분류 전체보기
-
Hadoop Yet Another Resource Negotiator(Yarn)DistributedSystem/HadoopEcyosystem 2019. 9. 14. 16:28
1. Overview A platform that is responsible for managing computing resources in clusters and using them for scheduling users' applications. Yarn allows different data processing engines like graph processing, interactive processing, stream processing as well as batch processing to run and process data stored in HDFS(Hadoop Distributed File System). Apart from resource management, Yarn also does J..
-
OLTP, OLAP, and ETLDB/RDB 2019. 9. 11. 14:28
1. Overview 1.1 On-line Transaction Processing (OLTP) OLTP stands for On-line Transaction Processing. OLTP based systems (account, ticket booking, banking systems, money transfer system) are used to perform a large number of short transactions. Almost all of the database queries in OLTP system consist of commands insert, update, delete. Select queries are mainly designed to enable users to selec..
-
Resilient Distributed Dataset(RDD)DistributedSystem/Spark 2019. 9. 8. 22:32
1. Overview Resilient Distributed Datasets (RDD) is a fundamental data structure of Spark. It is an immutable distributed collection of objects. Each dataset in RDD is divided into logical partitions, which may be computed on different nodes of the cluster. RDDs can contain any type of Python, Java, or Scala objects, including user-defined classes. There are two ways to create RDDs − parallelizi..
-
Hadoop Distributed File System(HDFS)DistributedSystem/HadoopEcyosystem 2019. 9. 8. 21:28
1. Overview Apache HDFS or Hadoop Distributed File System is a block-structured file system where each file is divided into blocks of a pre-determined size. These blocks are stored across a cluster of one or several machines. HDFS follows a Master/Slave Architecture, where a cluster comprises a single Name node(Master node) and all the other nodes are Data nodes(slave nodes). HDFS can be deploye..
-
Server-side request forgeryWeb/Security 2019. 9. 7. 11:45
1. Overview Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker's choosing. In typical SSRF examples, the attacker might cause the server to make a connection back to itself, or to other web-based services within the organization's infrastructure..
-
Cross-site tracing(XST)Web/Security 2019. 9. 7. 11:43
1. Overview In web security, cross-site tracing (abbreviated "XST") is a network security vulnerability exploiting the HTTP TRACE method. XST scripts exploit ActiveX, Flash, or any other controls that allow executing an HTTP TRACE request. The HTTP TRACE response includes all the HTTP headers including authentication data and HTTP cookie contents, which are then available to the script. In combi..
-
Cross-site request forgery(CSRF)Web/Security 2019. 9. 7. 11:42
1. Overview Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. There are many ways in which a malicious website can transmit such commands; specially-crafted image tags, hidd..
-
SQL InjectionWeb/Security 2019. 9. 7. 10:13
1. Overview SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. 2. Example Injection Type Description Retrieving hidden data where you can modify an SQL query to return additional results. Subverting application logic where you can change a query to interfere with the application's logic. UNION attacks whe..