CNS 2017 News
- Computer Security Experts Honored for Research that Stands the Test of Time
Denial of service attacks (DoS) have crippled even the likes of Google and Amazon in recent years, topping at a reported 1.1 terabits per second in 2016. But they were a relatively unexplored phenomenon in the year 2000, when three computer scientists from the University of California San Diego set out to find out how prevalent they were.
Their research and resulting academic paper won the Best Paper award when it was presented at the 10th USENIX Security Symposium in 2001. At the time, the study provided the only publicly available data quantifying DoS activity on the Internet. Now, 16 years later, that same paper – “Inferring Internet Denial-of-Service Activity” – has received the 2017 USENIX Security Test of Time Award.
The award was announced today at the opening session of USENIX Security 2017 in Vancouver, Canada. UC San Diego Computer Science and Engineering (CSE) professor Geoffrey M. Voelker accepted the award on behalf of his co-authors, fellow CSE professor Stefan Savage, and their former Ph.D. student David Moore (C.Phil. ’05), who went on to track Internet activity as a project scientist at CAIDA, the Center for Applied Internet Data Analysis. Moore has worked at Google since 2012.
“Test of Time awards are important because they single out research that has a lasting impact despite the rapid change we’ve witnessed in the computing field,” said Dean Tullsen, chair of the CSE department at UC San Diego. “Stefan Savage and Geoff Voelker have done continuously groundbreaking work in cybersecurity for almost two decades, and this award underscores the department’s well-deserved reputation for innovation in areas including security as well as systems and networking.”
The Test of Time award recognizes outstanding work in security research that has had a lasting impact on the community. To qualify, a paper must have been presented at a USENIX conference at least 10 years earlier.
Denial-of-service attacks disable servers linked to the Internet by overloading them with messages, which usually contain false source addresses (“spoofing”) to conceal the location of the attacker. The UC San Diego researchers used key features of those forged signatures to detect and track the attacks. The study found that some attacks flooded their targets with “instantaneous loads” peaking at 600,000 message packets per second – crippling the infrastructure.
“Quantifying the problem was always meant to be the first step toward stopping or at least curbing attacks of this kind,” recalled UC San Diego’s Savage, who co-directs the Center for Networked Systems (CNS) at UC San Diego. “Our 2001 study helped network engineers understand the nature of recent attacks and to study long-term trends and recurring patterns of attacks.” On Thursday, Savage will appear on a panel to discuss distributed denial-of-service attacks.
In the 2001 paper, the co-authors also developed a novel technique to cut through the clutter of Internet data. Called “backscatter analysis,” the technique involves observing packets from machines that fall victim to DoS attacks by sending responses to the forged IP addresses. By observing these backscatter packets at a statistically significant portion of IP addresses, backscatter analysis can quantify the scope of a DoS attack.
For their study, Moore, Voelker and Savage looked at three week-long datasets in February 2001 to assess the number, duration and focus of attacks, and to characterize their behavior. In the space of one week, they observed more than 12,000 attacks against more than 5,000 distinct targets, ranging from well-known e-commerce companies such as Amazon, to small foreign Internet Service Providers (ISPs) and – remember, this is 16 years ago – dial-up connections. “At the time,” said Voelker, “our work was the only publically available data quantifying denial-of-service activity in the Internet.”
The technique produced an estimate of worldwide malicious DoS activity – with approximately 4,000 sites experiencing DoS attacks weekly (as of 2000), and over 12,000 attacks over three weeks.
The 2001 study also was among the first to use the quantitative data to characterize the victims of DoS attacks, which seem almost quaint in retrospect. “Only five percent of attacks targeted infrastructure such as routers and name servers,” explained Voelker. “There were a few very large attacks against broadband, and up to 20 percent of attacks were targeted at home machines – evidence that minor DoS attacks were used for personal vendettas.”
The CSE department at UC San Diego is no stranger to winning Test of Time awards handed out by USENIX at a few of its major conferences. Already in 2017, CSE professor George Porter shared in the Test of Time award at the USENIX Symposium on Networked Systems Design and Implementation (NSDI) for “X-Trace: A Pervasive Network Tracing Framework”, originally published at NSDI 2007. And in 2016, former CSE professor Amin Vahdat and his co-authors received the NSDI Test of Time award for a paper presented at NSDI 2006.
The 26th USENIX Security Symposium takes place Aug. 16 to 18 in Vancouver, Canada. UC San Diego’s CSE department is well represented on the conference program. Faculty including Leo Porter, Dean Tullsen, Hovav Shacham, Sorin Lerner and research scientist Kirill Levchenko have papers on the program:
- Prime+Abort: A Timer-Free High-Precision L3 Cache Attack Using Intel TSX , by Craig Disselkoen, David Kohlbrenner, Leo Porter, and Dean Tullsen
- On the Effectiveness of Mitigations against Floating-Point Timing Channels , by David Kohlbrenner and Hovav Shacham
- Dead Store Elimination (Still) Considered Harmful , by Zhaomo Yang, Brian Johannesmeyer, Sorin Lerner and Kirill Levchenko (and Aalborg University’s Anders Trier Olesen)
CSE professor Deian Stefan will chair a session on “Side-Channel Countermeasures” on the first day of the conference.
- CSE-Trained Expert on Program Verification Featured in Communications of the ACM
CSE alumnus Zachary Tatlock (Ph.D. ’14) is now a professor of computer science at the University of Washington. In an article about “hacker-proof coding” in the August issue of Communications of the ACM, the publication notes that as Tatlock was finishing up his dissertation at UC San Diego, the then-Ph.D. candidate gave a talk at UW about his thesis research on program verification (under his advisor, Sorin Lerner). The lead engineer for the UW medical center’s radiotherapy team was in the audience and asked Tatlock how they could apply verification to that system.
Recalling the event three years later, Tatlock reckons that the question “probably helped me get hired.” He joined UW shortly after and has continued to work with the medical center. In the case of the radiotherapy system, he noted that because the system was written in a variety of languages, different techniques had to be deployed to verify the software in its entirety.
According to Esther Shein, who wrote the CACM article, “The system has about a dozen components, each with different levels of criticality.” She quotes Tatlock saying that “software for logging an event, for example, is not as critical as software that verifies the beam power has not become too high. What we want to be able to do is ensure the reliability of all pieces. We want to make sure there are no bugs that can affect the parts that are critical.”
The medical center wanted to prevent software errors that might prove fatal, given that the radiotherapy system “shoots high-powered radiation beams into the heads of patients to treat cancers of the tongue and esophagus,” writes Shein. To check its heaviest-duty components, the medical center uses DeepSpec principles, which are costly and time-consuming because they require highly-trained technicians to prove they’re functioning correctly.
To assess less-critical parts of the system, the medical center uses “lighter-weight, less powerful techniques to ensure the correctness,” said Tatlock. “So the guarantees for those parts aren’t as strong, but it’s a better engineering trade-off.”
The CACM article goes on to note that Tatlock and colleagues have built a suite of tools the engineers use in their regular development process. “They include a checker that allows them to formally describe the entire radiotherapy system to a computer and ensure the key components are individually correct. The researchers are now working on building verified replacements for those parts of the system.” The system is also checked daily. “We want to make sure the code written by the engineers on that team will correctly turn off the beam if anything goes wrong,” Tatlock told the publication. “The work is similar to DeepSpec’s; it just emphasizes a different degree of automation.”
- With Help from UC San Diego Grad Student, Google Estimates $25 Million in Ransomware Payouts
$25,253,505. That is the best estimate to date of how much money was paid by victims of ransomware attacks in the past two years in order to unlock their computer disks and get their data back. As a result, ransomware – malware that encrypts victims’ data and demands a payoff in exchange for the key to unlock the data – “has become one of the largest cybercrime revenue sources,” according to Google presenters at Black Hat USA 2017 conference in Las Vegas this week.
Participants in the study on “Tracking Ransomware End to End” included researchers from UC San Diego, New York University (NYU), and the blockchain analysis firm Chainalysis. (Blockchain is the public, decentralized ledger of transactions in Bitcoin, the cryptocurrency most widely used to settle ransomware demands.)
Rather than produce an academic paper first, the team opted to make a splash at the conference with a presentation to get the word out. The presenter: Google’s Kylie McRoberts. Now in its 20th year, Black Hat is the world’s leading information security event series.
The UC San Diego participant in the study, Computer Science and Engineering (CSE) Ph.D. candidate Danny Yuxing Huang, is also affiliated with the Center for Networked Systems (CNS). “We study the economics of operating ransomware: from maintaining infrastructure, generating revenue, to getting victims to pay,” noted Huang, adding that “our goals are to understand the business model of ransomware, and estimate their revenue and potential profitability.”
Huang tracked bitcoins that moved from potential victims to ransomware, and from ransomware to exchanges (as possible liquidation). “By masquerading as a part of the ransomware infrastructure,” explained Huang, “I also gathered statistics on infected computers, such as the number of infections over time, and the geographical distribution of infected machines.”
Google’s other university collaborator was Damon McCoy, a former postdoctoral scientist in CSE at UC San Diego from 2009 to 2011, who is now an assistant professor of computer science in NYU’s Tandon School of Engineering.
Together, the researchers investigated 300,000 files from 34 different types of ransomware and tracked payments on the blockchain to analyze the scale and the amount of money paid by victims.
In the presentation, Google’s McRoberts reported that search queries for the term “ransomware” have increased by 877 percent since 2016, the first year when ransomware became a multi-million-dollar business (see chart).
Of the $25 million in payments by Internet users to get their data back, some ransomware attacks generated more revenue than others. Only a fraction of the total was paid by victims of the widely publicized WannaCry ransomware in 2017, despite – or because of – the extensive damage it caused. Developed originally by the U.S. National Security Agency (NSA), WannaCry crippled hospitals (including Britain’s National Health Service), communications providers and some 10,000 other organizations as well as an estimated 200,000 individuals in more than 150 countries. Even so, payouts in response to WannaCry topped out at $140,000 – making it only the 11th-largest ransomware to date in terms of victim payouts. The Google presenter dubbed WannaCry an “impostor,” saying it should really be classified as “wipeware.” The study found that victims learned early on that the malware effectively wiped out the data because the software was unable to later unlock the victim’s computer even if the ransom was paid. The study noted that a variant on WannaCry called NotPetya was also wipeware, for the same reason, but also concluded that “wipeware pretending to be ransomware is on the rise.”
Less publicized ransom demands launched in 2016, on the other hand, generated far more income for the attackers than WannaCry, notably the Locky ($7.8 million to date) and Cerber ($6.9 million) ransomware attacks.
Locky was the first ransomware to make over $1 million per month. It has largely run its course, but left its mark on the criminal marketplace because it brought “ransoms to the masses”, according to the presentation at Blackhat USA. “Locky’s big advantage was the decoupling of the people who maintain the ransomware from the people who are infecting machines,” said NYU professor McCoy. “Locky just focused on building the malware and support infrastructure. Then they had other botnets spread and distribute the malware, which were much better at that end of the business.”
The same botnet that distributed Locky now also distributes Cerber and other ransomware built on Locky’s model. Cerber continues to rake in roughly $200,000 a month in ransom, as it has for more than a year, buoyed by its creation of an affiliate model that is “taking the world by storm,” noted Google.
According to the study, victims of all ransomware paid ransom by purchasing Bitcoins on at least 10 exchanges. The single largest market, LocalBitcoins.com, had 37% of the market in the two-year period.
The $25 million number in the new study reflects total ransomware payouts by victims. It is unclear, however, how much of the money made it back to the original authors of that ransomware.
UC San Diego contributor Danny Huang is nearing completion of his Ph.D. under advisors Alex Snoeren and research scientist Kirill Levchenko. He is scheduled to mount the final defense of his dissertation at the end of August.
- CSE Graduate Students in Center for Networked Systems End Academic Year with Ph.D. Degrees and New Jobs
As of early July, 15 Computer Science and Engineering (CSE) Ph.D. candidates affiliated with the Center for Networked Systems (CNS) have graduated or are expected to graduate in the academic year from October 2016 through September 2017. Unlike last year, when half the Ph.D. graduates went to work for Google, there is much more variety in their waiting employers this year. Here’s a recap of this year’s CNS graduating Ph.D. class (in reverse chronological order), starting with three students tentatively scheduled to defend their doctoral dissertations between now and the end of August as members of the Ph.D. “Class of ’17”.
Yuxing (Danny) Huang (Ph.D. ’17) is interviewing for postdoc positions as he puts finishing touches to his dissertation. His final defense is scheduled for August 31 before his co-advisors Alex Snoeren and Kirill Levchenko, who co-chair his faculty committee. Huang uses economics to study malicious behaviors on the Internet, including the economics of a wide variety of ransomware to better understand victims and how many of them pay in response to ransom demands. Huang received his B.A. in Computer Science from Williams College in 2011, the same year he enrolled in the Ph.D. program at UC San Diego. He did back-to-back summer internships at Google in 2014 and 2015.
On August 28, Tianyin Xu (Ph.D. ’17) will defend his dissertation on hardening cloud and datacenter systems against configuration errors, but he already has a great job lined up. He will become an assistant professor of Computer Science next January at the University of Illinois at Urbana-Champaign (UIUC), where he accepted a tenure=track appointment pending completion of his Ph.D. Xu’s advisor, YY Zhou, taught at UIUC for seven years before joining the UC San Diego faculty (and CNS) in 2009. For his part, Xu’s research focuses on the reliability and security of computer systems, and in particular, large-scale software systems deployed in the cloud and in datacenters. In 2017 Xu received CSE’s Doctoral Award for Research, and last November he received the Jay Lepreau Best Paper Award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) for his paper on “Early Detection of Configuration Errors to Reduce Failure Damage.” In 2013 and 2016, Xu presented at CNS Research Reviews, and he did summer internships in 2013 and 2015 at former CNS member company NetApp.
This fall, Eric Seidel (M.S., Ph.D. ’16, ’17) will join Bloomberg LP in New York after defending his Ph.D. dissertation on August 2. His research interests include programming languages, data and ubiquitous computing. As a graduate research assistant in the lab of his advisor Ranjit Jhala, Seidel built a tool to synthesize counter-examples to type errors. The tool performs type-checking along with execution, and produces trace demonstrating of how a program gets stuck. Seidel also worked on a refinement type-based verifier for Haskell. Together with Jhala and recent CNS and CSE alumna Niki Vazou, Seidel implemented an efficient testing framework using refinement types to prune the input search space. Seidel received a B.S. in Computer Science from the City College of New York in 2012.
In addition to the three Ph.D. candidates preparing for their all-important dissertation defenses in August, 12 other researchers in CNS-affiliated labs have already completed and defended their dissertations as of July for the 2016-2017 academic year.
Yanqin Jin (Ph.D. ’17) worked in the Non-Volatile Systems Laboratory under his advisor, Steven Swanson. His research interests include storage system design and implementation with modern storage technologies, as well as database and filesystem optimization for modern storage devices (including solid-state drives). Jin’s dissertation focused on “Modernizing Storage Device Interface for Performance and Reliability,” and his faculty committee was co-chaired by Swanson and co-advisor Yannis Papakonstantinou. His advisors also co-authored (with Jin as first author) a paper on key-addressable multi-log solid-state drives (KAML), which he presented at the 2017 IEEE Symposium on High Performance Computer Architecture (HPCA 2017). Early in graduate school, Jin did three summer internships with leading technology companies: Twitter (2012), Oracle (2011) and Microsoft (2010). The Microsoft internship took place in Beijing immediately Jin completed his undergraduate degree at China’s Tsinghua University.
Yashar Asgarieh (Ph.D. ’17) now works at NVIDIA after completing his Ph.D. under advisor Bill Lin. His dissertation explored “Making the On-Chip World Smaller with Low-Latency On-Chip Networks”. With the proliferation of cores since the first dual-core processor, embedded multi-cores today can have over 100 cores. Asgarieh focused on how to improve on the state-of-the-art shared Network on Chip (NoC) as the best way to connect cores. His solution: to “make the on-chip world appear smaller by providing extremely low-latency networks that can make faraway resources appear much closer.” While in grad school, Asgarieh did summer internships at Facebook and the Embedded Systems Lab at EPFL in Lausanne, Switzerland. Asgarieh did his undergraduate degree and M.Sc. in Computer Engineering at the Iran University of Science and Technology and Sharif University of Technology, respectively.
Alan Leung (M.S., Ph.D. ’13, ’17) developed novel algorithms and implementations in the areas of compiler design, program analysis, program verification and program synthesis. Under advisor Sorin Lerner, Leung successfully defended his dissertation on “Constructing Parsers by Example via Interactive Program Synthesis.” In his thesis, Leung argued that “it is possible to make parsing more accessible by combining interactive visual feedback with the programming-by-example paradigm.” Prior to UC San Diego, Leung spent five years as a microprocessor design engineer at Intel, where he designed cache memory systems for two generations of Itanium microprocessors that successfully went to market. Leung did his undergraduate degree at Cornell University.
Xinxin Jin (Ph.D. ‘17) is working for Whova, the event-app startup founded by her advisor, YY Zhou, who also ran the Opera operating systems lab where Jin did research in software / hardware reliability, operating systems and mobile computing. Jin wrote her dissertation on “Tooling and Language Support for Robust and Easy Network Programming of Mobile Applications.” “I build infrastructure and mobile apps to make them run reliably and faster,” says Jin. “My mission is to revolutionize event networking and management via technology.” Jin likes the atmosphere and size of a startup, so instead of applying for a faculty position, she opted to stay with Whova. She could also have applied to a large technology company (like Microsoft, where she did a summer internship in 2015), but according to advisor YY Zhou, “Xinxin feels more comfortable in an entrepreneurial environment.” Prior to arriving at UC San Diego in 2011, Jin completed her M.S. from Peking University in 2011 and a B.S. from the Beijing University of Posts and Telecommunications in 2008.
In February, Daniel Ricketts (Ph.D. ’17) defended his dissertation on “Verification of Sampled-Data Systems using Coq” (a proof assistant). His advisor, Sorin Lerner, chaired the dissertation committee, which included fellow CNS member Ranjit Jhala. Following completion of his Ph.D., Ricketts joined Oracle as a software engineer in the greater Seattle area. His goal: to apply formal verification to practical problems in industry. At UC San Diego Ricketts did research on formal verification of cyber-physical systems using the Coq proof assistant. As a graduate student, Ricketts worked on the VeriDrone project, which involved a formal verification process to ensure safety of quadcopter software.
Michael Wei (M.S., Ph.D. ’12, ’17) is now a postdoctoral researcher at VMware, where he previously did an internship during graduate school. Wei is a past recipient of NSF Graduate Research Fellowships (in 2011 and 2012) and he pursued research in embedded systems, non-volatile systems, computer architecture, security, and energy. Prior to completing his Ph.D, Wei worked on reliably erasing solid-state disks (SSDs) under his advisor, Steven Swanson. In his dissertation on “Corfu: A Platform for Scalable Consistency,” Wei made the case for why the proposed Corfu platform simplifies development without sacrificing performance. “Consistency and scalability are often seen to be at odds with one another,” explained Wei, “and many popular data stores have traded consistency for scalability as part of a movement known as NoSQL… [which] makes writing reliable, feature-rich distributed applications much more difficult.” In addition to Swanson, Wei’s Ph.D. committee included other CNS member faculty, including George Porter, Alex Snoeren, and Geoffrey Voelker.
Pietro Mercati (Ph.D. ’17) is now a research scientist at Intel Corp. He completed his Ph.D. under advisor Tajana Rosing, with a dissertation on “Power, Thermal, Reliability and Variability Management of Mobile Devices.” In it, Mercati proposed the design and implementation of a novel unified framework for the comprehensive dynamic management of power, temperature reliability and variability in mobile systems subject to user experience requirements. As Mercati outlined in his thesis, the proposed strategy meets user experience requirements while extending battery lifetimes by at least 25 percent and achieving up to 35 percent savings in power consumption at the device level (and up to 100 percent improved performance on cluster architectures). Mercati completed his Master’s and Bachelor’s degrees at the University of Bologna (Italy) prior to arriving at UC San Diego in 2013.
Yang (Robert) Liu (Ph.D. ’17) is a principal engineer for R&D engineering at Western Digital. He did his dissertation on “Systems and Algorithm Support for Efficient Heterogeneous Computing with GPUs” under advisor Steven Swanson. Liu worked for Swanson in the Non-Volatile Systems Laboratory (NVSL). Liu’s research explored the design space in next-generation storage systems, while rethinking the interface between software and hardware in computer systems (e.g., improving the performance of the MapReduce framework by applying new hardware and better scheduling). Liu also worked previously with CNS member YY Zhou on software reliability, and did a summer internship at Broadcom. Prior to UC San Diego, he earned his B.S. and M.S. degrees from China’s Beihang University and Tsinghua University, respectively.
Of all the Ph.D. graduates affiliated with CNS this year, only three completed their dissertation defense and other requirements by the end of December, thus allowing them to put 2016 as their graduating year on their CVs. They included:
Meenakshi Sundaram Bhaskaran (M.S., Ph.D. ’12, ’16) also worked in NVSL under his advisor, Steven Swanson. He completed the degree in Computer Engineering in December 2016 with a dissertation on “Micro-Architecture and Systems Support for Emerging Non-Volatile Memories.” In it, Bhaskaran proposed “Non-Blocking Load (NBLD), an instruction set extension to mitigate pipeline stalls from long-latency memory accesses… NBLD triggers the execution of application-specific code once data is resident in the cache, effectively hiding the latency of memory.” Prior to UC San Diego, Bhaskaran was an engineer at SanDisk India in Bangalore, after completing his undergraduate degree at Anna University (also in India).
Niki Vazou (Ph.D. ’16) is now a postdoctoral fellow at the University of Maryland in the Programming Language group after completing her Ph.D. last December. Her research continues to focus on designing usable program verifiers that can be integrated into standard software development. Her dissertation under advisor Ranjit Jhala, “Liquid Haskell: Haskell as a Theorem Prover”, drew on expertise in static program verification, type systems, type inference, abstract interpretation, functional programming, Haskell, Liquid Types and more. In it, Vazou presented LiquidHaskell, a usable, static formal verifier for Haskell programs, which she used to verify more than 10,000 lines of real-world Haskell programs. As Vazou noted in her abstract, “LiquidHaskell serves as a prototype verifier in a future where formal techniques will be used to facilitate, instead of hinder, software development.” In 2015 Vazou received the CSE Graduate Award for Research. The previous year, she won a Microsoft Graduate Research Fellowship (after doing two internships at Microsoft Research facilities in Washington State and at Cambridge in Britain). In 2016 Vazou did a summer internship at Awake Networks in Mountain View, CA, where she used LiquidHaskell to verify correctness on Awake’s production code base.
Ming Woo-Kawaguchi (B.S., M.S., Ph.D. ’05, ’08, ‘16) is a postdoctoral research fellow at Harvard University. He completed his Ph.D. in late 2016 after having done most of his work as a graduate student researcher in the Programming Systems group in CSE from 2005 to 2012. From 2014 to 2016 Woo-Kawaguchi was on the technical staff of the Draper Laboratory near Boston before he decided to complete his Ph.D. Under advisor Ranjit Jhala, Woo-Kawaguchi did his dissertation on “High-Level Liquid Types ,” in which he proposed “several augmentations of the Liquid Types method of automatic program verification for uniformly describing high-level specifications and for verifying that source doe is correct with respect to such specifications.” In addition to Jhala, two other CNS members – Sorin Lerner and Geoffrey Voelker – sat on the five-person committee that quizzed Woo-Kawaguchi in his belated but final defense of his dissertation last October.
- CNS Awards Travel Grants to Two Graduate Students in Computer Science
For female students in particular, attending the annual Grace Hopper Celebration of Women in Computing can be a critical launching pad for careers in computer science in either academia or private industry. For that reason, UC San Diego’s Center for Networked Systems (CNS) provides funding each year to help defray the cost of attending the Grace Hopper Celebration for one or two deserving women who represent the next generation of female computer scientists who want to play leadership roles in helping other women make it in computer science.
Looking ahead to the 2017 conference Oct. 4-6 in Orlando, FL, CNS has picked two deserving students to receive this year’s CNS Grace Hopper Travel Grants. Both Ariana Mirian and Stephanie Chen are graduate students: Chen is working on her M.S. in Computer Science with a focus on Machine Learning, and Mirian is a Ph.D. student co-advised by CNS Director Stefan Savage and CSE Professor Geoffrey Voelker.
Ariana Mirian is the incoming president of the Graduate Women in Computing (GradWiC) group at UC San Diego for the 2017-2018 academic year (taking over as president from Ailie Fraser). She also received an award for Contributions to Diversity, which she accepted recently at the CSE Departmental Awards Ceremony. Mirian is going into her second year of the Ph.D. program, with research interests in security and privacy, notably at the intersection of empirically-based measurement and usable security. In addition to CNS, she is also affiliated with the Center for Evidence-based Security Research (led by her advisor Stefan Savage) as well as the Systems and Networking group and the Crypto and Security group. Mirian completed her undergraduate degree in computer science at the University of Michigan.
Stephanie Chen is the outgoing Vice President of GradWiC. During the spring quarter, Stephanie Chen was head teaching assistant for Professor Bill Griswold’s course on Software Engineering (CSE 110). This summer she is doing a software engineering internship at Intuit in San Diego, where she serves as a back-end developer on Intuit’s Data Science Decision Engine team. Last summer, Chen interned at SPAWAR Systems Center, also in San Diego. She completed B.A. (Environmental Economics) and B.S. (Business Administration) degrees from UC Berkeley. Chen subsequently worked for Google for four years, primarily for its YouTube unit, before enrolling in UC San Diego to earn a computer science degree (which she expects to complete in the fall or winter quarter).
Both students will be part of a large delegation of UC San Diego faculty and students, most of them from the Computer Science and Engineering department, including many who have made a point of attending the Grace Hopper event several years runnning.
Travel Grant recipients Chen and Mirian will report back to CNS colleagues after the conference.
- CSE Ph.D. Candidate Accepts Tenure-Track Faculty Position at University of Illinois
When he graduated from China’s Nanjing University, Tianyin Xu was turned down by 24 graduate schools in the United States. The following year he applied and was accepted into the Ph.D. program at the University of California San Diego. Now, almost six years later, Xu is finishing his Ph.D. this summer, and top-notch schools were competing to offer the soon-to-be alumnus a tenure-track faculty position. In the end, Xu received five offers and accepted the one from the University of Illinois at Urbana-Champaign (UIUC), which he’ll join as an assistant professor next January in the Department of Computer Science.
“I loved all the schools that made offers, which made the decision-making process excruciating,” observed CSE Ph.D. candidate Xu. “In the end, I had to follow my gut.” While he had offers from Pennsylvania State, UC Santa Cruz, UC Santa Barbara and Canada’s University of Waterloo, Xu selected UIUC partly because his advisor, CSE Prof. Yuanyuan (YY) Zhou, taught there for seven years before joining the UC San Diego faculty in 2009.
“Many of the senior students in Professor Zhou’s group had previously studied at UIUC,” added Xu, “and they have helped me tremendously in my graduate studies. All of them spoke highly of the Illinois program.” Xu also thinks that UIUC had more confidence in his abilities because he had worked so closely with his “rock star advisor.” “I believe part of the reason UIUC made me the offer is that Professor Zhou was so successful and truly respected there, and all of the faculty I met during the hiring process held her in very high esteem.”
“I am very proud of him,” observed Zhou, who holds the Qualcomm Endowed Chair in Mobile Systems in the Jacobs School of Engineering. “Tianyin Xu is joining an elite group of recent graduates from our operating systems group, including five of them who took tenure-track faculty positions at top schools.” Those professors include UC San Diego CSE alumnus Ryan Huang (Ph.D. ’16), who becomes an assistant professor of computer science at Johns Hopkins University this July after doing a postdoc at Microsoft Research.
“All of them are doing extremely well,” added Zhou, “so they have paved the way for Xu and hopefully future Ph.D. graduates from our program who want to make careers in academia.”
UIUC may also have been attracted to Xu’s research into reliability and security of computer systems, including the reliability of large-scale software systems deployed in the cloud and in datacenters. “My Ph.D. work focuses on tackling one dominant cause of cloud and datacenter failures in the real world – configuration errors,” said Xu. “These errors are notoriously fatal and hard to deal with using traditional fault-tolerance techniques. Currently we lack neat techniques that can work with these gigantic systems to prevent catastrophic failures, so research in this area is critically important and in demand.”
Hardening cloud and datacenter systems against configuration errors is the topic of Xu’s doctoral dissertation, which he expects to defend in early August.
Xu received CSE’s 2017 Doctoral Award for Research at the end of the academic year. Among other honors, last November he received the Jay Lepreau Best Paper Award at the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2016) for his paper on “Early Detection of Configuration Errors to Reduce Failure Damage.” Xu was first author on that paper as well as another in May 2017, which he presented to the 35th Conference on Human Factors in Computing Systems (CHI 2017). The topic: “How Do System Administrators Resolve Access-Denied Issues in the Real World.” Xu has also presented at research reviews of UC San Diego’s Center for Networked Systems (CNS) in 2016 and 2013, and he did summer research internships in 2013 and 2015 at NetApp, Inc., where he researched storage products and observed system users.
Xu has been a teaching assistant in both graduate and undergraduate courses at UC San Diego, serving a variety of CSE faculty including his advisor as well as Geoffrey Voelker, Leo Porter, Stefan Savage, Mohan Paturi and Sanjoy Dasgupta. In the three most recent courses he TA’d, Xu happily notes that he finished with recommendations from 98.6 percent of students (75 percent with “strong” recommendations). In his teaching statement intended for the universities where he interviewed for faculty jobs, Xu said one of his primary goals was to stress relevance as the key to engaging students in learning. “I strive to relate OS concepts to real-world, everyday problems beyond OS kernels,” he explained. “I talk about how Google manages resources and schedules jobs at a massive scale, how Spark drives its huge success based on the disk-memory trade-off, and why Android does not swap but kills app processes when running out of memory. Students enjoy such discussions and become more engaged.” At UIUC, Xu expects to teach operating systems and software engineering, and he plans to incorporate interactive and hands-on projects along with regular coursework.
Prior to starting the Ph.D. program at UC San Diego, from 2003 to 2010, Xu studied Computer Science at Nanjing University, where he completed B.S. and M.S. degrees..
With his faculty job search now over, Xu is particularly thankful to the many people in CSE who provided help, support and encouragement throughout the “exhausting and sometimes frustrating” process. “Professor Voelker revised every single slide of my job talk and gave me countless tips and advice, while professors Savage and Victor Vianu did mock interviews with me,” recalled Xu. “Professors Sorin Lerner, Philip Guo, Alex Snoeren, Aaron Schuman and Bill Griswold and others helped me with my job talk or allowed me to practice delivering my talk in their research seminars, while professors Zhou, Voelker, Savage and Scott Klemmer wrote recommendation letters for me.”
“Above all, I owe much to my advisor, Professor Zhou,” stressed Xu. “She believed in a student who had been rejected by most of the schools he applied to for graduate school, and transformed him into a Ph.D. candidate capable of receiving faculty offers from major schools and computer-science programs.”
- After 10 Weeks, CSE Students Demonstrate 3D, Networked Multiplayer Games
CSE professor Geoffrey M. Voelker teaches CSE 125 each spring, The course on “Software System Design and Implementation” gave 32 seniors an opportunity to showcase everything they learned in the past four years. Nominally, the course is a 10-week project to build a large, complex, distributed software system with real-time constraints. Specifically, the teams of six or seven students spend the quarter building a distributed, real-time, 3D multiplayer game (hence the popular reference to CSE 125 as being “the videogame course”). Each final team demonstration doubles as the team members’ final exams.
As finals week was winding down for most CSE students, nearly 200 people showed up on Friday, June 9, to see how much the five teams were able to achieve in the 2017 edition of CSE 125. All of the teams completed the assignment, with varying but largely impressive results. In one case, the demo had to be without accompanying audio because of a last-minute glitch in moving the game to a demo computer in the Qualcomm Institute auditorium in Atkinson Hall. For each demo, at least two players were picked at random from the audience to play against members of the game’s development team. All four players for each demo were positioned at workstations set up on the stage of the auditorium, with video of the game displayed on the big screen above the players — and streamed in real time over the Internet. [Editor’s note: An archived version of the video stream is now available for on-demand viewing here .]
The seven members of Team 9hack Studios produced a game called “Sandma” (originally “Dungeon Party”). Kavin Srithongkham led the presentation, and his fellow team members included Ethan Chan, Daniel Lee, Richard Lin, Christiane Pham, Austin Puk and Joshua Tang. They divided into three teams: networking, graphics and artists. “We wanted to create a game that contains both the sense of exploration and discovery of dungeon crawlers, and the chaotic and competitive interactions of a party game,” said Srithongkham. Players compete with each other in mini games and use the points to collectively build a dungeon full of hazards and treasures. The goal is then to move across the dungeon while avoiding the opponents’ obstacles. During the ‘build’ phase of the game, players place objects around the dungeon grid, but they cannot see where the other players place their objects. All players start with the same amount of gold, and the winner is whoever has the most gold at the end of the game. “The goal of the game is to balance using gold to buy obstacles and structures, and saving gold to win the game,” according to team members.
Team Solarware came up with a game called “Heliocentric”, which the developers call a “space-themed 4X real-time strategy game.” The goal is to eliminate all other players, or to end up in control of the most celestial bodies (based on mass). Brandon Milton presented the game with his five teammates Dylan Pereira, Ethan Li, JJ Tran, Raj Kumar and Sylvia Li. Team members divided up development roles, e.g., to handle networking, graphics, the user interface, sound, or algorithms. In the final week of development, “I worked on fine-tuning some key gameplay aspects,” said CS senior Raj Kumar. “I fixed a bug in combat that would cause the server to go down when more than one unit was attacking the same target. Further I made sure that a unit’s client window, which details the unit’s stats, disappears when the unit dies.” According to presenter Milton, “real-time strategy games are very difficult to make, especially when each player may have 20 units or 30 units or 100 units at a time. You start to run into the problem of having the server process all of these at the same time. A new appreciation for this problem was definitely acquired, but not so much a solution to the problem.” Milton worked on user-interface elements, making movement smoother, and finalizing unit orientation, lasers and attack sounds: “I also played the role of jack-of-all-trades as much as I could.”
Outer space, with a dose of robots, was featured in another team’s game. Called “MURPH”, it’s a “four-player cooperative space adventure travel game.” The objective is to navigate to a specified destination, while overcoming obstacles by working together as the crew of the spaceship.. The ship is made up of various compartments — navigation room, medical ward, engine room, and so on. — that can be damaged or destroyed while travelling to the destination through asteroid showers and other events (such as black holes and enemy ships) that hinder progress. When an asteroid hits one of the compartments, walls begin to crack and the player can patch the fissures if it can be done without the ship sustaining further damage. As the damage worsens, the room is destroyed. The game is lost when all players die or the ship’s final compartment is destroyed. The game is won when the ship reaches the specified destination. Team members included Michael Carroll (who learned Blender from scratch to build all of game’s models), Yuxiang Guan, Amanda Luff, Guillermo Valdez, and Huajie Wu, as well as Anish Shandilya, who led the game demo. Noted prrofessor Voelker: “One thing I like about that game is that you’re running around putting out fires, so it’s a great allegory to software development” — a comment that triggered knowing laughter among the student developers in the audience.
- CSE Presence at Upcoming PLDI 2017
The ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2017) will get underway on June 19 in Barcelona, Spain. It’s a premier forum for all areas of programming language research, including design, implementation, theory and efficient use of languages.
CSE/CNS Prof. Sorin Lerner has had a hand in putting the program together as a member of the External Program Committee for PLDI 2017.
CSE/CNS Prof. Ranjit Jhala, whose research focuses on techniques for building reliable computer systems, sits on the External Review Committee for the 2017 conference. He is also co-organizing a Tutorial track on “Refinement Types for Program Verification and Synthesis”, jointly with recent CSE/CNS alumna Niki Vazou (Ph.D. ’16), now a postdoctoral researcher at the University of Maryland, and MIT postdoctoral researcher Nadia Polikarpova (who in March presented in the CSE Colloquium Lecture Series on Type-Driven Program Synthesis).In addition to the two faculty members, one CSE alumna sits on the Steering Committee for PLDI 2017: Chandra Krintz (M.S., Ph.D. ’98, ’01). Krintz earned her doctoral degree under advisor (and former CSE faculty member) Brad Calder. Following graduation, she joined the computer science faculty at UC Santa Barbara, where she is now a full professor. Her research interests include programming support and adaptive optimization for cloud computing applications and systems, as well as techniques for efficient interoperation and integration of web services.In her spare time, Krintz co-founded the company AppScale Systems, Inc., where she remains Chief Scientist in a part-time role. Recently her work has focused on the intersection of IoT, cloud computing and data analytics with applications in farming and ranching (SmartFarm) and health management (Vigilance).
- CSE Students and Professors Stage Major Presence at SIGMOD 2017
CSE had a major presence at this year’s ACM Special Interest Group on Management of Data (SIGMOD), the premier venue for research in data management. The 2017 meeting took place in mid-May in Chicago jointly with PODS, the premier international conference on the theoretical aspects of database systems. CSE/CNS Database Lab faculty Yannis Papakonstantinou, Alin Deutsch, Arun Kumar and postdoctoral researcher Yannis Katsis all served on the SIGMOD research track program committee, and Kumar was a judge for the inaugural SIGMOD Student Research Competition. (He also chaired a Research Track session on Versions and Incremental Maintenance.)
However, it was the research that took center stage, with UC San Diego computer science faculty and students out in force with five major papers in the main conference. CSE/CNS professors Yannis Papakonstantinou and Steven Swanson and Ph.D. students Chunbin Lin and Jianguo Wang (who delivered the paper) presented their research on “An Experimental Study of Bitmap Compression vs. Inverted List Compression.”Papakonstantinou also had a joint paper with colleagues from Stanford University, Vasilis Verroios and Hector Garcia-Molina. They unveiled “Waldo: An Adaptive Human Interface for Crowd Entity Resolution.”
A newcomer to SIGMOD, CSE professor Kamalika Chaudhuri had two high-profile papers on the agenda. She and fellow CSE/CNS professor Arun Kumar were co-authors on a paper titled “Bolt-on Differential Privacy for Scalable Stochastic Gradient Descent-based Analytics.” Their co-authors were all former colleagues of Kumar at the University of Wisconsin-Madison before he joined the CSE faculty this year. Professor Chaudhuri was also senior author on a paper presented by her Ph.D. student, Shuang Song. It was about “Pufferfish Privacy Mechanisms for Correlated Data”.“Kamalika Chaudhuri was one of two people who dominated the SIGMOD data privacy session this year, each of them with two papers in that session,” noted CSE‘s Kumar. “One of her papers, which I think was her first SIGMOD submission, got accepted without any revisions!” Kumar notes that he and Chaudhuri are planning to collaborate on new problems in the data, analytics and privacy space, especially on data cleaning and analytics systems. Database Lab members also invited Chaudhuri to become a member of the lab, and she accepted.
The final CSE-related paper in the main research track was co-authored by Ph.D. student Vineet Pandey, who works in the Design Lab with his advisor, CSE professor Scott Klemmer. The paper on “Concerto: A High Concurrency Key-Value Store with Integrity” recapped research done at Microsoft when Pandey spent a summer there, as did another UC San Diego student (now alumnus) Pingfan Meng (M.S., Ph.D. ’11, ’16), who is listed as a co-author on the paper, and who is now a research scientist at Intel Labs. Microsoft researchers listed as co-authors on the Concerto paper included Arvind Arasu, Ken Eguro, Raghav Kaushik, Donald Kossman and Ravi Ramamurthy, with Arvind delivering the presentation.
Tutorials and Workshops
With a big conference like SIGMOD, however, the main sessions are only part of the action. CSE‘s Arun Kumar co-presented a tutorial on systems, techniques and challenges in the space of data management and machine learning. “The tutorial attracted a packed audience with a mix of industry folks, professors and students,” recalled Kumar. “It was well-appreciated and stirred a lot of discussion.” (Slides and video from the tutorial are available on the SIGMOD tutorials page.)
Then there were the workshops co-located with SIGMOD 2017, and professor Kumar was heavily involved in three of them. He presented the invited academic keynote at the First Workshop on Data Management for End-to-End Machine Learning (DEEM). His talk focused on emerging research opportunities and challenges for the data management community in democratizing advanced analytics beyond just building faster/scalable ML algorithm implementations. It was well-attended and well-received by both researchers and practitioners. During the same DEEM Workshop, Kumar also had a joint paper with former colleagues at the University of Wisconsin-Madison (Lingjiao Chen and Paraschos Koutris). The paper explored “Model-based Pricing: Do Not Pay for More than What You Learn!”Kumar and fellow CSE professor Lawrence Saul also co-authored a paper with graduate students Dharmil Chandarana and Vraj Shah. CSE M.S. student Shah presented the paper on “SpeakQL: Towards Speech-driven Multi-modal Querying” in the Workshop on Human-in-the-Loop Data Analytics (HILDA).CSE postdoc Yannis Katsis also presented a paper co-authored by professor Papakonstantinou and Ph.D. student Nikos Koulouris during the HILDA workshop. The topic: “Assisting Discovery in Public Health”, which they co-authored with Qualcomm Institute researcher and UC San Diego School of Medicine professor Kevin Patrick.
With SIGMOD 2017 now history, Database Lab members are looking ahead to the other major database conference of the year, the International Conference on Very Large Data Bases (VLDB 2017). It’s scheduled for August 28-September 1 in Munich, Germany. CSE‘s database researchers are promising another banner presence for the group at the meeting.
- Researchers Find Computer Code that Volkswagen Used to Cheat Emissions Tests
An international team of researchers has uncovered the mechanism that allowed Volkswagen to circumvent U.S. and European emission tests over at least six years before the Environmental Protection Agency put the company on notice in 2015 for violating the Clean Air Act. During a year-long investigation, researchers found code that allowed a car’s onboard computer to determine that the vehicle was undergoing an emissions test. The computer then activated the car’s emission-curbing systems, reducing the amount of pollutants emitted. Once the computer determined that the test was over, these systems were deactivated.
When the emissions curbing system wasn’t running, cars emitted up to 40 times the amount of nitrogen oxides allowed under EPA regulations.
The team, led by Kirill Levchenko, a computer scientist at the University of California San Diego presented their findings at the 38th IEEE Symposium on Security and Privacy in the San Francisco Bay Area on May 22 to 24, 2017.
“We were able to find the smoking gun,” Levchenko said. “We found the system and how it was used.”
Computer scientists obtained copies of the code running on Volkswagen onboard computers from the company’s own maintenance website and from forums run by car enthusiasts. The code was running on a wide range of models, including the Jetta, Golf and Passat, as well as Audi’s A and Q series.
“We found evidence of the fraud right there in public view,” Levchenko said.
During emissions standards tests, cars are placed on a chassis equipped with a dynamometer, which measures the power output of the engine. The vehicle follows a precisely defined speed profile that tries to mimic real driving on an urban route with frequent stops. The conditions of the test are both standardized and public. This essentially makes it possible for manufacturers to intentionally alter the behavior of their vehicles during the test cycle. The code found in Volkswagen vehicles checks for a number of conditions associated with a driving test, such as distance, speed and even the position of the wheel. If the conditions are met, the code directs the onboard computer to activate emissions curbing mechanism when those conditions were met.
A year-long investigation
UC San Diego Kirill Levchenko Computer scientist Kirill Levchenko led the research effort at UC San Diego.
It all started when computer scientists at Ruhr University, working with independent researcher Felix Domke, teamed up with Levchenko and the research group of computer science professor Stefan Savage at the Jacobs School of Engineering at UC San Diego.
Savage, Levchenko and their team have extensive experience analyzing embedded systems, such as cars’ onboard computers, known as Engine Control Units, for vulnerabilities. The team examined 900 versions of the code and found that 400 of those included information to circumvent emissions tests.
A specific piece of code was labeled as the “acoustic condition”—ostensibly, a way to control the sound the engine makes. But in reality, the label became a euphemism for conditions occurring during an emissions test. The code allowed for as many as 10 different profiles for potential tests. When the computer determined the car was undergoing a test, it activated emissions-curbing systems, which reduced the amount of nitrogen oxide emitted.
“The Volkswagen defeat device is arguably the most complex in automotive history,” Levchenko said.
Researchers found a less sophisticated circumventing ploy for the Fiat 500X. That car’s onboard computer simply allows its emissions-curbing system to run for the first 26 minutes and 40 seconds after the engine starts— roughly the duration of many emissions tests.
Researchers note that for both Volkswagen and Fiat, the vehicles’ Engine Control Unit is manufactured by automotive component giant Robert Bosch. Car manufacturers then enable the code by entering specific parameters.
Diesel engines pose special challenges for automobile manufacturers because their combustion process produces more particulates and nitrogen oxides than gasoline engines. To curb emissions from these engines, the vehicle’s onboard computer must sometimes sacrifice performance or efficiency for compliance.
The study draws attention to the regulatory challenges of verifying software-controlled systems that may try to hide their behavior and calls for a new breed of techniques that work in an adversarial setting.
“Dynamometer testing is just not enough anymore,” Levchenko said.
Authors: Guo Li, Kirill Levchenko and Stefan Savage from UC San Diego; Moritz Contag, Andre Pawlowski and Thorsten Holz from Ruhr University; and independent researcher Felix Domke.
This work was supported by the European Research Council and by the U.S. National Science Foundation (NSF).
- CSE Alumnus Leverages Machine Learning to Help Companies (and Hometown) Grow
UC San Diego computer science alumnus Matthew Der (Ph.D. ’15) was one of the few fresh graduates from the Computer Science and Engineering department who did not opt to work for a West Coast technology giant like Amazon, Microsoft, Facebook or Google (where he did two summer internships during graduate school). Instead, he returned home in September 2015 to the fast-growing RVA technology corridor (in Richmond, Virginia) to become a partner and Chief Technology Officer in Notch, a local tech consulting startup that was barely a year old.
“I love Richmond as a city and I am passionate about entrepreneurship and the technology community here,” said Der. “Part of Notch’s mission is to be a West Coast-caliber boutique tech consultancy in central Virginia. You don’t need to go to the Bay Area or NYC to find one.”
For the second year in a row, Notch was a finalist for the top Emerging Technology Business award given out by RichTech, an association of local technology businesses and tech professionals. Last year they came close, but at the 22nd annual Technology Awards show on May 10, Der and his colleagues were honored with the award for startups or small businesses demonstrating the ability to achieve commercial success.
Nearly 800 people attended the award ceremony at the Greater Richmond Convention Center.
Der credits his education in CSE for providing an important leg-up for success in any market. “It’s mostly the alignment of my expertise and the industry trend of artificial intelligence and machine learning,” explained Der. “Having a Ph.D. in machine learning is a big differentiator, especially in a mid-sized market. It immediately gave us street cred, sales material and conversation starters.”
As CTO, Der’s primary role is to oversee Notch’s data science and machine learning consulting. He is responsible for successful delivery of predictive solutions to Notch’s clients as well as internal training, and the company’s services are in strong demand from companies that need to use data more effectively to fuel business growth.
“In some sense we’re riding the AI wave with everyone else,” noted Der. “But we’ve found that while everyone is talking about the hype, many still don’t understand how their business can leverage AI to gain a competitive advantage.”
While in CSE Der focused on machine learning applications to security, and in particular, web page clustering and classification. He was involved in the AI, Systems and Networking as well as Security research groups under advisors Lawrence Saul, Geoff Voelker and Stefan Savage, and the Center for Networked Systems.
- Making Parsers More AccessiblePh.D. candidate Alan Leung (M.S. ’13) says he likes to create tools that “make it easier to build complex systems reliably.” These include a tool for automating the construction of parsers — programs that extract structure from strings — for context-free languages. Now, Leung is poised for the final defense of his dissertation on making parsers more accessible. He will defend his thesis in front of a panel chaired by his advisor in the Programming Languages group, CSE professor Sorin Lerner. The panel also includes CSE professors Ranjit Jhala and Ryan Kastner, as well as Math professor Samuel Buss and UCLA computer science professor Todd Millstein.
The title of Leung’s dissertation is “Constructing Parsers by Example via Interactive Program Synthesis,” and his defense is scheduled for Thursday, May 11 at 2PM in room 2217 of the CSE building. The examination is open to the public.Parsers are fundamental components of many software systems, including email clients, video games, spreadsheet programs, and relational databases. As a result, constructing parsers has become a ubiquitous programming task for developers in many domains, and not just for programming language experts.
According to Leung, existing tools for generating parsers assume a great deal of background knowledge in parsing and formal language theory, but “it is possible to make parsing more accessible by combining interactive visual feedback with the programming-by-example paradigm, wherein users synthesize programs simply by providing example inputs and outputs demonstrating the result of the intended computation.”In his dissertation, Leung presents novel algorithms for (a) constructing syntactic specifications by example, (b) constructing lexical analyses by example, and (c) visualizing progress toward parser completion. “We instantiate these algorithms in two graphical development environments we have implemented,” notes Leung in his abstract, referring to Parsify and its successor, Parsimony. “The latter’s central user interaction paradigm is that of programming-by example.” In a user study, he demonstrates that non-expert users show significantly better performance when using the new system.Prior to beginning the graduate program in CSE in 2010, Leung worked for five years at Intel designing cache systems on several generations of Itanium microprocessors. Before Intel, he did his undergraduate degree at Cornell University.
- Jacobs School, CSE Honor Recently Appointed Endowed Chair Holders
CSE and the Jacobs School of Engineering are celebrating two CSE professors who were awarded endowed chairs in the past year. The appointments of professors Tajana Rosing and Stefan Savage, both of whom are affiliated with the Center for Networked Systems (CNS), were previously announced, but now they will be honored at separate invitation-only receptions scheduled for May and June.
John J. and Susan M. Fratamico Endowed Chair
On Thursday, May 18 from 5:30-7:30PM, Jacobs School Dean Albert P. Pisano and CSE Chair Dean Tullsen will host a program and reception to celebrate CSE professor Tajana Rosing’s appointment to the John J. and Susan M. Fratamico Endowed Chair in the Jacobs School.
Rosing, who earned her Ph.D. from Stanford in 2001 while working at HP Labs, is the inaugural holder of the Fratamico chair, which was established in 2012. When the appointment was originally announced in September 2016, CSE’s Tullsen noted Rosing’s “creativity and approach to research [that] have had a deep impact on innovation in computer engineering.”
The computer engineering professor joined the CSE faculty in 2005. There, she established the System Energy Efficiency Lab (SEELab), which focuses on energy efficiency at many scales — from sensor nodes to data centers and from transport networks to power grids. Rosing’s research interests include embedded systems hardware and software design and the design of approximate and highly-efficient architectures. Currently Rosing works on efficient and distributed data collection, aggregation and processing in the context of Internet of Things applications, smart cities, wireless healthcare and the distributed Smart Grid for electricity.
Among her achievements, Rosing was able to optimize the design and operation of embedded systems to achieve 1,000 times more energy efficiency at the cost of a 10 percent inaccuracy (i.e., 10 percent error in computation). The real-world impact of her research has also stretched the battery life of smartphones and other electronic devices — and her work maximizes the quality of service in ‘smart’ servers while minimizing power consumption.
Irwin Mark and Joan Klein Jacobs Chair in Information and Computer Science
On Wednesday, June 7 from 5:30-7:30PM, Jacobs School Dean Pisano and CSE Chair Tullsen will host a reception to honor Savage, who holds the Irwin Mark and Joan Klein Jacobs Chair.in Information and Computer Science. The reception marks the first anniversary of Savage’s appointment to the chair in June 2016. The chair was newly empty following the retirement of CSE professor Ronald Graham, the previous holder of the Jacobs Chair.
The computer scientist – who co-directs CNS – joined the CSE faculty in 2000 in an acting capacity until he defended his dissertation at the University of Washington in 2002.
Much of Savage’s early research focused on operating systems. Already a Fellow of the ACM, he was honored again by ACM with its SIGOPS Mark Weiser Award in 2013. The award cited his “creativity and innovation in operating systems research.” The CSE professors other honors include the ACM-Infosys Foundation Award (2016) and a faculty research fellowship from the Alfred P. Sloan Foundation (2004).
Over time Savage expanded from operating systems and network security to cybersecurity, and he co-founded three research centers in the field: the Collaborative Center for Internet Epidemiology and Defense; the Center for Evidence-based Security Research; and the Center for Automotive Embedded Systems (to focus on security in the increasingly automated automotive sector).
Both programs and receptions will take place at the Calit2 Auditorium in Atkinson Hall. In addition to being CNS members, both Rosing and Savage are academic participants in Calit2’s Qualcomm Institute.
- CNS Researchers Help Google Fight Abusive Pins on Google Maps
A partnership between computer scientists in the Center for Networked Systems (CNS) at UC San Diego and Google has allowed the search giant to reduce by 70 percent fraudulent business listings in Google Maps. The researchers worked together to analyze more than 100,000 fraudulent listings to determine how scammers had been able to avoid detection-albeit for a limited amount of time-and how they made money.
The team presented their findings at the 26th International Conference on the World Wide Web in Australia earlier this month.
The computer scientists identified what they describe as a “new form of blackhat search engine optimization that targets local listing services” such as Google Maps. They also describe how these scammers were able to make money.
“Location-based search is increasingly becoming the way people interact with online content-even if you’re not using a mapping application,” said Alex C. Snoeren, a professor in the Department of Computer Science and Engineering at UC San Diego and a senior author of the study.
For example, when people run a search on their mobile phone, the search engine uses their physical location as one of the inputs to decide which results to display, Snoeren explained.
The scammers take advantage of this by using fake locations to make it look like their business is in close proximity to the user doing the search. This was particularly true of on-call contractors, notably plumbers and locksmiths. Researchers found that 40 percent of all fake listings on Google Maps belong to that category.
“I might find seven listings for locksmiths in my neighborhood,” said Danny Huang, the paper’s first author and a Ph.D. student in computer science at the Jacobs School of Engineering at UC San Diego. “But in fact, none of those listings are real.”
In all, researchers found that 11 percent of overall search results for locksmiths were fraudulent. In New York, that percentage went up to 15.6 percent. And it went up to an astonishing 83.3 percent in West Harrison, New York.
Scammers are able to make money when they get called to help a user based on a fake listing. Scammers might quote a low price when called on the phone, only to charge a higher fee when they show up. They might not be licensed but get the business anyway.
In another scheme, scammers set up fake pins for real hotels or restaurants on Google Maps. They set up websites where customers make reservations, which are connected to the business’ real website or to a travel agency, which is not part of the scam. This allows scammers to make money either by getting a commission for each reservation or for referring traffic to the businesses’ real websites. The researchers found that roughly 13 percent of the fraudulent listings had real hotel and restaurant addresses, but were not created by these businesses.
All these fraud schemes were possible primarily because scammers found a way to get around Google’s verification process.
Businesses can register for Google Maps online for free. But before a listing goes live, Google sends a postcard with a verification code to the business’ address. The business inputs this verification code and the listing is then approved to go live.
Partly thanks to these measures, Google is able to detect 85 percent of fake listings before they even appear on Google Maps. The fake listings that make it past the verification process are taken down within an average of 8.6 days between creation and suspension.
Scammers got around verification requirements mainly by leasing PO boxes and using those addresses to receive their verification codes. They also added fake suite numbers to a specific address so Google wouldn’t get suspicious about a large number of businesses located at the same address. Researchers note that there are legitimate reasons for a large number of businesses to have the same address—big office buildings in Manhattan come to mind.
Researchers also noted that a large percent of fraudulent listings changed their address or the category they belonged to (from hotel to locksmith, for example) after verification.
To tamp down on abuse, Google has taken a number of measures, which the company details in a post on its research blog. Steps include: prohibiting bulk registration at most addresses; preventing businesses from changing their addresses to a location that is impossibly far from the original without additional verification; and detecting and ignoring intentionally mangled text in address fields designed to confuse Google’s algorithms. The company also fine-tuned its anti-spam machine learning systems to detect data discrepancies that are common in fake or deceptive listings.
The research was partially funded by a grant from the National Science Foundation.
*D.Y. Huang, D. Grundman, K. Thomas, A. Kumar, E. Bursztein, K. Levchenko and A.C. Snoeren, “Pinning Down Abuse on Google Maps,” Proc. of the International Conference on World Wide Web (WWW), April 3-7, 2017, Perth, Australia.
- Recent Computer Science Faculty Hire Joins Center for Networked Systems
Arun Kumar Works on Advanced Analytics at Intersection of Data Management and Machine Learning
On April 3, Computer Science and Engineering (CSE) assistant professor Arun Kumar began teaching his first undergraduate course since joining the UC San Diego faculty in 2016. CSE 190D covers topics in database system implementation, and it’s a hands-on, systems-focused course and the first at UC San Diego to teach the systems guts of a relational database management system (DBMS).
“Faculty in our Database group hope that this course will eventually be mainstreamed as 132C,” said Kumar. “It would complete a solid triad of database courses for undergraduates covering principles, applications and, finally, implementation.”
Kumar joined CSE after completing his Ph.D. at the University of Wisconsin-Madison last summer, with a focus on datamanagement and analytics. His research explores the intersection of data management and machine learning (ML), an area increasingly called advanced analytics. He also aims to create a pipeline of students coming into this burgeoning field – and the subject of the first graduate course he taught, CSE 291, during the winter quarter. “Advanced analytics is a brand-new field and companies require a lot of talent in this space,” he observed. “The dearth of engineers who understand machine learning is staggering, and a lot of companies are offering large salaries for people who understand software engineering, data systems and machine learning under the now-famous job title — data scientist.”
Advanced analytics is also the subject of a presentation Kumar will give for the Center for Networked Systems (CNS) on Tuesday, April 11 at 1pm in room 4140 of the CSE Building. His talk, “Democratizing Distributed Advanced Analytics,” will explore large-scale data analytics using statistical machine learning and how they are becoming increasingly critical for many data-driven applications.
“The data management, machine learning and systems communities are working on scalable and fast implementations of ML algorithms,” said Kumar. “However, several orthogonal bottlenecks in the end-to-end process of building and deploying ML models for data analytics have largely been ignored, leading to wasted resources and poor productivity of data scientists.”
CNS’s newest member will introduce three new projects to his audience and he hopes to solicit critical feedback. Kumar also foresees more collaborations with CNS and other CSE faculty. With CSE Prof. Kamalika Chaudhuri, he is already collaborating on the issue of differential privacy for machine learning. He is also working with two other CNS members: CSE Prof. Tajana Rosing, on understanding the tradeoffs facing machine-learning algorithms in the Internet of Things; and CSE Prof. Ranjit Jhala, on applying program analysis to bring new data-driven optimizations to advanced analytics codebases. As for other collaborators in CSE, Kumar is collaborating with CSE Prof. Lawrence Saul and fellow new hire, CSE Prof. Ndapa Nakashole, on using speech recognition to improve database usability.
“A couple of my upcoming projects will involve working on top of popular, distributed machine learning and data-processing systems such as Spark and TensorFlow to exploit the massive parallelism they offer for new abstractions that I create,” said Kumar. “I suspect this will eventually get me digging into the internals of these networked systems and perhaps optimizing them for the workloads that I care about. This could involve publishing with CNS co-authors, so becoming a member of the center seemed a no-brainer.”
Kumar wants to make it easier and faster to build and use ML algorithms to analyze large and complex datasets. “My work over the next few years is going to focus on building tools, software and abstractions to make it easier to use machine learning in practice,” he predicted. “I want to do so from the perspective of the data scientist’s productivity, the runtime performance and research efficiency, as well as other issues such as privacy.”
Kumar notes that systems and ideas based on his dissertation and research at UW-Madison have been released as part of the MADlib open-source library, used internally by Facebook, LogicBlox and Microsoft, and shipped in products from EMC, IBM, Oracle and Cloudera. “It’s been nice to work with industry about the practical applications of my work,” he noted. ““The practical relevance of my work can impact what people do today and from them I can learn what the challenges tomorrow will be, and how we as computer-science researchers can stay one step ahead by anticipating what comes next.”
Kumar’s dissertation focused on training machine learning models based on data sets from multiple tables. “Data scientists usually combine all these tables into a massive single table,” he said. “These operations are called relational joins, and specifically key-foreign-key joins. Now the single table contains all the attributes of all the tables. This was the state of the art before I looked at this problem.”
Yet as Kumar confirmed, joining multiple tables together introduces redundancy into the data. “Consider a popular application of machine learning in enterprise domains: predicting customer churn,” he suggested. “You have a customers table joined with, say, a table about employers and another table about areas indexed by zip code. You could have a thousand customers employed by the same company, which means the record with the employer’s attributes (called its feature vector), gets repeated a thousand times after the join. The same could happen with the zip codes.” Result: the output of this join could be several times bigger than the input data. In one case at Microsoft, Kumar recalls, once they joined all their input tables for a Web security-related ML task to make one massive table, it blew up by a factor of ten. “A task that should have taken half an hour ended up taking a whole day on the cluster because the team overshot the storage space allotted to them — bringing down the shared cluster,” observed Kumar. “So storage becomes a major issue, as does the extra time wasted by the redundant computations performed by an ML algorithm over the redundant data.”
Kumar’s dissertation came up with two orthogonal new techniques. The first technique, called ‘avoiding the join physically,’ pushes down the machine learning computation to the input data in a multi-table format rather than having a single table with all the attributes. The challenge was to do so without affecting the accuracy of the ML model’s predictions. “That is a guarantee we provide and we have a proof for it,” confirmed Kumar. “Weff proved that the accuracy is unaffected. This mitigates the storage issue, because you don’t need the single table, and it mitigates the maintenance issue because you operate on the data as-is, and it mitigates the performance issue because you save a lot of runtime when you operate on the smaller input of the joins.”
One additional benefit of Kumar’s new paradigm: “Today many of the computations for machine learning happen in the cloud,” he said. “You purchase storage or computation runtime, and by reducing both, users can save a lot of money as well.”
The second part of his thesis focused on omitting unnecessary tables. “We showed that in many settings, for many ML models, some tables can be completely ignored,” explained Kumar. “We call it ‘avoiding the join logically’ because we are pretending that a table doesn’t even exist. If you omit a table, your runtime goes down, your storage goes down, and the data scientist’s productivity can go up because you have fewer tables and fewer attributes to manage.”
Kumar showed that prediction accuracy without the omitted table not only does not go down, but the runtime accelerates by two orders of magnitude – i.e., making the computation up to 100 times faster.
Among his many honors, Kumar received a 2016 Google Faculty Research Award, and the same year took home a graduate student research award from the University of Wisconsin for his dissertation research. He was also a recipient of the Best Paper award at SIGMOD 2014.
Kumar recognizes that he joined UC San Diego at an important turning point for anyone working in the general field of data science. CSE is about to launch its first major and minor in Data Science and Engineering, and the campus is developing a Data Science Institute thanks to a $75 million gift from CSE lecturer and alumnus Taner Halicioglu, announced last week. “I am excited that UC San Diego is taking data science seriously,” mused Kumar. “Democratizing data science is a grand challenge that transcends disciplines and requires bridging the gaps between the fields of data management, systems, machine learning, statistics, math, human-computer interaction, and several other fields, including myriad application domains. The generous gift from our alumnus is truly spectacular and I hope it will help accelerate UC San Diego’s research and education in this important area.”
Meantime, Kumar will focus on his teaching and research, and recruiting graduate students for his lab. Two M.S. students from his Winter 2017 course on advanced analytics are now working as research assistants in his group. “I had set a tough filter for enrollment: reviewing a research paper and answering some open-ended research questions,” he said. “This seems to have scared away many students but it ensured a high-quality atmosphere in class. Some of the students even managed to submit research papers on their course projects, one to KDD and another to a SIGMOD workshop, which has already been accepted, while two more are working on solidifying their work for submission to VLDB/SIGMOD. These are all top venues in this research area.”
In addition to teaching the undergraduate course on implementing relational database management systems, this Spring Kumar is also organizing a CSE 290 seminar for grad students on Advanced Data Science. For the seminar, students will read and present papers and articles on advanced data science applications and tools.
Arun Kumar Website
Computer Science and Engineering, University of California San Diego
CSE 190 Topics in Database System Implementation
CSE 290 Seminar on Advanced Data Science
CSE 291 Topics in Advanced Analytics
- Computer Scientists Honored for ‘Tracing’ Research That Stood 10-Year Test of Time
Faculty from UC San Diego, Brown University, and UC Berkeley Share in Networked Systems Award
At the USENIX Symposium on Networked Systems Design and Implementation (NSDI) this week in Boston, Mass., a team of researchers accepted an award for the most influential paper among those presented a decade ago at the annual conference. The 2017 NSDI Test of Time Award was presented during a luncheon on March 26 to two former graduate students at UC Berkeley who co-authored the paper published at NSDI 2007, along with their three UC Berkeley advisors.
Rodrigo Fonseca and George Porter are now professors of computer science, respectively, at Brown University and theUniversity of California San Diego. They accepted the award for their paper*, “X-Trace: A Pervasive Network Tracing Framework,” along with one of their former advisors, professor Ion Stoica. (Other co-authors on the paper – UC Berkeley professors Randy H. Katz and Scott Shenker – did not attend the award ceremony.)
Porter and Fonseca were still at UC Berkeley when they worked on the original paper. “We wrote X-Trace while we were Ph.D. students,” recalled Porter. “It was really an honor to work with my colleagues on this project, which formed the basis of Rodrigo’s and my Ph.D. dissertations.” Stoica remains a professor of computer science in the Electrical Engineering and Computer Science department of UC Berkeley. (It’s not Stoica’s first Test of Time award: he received the SIGCOMM Test of Time Award in 2011.)
Modern Internet systems often combine different applications, span different administrative domains, and function in the context of network mechanisms (tunnels, VPNs, overlays and so on). In their 2007 paper, the co-authors argued that “diagnosing these complex systems is a daunting challenge.” “Many diagnostic tools existed at the time, but none existed for reconstructing a comprehensive view of service behavior,” said Brown’s Fonseca.
X-Trace was not the first tracing framework, but it was influential given that it was effectively the first framework for end-to-end tracing to focus on generality and pervasiveness. “It was based on the observation that an increasing number of systems would be built from heterogeneous components, built and operated by different people,” explained Fonseca. “In contrast, existing tracing frameworks required a specific language, or were targeted to a particular system.”
The researchers implemented X-Trace in protocols and software systems, and in their prize-winning paper, they set out to explain three different use scenarios: domain name system (DNS) resolution; a three-tiered photo-hosting website; and a service accessed through an overlay network.
Hari Balakrishnan, who co-chaired NSDI in 2007, broke the news of the Test of Time Award to the recipients. “We’re very pleased to share that your X-Trace paper from NSDI 2007 has been selected for an NSDI Test of Time Award,” he wrote. “The award honors a paper published ten years earlier at NSDI with retrospectively the most impact on research or practice.”
Indeed, the X-Trace paper has proved to be prescient – in both research and practice. “Today many Internet-scale backend systems are built using a ‘microservices’ approach, with hundreds of loosely connected components tied together to offer larger services,” noted Porter. “Debugging these systems effectively requires what X-Trace provided: the ability to correlate events in one component to events in other arbitrary components, even if they were many steps far removed from the first.”
The rapid adoption of tracing began with Google’s introduction of Dapper in 2010 (see graphic), which offered a similar primitive to X-Trace. Twitter’s Zipkin and Cloudera’s HTrace were open-source implementations of Dapper. Another current competitor in the market, called Traceview, also has X-Trace in its DNA after a series of startups and acquisitions dating back to 2010.
“By 2015 many companies such as Netflix, Baidu, Uber, Facebook and Etsy were deploying internal trace solutions very similar to our ideas presented in the X-Trace paper,” observed Fonseca. “And the interest persists in a rather recent initiative called OpenTracing, which is trying to standardize end-to-end tracing.”
The NSDI award is not Fonseca’s first for his work on tracing: he co-authored a paper on ‘pivot tracing’ that received a Best Paper award at the 2015 Symposium on Operating Systems Principles. That same year, Fonseca won an NSF CAREER Award for his work on ‘causal tracing’ to elucidate understanding of the performance of distributed systems. (Causal tracing covers a wide variety of tracing systems and frameworks, including X-Trace itself, as well as Dapper, Zipkin, HTrace, and many others.)
“It’s becoming increasingly difficult to understand how a system behaves, and, especially, how and why it fails,” said Fonseca. “Causal tracing is a technique that captures the causality of events across all components, layers and machines, and it eases the task of understanding complex distributed systems.”
Now a co-director of UC San Diego’s Center for Networked Systems (CNS), George Porter’s research encompasses the fields of computer networking, data-intensive computing and computer systems, with a specific focus on data center networking. “I work to reduce the barrier to developing, deploying and managing applications that are able to process massive amounts of data,” said Porter. “At the same time, we aim to ensure that the resulting systems are practical, low-cost and energy efficient.”
Porter also received an NSF CAREER Award (in 2016) for work on a scalable multiplane data center network. He plans to demonstrate a hybrid electrical-optical network topology that will scale to hundreds of thousands of servers – at link rates reaching 1.6 terabits per second.
Meanwhile, the excitement surrounding tracing continues unabated. In 2017, for example, Amazon has released X-Ray, which offers distributed tracing for Amazon Web Services, and another company, Datadog, also released an end-to-end tracing product earlier this year.
*Rodrigo Fonseca, George Porter, Randy H. Katz, Scott Shenker, Ion Stoica, “X-Trace: A Pervasive Network Tracing Framework , Proc. 4thUSENIX Conference on Networked Systems Design and Implementation (NSDI), April 2007, Cambridge, MA.
- CNS Espresso Prize for Excellence in Networking 2017 Awardee
Every academic year, the Computer Science and Engineering department offers the class CSE 123, Computer Networks. In this class, students are introduced to concepts, principles, and practice of computer communication networks with examples from existing architectures, protocols, and standards. Students are expected to complete a final project showing how they use the concepts they have learned to resolve a problem posed by the instructor.
Dr. George Varghese, a former CSE professor, taught CSE 123 for almost a decade and always enjoyed seeing the many ways that students implemented their final projects. When Dr. Varghese departed from UC San Diego in 2013, he left behind a gift to fund an annual prize to be awarded to the students who produce the best final projects in CSE 123.
The CNS Espresso Prize for Excellence in Networking is awarded by the current professor for CSE 123, Alex C. Snoeren, based upon criteria set by him for the given final project assigned each year. Professor Snoeren awarded the prize this year to UCSD undergraduate student Yihan Zhang for his outstanding final project.
Previous Recipients of the CNS Espresso Prize for Excellence in Networking:
2016 Undergraduate recipient: Conner Johnston
2014 Undergraduate recipient: Aaron Yip Ming Wong
2014 Visiting Undergraduate recipient: Matheus Venturyne Xavier Ferreira
2013 Undergraduate recipient: Jacob Maskiewicz
2013 Graduate recipient: Vidya Kirupanidhi
- Using Batteries to Cut Utility Costs
CNS postdoctoral researcher Alper Sinan Akyurek developed an algorithm for controlling batteries that can decrease the utility cost of an actual building by up to 50 percent compared to a building powered without the use of batteries.
Akyurek (Ph.D. ’17) – who completed his doctorate in January – still works in the Systems Energy Efficiency Laboratory of CSE Prof. Tajana Rosing (who has an adjunct appointment in Electrical and Computer Engineering, Akyurek’s previous department). Together they published their findings in a paper on “Optimal Distributed Nonlinear Battery Control” in the December 2016 issue of the IEEE Journal of Emerging and Selected Topics in Power Electronics*.
As the researchers noted in their article, energy storage systems enable on-demand dispatch of energy to compensate for volatility in the generation and consumption — supply and demand — for power. “Our optimal distributed battery control handles multiple batteries with low computational complexity,” they noted.
Compared to previous work, they used a higher-accuracy nonlinear battery model with only two percent error. “We show in a case study that optimal algorithms designed for a linear battery model induce an error of up to 60 percent in terms of cost reduction… [while] for the case of a constant load profile, we show that this error exceeds 150 percent,” said Akyurek.
Comparing the latest algorithm to the state-of-the-art load-following battery management technique, the new algorithm produced a 30 percent improvement in utility cost. Furthermore, the algorithm obtains the solution for multiple batteries in a decentralized way with guaranteed convergence.
Funding for the control research came from TerraSwarm, one of six centers of the Semiconductor Research Corporation’s STARnet program funded by the Defense Applied Research Projects Agency (DARPA), Microelectronics Advanced Research Corp. (MARCO) and DARPA-E (for Energy). SRC is backed by companies including Intel, IBM, Micron and Texas Instruments. Professor Rosing co-led TerraSwarm’s Smart Cities effort, on which Akyurek worked for three years until it ended in October 2015.
Akyurek’s primary research related to CNS involves context-aware optimization in Internet of Things (IoT) systems. His research extends to optimized control in the Smart Grid for energy efficiency, and he has developed a range of control algorithms for purposes ranging from communication and prediction to controlling energy storage.
Prior to his Ph.D. at UC San Diego, the postdoctoral researcher completed his B.Sc. (’08) and M.Sc. (’11) at Middle East Technical University in Ankara, Turkey, where he was a member of its Communication Networks Research Group. Akyurek also worked as a senior design engineer on wireless networks for the Turkish company, Aselsan, Inc., before enrolling at UC San Diego.
Looking to the future, Akyurek hopes to continue his current line of research. “We are working to extend our optimal nonlinear distributed control solution to other areas in the Smart Grid,” he noted. “We want to modify it for use in other Internet of Things ecosystems such as sensor networks, user-in-the-loop control systems, and managing the maintenance of devices.”
*A.S. Akyurek and T. Simunic Rosing, “Optimal Distributed Nonlinear Battery Control”, IEEE Journal of Emerging and Selected Topics in Power Electronics, December 2016.
- Center for Networked Systems Adds New Faculty Members
The Center for Networked Systems (CNS) at the University of California San Diego now has 22 faculty membersfollowing the addition of two new professors to its ranks. Both newcomers – Deian Stefan and Aaron Schulman – joined the Computer Science and Engineering (CSE) faculty as assistant professors recently, with Stefan starting to teach last fall, and Schulman this winter.
“Professors Schulman and Stefan both work in the systems area, but their research interests also go well beyond networked systems,” said CNS co-director George Porter. “Both share an interest in secure systems. Schulman’s interests extend to embedded systems and even operating systems, and Stefan’s other major research focus is on programming languages. Both have a lot to bring to CNS’s research agenda.”
While still doing a postdoc at Stanford, Aaron Schulman founded a company called Mellow Research, LLC, to build BattOr, a power monitor he invented to track how much energy different features of applications use while running on mobile phones. For his part, Deian Stefan delayed his start at UC San Diego by a year to finish launching a web security startup called Intrinsic (formerly GitStar), in which he continues to hold the part-time job of Chief Scientist. “At Intrinsic we’ve been transferring research into practice by building systems, tools and languages that ultimately make it easier for developers to build and deploy Node.js web applications with minimal trust,” said Stefan.
Both Stefan and Aaron Schulman came to UC San Diego from Stanford University. Stefan earned his Ph.D. in Computer Science in 2015, while Schulman was a postdoctoral researcher from 2013 to 2016 in the lab of Stanford professor Sachin Katti. Schulman earned his Ph.D. from the University of Maryland, College Park, in 2013 (with a thesis on the reliability of Internet last-mile links that later won him the SIGCOMM Doctoral Dissertation Award).
According to Stefan, his primary research interest is in “building principled and practical secure systems.” He builds browsers and language runtime systems by applying programming language techniques and analysis. Among the secure systems Stefan has also helped to build: a secure package manager; a browser confinement system designed for modern web applications; a security-centric framework for building web platforms; a dynamic information flow control system; and a programming language for writing secure, constant-time code.
The professor serves as editor of the COWL specification, and he participates more broadly in developing specs as a member of the W3C WebAppSec and Node.js Security working groups. “By working on specifications,” said Stefan, “we’re trying to broadly influence browser and runtime systems that will ultimately make the web a safer place.”
Schulman started on July 1, 2016, but delayed making the move from Palo Alto until late in the year. As of this winter, he is teaching his first course at UC San Diego — a graduate-level course on topics in mobile computing and communication (CSE 291).
In his syllabus for the course, Schulman notes that students are learning about the challenges facing smartphones, wearables and smart devices that have overtaken PCs as the dominant platform for computing and communication. “Mobile devices have severely constrained energy capacity, their network connectivity is exclusively provided by unreliable, bandwidth-constrained wireless links, and they carry a standard set of sensors that are seemingly insufficient for certain applications and also can inadvertently leak private information about their users,” explained Schulman. “We discuss research that addresses the challenges introduced by the mobile platform by blurring the lines between traditional research areas in computer science.”
In past work, Schulman has improved the efficiency of wireless networks, cellular network flexibility, and the energy efficiency of mobile applications. He also quantified residential Internet network reliability, made progress in securing the web’s public key infrastructure, and identified privacy leaks in mobile devices.
- Former CSE/CNS Professor Elected to National Academy of Engineering
Former UC San Diego computer science and engineering and Center for Networked Systems professor George Varghese has been elected to membership in the National Academy of Engineering. He is among the 84 new U.S. members (and 22 foreign members) elected to the organization in 2017. Varghese was cited for his contributions to “network algorithmics that make the Internet faster, more secure, and more reliable.”
Varghese — who was on the UC San Diego faculty from 2000 to 2012 — is currently a Chancellor’s Professor in the Department of Computer Science at UCLA. He returned to the University of California in August 2016, roughly four years after stepping down from his full professorship at UC San Diego to work for Microsoft Research in Silicon Valley.
More than a decade ago, while still at UC San Diego, Varghese took a leave of absence in 2004 to co-found NetSift, Inc., with his Ph.D. student Sumeet Singh (Varghese as president, Singh as NetSift’s chief scientist). The company developed automated techniques for learning and detecting attack signatures. Barely one year later, NetSift was acquired by Cisco Systems in 2005, and Varghese extended his faculty leave to help Cisco transition the NetSift technology to a 20-Gigabit-per-second chip called Hawkeye. (Singh went on to work for Cisco for seven years.) CNS co-director Stefan Savage co-authored some of the early work on the NetSift technology, as did Varghese’s Ph.D. student Cristian Estan, who is now at Google.
Among Varghese’s honors, he received the Koji Kobayashi Award for Computers and Communications in 2014 for his work in network algorithmics and its applications to high-speed packet networks. The same year, he received the SIGCOMM Lifetime Award for “sustained and diverse contributions to network algorithmics, with far-reaching impact in both research and industry.”
Varghese completed his Ph.D. at MIT in 1993, after doing his Master’s degree at North Carolina State. He did his undergraduate work at the Indian Institute of Technology (IIT) Bombay, which awarded Varghese its Distinguished Alumnus Award in 2015. In 2002 he was elected a Fellow of the ACM.
- CNS Invites Applications for Second Alan Turing Memorial Scholarship; Feb. 6 Deadline
The Center for Networked Systems (CNS) in UC San Diego’s Jacobs School of Engineering is once again looking for an undergraduate student who is interested in networked systems – and also active in supporting the LGBT community. “Our goal is to use this scholarship to further boost diversity and inclusiveness in the field of systems and networking and give undergraduates an opportunity to work on top-notch research projects before they get to grad school,” said CNS co-director George Porter, a professor in the Computer Science and Engineering department.
CNS has invited undergraduates to apply for its Alan Turing Memorial Scholarship for the 2017-2018 academic year. The scholarship will be awarded this spring to a student majoring in a field that touches on networked systems, including computer science, computer engineering, public policy, communication or related programs.
According to Porter, CNS will give preference to “students with demonstrated academic merit, financial need and experience or interest in research.”
All applications must be submitted through the online application at https://ucsd.academicworks.com/ . Anyone with questions about the application process can get more information through the UC San Diego Scholarship Office by emailing to firstname.lastname@example.org . The application deadline is no later than Monday, February 6, 2017.
In addition to the $10,000 scholarship, the recipient will have the opportunity to carry out guided research under the direction of one of CNS’s faculty mentors.
The scholarship pays homage to Alan Turing, the British mathematician and founder of the computer science field whose code-breaking work contributed substantially to the Allied victory in World War II (notably by breaking Germany’s Enigma code). Turing’s brilliant career was tragically cut short after the war, when he suffered outright persecution for his activities as a gay man. He died by suicide in 1954.
CNS is also making it easier for alumni, staff and other potential donors to give to the Alan Turing Memorial Scholarship fund with an outright gift or a payment pledge. Donations can be made online through the UC San Diego Online Giving portal. To give to the scholarship program, make your gift online at https://giveto.ucsd.edu/make-a-gift?id=a6a587f2-5000-4ca5-b643-ca84554e61bd&ct=t .
The first recipient of the $10,000 scholarship, Valeria Gonzalez, received the award last spring for the 2016-2017 academic year. “It’s great to see the CNS is taking the initiative to highlight the importance of bringing diversity to computer science and engineering beyond ethnicity and the gender binary,” said Gonzalez on receiving the inaugural award. “The LGBT community encompasses people with an array of talents and abilities, people such as Alan Turing himself… and knowing that your LGBT identity is acknowledged and accepted not only lets you direct all your focus into working hard but also allows you to connect more with the community you’re part of.” A transfer student from Cypress College, a community college near Los Angeles, Gonzalez has been an undergraduate student researcher in the Integrated Electronics and Biointerfaces Laboratory of Electrical and Computer Engineering professor Shadi Dayeh. She has also been a leader in the UC San Diego Women’s Center, which promotes an inclusive and equitable campus community through the educational, professional and personal development of diverse groups of women.
- CNS at NSDI 2017: Innovating in Networked Systems
Researchers affiliated with the Center for Networked Systems (CNS) at the University of California San Diego have been selected to present some of their most up-to-date research at the 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2017).
NSDI focuses on the design principles, implementation and practical evaluation of networked and distributed systems. The annual conference will take place March 27-29, 2017, in Boston, MA, and four papers with co-authors from CNS and the Computer Science and Engineering (CSE) department of the Jacobs School of Engineering have been accepted for submission to the prestigious meeting.
CNS co-director George Porter co-authored two of the papers. “NSDI is one of the most important conferences for us, because just like CNS, the symposium brings together researchers from across the networking and systems community,” said Porter. “Our papers accepted to the 2017 symposium are in line with NSDI’s stated goal of pushing architectural boundaries of network services, and promoting the research dialogue on networked systems.”
CSE Ph.D. student Michael Wei and CSE professor Steven Swanson have co-authored with VMware Research (where Wei is currently a researcher) and Princeton University a paper on “vCorfu: Large-Scale Data Stores over a Shared Log.”
vCorfu is a strongly consistent, cloud- scale object store built over a shared log. It augments the traditional replication scheme of a shared log to provide fast reads, and vCorfu leverages a new technique – composable state machine replication – to compose large state machines from smaller ones. “This enables the use of state machine replication to be used efficiently in huge data stores,” said Wei. “We will show that vCorfu outperforms Cassandra, the popular, state-of-the-art NoSQL database for cloud apps It does so while also providing strong consistency in opacity and read-own-writes, efficient transactions, and global snapshots at the scale of the cloud.”
vCorfu is available as an open-source project on Github at github.com/CorfuDB.
Datacenter Fault Detection
CSE Ph.D. student Arjun Roy expects to complete his doctorate in 2017, and he collaborated with his advisor, CSE professor Alex C. Snoeren, on the paper to be presented at NSDI on “Passive Realtime Datacenter Fault Detection.” It reflects joint work with Facebook researchers Hongyi Zeng and Jasmeet Bagga, who are also co-authors on the paper. (The two Facebook engineers previously co-authored a paper at SIGCOMM 2015 with Roy and professors Snoeren and Porter on “Inside the Social Network’s (Datacenter) Network”.) Roy also did internships at Facebook in the summers of 2012, 2013 and 2014.
According to the paper’s abstract, “datacenters are characterized by their large scale, stringent reliability requirements, and significant application diversity. However, the realities of employing hardware with small but non-zero failure rates mean that datacenters are subject to significant numbers of failures, subsets of packets can be dropped or delayed without triggering a fault signal, so traditional fault detection techniques (involving end-host or router-based statistics) may not identify such errors.
In their paper, Roy and Snoeren describe how to expedite the process of detecting and localizing partial datacenter faults. It uses an end-host method generalizable to most datacenter applications. “We correlate transport-layer flow metrics and the delay incurred by network-input/output system calls at end hosts with the path that traffic takes through the datacenter,” said Roy. “Then we apply statistical analysis techniques to identify outliers and localize the faulty link and/or switch or switches.
The paper will detail how the researchers evaluated their novel approach in a production datacenter (Facebook’s) carrying a workload servicing more than 100 million users.
In light of the massive explosion in video content on the Internet and for virtual reality, a team of two CSE Master’s students advised by professor George Porter has come up with a new approach to processing video with minimal delays. Second-year M.S. student Karthikeyan Vasuki Balasubramaniam (who is Porter’s teaching assistant this quarter in CSE 124 on Networked Services) and recent graduate Rahul Bhalerao (M.S. ’16) have had experience in industry (both at Amazon — Balasubramaniam as an intern at Amazon Prime, and Bhalerao currently working at Amazon Web Services).
The paper accepted to NSDI is entitled “Encoding, Fast and Slow: Low-Latency Video Processing Using Thousands of Tiny Threads.” In it, the researchers describe ExCamera, a system that can edit, transform and encode a video, including ultra-high-resolution 4K video (four times the resolution of high-definition TV) and stereoscopic virtual reality (VR) material, dozens of times faster than cutting-edge production systems at the largest providers.
The co-authors lay claim to two major contributions. First, “our coauthors at Stanford developed a novel encoding strategy focusing on fine-grained parallelism, which is rather unique in the encoding space,” explained Balasubramaniam.
Separately, noted Bhalerao, “ExCamera orchestrates encoding and other video-processing pipelines across the Amazon Web Services Lambda service. The system invokes thousands of threads in parallel, each handling only a fraction of a second of the video.” The UC San Diego was done in collaboration with researchers at Stanford University.
MegaSwitch is a multi-fiber ring optical fabric that exploits space-division multiplexing across multiple fibers non-blocking communications that can be rearranged to 30-plus racks and 6,000-plus servers. CNS’s George Porter co-authored the paper on “Enabling Widespread Communications on Optical Fabric with MegaSwitch” with researchers at the Hong Kong University of Science and Technology, SUNY Buffalo, Yale University as well as Omnisense Photonics and CoAdna Photonics. (No UC San Diego students worked on the paper.)
According to Porter, “we were seeking an optical interconnect that can enable unconstrained communications within a computing cluster of thousands of servers.” Indeed, existing wired optical interconnects are not ideal for widespread communications in production clusters, and recent efforts to reduce the time it takes to reconfigure the optical circuit from milliseconds to microseconds only partially mitigated the problem (by rapidly time-sharing optical circuits across more nodes).
“We were still limited by the total number of parallel circuits available simultaneously,” explained Porter. “However, we wanted to evaluate the potential of WDM to scale to a large number of endpoints.”
USENIX Symposium on Networked Systems Design and Implementation http://www.usenix.org/conference/nsdi17
Computer Science and Engineering Department http://cse.ucsd.edu/about/news/uc-san-diego-center-nsdi-2017-innovating-networked-systems
- KC Claffy among “10 Women to Know in Networking/Communications”
CNS faculty member and principal investigator/founding director of the Center for Applied Internet Data Analysis (CAIDA) at the San Diego Supercomputer Center (SDSC), KC Claffy, has been named to the second annual “10 Women in Networking/Communications That You Should Know” list.
Now in its second year, the list is compiled and coordinated by N2 Women (Networking/Networking Women), a discipline-specific community for researchers in the communications and networking research fields. The organization’s main goal is to foster connections among under-represented women in computer networking and related research fields. The full list of this year’s award recipients can be found here.
Nominations are solicited both from the N2Women community as well as through several mailing lists related to networking and communications. More than 150 people from around the world submitted nominations, resulting in over 140 distinct names of accomplished women in the field, according to the organization.
A committee of five N2 Women board members selected this year’s 10 honorees. “Many people from around the world submitted one or more nominations for this list, and it was very difficult to choose only 10 amazing women,” said Oana Iova, a postdoctoral researcher in the D3S research group with the Department of Information Engineering and Computer Science (DISI) at the University of Trento, Italy , and the awards co-chair who led the nomination and selection processes this year. “We focused on women who have had a major impact in networking and/or communications. We also wanted a list that reflected presented our diversity, and specifically the diversity in the area of networking/communications.”
“I am honored to join such a distinguished group on this year’s N2 Women’s list,” said Claffy, who founded CAIDA in 1997 as a collaboration among commercial, government and academic research sectors to promote greater cooperation in the engineering and maintenance of a robust, scalable global internet infrastructure. “I encourage other women working in networking and communications to attend or help organize an N2Women event at their next ACM, IEEE, or other relevant conference or workshop.”
Today, CAIDA’s research interests include internet cartography, or detailed analyses of the changing nature of the Internet’s topology, routing and traffic dynamics. CAIDA also investigates the implications of these changes on network science, architecture, infrastructure security and stability, and public policy.
Earlier this year CAIDA was awarded a $1.4 million grant from the U.S. Department of Homeland Security to demonstrate and illuminate structural and dynamic aspects of the Internet infrastructure relevant to cybersecurity vulnerabilities. These aspects include macroscopic stability and resiliency analyses, grey markets for IPv4 addressing resources, and on-demand router-level topology inference.
In 2015, Claffy received the IEEE Internet Award for her “seminal contributions to the field of Internet measurement, including security and network data analysis, and for distinguished leadership in and service to the Internet community by providing open-access data and tools,” according to a notice published by the institute .