Cryptography Reference
In-Depth Information
caused because VNC transmits only the portions of the screen that have been
changed. In the very beginning, the whole screen has to be transmitted (first
peak)andrightafter,InternetExplorer is started in maximized mode (high
usage around the 20th second). Although the network utilization may seem for-
biddingly high at times, we have to keep in mind that (i) we try to measure the
scalability in the worst case scenario - that is all the injection sessions are initi-
ated simultaneously - and (ii) this is a prototype unoptimized implementation,
using of-the-self tools. The most important thing to keep from this measurement
is that our system, even under these conditions, was robust enough to sustain
and adapt to the workload increases.
Optimizations:
After we demonstrated the scalability and adaptability to re-
source variations, we experimented with application level optimizations. Al-
though we could achieve much better overall performance by developing custom
injection and verification tools, we wanted to examine the benefits of tweaking
parameters of the remote access protocol - VNC in this case. There are two such
parameters that are related to the quality of the transmitted screen view. These
are: (i) color depth and the encoding algorithm used. The different options for
color depth are: 8, 256 or full colors. Each time something has changed on the
screen, VNC transmits the surrounding rectangle of that portion, encoded in
one of the following ways:
-
RAW.
This is the simplest out of all the encoding schemes. As its name implies,
rectangles are transmitted in
width
x
height
pixel values.
-
HEXTILE.
In this case, the rectangles to be transmitted are firstly partitioned
in 16x16 tiles. Then, each of them is either sent raw (as above) or using
a variant of Rise-and-Run-length-Encoding, where a sequence of identical
pixels are compacted to a single color value and repeat count.
-
Finally, this encoding scheme combines a form of the previous one
with Zlib compression.
ZRLE.
In order to measure the benefits and tradeoffs of the different encodings and
color depths, we evaluated four typical combinations. These were full color-
RAW
,
full color-
HEXTILE
,8colors-
HEXTILE
and 8 color-
ZRLE
. For each combination, we
concurrently injected bait credentials to the whole VM set - the 96 of them. As
before, we collected CPU and network utilization statistics. Figure 3(a) shows
the CPU usage under the different encoding-color depth pairs. Using full color
yields slightly higher CPU utilization, but, overall the benefit seems negligible.
On the other hand, network utilization (shown in Figure 3(b)) is indeed affected
by the different encoding-color depth combinations. As expected, using full color
and
encoding is the most network demanding scheme. Switching to
HEXTILE
encoding clearly results to a first improvement. Finally, lowering the color depth
reduces network utilization even more. It is interesting to see that the encoding
scheme does not play such a big role when using just a few colors. Hence, it
would be sucient to use even
RAW
instead of
, in order to save a few
HEXTILE
ZRLE
CPU cycles.
Search WWH ::
Custom Search