Denial-of-service threat to hadoop/YARN clusters with multi-tenancy

Jingwei Huang; David M. Nicol; Roy H. Campbell

doi:10.1109/BigData.Congress.2014.17

Denial-of-service threat to hadoop/YARN clusters with multi-tenancy

Jingwei Huang, David M. Nicol, Roy H. Campbell

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.

Original language	English (US)
Title of host publication	Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014
Editors	Peter Chen, Peter Chen, Hemant Jain
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	48-55
Number of pages	8
ISBN (Electronic)	9781479950577
DOIs	https://doi.org/10.1109/BigData.Congress.2014.17
State	Published - Sep 22 2014
Event	3rd IEEE International Congress on Big Data, BigData Congress 2014 - Anchorage, United States Duration: Jun 27 2014 → Jul 2 2014

Publication series

Name	Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014

Other

Other	3rd IEEE International Congress on Big Data, BigData Congress 2014
Country	United States
City	Anchorage
Period	6/27/14 → 7/2/14

Fingerprint

Discrete event simulation

Denial-of-service attack

Keywords

Big Data
Hadoop
MapReduce
YARN
denial-of-service attacks
multitenancy
security

ASJC Scopus subject areas

Computer Science Applications

Cite this

Huang, J., Nicol, D. M., & Campbell, R. H. (2014). Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. In P. Chen, P. Chen, & H. Jain (Eds.), Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014 (pp. 48-55). [6906760] (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/BigData.Congress.2014.17

Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. / Huang, Jingwei; Nicol, David M.; Campbell, Roy H.

Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014. ed. / Peter Chen; Peter Chen; Hemant Jain. Institute of Electrical and Electronics Engineers Inc., 2014. p. 48-55 6906760 (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Huang, J, Nicol, DM & Campbell, RH 2014, Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. in P Chen, P Chen & H Jain (eds), Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014., 6906760, Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014, Institute of Electrical and Electronics Engineers Inc., pp. 48-55, 3rd IEEE International Congress on Big Data, BigData Congress 2014, Anchorage, United States, 6/27/14. https://doi.org/10.1109/BigData.Congress.2014.17

Huang J, Nicol DM , Campbell RH. Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. In Chen P, Chen P, Jain H, editors, Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 48-55. 6906760. (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014). https://doi.org/10.1109/BigData.Congress.2014.17

Huang, Jingwei ; Nicol, David M. ; Campbell, Roy H. / Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014. editor / Peter Chen ; Peter Chen ; Hemant Jain. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 48-55 (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014).

@inproceedings{32d5e4912abe4a8291e4e0b8a5276e91,

title = "Denial-of-service threat to hadoop/YARN clusters with multi-tenancy",

abstract = "This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.",

keywords = "Big Data, Hadoop, MapReduce, YARN, denial-of-service attacks, multitenancy, security",

author = "Jingwei Huang and Nicol, {David M.} and Campbell, {Roy H.}",

year = "2014",

month = "9",

day = "22",

doi = "10.1109/BigData.Congress.2014.17",

language = "English (US)",

series = "Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "48--55",

editor = "Peter Chen and Peter Chen and Hemant Jain",

booktitle = "Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014",

address = "United States",

}

TY - GEN

T1 - Denial-of-service threat to hadoop/YARN clusters with multi-tenancy

AU - Huang, Jingwei

AU - Nicol, David M.

AU - Campbell, Roy H.

PY - 2014/9/22

Y1 - 2014/9/22

N2 - This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.

AB - This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.

KW - Big Data

KW - Hadoop

KW - MapReduce

KW - YARN

KW - denial-of-service attacks

KW - multitenancy

KW - security

UR - http://www.scopus.com/inward/record.url?scp=84923931660&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84923931660&partnerID=8YFLogxK

U2 - 10.1109/BigData.Congress.2014.17

DO - 10.1109/BigData.Congress.2014.17

M3 - Conference contribution

AN - SCOPUS:84923931660

T3 - Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014

SP - 48

EP - 55

BT - Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014

A2 - Chen, Peter

A2 - Jain, Hemant

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Access to Document

10.1109/BigData.Congress.2014.17