Visible to the public Biblio

Filters: Author is Wang, Peipei  [Clear All Filters]
Dai, Ting, He, Jingzhu, Gu, Xiaohui, Lu, Shan, Wang, Peipei.  2018.  DScope: Detecting Real-World Data Corruption Hang Bugs in Cloud Server Systems. Proceedings of the ACM Symposium on Cloud Computing. :313-325.

Cloud server systems such as Hadoop and Cassandra have enabled many real-world data-intensive applications running inside computing clouds. However, those systems present many data-corruption and performance problems which are notoriously difficult to debug due to the lack of diagnosis information. In this paper, we present DScope, a tool that statically detects data-corruption related software hang bugs in cloud server systems. DScope statically analyzes I/O operations and loops in a software package, and identifies loops whose exit conditions can be affected by I/O operations through returned data, returned error code, or I/O exception handling. After identifying those loops which are prone to hang problems under data corruption, DScope conducts loop bound and loop stride analysis to prune out false positives. We have implemented DScope and evaluated it using 9 common cloud server systems. Our results show that DScope can detect 42 real software hang bugs including 29 newly discovered software hang bugs. In contrast, existing bug detection tools miss detecting most of those bugs.

Shu, Rui, Wang, Peipei, Gorski III, Sigmund A, Andow, Benjamin, Nadkarni, Adwait, Deshotels, Luke, Gionta, Jason, Enck, William, Gu, Xiaohui.  2016.  A Study of Security Isolation Techniques. ACM Comput. Surv.. 49:50:1–50:37.

Security isolation is a foundation of computing systems that enables resilience to different forms of attacks. This article seeks to understand existing security isolation techniques by systematically classifying different approaches and analyzing their properties. We provide a hierarchical classification structure for grouping different security isolation techniques. At the top level, we consider two principal aspects: mechanism and policy. Each aspect is broken down into salient dimensions that describe key properties. We break the mechanism into two dimensions, enforcement location and isolation granularity, and break the policy aspect down into three dimensions: policy generation, policy configurability, and policy lifetime. We apply our classification to a set of representative articles that cover a breadth of security isolation techniques and discuss tradeoffs among different design choices and limitations of existing approaches.