Theses and Dissertations from UMD

Permanent URI for this communityhttp://hdl.handle.net/1903/2

New submissions to the thesis/dissertation collections are added automatically as they are received from the Graduate School. Currently, the Graduate School deposits all theses and dissertations from a given semester after the official graduation date. This means that there may be up to a 4 month delay in the appearance of a give thesis/dissertation in DRUM

More information is available at Theses and Dissertations at University of Maryland Libraries.

Browse

Filters

2008 - 200912010 - 20151

Settings

Subject: search.filters.subject.operating systems

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Efficient Multiprogramming for Multicores with SCAF
    (2015) Creech, Timothy Mattausch; Barua, Rajeev K; Electrical Engineering; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    As hardware becomes increasingly parallel and the availability of scalable parallel software improves, the problem of managing multiple multithreaded applications (processes) becomes important. Malleable processes, which can vary the number of threads used as they run, enable sophisticated and flexible resource management. Although many existing applications parallelized for SMPs with parallel runtimes are in fact already malleable, deployed run-time environments provide no interface nor any strategy for intelligently allocating hardware threads or even preventing oversubscription. Prior research methods either depend upon profiling applications ahead of time in order to make good decisions about allocations, or do not account for process efficiency at all, leading to poor performance. None of these prior methods have been adapted widely in practice. This paper presents the Scheduling and Allocation with Feedback (SCAF) system: a drop-in runtime solution which supports existing malleable applications in making intelligent allocation decisions based on observed efficiency without any changes to semantics, program modification, offline profiling, or even recompilation. Our existing implementation can control most unmodified OpenMP applications. Other malleable threading libraries can also easily be supported with small modifications, without requiring application modification or recompilation. In this work, we present the SCAF daemon and a SCAF-aware port of the GNU OpenMP runtime. We present a new technique for estimating process efficiency purely at runtime using available hardware counters, and demonstrate its effectiveness in aiding allocation decisions. We evaluated SCAF using NAS NPB parallel benchmarks on five commodity parallel platforms, enumerating architectural features and their effects on our scheme. We measured the benefit of SCAF in terms of sum of speedups improvement (a common metric for multiprogrammed environments) when running all benchmark pairs concurrently compared to equipartitioning --- the best existing competing scheme in the literature. If the sum of speedups with SCAF is within 5% of equipartitioning (i.e., improvement factor is 0.95X < improvement factor in sum of speedups < 1.05X), then we deem SCAF to break even. Less than 0.95X is considered a slowdown; greater than 1.05X is an improvement. We found that SCAF improves on equipartitioning on 4 out of 5 machines, breaking even or improving in 80-89% of pairs and showing a mean improvement of 1.11-1.22X for benchmark pairs for which it shows an improvement, depending on the machine. Since we are not aware of any widely available tool for equipartitioning, we also compare SCAF against multiprogramming using unmodified OpenMP, which is the only environment available to end-users today. SCAF improves or breaks even on the unmodified OpenMP runtimes for all 5 machines in 72-100% of pairs, with a mean improvement of 1.27-1.7X, depending on the machine.
  • Thumbnail Image
    Item
    PROPERTY-BASED INTEGRITY MONITORING OF OPERATING SYSTEM KERNELS
    (2008-04-03) Petroni, Jr., Nick Louis; Hicks, Michael; Computer Science; Digital Repository at the University of Maryland; University of Maryland (College Park, Md.)
    As the foundation of the trusted computing base, the operating system kernel is a valuable target for attackers of a computer system seeking maximum control and privilege. Furthermore, because the majority of modern security solutions rely on the correctness of at least some portion of the operating system kernel, skilled attackers who successfully infiltrate kernel memory can remain undetected indefinitely. In this dissertation, we present an approach for detecting attacks against the kernel's integrity (commonly referred to as "rootkits"). Our approach, which we call property-based integrity monitoring, works by monitoring and analyzing the kernel's state at runtime. Unlike traditional security solutions, our monitor operates in isolation of, and independently from, the protected operating system and has direct access to the kernel's runtime state. The basic strategy behind property-based monitoring is to identify a set of properties that are practical to check, yet are effective at detecting the types of changes an attacker might make - both known and yet-to-be-discovered. In this work, we describe a practical and effective property for detecting persistent control-flow modifications in running kernels, called state-based control-flow integrity (SBCFI). Furthermore, to address those data-only attacks that do not violate the kernel's control-flow, we introduce a high-level policy language system for enforcing semantic integrity constraints in runtime kernel data. To evaluate the feasibility and effectiveness of our system, we have implemented two property-based integrity monitors for the Linux kernel - one using a virtual machine monitor and the other using a PCI-based coprocessor. We demonstrate that property-based monitoring is capable of detecting all publicly-available kernel integrity threats while imposing less than 1% overhead on the protected system. We conclude that property-based kernel integrity monitoring can be both practical and effective.