Rice Univesrity Logo
    • FAQ
    • Deposit your work
    • Login
    View Item 
    •   Rice Scholarship Home
    • Rice University Graduate Electronic Theses and Dissertations
    • Rice University Electronic Theses and Dissertations
    • View Item
    •   Rice Scholarship Home
    • Rice University Graduate Electronic Theses and Dissertations
    • Rice University Electronic Theses and Dissertations
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    High performance distributed denial-of-service resilient Web cluster architecture

    Thumbnail
    Name:
    3216765.PDF
    Size:
    4.968Mb
    Format:
    PDF
    View/Open
    Author
    Ranjan, Supranamaya
    Date
    2006
    Advisor
    Knightly, Edward W.
    Degree
    Doctor of Philosophy
    Abstract
    Though the WWW has come a long way since when it was monikered the World Wide Wait, it is still not reliable during heavy workload conditions. Overloads due to flash arrival of users or diurnal workload patterns are known to exponentially increase download times. More recently, online banks and portals have been the target of Distributed Denial-of-Service (DDoS) attacks, which send a deluge of requests and drive away the legitimate users. This dissertation proposes a web hosting architecture consisting of a grid of clusters, to provide high-performance in the presence of standard overload conditions as well as resilience during attacks. The architecture's high-performance component is provided by a server selection framework, W&barbelow;ide-A&barbelow;rea R&barbelow;eD&barbelow;irection (WARD), which efficiently multiplexes resources across the cluster grid. Traditional approaches assume that minimizing network hop count minimizes client latency. In contrast, WARD's server selection algorithm forwards requests to the server that minimizes the total of estimated network and server delays. WARD is better-suited to handling overload conditions in dynamic web content, which are known to stress compute resources more than the network. Using a combination of analytical modeling and testbed experiments, it's shown that delay savings by redirecting requests to an under-loaded cluster can far outweigh the overhead in inter-cluster network latency. For instance, for an e-commerce site with 300 concurrent clients, redirection reduces download times from 5 to 2.3 seconds. The architecture's DDoS-resilience is provided by DDoS-Shield, consisting of a suspicion assignment mechanism and a scheduler. Assuming sophisticated attackers, the possible attacks are characterized as either request flooding, asymmetric or repeated one-shot, on the basis of the application workload parameters exploited. In contrast to prior work, the suspicion mechanism assigns a continuous valued vs. binary suspicion measure to each client session, and the scheduler utilizes these values to determine if and when to schedule a session's requests. Testbed-driven experiments demonstrate the potency of these resource attacks as well as evaluate the efficacy of the counter-mechanism. For instance, an asymmetric attack effected to overwhelm the database CPU, increases download times from 0.15 to 10 seconds, while DDoS-Shield is shown to improve performance to 0.8 seconds.
    Keyword
    Electronics; Electrical engineering; Computer science
    Citation
    Ranjan, Supranamaya. "High performance distributed denial-of-service resilient Web cluster architecture." (2006) Diss., Rice University. https://hdl.handle.net/1911/18961.
    Metadata
    Show full item record
    Collections
    • ECE Theses and Dissertations [597]
    • Rice University Electronic Theses and Dissertations [13783]

    Home | FAQ | Contact Us | Privacy Notice | Accessibility Statement
    Managed by the Digital Scholarship Services at Fondren Library, Rice University
    Physical Address: 6100 Main Street, Houston, Texas 77005
    Mailing Address: MS-44, P.O.BOX 1892, Houston, Texas 77251-1892
    Site Map

     

    Searching scope

    Browse

    Entire ArchiveCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsTypeThis CollectionBy Issue DateAuthorsTitlesSubjectsType

    My Account

    Login

    Statistics

    View Usage Statistics

    Home | FAQ | Contact Us | Privacy Notice | Accessibility Statement
    Managed by the Digital Scholarship Services at Fondren Library, Rice University
    Physical Address: 6100 Main Street, Houston, Texas 77005
    Mailing Address: MS-44, P.O.BOX 1892, Houston, Texas 77251-1892
    Site Map