Paper Info
Title
Memory Cache Attacks on Alluxio Impede High Performance Computing
Abstract
Alluxio is a popular distributed memory storage system, which becomes increasingly important in big data ecosystem by providing high performance storage for computing framework. We point out that there are security vulnerabilities in cache mechanism, data short-circuit read/write mechanism and consistency check mechanism of Alluxio, which may result in the failure of data availability and integrity. Firstly, we find that the lack of limitation of cached copies in the cache mechanism causes the malicious memory consumption attack. An adversary can craft a malicious job to consume the scarce memory storage at a low cost, which will significantly influence the performance of normal users with a degradation of 20%-59%. Secondly, we are aware that the lack of access control and integrity check on the data block will lead to target file tamper attack, in which a target file cached in memory will be modified and considered correctly as long as the size remains unchanged. The tampered file will be read and thus causes a wrong result. Finally, we discuss some corresponding countermeasures for defending these two kinds of memory cache attacks.
Year
DOI
Venue
2018
10.1109/BDCloud.2018.00069
2018 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Ubiquitous Computing & Communications, Big Data & Cloud Computing, Social Computing & Networking, Sustainable Computing & Communications (ISPA/IUCC/BDCloud/SocialCom/SustainCom)
Keywords
Field
DocType
Alluxio,Memory cache,Attack,Availability,Integrity,Security vulnerabilities
Cache,CPU cache,Computer data storage,Computer security,Computer science,Block (data storage),Distributed memory,Access control,Adversary,Big data,Multimedia
Conference
ISSN
ISBN
Citations 
2158-9178
978-1-7281-1141-4
1
PageRank 
References 
Authors
0.36
0
6
Name
Order
Citations
PageRank
Yizhe Yang110.36
Qingni Shen27122.47
Wu Xin310.36
Wenjun Qian420.71
Yahui Yang54811.83
Zhonghai Wu63412.36