SLA) contracts with the provider Each hosted application may be composed of multiple request types: application class, the provider hosts N classes The shared platform is composed of K tiers After being served at tier j, a class i request leaves the system with probability pi,j (i = 1..N, j = 1..K, pi,K = 1) or enters tier j + 1. The capacity allocation problem the determination of the fraction of the physical capacity of each tier j to each class i that maximizes the provider’s business goal Self-adaptive capacity management framework

Autonomic Capacity Management for Multi-Tier Services: Pricing Model The pricing model specifies QoS requirements and hosting costs, thus, captures the SLA contracts Normal the valid throughput that is expected to satisfy class i requirements most of the time In case of SLA violations, the provider must refund the customer ci for each unit of throughput below Surge the maximum valid throughput up to which the customer agrees to pay extra (ri per unit of valid throughput above ) to accommodate occasional load peaks The valid throughput includes all accepted requests served with a response time that satisfies the SLA the system response time experienced by each class i request, Ri, exceeds threshold , that is, Given λi, class i request arrival rate, and , the rate of requests accepted into the system, computed by the capacity manager, the provider’s revenues from class i, gi,

Autonomic Capacity Management for Multi-Tier Services: Performance Model The analytical queuing-based performance model estimates, system throughput and the probability of system response time SLA violations the average service time of a class i request running on tier j’s full capacity The average service time of a class i request at its assigned VM on tier j, di,j , is then computed as di,j = / fi,j Assumptions For each hosted class i, the model assumes Poisson request arrivals with rate λi, as observed in real systems, and exponentially distributed service times at each tier j, with average di,j Each VM is modeled as an M/M/1 queue with FCFS scheduling discipline The probability that a class i request violates its system response time SLA, , can be derived from the distribution of system response time Ri

Autonomic Capacity Management for Multi-Tier Services: Optimization Model The pricing and performance models are combined into an optimization model with an objective function that expresses the provider’s goal of maximizing total revenues Constraints are added to specify limits the accepted request rates per-tier allocated capacity VM utilizations effective request rates express the SLA tail distribution response time requirement for each class

Capacity Management under Security Attacks and Energy Constraints Goals Uncover primary tradeoffs in managing capacity of a shared infrastructure under security attacks and energy constraints Evaluate the cost-effectiveness of adaptive SLA contracts. Security Attacks A flooding of illegitimate requests even though they might be detected, illegitimate requests can not be individually blocked before being processed, as they look like legitimate ones , plus means the rate of legitimate requests, minus means the rate of illegitimate requests the service of a fraction of class i legitimate requests implies extra costs to the provider, as some of the illegitimate requests will also be admitted into the system, consuming resources the provider’s revenues from class i, computed only over its goodput

Solutions built from variants of Baseline framework: Security Attacks Attack-Oblivious (AO) the provider is unaware that class i is under attack Capacity management is done using our original framework, which relies on estimates of revenues given by Equation 1, however actually, by using Equation 2 Attack-Aware (AA) using the extended framework Two other strategies based on adaptive SLA contracts victim customer may agree to either pay extra for each legitimate request served within the pre-defined SLA, or, for fixed costs, relax the response time target Adaptive Cost (AC) agree to pay an amount for each legitimate request served that is inflated by the attack weight Adaptive (S-AR) agree to relax by a factor proportional to the attack weight

Solutions built from variants of Baseline framework: Energy Constraints Goal uncover primary tradeoffs in managing capacity of a shared infrastructure under security attacks and energy constraints The original expression for revenues is ej is the cost per time unit of operation of tier j at its full capacity energy constrains         , where C is the total available capacity and constants sj are used to normalize tier capacities Solutions Energy-Oblivious (EO) using the original framework, which does not capture energy costs Energy-Aware (EA) using the extended framework with the aforementioned changes Adaptive (E-AR) the owner of application class i may agree to relax its response time SLA by a factor proportional to S to achieve higher throughput under the reduced allocation, where S is a fraction reduced of energy consumed by the infrastructure

Conclusion This paper extends the capacity management framework to capture key cost and performance tradeoffs introduced by security attacks and energy constraints Contributions introducing energy and security awareness into our framework provides great revenue gains at the cost of goodput degradation, particularly for applications under attacks or with heavy demands on the costlier tiers dynamic SLA strategies can help reduce goodput degradation response time SLA relaxation also reduces degradation due to an attack or energy constraint, although its benefit depends on the original SLA, on the relaxation factor and on target utilizations Future work the design of more sophisticated models of energy costs and security attacks extensions to take the end-user perspective into the design of service reputation, workload forecasting and request prioritization mechanisms

Thank you! Questions?