Abstract

As distributed services become more and more complex, their security is becoming an increasingly important issue. End-to-end tracing has emerged recently as a valuable tool to improve the dependability of distributed systems, by performing dynamic verification and diagnosing correctness and performance problems. However, several shortcomings of the end-to-end tracing system`s security analysis are uncovered during the development. First of all, the density of probes is not enough, and also the descriptions of different operations are not consistent, which does not allow effective access to intermediate information of end-to-end services and brings about data analysis problems. Second, the implantation of probes is complex and many operations are highly coupled with the monitored program. The third point is that the sampling algorithm in the existing end-to-end distributed tracing system is too simple to effectively improve the performance of the high-density probe tracing system used for security analysis. In this paper, we address the above problem and successfully build Bee. To demonstrate the Bee's helpfulness for those problems in Security analysis, we test its performance and prove some privacy leaks vulnerabilities and access control vulnerabilities of OpenStack with Bee. The experimental results show that with the high-density probes. Bee can capture the detailed request process and quickly locate abnormal operations.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.