Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys (CSUR)
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Synchronous Byzantine quorum systems
Distributed Computing
Distributed Computing
Brahms: byzantine resilient random membership sampling
Proceedings of the twenty-seventh ACM symposium on Principles of distributed computing
Cassandra: structured storage system on a P2P network
Proceedings of the 28th ACM symposium on Principles of distributed computing
Highly Available Intrusion-Tolerant Services with Proactive-Reactive Recovery
IEEE Transactions on Parallel and Distributed Systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
Practical Uniform Peer Sampling under Churn
ISPDC '10 Proceedings of the 2010 Ninth International Symposium on Parallel and Distributed Computing
An algorithm for implementing BFT registers in distributed systems with bounded churn
SSS'11 Proceedings of the 13th international conference on Stabilization, safety, and security of distributed systems
Security Issues in NoSQL Databases
TRUSTCOM '11 Proceedings of the 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications
Hi-index | 0.00 |
Data Centers are evolving to adapt to emerging IT trends such as Big Data and Cloud Computing, which push for increased scalability and improved service availability. Among the side effects of this kind of evolution, the proliferation of new security breaches represents a major issue that usually does not get properly addressed since the focus tends to be kept on developing an innovative high-performance technology rather than making it secure. Consequently, new distributed applications deployed on Data Centers turn out to be vulnerable to malicious attacks. This paper analyzes the vulnerabilities of the gossip-based membership protocol used by Cassandra, a well-known distributed NoSQL Database. Cassandra is being widely employed as storage service in applications where very large data volumes have to be managed. An attack exploiting such weaknesses is presented, which impacts on Cassandra's availability by affecting both the latency and the successful outcome of requests. A lightweight solution is also proposed that prevents this threat from succeeding at the price of a negligible overhead.