Register | Organizers |
Glance | Training | Tech Sessions | WIPs
BOFs | Workshops | Exhibition | Sponsors | Social
Activities | Hotel/Travel | Students
Questions? | Help Promote! | Call for Papers | Past Proceedings
Technical Sessions: Wednesday, November
17 | Thursday, November 18 | Friday, November 19 | All in one file
Wednesday, November 17, 2004 |
Opening Remarks, Awards,
Marquis I & II
Howard Ginsberg, CNN
Listen in MP3 format
View Presentation Slides (PDF)
CNN has long utilized digital non-linear editing of video on a large
scale in post-production. In the late 90's, as part of a technology
plan for the new century, the decision was made to bring the advantages
of digital video to the production process by replacing most of the
videotape-based operations with server-based video storage.
advance of new technologies that would enhance news gathering and
transmission to CNN Center in Atlanta, the technology plan included
server-based recording, editing, and playback. File-based,
faster-than-realtime video transfer significantly reduces time-to-air
for CNN's newsgathering operations around the world and substantially
improves access to archived footage.
CNN is currently deploying
large-scale systems in Atlanta and New York that will support its very
large recording and editing operations. Ultimately, these will replace
most of the videotape-based operations in both cities. There are some
significant technical challenges these systems must meet, especially
in the areas of capacity, bandwidth, and reliability.
CNN is installing a fully redundant 2 x 20TB system to host
approximately 2,000 hours of MPEG-2 broadcast quality video & audio and
MPEG-1 proxy/desktop-quality video & audio.
The New York bureau has
just begun using a fully redundant 2 x 14TB system to host
approximately 1,500 hours of MPEG-2 broadcast-quality video & audio and
MPEG-1 proxy/desktop-quality video & audio.
The Atlanta video
archive currently consists of a huge collection of videotapes, some of
which have deteriorated so badly that they can only be played one more
time. The digital successor for this archive will consist of a large
hierarchical storage installation. It needs to be capable of ingesting
200 hours of video per day and transferring an estimated 280 gigabytes
of data every hour. Storage requirements for this archive are in
excess of a petabyte.
This presentation will discuss the new
digital installation and the task of migrating from existing systems.
a.m.11:00 a.m. Break
Session Chair: Rudi Van Drunen, Leiden
Pathology and Cytology Labs, Leiden, The Netherlands
Awarded Best Paper!
Scalable Centralized Bayesian Spam
Mitigation with Bogofilter
Jeremy Blosser and David
Josephsen, VHA Inc.
DIGIMIMIR: A Tool for Rapid Situation
Analysis of Helpdesk and Support Email
Nils Einar Eide,
Andreas N. Blaafadt, Baard H. Rehn Johansen, and Frode Eika Sandnes,
Oslo University College
Gatekeeper: Monitoring Auto-Start
Extensibility Points (ASEPs) for Spyware Management
Wang, Roussi Roussev, Chad Verbowski, and Aaron Johnson, Microsoft
Research; Ming-Wei Wu, Yennun Huang, and Sy-Yen Kuo, National
Session Chair: Æleen Frisch, Exponential Consulting
What Is This Thing Called System Configuration?
Alva Couch, Tufts University
View Presentation Slides: HTML | PDF
Over the last few years, there has been considerable development in theoretical work on
system configuration, but no mainstream production tools have
incorporated the results of this work. This talk will show how an
understanding of some basic principles of system configuration can help
to insure the best possible practices and utilization of current
technologies. It will also indicate how some current research areas may
influence the next generation of tools.
Anomaly Detection: Whatever Happened to Computer Immunology?
Speaker: Mark Burgess, Oslo University College
Anomaly detection is about finding behavior in systems that is
unusual by some criterion. It has been applied to spam detection,
security breach monitoring, and resource management amongst other
things. In 1998, Mark suggested a generic form of anomaly detection and
repair as a model of system administration, called Computer Immunology.
Detecting anomalies is easyactually too easy. The problem
lies in finding out which of them are interesting. How do we find
signal in the noise? How do we formulate a policy for which are
In this talk Mark explains some of the
state-of-the-art principles of anomaly detectionhow events can be
observed and patterned for machine analysis. Should we centralize
anomaly detection? Can we define a language for anomalies (and is it
In Mark's usual style, this talk is about understanding
core principles and looking toward future technologies that employ
Session Chair: Esther
Filderman, The OpenAFS Project
What Information Security Laws Mean For You
John Nicholson, Shaw Pittman
View Presentation Slides
The good is also the bad
newspeople (including the government) are realizing how important
information security is. The purpose of this presentation is to give
you an overview of the laws impacting security, both in general and on
a daily basis. The presentation will cover laws such as FISA, HIPAA,
GLBA, the Patriot Act, and laws related to monitoring and searches. In
addition, we will discuss searches, incident response, and current
theories regarding liability for failure to implement security.
Gerald Carter, Samba Team/Hewlett-Packard
Gerald Carter has been a member of the Samba Development Team since
1998 and is now helping to coordinate the project's release process. He
has published articles with various Web-based magazines and teaches
instructional courses as a consultant for multiple companies. Currently
employed by Hewlett-Packard as a Samba developer, Gerald has also
written books for both SAMS and O'Reilly Publishing.
p.m.2:00 p.m. Lunch (on your own)
2:00 p.m.3:30 p.m.
Intrusion and Vulnerability Detection
Yi-Min Wang, Microsoft Research
A Machine-Oriented Vulnerability
Database for Automated Vulnerability Detection and Processing
Sufatrio, Temasek Laboratories, National University of
Singapore; Roland H. C. Yap, School of Computing, National
University of Singapore; Liming Zhong, Quantiq International
DigSig: Runtime Authentication of
Binaries at Kernel Level
Axelle Apvrille, Trusted
Logic; David Gordon, Ericsson; Serge Hallyn, IBM LTC;
Makan Pourzandi and Vincent Roy, Ericsson
I3FS: An In-Kernel Integrity
Checker and Intrusion Detection File System
Anand Kashyap, Gopalan Sivathanu, and Erez Zadok, Stony Brook
Session Chair: Esther Filderman, The OpenAFS Project
LiveJournal's Backend and memcached: Past, Present, and Future
Speakers: Lisa Phillips, Brad Fitzpatrick
View Presentation Slides (PDF)
blogging was a word, LiveJournal.com started off as a hobby project for
Fitzpatrick and some friends and is now home to well over 4,000,000
accounts, over half of which are in active use.
With a built-in
social networking system, per-journal-entry security, message boards, a
LJ/RSS/Atom news aggregator, support for 20+ languages, a technical
support system, and more, LiveJournal.com is a beast of an open source
project, addictive to both users and developers. What's just as
interesting, however, is how it all runs.
Come learn about
LiveJournal.com's backend, past, present, and future. Discussion will
• The site's history: how it's gone from
one server to over sixty, adapting both its code and architecture to
fit each other as the site grows.
• Load balancing: commercial vs. open
source vs. home-grown open source. When to use each, and how to use
them effectively together.
• MySQL tricks and replication: when and
how to use MyISAM, when to use InnoDB, partitioning your data across
clusters, moving users around clusters, replication topologies, for
high-availability and easy maintenance, the DBI::Role library for load
balancing and role-based handle acquisition.
• Memcached, the site's distributed
caching daemon and client libraries, originally built for LiveJournal,
but in the last year now in use by Slashdot, Wikipedia, and others.
Learn how memcached was used to make things really fast and avoid
hitting the database. Learn why memcached works so well with lots of
machines compared to local caching, and what been done to make the
protocol, server, and memory allocator so fast.
And, of course,
audience questions and comments will round out this session.
Session Chair: Lee Damon,
University of Washington
NFS, Its Applications and Future
Pawlowski, Network Appliance
View Presentation Slides:
HTML | PDF
NFS has evolved since its
inception at Sun in 1984 to provide a robust, heterogeneous, and
scalable storage networking solution for many applications.
Its evolution is now managed within the NFS Version 4 working group in
the IETF, with initial versions of the latest protocol available from a
few vendors now.
This talk will take a deep and detailed plunge into the current state
of NFS, the new features of Version 4, and the work facing the
community in the future. Technology directions of iWARP (RDMA),
hardware accelerations, exploiting high performance networks, and
addressing security concerns are on the agenda for this segment.
A special highlight will be a focus on the relationship of Linux and
NFS. Scalable compute clusters based on Linux have been a driving force
in a lot of the performance work and future direction of NFS, where it
provides a matching scalable storage infrastructure to match the
emerging application architectures. This section will be framed in
terms of a template for deployment and a description of best practices.
Mac OS X
Michael Bartosh is an author, consultant, and
trainer specializing in Mac OS X and Mac OS X Server in the context of
cross-platform directory services and server infrastructures. A
frequent speaker at technical conferences, Michael focuses on solutions
that minimize impact on existing infrastructures. His Essential Mac
OS X Server Administration (O'Reilly) is due out in February of
2005. Originally from Texas, he now resides in downtown Denver, CO,
with his wife, Amber.
p.m.4:00 p.m. Break |
4:00 p.m.5:30 p.m. || Wednesday |
Session Chair: Jon Finke,
Nix: A Safe and Policy-Free System for
Eelco Dolstra, Merijn de Jonge, and
Eelco Visser, Utrecht University
Auto-configuration by File Construction:
Configuration Management with newfig
William LeFebvre and
David Snyder, CNN Internet Technologies
AIS: A Fast, Disk Space Efficient
"Adaptable Installation System" Supporting Multitudes of Diverse
Sergei Mikhailov and Jonathan
Stanton, George Washington University
Session Chair: Esther Filderman, Pittsburgh Supercomputing
Speaker: Mike Ciavarella, University of Melbourne
Session Chair: Adam S.
Moskowitz, Menlo Computing
The Security Role of Linguistic Content Analysis
Speaker: Jim Nisbet, President & CEO, Tablus, Inc.
View Presentation Slides:
HTML | PDF
Computational linguistics is not a technology usually associated with
networking devices such as firewalls and packet monitors, but this
technology offers some powerful new capabilities. The premise is that
if we want to look for high-value information leaving the company, then
we need to look to the same kind of linguistic categorization
technologies software companies have historically used. This talk
principally explores content analysis techniques, ranging from regular
expression pattern matching to latent semantic analysis, that can be
used to identify content characteristics reliably enough that policies
can be defined based on the content itself.
Bdale Garbee, HP Linux CTO/Debian
Bdale, a former Debian Project Leader, currently works at HP
helping to make sure Linux will work well on future HP systems. His
background includes many years on both UNIX internals and embedded
systems. He helped jump-start ports of Debian GNU/Linux to 5
architectures other than i386. When Bdale isn't busy keeping his
basement computer farm full of oddball systems running Linux, working,
he's busy with amateur radio, most likely building amateur satellites.