## Section: New Results

### Performance Evaluation of Distributed Systems

Participants : Bruno Sericola, Yann Busnel, Yves Mocquard.

**Detection of distributed deny of service attacks.**
A Deny of Service (DoS) attack tries to progressively take down an Internet resource by flooding this resource with more requests than it is capable to handle.
A Distributed Deny of Service (DDoS) attack is a DoS attack triggered by thousands of machines that have been infected by a malicious software, with as immediate
consequence the total shut down of targeted web resources (*e.g.*, e-commerce websites). A solution to detect and to mitigate DDoS attacks it to monitor network
traffic at routers and to look for highly frequent signatures that might suggest ongoing attacks. A recent strategy followed by the attackers is to hide their massive
flow of requests over a multitude of routes, so that locally, these flows do not appear as frequent, while globally they represent a significant portion of the network
traffic. The term “iceberg” has been recently introduced to describe such an attack as only a very small part of the iceberg can be observed from each single router.
The approach adopted to defend against such new attacks is to rely on multiple routers that locally monitor their network traffic, and upon detection of potential
icebergs, inform a monitoring server that aggregates all the monitored information to accurately detect icebergs [41]. Now to prevent the server from being overloaded by all
the monitored information, routers continuously keep track of the $c$ (among $n$) most recent high flows (modeled as items) prior to sending them to the server, and
throw away all the items that appear with a small probability. Parameter $c$ is dimensioned so that the frequency at which all the routers send their $c$ last frequent
items is low enough to enable the server to aggregate all of them and to trigger a DDoS alarm when needed. This amounts to compute the time needed to collect $c$
distinct items among $n$ frequent ones. A thorough analysis of the time needed to collect $c$ distinct items appears in [10].

**Stream Processing Systems.**
Stream processing systems are today gaining momentum as tools to perform analytics on continuous data streams. Their ability to produce analysis results with sub-second
latencies, coupled with their scalability, makes them the preferred choice for many big data companies.

A stream processing application is commonly modeled as a direct acyclic graph where data operators, represented by nodes, are interconnected by streams of tuples
containing data to be analyzed, the directed edges (the arcs). Scalability is usually attained at the deployment phase where each data operator can be parallelized using
multiple instances, each of which will handle a subset of the tuples conveyed by the operators' ingoing stream. Balancing the load among the instances of a parallel
operator is important as it yields to better resource utilization and thus larger throughputs and reduced tuple processing latencies. We have proposed a new key grouping
technique targeted toward applications working on input streams characterized by a skewed value distribution [80]. Our solution is based on the
observation that when the values used to perform the grouping have skewed frequencies, the few most frequent values (the *heavy hitters*) drive the load
distribution, while the remaining largest fraction of the values (the *sparse items*) appear so rarely in the stream that the relative impact of each of them on the
global load balance is negligible. We have shown, through a theoretical analysis, that our solution provides on average near-optimal mappings using sub-linear spaces in
the number of tuples read from the input stream in the learning phase and the support (value domain) of the tuples. In particular this analysis presents new results
regarding the expected error made on the estimation of the frequency of heavy hitters.

Load shedding is a technique employed by stream processing systems to handle unpredictable spikes in the input load whenever available computing resources are not adequately provisioned. A load shedder drops tuples to keep the input load below a critical threshold and thus avoid unbounded queuing and system trashing. In [102] and [79] we propose Load-Aware Shedding (LAS), a novel load shedding solution that, unlike previous works, does not rely neither on a pre-defined cost model nor on any assumption on the tuple execution duration. Leveraging sketches, LAS efficiently builds and maintains at runtime a cost model to estimate the execution duration of each tuple with small error bounds. This estimation enables a proactive load shedding of the input stream at any operator that aims at limiting queuing latencies while dropping as few tuples as possible. We provide a theoretical analysis proving that LAS is an $(\epsilon ,\delta )$-approximation of the optimal online load shedder. Furthermore, through an extensive practical evaluation based on simulations and a prototype, we evaluate its impact on stream processing applications, which validate the robustness and accuracy of LAS.

Shuffle grouping is a technique used by stream processing frameworks to share input load among parallel instances of stateless operators. With shuffle grouping each tuple of a stream can be assigned to any available operator instance, independently from any previous assignment. A common approach to implement shuffle grouping is to adopt a Round-Robin policy, a simple solution that fares well as long as the tuple execution time is almost the same for all the tu-ples. However, such an assumption rarely holds in real cases where execution time strongly depends on tuple content. As a consequence, parallel stateless operators within stream processing applications may experience unpredictable unbalance that, in the end, causes undesirable increase in tuple completion times. In [77] we propose Online Shuffle Grouping (OSG), a novel approach to shuffle grouping aimed at reducing the overall tuple completion time. OSG estimates the execution time of each tuple, enabling a proactive and online scheduling of input load to the target operator instances. Sketches are used to efficiently store the otherwise large amount of information required to schedule incoming load. We provide a probabilistic analysis and illustrate, through both simulations and a running prototype, its impact on stream processing applications.

Estimating the frequency of any piece of information in large-scale distributed data streams became of utmost importance in the last decade (*e.g.*, in the context of
network monitoring, big data, *etc.*). If some elegant solutions have been proposed recently, their approximation is computed from the inception of the stream. In a
runtime distributed context, one would prefer to gather information only about the recent past. This may be led by the need to save resources or by the fact that recent
information is more relevant.
In [78], we consider the *sliding window* model and propose two different (on-line) algorithms that approximate the items frequency in the active
window. More precisely, we determine a $(\epsilon ,\delta )$-additive-approximation meaning that the error is greater than $\epsilon $ only with probability $\delta $. These
solutions use a very small amount of memory with respect to the size $N$ of the window and the number $n$ of distinct items of the stream, namely, $O(\frac{1}{\epsilon}log\frac{1}{\delta}(logN+logn))$ and $O(\frac{1}{\tau \epsilon}log\frac{1}{\delta}(logN+logn))$ bits of space, where $\tau $ is a parameter limiting memory usage. We also provide their distributed variant, *i.e.*, considering the *sliding window functional monitoring* model, with a communication cost of $O(\frac{k}{{\epsilon}^{2}}log\frac{1}{\delta}logN)$ bits per window (where $k$ is the number of nodes). We compared the proposed algorithms to each other and also to the state of the art through extensive experiments on synthetic traces and real data sets that validate the robustness and accuracy of our algorithms.

**Randomized Message-Passing Test-and-Set.**
In [101], we have presented a solution to the well-known Test&Set operation in an asynchronous system prone to process crashes. Test&Set is
a synchronization operation that, when invoked by a set of processes, returns yes to a unique process and returns no to all the others. Recently, many advances in
implementing Test&Set objects have been achieved. However, all of them target the shared memory model. In this paper we propose an implementation of a Test&Set
object in the message passing model. This implementation can be invoked by any number $p\le n$ of processes where $n$ is the total number of processes in the system.
It has an expected individual step complexity in $O(logp)$ against an oblivious adversary, and an expected individual message complexity in $O\left(n\right)$. The proposed
Test&Set object is built atop a new basic building block, called selector, that allows to select a winning group among two groups of processes. We propose a message-
passing implementation of the selector whose step complexity is constant. We are not aware of any other implementation of the Test&Set operation in the message
passing model.

**Throughput Prediction in Cellular Networks**
Downlink data rates can vary significantly in cellular networks, with a potentially non-negligible effect on the user experience.
Content providers address this problem by using different representations (*e.g.*, picture resolution, video resolution and
rate) of the same content and switch among these based on measurements collected during the connection. If it were possible
to know the achievable data rate before the connection establishment, content providers could choose the most appropriate
representation from the very beginning. We have conducted a measurement campaign involving 60 users connected to a production
network in France, to determine whether it is possible to predict the achievable data rate using measurements collected, before
establishing the connection to the content provider, on the operator's network and on the mobile node. We show that it is
indeed possible to exploit these measurements to predict, with a reasonable accuracy, the achievable data rate [81].

**Population Protocol Model.**
The computational model of population protocols, introduced by Angluin and his colleagues in 2006, is a formalism that allows the analysis of properties emerging from simple and pairwise interactions among a very large number of anonymous finite-state agents. Significant work has been done so far to determine which problems are solvable in this model and at which cost in terms of states used by the protocols and time needed to converge. The problem tackled in [74] is the population proportion problem: each agent starts independently from each other in one of two states, say A or B, and the objective is for each agent to determine the proportion of agents that initially started in state A, assuming that each agent only uses a finite set of state, and does not know the number $n$ of agents. We propose a solution which guarantees with any high probability that
after $O(logn)$ interactions any agent outputs with a precision given in advance, the proportion of agents that start in state A. The population proportion problem is a generalization of both the majority and counting problems, and thus our solution solves both problems. We show that our solution is optimal in time and space. Simulation results illustrate our theoretical analysis.

The context of [75] is the well studied dissemination of information in large scale distributed networks through pairwise interactions. This problem, originally called “rumor mongering”, and then “rumor spreading”, has mainly been investigated in the synchronous model. This model relies on the assumption that all the nodes of the network act in synchrony, that is, at each round of the protocol, each node is allowed to contact a random neighbor. In this paper, we drop this assumption under the argument that it is not realistic in large scale systems. We thus consider the asynchronous variant, where at time unit, a single node interacts with a randomly chosen neighbor. We perform a thorough study of ${T}_{n}$, the total number of interactions needed for all the $n$ nodes of the network to discover the rumor. While most of the existing results involve huge constants that do not allow for comparing different protocols, we prove that in a complete graph of size $n\ge 2$, the probability that ${T}_{n}>k$ for all $k\ge 1$ is less than $(1+2k{(n-2)}^{2}/n){(1-2/n)}^{k-1}$. We also study the behavior of the complementary distribution of ${T}_{n}$ at point $cE\left({T}_{n}\right)$ when $n$ tends to infinity, in function of $c$. This paper received the Best Student Paper Award from the 15th IEEE Symposium on Network Computing and Applications (IEEE NCA 2016).

**Bitcoin.**
Decentralized cryptocurrency systems offer a medium of exchange secured by cryptography, without the need of a centralized banking authority. Among others, Bitcoin is considered as the most mature one. Its popularity lies on the introduction of the concept of the blockchain, a public distributed ledger shared by all participants of the system. Double spending attacks and blockchain forks are two main issues in blockchain-based protocols. The first one refers to the ability of an adversary to use the very same bitcoin more than once, while blockchain forks cause transient inconsistencies in the blockchain. We show in [43], [89], [42] through probabilistic analysis that the reliability of recent solutions that exclusively rely on a particular type of Bitcoin actors, called miners, to guarantee the consistency of Bitcoin operations, drastically decreases with the size of the blockchain.