DDoS Attacks on Cloud Auto-scaling Mechanisms

Auto-scaling mechanisms are an important line of defense against distributed denial of service (DDoS) attacks in the cloud. Using auto-scaling, machines can be added and removed in an online manner to respond to fluctuating load. It is commonly believed that the...

Relational Memory Controller

Note: See the Near-Data Data Transformation project page for information about the work that led to this project. Abstract: Data movement through the memory hierarchy is a fundamental bottleneck for computing systems. A key reason is that data access patterns do not...

Learned Cost-Models for Robust Tuning

Note: Please see the Robust Data Systems Tuning project page for earlier results associated with this research. Abstract: Data systems’ performance is tuned via analytical cost models that take into account all tuning knobs and predict performance....

Security and safety of Linux systems in a BPF-powered hybrid user space/kernel world

With the introduction of BPF into the Linux kernel, we are seeing a sea change in the traditional application model. With BPF it is now possible to execute parts of the application logic in kernel space, leading to a novel hybrid userspace/kernel model. This is an exciting development that brings with it many opportunities, but also some challenges especially in the area of security. We have recently seen an example of this around the “kernel lockdown” functionality in the kernel, which would disable BPF entirely in its “confidentiality” mode.