Talk

J. K. Aggarwal is on the faculty of The University of Texas at Austin College of Engineering and is currently a Cullen Professor of Electrical and Computer Engineering and Director of the Computer and Vision Research Center. His research interests include computer vision, pattern recognition and image processing focusing on human motion.

A Fellow of IEEE (1976), IAPR (1998) and AAAS (2005), he received the Senior Research Award of the American Society of Engineering Education in 1992, the 1996 Technical Achievement Award of the IEEE Computer Society and the graduate teaching award at The University of Texas at Austin in 1992. More recently, he is the recipient of the 2004 K S FU prize of the International Association for Pattern Recognition, the 2005 Kirchmayer Graduate Teaching Award of the IEEE and the 2007 Okawa Prize of the Okawa Foundation of Japan.. He is a Life Fellow of IEEE and Golden Core member of IEEE Computer Society. He has authored and edited a number of books, chapters, proceedings of conferences, and papers.

Traffic Engineering is of fundamental importance for network operation. Traditionally, it assumes static traffic input and then looks for distributed routing solutions to optimize certain objective. Along this line, in the first part of this talk, we will present HALO (Hop-by-hop Adaptive Link-state Optimal) routing. It is the first provable optimal link-state routing solution with hop-by-hop forwarding. Furthermore, our solution does not require traffic matrix as an explicit input and can adapt to changing traffic input. We prove our solution converges and solves the standard MCF (Multi-Commodity Flow) problem.

Recently, there has been tremendous interest in SDN (Software-Defined Networking), which is an emerging network architecture that separates control and data planes. Conceivably, that means network managers can first solve Traffic Engineering optimization in a centralized manner and then translate the solution to configure network switches. Within this context, in the second part of this talk, we consider the problem of avoiding transient congestion while reconfiguring the routing paths. We formulate a flow-based and a switch-based model. For the flow-based model, we demonstrate that an optimal sequence of minimum update steps could always be found when the dependency graph is acyclic. For the switched model, we find a way to translate a feasible flow-based updating sequence to a feasible switch-based sequence subject to a tree topology constraint on the routing paths.

Click-fraud in online advertising siphons several tens of millions of dollars from the online advertising  ecosystem. In this talk, I'll talk about our in-depth investigations into one of the most common ways of committing  online advertising click-fraud. I'll focus primarily on  the techniques and parties involved, their incentives, points of vulnerability, and how these vulnerabilities can be exploited to get them to stop. This talk will not be recorded for reasons that will become apparent during the talk.

Saikat Guha is a researcher at Microsoft Research in India. He is broadly interested in advertising systems and privacy systems. Saikat received his PhD from Cornell University in '09. He authored the RFC that now serves as the best-practice for building TCP support in NATs and firewalls. In 2012, he was named one of MIT Technology Review's TR-35 (35 young innovators under 35). Saikat is always looking to help PhD students who need data to achieve their world-domination goals.

The Dropbox Desktop Client is one of the most popular programs in the world, with hundreds of millions of users. Interested in finding out how it works? Join Dropbox Engineer Ritu Vincent for a deep dive into some of the tech behind the "magic folder", the challenges involved in building a file syncing solution that works seamlessly across multiple platforms and a quick look at where we're going next.

Fathers of the Internet reflecting on the evolution of the Internet (and a celebration of the 40th anniversary of the invention of TCP/IP protocol for the Internet by Cerf & Kahn in 1974.)  

Vinton Cerf (Chief Internet Evangelist at Google) and Robert Kahn (CEO of Corporation for National Research Initiatives), whose pioneering work on the Internet has been widely recognized by numerous awards, including the US Presidential Medal of Freedom, the US National Medal of Technology, and the ACM Turing Award, will together give a public duet lecture on “Perspectives on the Internet and its Evolution.” 

Seating available on first-come-first-served basis, and starts at 4pm. 

http://edgelab-events.princeton.edu

Modern network software is implemented across two tiers: the data plane, which contains packet-processing rules implemented efficiently on switching hardware, and the control plane, which implements fundamental algorithms, policies, and business rules that determine what the data plane should do. Thus, programming the network is akin to programming a two-tier, massively distributed system, where each node has heterogeneous processing capabilities. In addition, the persistent store on the controller represents a third tier.

We are designing a language, Flowlog, that exploits software-defined networking (SDN) to provide a ``tierless'' Datalog-like programming language that unifies descriptions of control, data, and external state, making it easier to express and verify invariants that cross-cut tiers. Flowlog has intentionally limited expressiveness, to enable the construction of powerful tools such as proactive compilers, change-impact analyzers, and more. Flowlog also provides a formal mechanism of callouts to general-purpose code (akin to database stored procedures), to reconcile the needs of programmers with the limitations of Flowlog's expressive power.

(Joint work with Tim Nelson (Brown), Andrew Ferguson (Brown), Michael Scheer (Brown), Dan Dougherty (WPI), and Arjun Guha (UMass Amherst).

Signature-based detection is one of the fundamental technique to detect malicious activities in a network environment. Today, the performance of the security tools is dominated by the speed of the string-matching algorithms that detect these signatures.

A significant part of the traffic over the Internet is compressed HTTP. However, current security tools do not deal with such a traffic and require some kind of decompression phase before performing the multi-patterns matching task. Thus, there is a high performance penalty in pattern matching on compressed data.

In this talk, we present efficient algorithms for on-the-fly multi-pattern matching algorithms for common HTTP compression algorithms, such as GZIP and SDCH (Google's compression algorithm). Our results show that surprisingly it is usually faster to do pattern matching on the compressed data, with the penalty of decompression, than to do pattern matching on regular traffic.

The talk is based on three papers: one with A. Bremler-Barr (INFOCOM 2009, later in Transactions on Networking 2012), one with Y. Afek and A. Bremler-Barr (Networking 2011, later in Computer Communication 2012) and one with S. Tzur-David, D. Hay and A. Bremler-Barr (INFOCOM 2012).

Our accelerating computational demand and the rise of multicore hardware have made parallel programs, especially shared-memory multithreaded programs, increasingly pervasive and critical. Yet, these programs remain extremely dificult to write, test, analyze, debug, and verify. Conventional wisdom has attributed these dificulties to nondeterminism (i.e., repeated executions of the same program on the same input may show different behaviors), and researchers have recently dedicated much effort to bringing determinism into multithreading. In this talk, I argue that determinism is not as useful as commonly perceived: it is neither suficient nor necessary for reliability. We present our view on why multithreaded programs are dificult to get right, describe a promising approach we call stable multithreading to dramatically improve reliability, and summarize our last four years' research on building and applying stable multithreading systems.

Junfeng Yang's research (http://www.cs.columbia.edu/~junfeng) centers on making reliable and secure systems. He earned his PhD at Stanford, where he created eXplode, a general, lightweight system for effectively finding storage system errors. This work has led to an OSDI '04 best paper, numerous bug fixes to real systems such as the Linux kernel, and a featured article in Linux Weekly news. He worked at Microsoft Research, Silicon Valley from 2007-2008, extending eXplode to check production distributed systems. MoDist, the resultant system, is being transferred to Microsoft product groups. He's now co-directing the Software Systems Lab (ssl.cs.columbia.edu) at Columbia University, where his recent work on making reliable parallel programs---the Tern/Peregrine/Parrot stable multithreading systems--- was featured in CACM, ACM Tech News, The Register, and many other sites. He won Sloan and AFOSR YIP both in 2012; and NSF CAREER in 2011.

The Internet's promise of open communication and transparency is threatened by both censorship (blocking communication outright) and manipulation (otherwise affecting the performance that a user experiences or the information that a user sees). Censorship is a pervasive threat, with more than 60 countries around the world censoring Internet communications in some form. Unfortunately, many conventional censorship circumvention tools are detectable and can be blocked; in some cases, the use of such software may even be incriminating. Thus, users may need not only to defeat censorship mechanisms but also to hide the fact that they are doing so in the first place.

In the first part of the talk, I will describe two systems that achieve this goal, Infranet and Collage. In addition to circumventing censorship firewalls, both Infranet and Collage provide users with the deniability that they are using the censorship circumvention system in the first place. In both systems, we achieve deniability by designing them so that the observable network traffic that they generate is statistically indistinguishable from the user's "normal" traffic patterns if the tools were not in use. Infranet achieves deniability by hiding a user's requests for Web content in other Web traffic that resembles a user's typical browsing pattern. Collage achieves deniability by hiding content in user-generated content sites and encoding a user's request for the content in a sequence of operations that a given user is likely to perform.

In recent years, however, circumvention alone is insufficient: sophisticated organizations can also control users by manipulating network traffic. Manipulation can take many forms, from degrading performance to such an extent that a user does not want to use the service, to using Internet communication to generate propaganda (e.g., via social media), to attacking personalization algorithms to affect the results that a user sees in response to a search query. In the second part of the talk, I will describe several manipulation attacks that we have studied and inference techniques that we have developed to detect them. I will conclude with our ongoing efforts to tackle open challenges in this area, such as the deceptively challenging problem of confirming the existence of various forms of censorship in the first place.

Nick Feamster is an associate professor in the College of Computing at Georgia Tech. He received his Ph.D. in Computer science from MIT in 2005, and his S.B. and M.Eng. degrees in Electrical Engineering and Computer Science from MIT in 2000 and 2001, respectively. His research focuses on many aspects of computer networking and networked systems, with a focus on network operations, network security, and censorship-resistant communication systems. In December 2008, he received the Presidential Early Career Award for Scientists and Engineers (PECASE) for his contributions to cybersecurity, notably spam filtering. His honors include the Technology Review 35 "Top Young Innovators Under 35" award, the ACM SIGCOMM Rising Star Award, a Sloan Research Fellowship, the NSF CAREER award, the IBM Faculty Fellowship, the IRTF Applied Networking Research Prize, and award papers at the SIGCOMM Internet Measurement Conference (measuring Web performance bottlenecks), SIGCOMM (network-level beh avior of spammers), the NSDI conference (fault detection in router configuration), Usenix Security (circumventing web censorship using Infranet), and Usenix Security (web cookie analysis).

A memory abstraction is an abstraction layer between the program execution and the memory that provides a different "view" of a memory location depending on the execution context in which the memory access is made. Properly designed memory abstractions help ease the task of parallel programming by mitigating the complexity of synchronization and/or admitting more efficient use of resources. In this talk, I will demonstrate this point using two case studies on two types of memory abstractions.

The first memory abstraction is the cactus stack memory abstraction in Cilk-M, a Cilk-based work stealing runtime system. Many multithreaded concurrency platforms that use a work-stealing runtime system incorporate a "cactus stack" to support multiple stack views for all the active children simultaneously. The use of cactus stacks, albeit essential, forces concurrency platforms to trade off between performance, memory consumption, and interoperability with serial code due to its incompatibility with linear stacks. We proposes a new strategy to build a cactus stack using thread-local memory mapping, which allows worker threads to have their respective linear views of the cactus stack. This cactus stack memory abstraction enables a concurrency platform that employs a work-stealing runtime system to satisfy all three criteria simultaneously.

The second memory abstraction is reducer hyperobjects (or reducers for short), a linguistic mechanism that helps avoid determinacy races in dynamic multithreaded programs. The Cilk-M runtime system supports reducers using the memory-mapping approach, which utilizes thread-local memory mapping and leverages the virtual-address translation provided by the underlying hardware to implement this memory abstraction. This memory mapping approach yields a close to 4x faster access time compared to the existing approach of implementing reducers.

I-Ting Angelina Lee is a postdoctoral associate in Computer Science and Artificial Intelligence Laboratory (CSAIL) at MIT, working with Prof. Charles E. Leiserson. Her primary research interest is in the design and implementation of programming models, languages, and runtime systems to support multithreaded software. She received her Ph.D. from MIT, under the supervision of Prof. Charles E. Leiserson. In her Ph.D. thesis, she investigated several "memory abstractions," which help ease the task of parallel programming. Her prior work includes the "ownership-aware" transactional-memory methodology, the first transactional memory design that provides a structured programming style with provable safety guarantees for "open-nested" transactions, and JCilk, a variant of Java with multithreading provided by Cilk's fork-join primitives, that has exception-handling semantics which integrate synergistically with those primitives. She received her Bachelor of Science in Computer Science from UC San Diego, where she worked on the Simultaneous Multithreading Simulator for DEC Alpha under the supervision of Prof. Dean Tullsen.