Abusing cloud based browsers for fun and profit
This presentation is the property of its rightful owner.
Sponsored Links
1 / 23

Abusing Cloud-Based Browsers for Fun and Profit PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on
  • Presentation posted in: General

Abusing Cloud-Based Browsers for Fun and Profit. Vasant Tendulkar, Joe Pletcher , Ashwin Shashidharan , Ryan Snyder, Kevin Butler, William Enck. 2012 Annual Computer Security Applications Conference. Outline. Introduction Approach overview Browser resource limitations

Download Presentation

Abusing Cloud-Based Browsers for Fun and Profit

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Abusing cloud based browsers for fun and profit

Abusing Cloud-Based Browsers for Fun and Profit

Vasant Tendulkar, Joe Pletcher, AshwinShashidharan,

Ryan Snyder, Kevin Butler, William Enck

2012 Annual Computer Security Applications Conference


Outline

Outline

  • Introduction

  • Approach overview

  • Browser resource limitations

  • Designing and scheduling jobs

  • Evaluation

  • Discussion


Introduction

Introduction

  • Pay-per-use computation

    • EC2

  • Cloud-based Web browsers

    • JavaScript executes on the server

  • Arbitrary general-purpose computation within cloud-based browsers

  • Browser MapReduce(BMR)

    • Mapper.js

    • Reducer.js


Approach overview 1

Approach overview(1)


Approach overview 2

Approach overview(2)

  • Cloud browsers have articiallimitations

  • Mappers cannot use local storage to communicate intermediate results

    • Bit.ly

      • Encode URLs up to 2022 characters in length

      • Rate-limits requests to 99 per IP address per minute

  • Job scheduling


Browser resource limitations

Browser resource limitations

  • Benchmarks

    • Computation

    • Elapsed Time

    • Memory

  • Cloud browsers

    • Amazon Silk

    • Cloud Browse

    • Opera Mini

    • Puffin


Benchmarks 1

Benchmarks(1)


Benchmarks 2

Benchmarks(2)


Benchmark results

Benchmark Results


Designing and scheduling jobs

Designing and scheduling jobs

  • Map and reduce abstraction

  • Scheduling jobs

  • Example applications

    • Word Count

    • Distributed Grep

    • Distributed Sort


Mapper abstraction

Mapper Abstraction


Reduc er abstraction

Reducer Abstraction


Scheduling jobs 1

Scheduling Jobs(1)

  • To effectively use cloud browser an URL shortening service resource

  • Assume

    • Input is divided into a large number of equally sized files

  • Mapper scheduling

  • Reducer scheduling


Scheduling jobs 2

Scheduling Jobs(2)


Mapper scheduling 1

Mapper Scheduling(1)

  • Master determines

    • Mn, the number of mappers to spawn

    • Mf, the number of input files to pass to each mapper

Assumes fs is several times smaller than bs


Mapper scheduling 2

Mapper Scheduling(2)

  • Rate limiting of URL shortening services

    • Bit.ly

      • Encode URLs up to 2022 characters in length, Us = 2022

      • Rate-limits requests to 99 per IP address per minute, Un = 99


Reducer scheduling

Reducer Scheduling

  • Application spefic

    • bucket in bucket sort

    • Partition in word count


Example applications

Example Applications

  • Word Count

    • http://foo.com/?word1=5&word2=7&...

  • Distributed Grep

    • http://foo.com/?bar1.txt=45&bar1.txt=48&bar2.txt=34

  • Distributed Sort

    • TeraSort

    • http://foo.com/?key1=file1&key2=file2&key3=file3


Evaluation

Evaluation

  • Experiment setup

  • Word Count

    • 100 most downloaded books from www.gutenberg.com/ebooks/

  • Distributed Grep

    • IRC logs for the #debian channel

  • Distributed Sort

    • Hadoopteragen

    • A 10 character key and an 88 character value


Evaluation results 1

Evaluation - results(1)


Evaluation results 2

Evaluation - results(2)


Discussion

Discussion

  • Recommendations for Cloud Browser Providers

    • Rate limits on authenticated user

  • Enhancing BMR

    • Using multiple cloud browser

    • Combination of URL shortening services


Abusing cloud based browsers for fun and profit

  • THE END


  • Login