Denial-of-service threat to hadoop/YARN clusters with multi-tenancy

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.

Original languageEnglish (US)
Title of host publicationProceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014
EditorsPeter Chen, Peter Chen, Hemant Jain
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages48-55
Number of pages8
ISBN (Electronic)9781479950577
DOIs
StatePublished - Sep 22 2014
Event3rd IEEE International Congress on Big Data, BigData Congress 2014 - Anchorage, United States
Duration: Jun 27 2014Jul 2 2014

Publication series

NameProceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014

Other

Other3rd IEEE International Congress on Big Data, BigData Congress 2014
CountryUnited States
CityAnchorage
Period6/27/147/2/14

Fingerprint

Discrete event simulation
Denial-of-service attack

Keywords

  • Big Data
  • Hadoop
  • MapReduce
  • YARN
  • denial-of-service attacks
  • multitenancy
  • security

ASJC Scopus subject areas

  • Computer Science Applications

Cite this

Huang, J., Nicol, D. M., & Campbell, R. H. (2014). Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. In P. Chen, P. Chen, & H. Jain (Eds.), Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014 (pp. 48-55). [6906760] (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/BigData.Congress.2014.17

Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. / Huang, Jingwei; Nicol, David M.; Campbell, Roy H.

Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014. ed. / Peter Chen; Peter Chen; Hemant Jain. Institute of Electrical and Electronics Engineers Inc., 2014. p. 48-55 6906760 (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Huang, J, Nicol, DM & Campbell, RH 2014, Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. in P Chen, P Chen & H Jain (eds), Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014., 6906760, Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014, Institute of Electrical and Electronics Engineers Inc., pp. 48-55, 3rd IEEE International Congress on Big Data, BigData Congress 2014, Anchorage, United States, 6/27/14. https://doi.org/10.1109/BigData.Congress.2014.17
Huang J, Nicol DM, Campbell RH. Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. In Chen P, Chen P, Jain H, editors, Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 48-55. 6906760. (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014). https://doi.org/10.1109/BigData.Congress.2014.17
Huang, Jingwei ; Nicol, David M. ; Campbell, Roy H. / Denial-of-service threat to hadoop/YARN clusters with multi-tenancy. Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014. editor / Peter Chen ; Peter Chen ; Hemant Jain. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 48-55 (Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014).
@inproceedings{32d5e4912abe4a8291e4e0b8a5276e91,
title = "Denial-of-service threat to hadoop/YARN clusters with multi-tenancy",
abstract = "This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.",
keywords = "Big Data, Hadoop, MapReduce, YARN, denial-of-service attacks, multitenancy, security",
author = "Jingwei Huang and Nicol, {David M.} and Campbell, {Roy H.}",
year = "2014",
month = "9",
day = "22",
doi = "10.1109/BigData.Congress.2014.17",
language = "English (US)",
series = "Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "48--55",
editor = "Peter Chen and Peter Chen and Hemant Jain",
booktitle = "Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014",
address = "United States",

}

TY - GEN

T1 - Denial-of-service threat to hadoop/YARN clusters with multi-tenancy

AU - Huang, Jingwei

AU - Nicol, David M.

AU - Campbell, Roy H.

PY - 2014/9/22

Y1 - 2014/9/22

N2 - This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.

AB - This paper studies the vulnerability of unconstrained computing resources in Hadoop and the threat of denial-of-service to a Hadoop cluster with multitenancy. We model the problem of how many nodes in a Hadoop cluster can be invaded by a malicious user with given allocated capacity as a k-ping-pong balls to n-boxes problem, and solve the problem by simulation. We construct a discrete event simulation model to estimate MapReduce job completion time in a Hadoop cluster under a DoS attack. Our study shows that even a small amount of compromised capacity may be used to launch a DoS attack and cause significant impacts on the performance of a Hadoop/YARN cluster.

KW - Big Data

KW - Hadoop

KW - MapReduce

KW - YARN

KW - denial-of-service attacks

KW - multitenancy

KW - security

UR - http://www.scopus.com/inward/record.url?scp=84923931660&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84923931660&partnerID=8YFLogxK

U2 - 10.1109/BigData.Congress.2014.17

DO - 10.1109/BigData.Congress.2014.17

M3 - Conference contribution

AN - SCOPUS:84923931660

T3 - Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014

SP - 48

EP - 55

BT - Proceedings - 2014 IEEE International Congress on Big Data, BigData Congress 2014

A2 - Chen, Peter

A2 - Chen, Peter

A2 - Jain, Hemant

PB - Institute of Electrical and Electronics Engineers Inc.

ER -