Testing Orders of Magnitude

SCHEME: CORE

CALL: 2012

DOMAIN: IS - Information Security and Trust Management

FIRST NAME: Yves

LAST NAME: Le Traon

INDUSTRY PARTNERSHIP / PPP: Yes

INDUSTRY / PPP PARTNER: iTrust

HOST INSTITUTION: University of Luxembourg

KEYWORDS: Large-scale testing, load testing, security, DDoS, cloud computing services.

START: 2013-09-01

END: 2015-08-31

WEBSITE: https://www.uni.lu

Submitted Abstract

The TOOM project aims at presenting a full-fledged solution for testing robustness of cloud-computing services based on a tooled testing methodology to search for defects related to the load, taking into account the various biases that might affect the test results. A full-fledged test solution is intended to: (1) validate reliability and resilience of cloud services, (2) detect malicious attacks within real load traces, and (3) reproduce any type of stress loads either generated synthetically or gathered from real load traces to improve testing campaigns. We will ground our solution on top of step-stress testing to progressively increase the load up to a DDoS or a peak load. To come up with such a solution, we will identify the main hypotheses to validate robustness and questioned them through an empirical investigation of a cloud service. In addition, we will define an empirical protocol to prove the main hypotheses.To assess the effectiveness of the TOOM outcomes, we will reproduce stress loads submitted by distributed peers across the cloud infrastructure. We will measure the effectiveness either by code coverage whether the SUT is open-source or by the quality of service (QoS) offered but the SUT along testing.From a practical point of view, TOOM intends to address the robustness testing issue by: 1.Validating the overall resilience and reliability of cloud services. To correctly validate cloud services, we will introduce a tailor-made methodological approach for robustness testing. The approach will be developed on top of the PeerUnit solution to take advantage of its scalability.2.Detecting malicious attacks by reproducing real load traces from cloud services. To detect malicious attacks, we will require adapting the PeerUnit solution to analyse load traces and identify malicious attacks. In addition, we will adapt PeerUnit to reproduce the traces upon cloud services. We plan to get real load traces from the Federal University of Paraná (UFPR) in Brazil, that is partner of the SnT. The UFPR hosts the SourceForge download service that treats the largest request load of the Latin America (including malicious attacks). 3.Reproducing large-scale stress loads. To improve testing campaigns, and help preparing the cloud services to overcome stress loads, we will present a load generator to reproduce DDoS attacks and seasonal peak loads.

This site uses cookies. By continuing to use this site, you agree to the use of cookies for analytics purposes. Find out more in our Privacy Statement