Refreshments will be served.
|1. NFS Failure Policy Fingerprinting||Giri Ravipati & Swetha Krishnan||Abstract: Users place a lot of value on the data they store in file systems. This makes reliability and availability the most important characteristics of a file system. These characteristics are even more difficult to guarantee in distributed file systems that have other sources of failure such as the network. This work aims to find the NFS failure detection and recovery mechanisms by inserting faults at various points in the protocol stack. We look at two kinds of failures in NFS - packet drops and packet corruption and summarize how the client and the server react to these failures. We find interesting cases of inappropriate errors conveyed to the application, lack of sanity checking leading to kernel faults, and inconsistencies in error handling.|
|2. Fuzz Testing by Biased Thread Scheduling||Andy Phelps & Derek Hower||Abstract: Parallel code is increasingly common but is notoriously difficult to write. For example, since threaded applications rely on mutexes to control access to shared data, programmers easily overlook race conditions. This leads to subtle bugs, common even in released applications. More effective testing may be accomplished if thread execution is randomized, allowing rare interleavings of execution to become more common. The authors have written a tool, Peach, for modifying the execution of programs which use the pthreads library. Peach uses a random (fuzz) testing approach, delaying the execution of various threads unpredictably. Using Peach, the authors attempted with some success to exercise latent bugs in common applications.|
|3. A Virtual Machine-Based Attack on Self-Checksumming Code||Nathan Rosenblum & Greg Cooksey||Abstract: We present a method for defeating tamper-resistant programs on unmodified commodity operating systems. Our technique is based on a novel application of virtual machine technology to interpose a virtual Harvard memory architecture between the operating system and the physical memory hardware of the machine. A split view of data and code is presented to the target application, defeating tamper-resistance via self-checksumming code. Performance evaluation indicates that this technique is significantly less costly than full emulation of program memory accesses.|
|4. DilloDie: Removing Armadillo Tamper-Protection||Kevin Roundy & Matthew Renzelmann||Abstract: Viruses, spyware, and other forms of malicious software routinely employ tamper protection in an effort to subvert anti-virus products and evade detection. We have developed techniques using freely available software that can automatically remove the tamper protection applied by a specific commercial anti-tamper product: Silicon Realms' Armadillo. In the process, we recover a Windows executable that is functionally identical to the original, before tamper protection was applied. These tamper-protection-free executables are ideal for inclusion in anti-virus databases, assuming the anti-virus software itself is also able to remove the tamper protection from potential viruses automatically.|
|5. Parallel Online Keyword Search using MRNet||Mark Cowlishaw & Ting Chen||Abstract: We describe and study a parallel online keyword search algorithm implemented as a tree-based overlay network (TBON) using the MRNet (Multicast Reduction Network) library. We study the throughput and turnaround time of the algorithm at small and medium scale, to find the optimum tree topology for maximizing throughput. We show that, even at moderate scale (~16 nodes), the root of a single-level tree becomes overloaded, so that multiple-level topologies are required for optimum throughput. We relate our experience with the algorithm to tree-based implementations of similar data-intensive algorithms that can be implemented using the MapReduce paradigm.|