Naming in Distributed Systems

Similar documents
CSE 5306 Distributed Systems

CSE 5306 Distributed Systems. Naming

Naming. Chapter 4. Naming (1) Name resolution allows a process to access a named entity. A naming system is necessary.

Systèmes Distribués. Master MIAGE 1. Andrea G. B. Tettamanzi. Université de Nice Sophia Antipolis Département Informatique

Naming. Naming. Naming versus Locating Entities. Flat Name-to-Address in a LAN

Naming. Distributed Systems IT332

Distributed Naming. EECS 591 Farnam Jahanian University of Michigan. Reading List

Parallelism. Master 1 International. Andrea G. B. Tettamanzi. Université de Nice Sophia Antipolis Département Informatique

DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN. Chapter 5 Naming

Lecture 4 Naming. Prof. Wilson Rivera. University of Puerto Rico at Mayaguez Electrical and Computer Engineering Department

Naming. Naming entities

New Topic: Naming. Differences in naming in distributed and non-distributed systems. How to name mobile entities?

殷亚凤. Naming. Distributed Systems [5]

Computing Parable. New Topic: Naming

Today: Naming. Example: File Names

Naming. To do. q What s in a name q Flat naming q Structured naming q Attribute-based naming q Next: Content distribution networks

New Topic: Naming. Approaches

Chapter 3: Naming Page 38. Clients in most cases find the Jini lookup services in their scope by IP

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9a: Naming WHAT IS NAMING? Name: Entity: Slide 3. Slide 1. Address: Identifier:

Chapter 5 Naming (2)

ICT 6544 Distributed Systems Lecture 7

Protocol Classification

Chapter 5 Naming (2)

Chapter 5 Naming. Names, Identifiers, and Addresses

Networking Applications

DNS Level 100. Rohit Rahi November Copyright 2018, Oracle and/or its affiliates. All rights reserved.

Overview. Last Lecture. This Lecture. Next Lecture. Scheduled tasks and log management. DNS and BIND Reference: DNS and BIND, 4 th Edition, O Reilly

March 10, Distributed Hash-based Lookup. for Peer-to-Peer Systems. Sandeep Shelke Shrirang Shirodkar MTech I CSE

Naming in Distributed Systems

A DNS Tutorial

Peer-to-Peer Systems. Network Science: Introduction. P2P History: P2P History: 1999 today

Introduction to Peer-to-Peer Systems

Distributed Systems: Architectural Issues

Application Layer Protocols

9.1 Introduction 9.2 Name services and the DNS 9.3 Discovery services 9.6 Summary

CS555: Distributed Systems [Fall 2017] Dept. Of Computer Science, Colorado State University

How to Configure the DNS Server

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration. Chapter 5 Introduction to DNS in Windows Server 2008

A SUBSYSTEM FOR FAST (IP) FLUX BOTNET DETECTION

The Design and Implementation of a Next Generation Name Service for the Internet (CoDoNS) Presented By: Kamalakar Kambhatla

DISTRIBUTED COMPUTER SYSTEMS ARCHITECTURES

Lecture 11: February 29

12. Name & Address 최양희서울대학교컴퓨터공학부

CS519: Computer Networks. Lecture 6: Apr 5, 2004 Naming and DNS

TECHNISCHE UNIVERSITEIT EINDHOVEN Faculteit Wiskunde en Informatica

Goals. EECS 122: Introduction to Computer Networks Overlay Networks and P2P Networks. Solution. Overlay Networks: Motivations.

Outline NET 412 NETWORK SECURITY PROTOCOLS. Reference: Lecture 7: DNS Security 3/28/2016

EECS 122: Introduction to Computer Networks Overlay Networks and P2P Networks. Overlay Networks: Motivations

Manual Configuration Stateful Address Configuration (i.e. from servers) Stateless Autoconfiguration : IPv6

Chapter 19. Domain Name System (DNS)

Lecture 6: Overlay Networks. CS 598: Advanced Internetworking Matthew Caesar February 15, 2011

Discovering new malicious domains using DNS and big data Case study: Fast Flux domains. Dhia Mahjoub OpenDNS May 25 th, 2013

Managing Caching DNS Server

EE 122: Peer-to-Peer (P2P) Networks. Ion Stoica November 27, 2002

S Computer Networks - Spring What and why? Structure of DNS Management of Domain Names Name Service in Practice

Overlay Networks: Motivations. EECS 122: Introduction to Computer Networks Overlay Networks and P2P Networks. Motivations (cont d) Goals.

June Gerd Liefländer System Architecture Group Universität Karlsruhe (TH), System Architecture Group

CSC2231: DNS with DHTs

Distributed Meta-data Servers: Architecture and Design. Sarah Sharafkandi David H.C. Du DISC

Agha Mohammad Haidari General ICT Manager in Ministry of Communication & IT Cell#

Naming. CS 475, Spring 2018 Concurrent & Distributed Systems. Slides by Luís Pina

TECHNISCHE UNIVERSITEIT EINDHOVEN Faculteit Wiskunde en Informatica

Page 1. How Did it Start?" Model" Main Challenge" CS162 Operating Systems and Systems Programming Lecture 24. Peer-to-Peer Networks"

CSc 450/550 Computer Networks Domain Name System

How to Add Domains and DNS Records

Objectives. Upon completion you will be able to:

Naming in Distributed Systems

A Survey of Peer-to-Peer Content Distribution Technologies

Scalable overlay Networks

EECS 122: Introduction to Computer Networks DNS and WWW. Internet Names & Addresses

The Domain Name System

Goal of this session

Internet Content Distribution

CSE 565 Computer Security Fall 2018

ICS 351: Today's plan. DNS WiFi

EE 122: Peer-to-Peer Networks

Answer: B. Answer: D. Answer: C

CS454/654 Midterm Exam Fall 2004

DNS Basics BUPT/QMUL

DHT Overview. P2P: Advanced Topics Filesystems over DHTs and P2P research. How to build applications over DHTS. What we would like to have..

Introduction to P2P Computing

Linux Network Administration

Ossification of the Internet

Application Protocols in the TCP/IP Reference Model. Application Protocols in the TCP/IP Reference Model. DNS - Domain Name System

CptS 464/564 Lecture 18

Venugopal Ramasubramanian Emin Gün Sirer SIGCOMM 04

Domain Name System (DNS) Session-1: Fundamentals. Joe Abley AfNOG Workshop, AIS 2017, Nairobi

Telematics Chapter 9: Peer-to-Peer Networks

Advanced Networking. Domain Name System

Advanced Networking. Domain Name System. Purpose of DNS servers. Purpose of DNS servers. Purpose of DNS servers

Lesson 9: Configuring DNS Records. MOAC : Administering Windows Server 2012

CSCE 463/612 Networks and Distributed Processing Spring 2018

The Domain Name System

Computer Networking: Applications George Blankenship. Applications George Blankenship 1

Content Overlays. Nick Feamster CS 7260 March 12, 2007

Distributed Hash Table

The Application Layer: Sockets, DNS

CS514: Intermediate Course in Computer Systems

Distributed Systems. 17. Distributed Lookup. Paul Krzyzanowski. Rutgers University. Fall 2016

Application Protocols in the TCP/IP Reference Model

Transcription:

Naming in Distributed Systems Dr. Yong Guan Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University

Outline for Today s Talk Overview: Names, Identifiers, Addresses, Routes, Name Space, Name Resolution,... Flat Naming Structured Naming Attribute-based Naming

Readings for Today s Lecture Chapter 5 of Distributed Systems: Principles and Paradigms NDSS 2011 paper on monitoring DNS queries and responses

Names, Identifiers, And Addresses An Entity in a distributed system can be pretty much anything. A Name is a string of bits used to refer to an entity. We operate on an entity through its Access Point. The Address is the name of the access point. Example Telephone as Access Point to a person. The Telephone Number then becomes the address of the person. Transport-Level Addresses: IP address and port number Properties of entity: Entity can have several addresses. Person can have several telephone numbers. Entities may change access points over time Telephone numbers, e-mail addresses, IP addresses in mobile systems,...

Flat Naming CprE 450-550

Overview of Flat Naming In many cases, identifiers are random bit strings (i.e., unstructured or flat names). No information on how to locate the access point of its associated entity. Issue: How to locate an entity given only its identifier? Simple solutions: Broadcast and multicast Forwarding Pointers

Simple Solution: Broadcast and Multicast Basic idea: Broadcasting a message containing the identifier of the entity Each machine checks whether it has that entity. Only the machine that offers an access point for the entity send a reply message containing the address of that access point. Works well in LANs Example: ARP Inefficient -> Multicast

Simple Solutions: Forwarding Pointers Basic idea: When an entity moves from A to B, it leaves a reference behind in A to its new location at B. Simplicity, works well in LANs Drawbacks: A chain for a highly mobile entity can become so long. All intermediates have to maintain their part of the chain of forwarding points as long as needed. Vulnerable to broken links Issue: How to keep chains relatively short and robust?

Home-based Approaches Scalability of the previous two solutions? One solution is to use Home Location. Keep track of the current location of an entity Examples: Fall-back mechanism for location services based on forwarding pointers Mobile IP Drawbacks: Communication latency Fixed home location Contacting entity becomes impossible if the home location does not exist. A long-lived entity moves permanently to a different location. Solution: Register the home at naming service and let a client first look up the location.

Distributed Hash Tables Various DHT-based systems exist. General Mechanism Chord uses m-bit identifier space to assign randomly-chosen identifiers to nodes as well as keys to specific nodes. m can be 128 or 160. An entity with key k falls under the jurisdiction of the node with the smallest identifier id >= k. Successor of k: succ(k) Issue: How to efficiently resolve a key k to the address of succ(k)?

Distributed Hash Tables (2) Example: Resolving key 26 from node 1 and key 12 from node 28 in a Chord system.

Distributed Hash Tables (3) Exploiting network proximity: Topology-based assignment of node identifiers Proximity routing Proximity neighbor selection Iterative vs. recursive lookup

Hierarchical Approaches Domains Leaf domains Root (directory) node Hierarchical organization of a location service into domains, each having an associated directory node

Hierarchical Approaches (2) An example of storing information of an entity having two addresses in different leaf domains.

Hierarchical Approaches (3) Looking up a location in a hierarchically organized location service.

Hierarchical Approaches (4) (a) An insert request is forwarded to the first node that knows about entity E. (b) A chain of forwarding pointers to the leaf node is created

Structured Naming CprE 450-550

Overview of Structured Naming Flat names: good for machines, not convinient for humans to use. Structured names: Simple and human-readable names Name Space: Leaf node Root node Directory node Directory table Path name: Absolute and relative path name Global and local name

Structured Naming: Another example The general organization of the UNIX file system implementation on a logical disk of contiguous disk blocks.

Name Resolution Closure Mechanism Knowing how and where to start name resolution Linking and Mounting Aliases Hard links Symbolic links Mounting point Information required to mount a foreign name space in a distributed system The name of an access protocol. The name of the server. The name of the mounting point in the foreign name space.

Linking and Mounting Symbolic Link Remote File System Mounting

Name Space Distribution (1) An example partitioning of the DNS name space, including Internet-accessible files, into three layers.

Name Space Distribution (2) A comparison between name servers for implementing nodes from a large-scale name space partitioned into a global layer, an administrational layer, and a managerial layer.

Implementation of Name Resolution Where to start name resolution? ( Closure ) Simplified picture: No replication of name servers No client side caching Each client has access to local name resolver. Example: resolve root:<edu,iastate,ee,ftp,pub,netex,index.txt> Iterative Resolution vs. Recursive Resolution

Implementation of Name Resolution (2) The principle of iterative name resolution.

Implementation of Name Resolution (3) The principle of recursive name resolution.

Iterative vs. Recursive Iterative Stateless Recursive Higher-level servers need to maintain state about resolutions. Caching is effective. Reduced communication costs Example: The Domain Name System

The DNS Name Space Type of record Associated entity Description SOA Zone Holds information on the represented zone A Host Contains an IP address of the host this node represents MX Domain Refers to a mail server to handle mail addressed to this node SRV Domain Refers to a server handling a specific service NS Zone Refers to a name server that implements the represented zone CNAME Node Symbolic link with the primary name of the represented node PTR Host Contains the canonical name of a host HINFO Host Holds information on the host this node represents TXT Any kind Contains any entity-specific information considered useful The most important types of resource records forming the contents of nodes in the DNS name space.

DNS Implementation An excerpt from the DNS database for the zone cs.vu.nl.

Attribute-based Naming CprE 450-550

Attribute-based Naming (Attribute, value) Directory Services: X.500 - DIT, DSA, DUA Hierarchical implementation: LDAP Combining structured naming with attribute-based naming A simple example of an LDAP directory entry using LDAP naming conventions:

Hierarchical Implementations: LDAP

Decentralized Implementation Mapping to Distributed Hash Tables Attribute-value tree (AVTree) (a) A general description of a resource. (b) Its representation as an AVTree.

Mapping to Distributed Hash Tables (a) The resource description of a query. (b) Its representation as an AVTree.

Tor Hidden Service CprE 450-550

Tor Hidden Service (cont.) CprE 450-550

Monitoring DNS Queries and Responses NDSS 11 Paper EXPOSURE: FINDING MALICIOUS DOMAINS USING PASSIVE DNS ANALYSIS

Botnet and other malware Domain name service (DNS) A two-way mapping between domain names and their IPs. Many malicious services also depend on DNS. Fast-flux (FF) DNS techniques: Changing the domain name mappings to different IP addresses frequently. Botnets work as a global Content Deliver Network (CDN). Identifying malicious domains can help defend Internet threats: Botnets Phishing

EXPOSURE Malicious domains: Blacklists and DGA Labeled Data Malicious/Benign Domains Collector Learning Module Benign: Alexa top 1000 domains and domains older than one year Data Collector Feature Attribution Classifier DNS Queries Unlabeled Data

FEATURE Time-Based Features DNS Answer-Based Features TTL Value-Based Features Domain Name-Based Features

TIME-BASED FEATURES Short life A sudden increase followed by a sudden decrease Daily similarity An increase or decrease of the request count at the same intervals everyday Repeating patterns Change point detection Access ratio Idle stat or continuously access

DNS ANSWER-BASED FEATURES Large Value Number of distinct IP addresses that are resolved for a given domain Number of distinct countries that these IP addresses are located in Number of distinct domains that share the returned IP address Number of distinct domains that share the IP addresses that resolve to the given domain

TTL VALUE-BASED FEATURES Small TTL Average TTL Standard Deviation of TTL Number of distinct TTL values Number of TTL change Percentage usage of specific TTL ranges A lot of values and changes [0, 100) exhibits a significant peak for malicious domains

DOMAIN NAME-BASED FEATURES Ratio of numerical characters to the length of the domain name Ratio of the length of the longest meaningful substring to the length of the domain name Benign domain names can be easily remembered, but attackers do not care

EVALUATION Their method can detect a high number of unknown malicious domains from DNS traffic They have a significant performance improvement over previous work.

LIMITATION Attackers can evade EXPOSURE by avoiding the specific features and behavior in DNS traffic Attackers would take a reliability hit on their malicious infrastructures. Their detection ratio depends on the training set. EXPOSURE cannot detect malicious domains that are unknown and have not been encountered before.

Questions? Thanks and See you next time

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback