Loo, Boon Thau

Email Address
Research Projects
Organizational Units
Research Interests

Search Results

Now showing 1 - 10 of 76
  • Publication
    An Empirical Analysis of Scheduling Techniques for Real-Time Cloud-Based Data Processing
    (2011-12-01) Phan, Linh T.X.; Loo, Boon Thau; Zhang, Zhuoyao; Lee, Insup; Zheng, Qi
    In this paper, we explore the challenges and needs of current cloud infrastructures, to better support cloud-based data-intensive applications that are not only latency-sensitive but also require strong timing guarantees. These applications have strict deadlines (e.g., to perform time-dependent mission critical tasks or to complete real-time control decisions using a human-in-the-loop), and deadline misses are undesirable. To highlight the challenges in this space, we provide a case study of the online scheduling of MapReduce jobs executed by Hadoop. Our evaluations on Amazon EC2 show that the existing Hadoop scheduler is ill-equipped to handle jobs with deadlines. However, by adapting existing multiprocessor scheduling techniques for the cloud environment, we observe significant performance improvements in minimizing missed deadlines and tardiness. Based on our case study, we discuss a range of challenges in this domain posed by virtualization and scale, and propose our research agenda centered around the application of advanced real-time scheduling techniques in the cloud environment.
  • Publication
    Towards Secure Cloud Data Management
    (2010-01-01) Zhou, Wenchao; Marczak, William R.; Sherr, Micah; Tao, Tao; Loo, Boon Thau; Zhang, Zhuoyao; Lee, Insup
    This paper explores the security challenges posed by data-intensive applications deployed in cloud environments that span administrative and network domains. We propose a data-centric view of cloud security and discuss data management challenges in the areas of secure distributed data processing, end-to-end query result verification, and cross-user trust policy management. In addition, we describe our current and future efforts to investigate security challenges in cloud data management using the Declarative Secure Distributed Systems (DS2) platform, a declarative infrastructure for specifying, analyzing, and deploying secure information systems.
  • Publication
    AS-TRUST: A Trust Characterization Scheme for Autonomous Systems in BGP
    (2010-01-01) Kannan, Sampath; Chang, Jian; Loo, Boon Thau; Venkatasubramanian, Krishna K.; Sokolsky, Oleg; West, Andrew G.; Lee, Insup
    Border Gateway Protocol (BGP) works by frequently exchanging updates which, disseminate reachability information (RI) about IP prefixes (i.e., address blocks) between Autonomous Systems (ASes) on the Internet. The current operation of BGP implicitly trusts the ASes to disseminate valid—accurate, stable and routing policy compliant — RI. This assumption is problematic as demonstrated by the recent documented instances of invalid RI dissemination. This paper presents AS-TRUST, a scheme which comprehensively characterizes the trustworthiness of ASes, with respect to disseminating valid RI. AS-TRUST quantifies trust using the notion of reputation. To compute reputation, AS-TRUST evaluates the past RI received for validity, based on a set of well-defined properties. It then classifies the resulting observations into multiple types of feedback. The feedback is used by a reputation function to compute a probabilistic view of AS trustworthiness. The contributions of the paper are: (1) a comprehensive trust characterization of ASes; (2) a set of well-defined properties for evaluating the validity of RI provided by ASes; and (3) a novel and theoretically sound reputation computation mechanism. Our implementation of AS-TRUST scheme using publicly available BGP traces demonstrates: the number of ASes involved in violating the BGP operational trust assumption is significant, dissemination of invalid RI is consistently present, and the proposed reputation mechanism is sensitive enough to capture even rare instances of an AS’ deviation from trustworthy behavior.
  • Publication
    Recursive Computation of Regions and Connectivity in Networks
    (2008-10-31) Taylor, Nicholas E; Zhou, Wenchao; Ives, Zachary G; Liu, Mengmeng; Loo, Boon Thau
    In recent years, data management has begun to consider situations in which data access is closely tied to network routing and distributed acquisition: sensor networks, in which reachability and contiguous regions are of interest; declarative networking, in which shortest paths and reachability are key; distributed and peer-to-peer stream systems, in which we may monitor for associations among data at the distributed sources (e.g., transitive relationships). In each case, the fundamental operation is to maintain a view over dynamic network state; the view is frequently distributed, recursive and may contain aggregation, e.g., describing transitive connectivity, shortest paths, least costly paths, or region membership. Surprisingly, solutions to this problem are often domain-specific, expensive to compute, and incomplete. In this paper, we recast the problem as one of incremental recursive view maintenance in the presence of distributed streams of updates to tuples: new stream data becomes insert operations and tuple expirations become deletions. We develop a set of techniques that maintain information about tuple derivability—a compact form of data provenance. We complement this with techniques to reduce communication: aggregate selections to prune irrelevant aggregation tuples, provenance-aware operators that can determine when tuples are no longer derivable and remove them from their state, and shipping operators that greatly reduce the tuple and provenance information being propagated while still maintaining correct answers. We validate our work in a distributed setting with sensor and network router queries, showing significant gains in bandwidth consumption without sacrificing performance.
  • Publication
    Querying and Routing in Next-Generation Networks
    (2004-08-01) Loo, Boon Thau
    I propose the use of recursive queries [24] as an interface for querying distributed network graph structures. Recursive queries allow a query result to be defined in terms of itself. This is particularly useful for querying network graphs that exhibit recursive structures. To query these distributed graphs over the Internet, I propose using distributed query processing techniques to process recursive queries. I further demonstrate the relationship between in-network execution of recursive queries and traditional routing protocols. Based on this relationship, I propose investigating the use of recursive queries for end-hosts to customize routing protocols. I plan to implement my proposals in the context of the PIER [9] system, and study different techniques to achieve good performance in the system.
  • Publication
    Real-Time MapReduce Scheduling
    (2010-01-01) Phan, Linh T.X.; Loo, Boon Thau; Zhang, Zhuoyao; Lee, Insup
    In this paper, we explore the feasibility of enabling the scheduling of mixed hard and soft real-time MapReduce applications. We first present an experimental evaluation of the popular Hadoop MapReduce middleware on the Amazon EC2 cloud. Our evaluation reveals tradeoffs between overall system throughput and execution time predictability, as well as highlights a number of factors affecting real-time scheduling, such as data placement, concurrent users, and master scheduling overhead. Based on our evaluation study, we present a formal model for capturing real-time MapReduce applications and the Hadoop platform. Using this model, we formulate the offline scheduling of real-time MapReduce jobs on a heterogeneous distributed Hadoop architecture as a constraint satisfaction problem (CSP) and introduce various search strategies for the formulation. We propose an enhancement of MapReduce’s execution model and a range of heuristic techniques for the online scheduling. We further outline some of our future directions that apply state-of-the-art techniques in the real-time scheduling literature.
  • Publication
    Recent Advances in Declarative Networking
    (2012-01-01) Loo, Boon Thau; Gill, Harjot; Liu, Changbin; Mao, Yun; Marczak, William R.; Sherr, Micah; Wang, Anduo; Zhuo, Wenchao
    Declarative networking is a programming methodology that enables developers to concisely specify network protocols and services, and directly compile these specifications into a dataflow framework for execution. This paper describes recent advances in declarative networking, tracing its evolution from a rapid prototyping framework towards a platform that serves as an important bridge connecting formal theories for reasoning about protocol correctness and actual implementations. In particular, the paper focuses on the use of declarative networking for addressing four main challenges in the distributed systems development cycle: the generation of safe routing implementations, debugging, security and privacy, and optimizing distributed systems.
  • Publication
    MOSAIC: Multiple Overlay Selection and Intelligent Composition
    (2007-10-24) Loo, Boon Thau; Ives, Zachary G; Mao, Yun; Smith, Jonathan M
    Today, the most effective mechanism for remedying shortcomings of the Internet, or augmenting it with new networking capabilities, is to develop and deploy a new overlay network. This leads to the problem of multiple networking infrastructures, each with independent advantages, and each developed in isolation. A greatly preferable solution is to have a single infrastructure under which new overlays can be developed, deployed, selected, and combined according to application and administrator needs. MOSAIC is an extensible infrastructure that enables not only the specification of new overlay networks, but also dynamic selection and composition of such overlays. MOSAIC provides declarative networking: it uses a unified declarative language (Mozlog) and runtime system to enable specification of new overlay networks, as well as their composition in both the control and data planes. Importantly, it permits dynamic compositions with both existing overlay networks and legacy applications. This paper demonstrates the dynamic selection and composition capabilities of MOSAIC with a variety of declarative overlays: an indirection overlay that supports mobility (i3), a resilient overlay (RON), and a transport-layer proxy. Using a remarkably concise specification, MOSAIC provides the benefits of runtime composition to simultaneously deliver application-aware mobility, NAT traversal and reliability with low performance overhead, demonstrated with deployment and measurement on both a local cluster and the PlanetLab testbed.
  • Publication
    Provenance-Aware Declarative Secure Networks
    (2007-12-05) Zhou, Wenchao; Cronin, Eric; Loo, Boon Thau
    In recent years, network accountability and forensic analysis have become increasingly important, as a means of performing network diagnostics, identifying malicious nodes, enforcing trust management policies, and imposing diverse billing over the Internet. This has lead to a series of work to provide better network support for accountability, and efficient mechanisms to trace packets and information flows through the Internet. In this paper, we make the following contributions. First, we show that network accountability and forensic analysis can be posed generally as data provenance computations and queries over distributed streams. In particular, one can utilize provenance-aware declarative networks with appropriate security extensions to provide a flexible declarative framework for specifying, analyzing and auditing networks. Second, we propose a taxonomy of data provenance along multiple axes, and show that they map naturally to different use cases in networks. Third, we suggest techniques to efficiently compute and store network provenance, and provide an initial performance evaluation on the P2 declarative networking system with modifications to support provenance and authenticated communication.
  • Publication
    Verifiable Policy-Based Routing With DRIVER
    (2009-01-01) Wang, Anduo; Loo, Boon Thau; Liu, Changbin; Sokolsky, Oleg; Basu, Prithwash
    The Internet today runs on a complex routing protocol called the Border Gateway Protocol (BGP). BGP is a policy-based protocol, in which autonomous Internet Service Providers (ISPs) impose their local policies on the propagation of routing information. Over the past few years, there has been a growing consensus on the complexity and fragility of BGP routing. To address these challenges, we present the DRIVER system for designing, analyzing and implementing policy-based routing protocols. Our system utilizes a declarative network verifier (DNV) which leverages declarative networking’s connection to logic programming by automatically compiling high-level declarativen networking program into formal specifications, which can be directly used in a theorem prover for verification. In addition to verifying declarative networking programs using a theorem prover, the DRIVER system enables a similar transformation of verified formal specifications limited to fragment of second order logic to declarative networking programs for execution. As our main use case, we demonstrate the verification of a component-based specification of BGP protocol where DRIVER enables the analysis of convergence properties of Internet routing protocols with customizable policy configuration components. We show that the properties verified with DRIVER are indeed preserved in the synthesized implementation by performing experimental evaluation in a local cluster, where the equivalent declarative networking programs derived from the verified specifications displayed consistent behavior with regard to DRIVER verification.