Efficient Redundancy

Tweaking TWiki

2010-11-05T12:15:00.002-04:00

Spent way too long tracking down this issue. Long story short is that I recently upgraded my version of TWiki from one of the Cairo iterations (4.2) to the latest and greatest (5.0.1).

It went off mostly without a hitch except that it borked attachments giving the following error:

Can't locate object method "binmode" via package "IO::File

Doh, not cool. After a whole lot of digging (my grep skills are non-existent), I finally tracked down the offender in Upload.pm. Basically, they had patched upload but forgot about the lowly of us still using Perl 5.8.8.

A quick tweak out of the OO world:

sub handle {
my $fh = new IO::File( $_[0]->{tmpname}, '<' ); binmode $fh if ($fh ); # $fh->binmode if( $fh );
return $fh;
}

and voila, life is good again.

Net Neutrality

2010-08-09T21:23:00.002-04:00

Ahhh Google, how quickly the do not evil slogan seems to have disappeared?

http://googlepublicpolicy.blogspot.com/2010/08/joint-policy-proposal-for-open-internet.html

Microsoft Surface

2010-08-03T13:01:00.002-04:00

Behold, I am quoted or something talking about our experiences with the Microsoft Surface.

eCampusNews Article

Hypercriticality

2010-07-21T09:15:00.003-04:00

Fantastic post by the editor of Communications of the ACM that nicely captures some of the issues in the CS community:

Hypercriticality

I have long been a proponent that folks in the CS community have tended to operate as gatekeepers rather than prospectors. Hopefully more articles like this will create serious debate in the community regarding why our internal review process tends to be considerably more negative versus other research communities.

Meta-theory practicality

2010-06-04T16:23:00.003-04:00

As promised, I wanted to get back to the subject of theory versus practicality. Good thing I have tenure so I can muse on or even if I didn't maybe this is an obscure enough blog, it won't make a bit of difference.

One of the things that has bugged me is the disconnect in the security world of research is the gap between theory and practicality. On one hand, we definitely want to get to secure systems and security more often than not tends to be a binary thing, i.e. once data is out you are pretty much hosed. On the other hand, we have had years upon years upon years of theoretically good security work but yet how much traction has it really had? What is the ratio of reference datasets or papers with reproducible experiments versus the theoretical or never to be duplicated again variety?

Maybe it is cyclical or something but it seems like we are living in a sort of real-time Groundhog Day when it comes to security. Every once in a while, someone gets up and says that we are doing security research wrong or that we need to investigate topic X. It creates a whole new set of conference papers (maybe some journals too) but yet amazingly enough, that research funding tends to flow into one of the existing groups who tend to do one of the following:

* Get off my lawn: The grey hair folks jumping up and down noting that we solved all of the issues if we would just pay attention to MULTICS and PSOS, aka our programmers are teh suck and they need to get some r3@l skills argument.
* Framework, ?? deploy ??, security: Beautiful papers, wonderful security properties, but yet the papers never ever seem to answer the question of how you bootstrap their "great solution" into the real world or how it functions in the noise of the real world. Any solutions must of course benchmark their results to their virtual hypothetical world. Sort of like if multicast and QoS can be deployed with a flick of the wand next to the dragons and unicorns, aka a SIGCOMM paper. I kid, I kid, sort of :)
* l33t exploits: Extremely practical papers that find that latest exploit of the day which are always fun to read but don't necessarily change the current state of security, more like +1 developer emo rage.
* Data mining is cool: The anomaly / data mining-based papers, aka this time my anomaly detection scheme will work, I swear, just give me a good baseline. Look as I detect my own synthetically injected data at how well I can detect it :)

Folks leave said meetings (which I have been to plenty of) and vow that security is broken, repeating the first step, and then the funding flows into the above categories*. The circle of life continues unabated....

/end silliness

All glibness aside, I've seen this theme time and time again, as a reviewer, attendee, and submitter. I know as I am sure many others would vouch for that one is far better off submitting a paper that falls into one of those categories (maybe besides the get off my lawn category) that has limited near-term impact (besides future citations) versus one that is useful but way less sexy. Cue cries of lack of novelty, lack of innovation, or something to that effect. Or perhaps I'm just jaded having sent too many papers that did not fall into that category to conferences.

Roy Maxion gave a very cool talk at one of the Cyber Security Roundtables with regards to reproducible, well-designed experimentation. Sometimes I wonder if the computer itself has not lent itself to sort of an ADD-ish sort of behavior where we always need to have something new and sexy versus simply doing solid, experimentation on what we already have. The publish or perish game perhaps to blame for that? Dunno. Synthetic nature of systems being man made meaning that we can just make our own synthetic data / hypotheses to test being to blame? Dunno either. Is difficulty in sharing data causing issues, maybe, but I don't think that is nearly as prevalent of an issue. The requirement for transformative research by the grant agencies? Eh, maybe. Is the life cycle of a project too short? Yes, I definitely think so.

My point is that I think that on average, we do a good job of conjecturing synthetic problems and solving them without any thoughts of real-world implications which often involves time-consuming, appropriate metrics for measuring efficacy. A few properties are proven or a few ROC curves look better or a bunch of code is written and new metrics created. By in large though, good, solid experimental work tends to be left by the wayside as it is either too development-centric rather than research-centric or far too time consuming to do right. Security is messy and it always is going to be with the heavy human component involved. How does a solution work if one actually deployed it (even in a limited sense but not on synthetic but real data)? Can you actually manage or use it? How can one push the envelope of an existing system, at what point does it break or can one do clever stuff on what is already out there or soon to be out there?

Until we start to acknowledge that fact that absolute security is not going to happen and start to value well-tested, robust incremental improvements, I think we are doomed to keep repeating the same cycle. Sure, there will be big kerfluffles about this funding or that funding but at the end of the day, we'll still have the same discussion about how this organization's security or that organization's security is an epic fail and still is. I think practical security and more important manageable security that is really, truly deployable is how we get from epic fail to just a standard, normal variety fail. Even that in and of itself would be a huge, huge improvement.

* There are topics which are interesting and meritorious of future research. It is just that when you see the same folks doing the same stuff but yet submitted and then funded despite it being an entirely different topic, it starts to drain one's soul.

Delay and such

2010-05-31T20:42:00.002-04:00

Alright, time to really, really, really get back on the blogging horse. This time for real or something but most folks should probably know better. Must be too content as things are largely good :)

Anyway, still owe a longer post on the previous topic with regards to how academia and research views security versus the real world. Various events interspersed since that post have really only reinforced that view but I'll withhold judgment until the process makes it way to completion. Once it works its way to completion, I promise a scathing rant.

On a secondary note, I've been doing a bit more pondering with regards to the principles of admission control and in particular systems in general. I am hoping but perhaps being naively optimistic to spend some serious time trying to sketch out a paper for HotNets this summer on the topic. The basic crux of the paper is pretty simple, we are wrongly focusing on minutia when in reality, we should really be focusing on dynamics. In my humble opinion, dynamics are what we should really be thinking about when it comes to scale. How do we keep the dynamics under control, i.e. avoid rapid change? My intuition is that we can use this as a guiding principle for system design in that things should be limited to change within a certain bound, thus limiting the emergent dynamics that can occur that we typically fail to understand.

Not sure exactly how I will go about crafting this paper but HotNets tends to align nicely with it. Worst case is that I write a nice screed that gets rejected but is ultimately quite cathartic. The public / private firewall paper seemed to go quite well along those lines despite its rocky road to publication. The paper still brings a smile to my face even almost a year after publication.

Back, this time for real (I hope)

2010-04-25T22:43:00.003-04:00

With summer coming up, time to get the old blog posts a rolling again.

I have a nice, lengthy post coming up, courtesy of a review we just got from a journal (a good one too which makes it even more sad). The single review was in response to our paper examining public versus private firewall rules which asked the simple question, do you really gain that much by keeping your firewall rules private. Hint: the answer is way less than one would think.

Anyone, onto the money quote from the reviewer:

Firewalls are generally considered a hack, not any real guarantee of security. A backstop. Do we need to analyze this hack with such loving care?

Wow, just wow. One would be hard pressed to come up with a better example as to why industry ignores the security community.

A different kind of interface

2009-10-27T08:49:00.004-04:00

Very cool concept with regards to streetlights. Instead of lights shining everywhere, consider this:

The lights are going down in Toulouse. Tomorrow early-rising residents of the Allée Camille-Soula in the south-western French city will have set out to work with the morning gloom held at bay by radical new technology which turns on streetlights only when pedestrians pass.

Installed on a 500-metre section of pavement last weekend, the lampposts double the strength of the light they cast when they detect human body heat. Ten seconds later they revert to normal.

Cool concept. Light pollution and in general light usage at night is quite fascinating.

Next computer?

2009-09-15T20:43:00.002-04:00

Well, looks like my tablet might need to get an upgrade some time in the near future. I'm sure everyone in the System Interface Class would appreciate a boot time measured in the seconds rather than minutes.

Too bad our IT policy probably prevents me getting one but then again, there might be some sort of a research reason :)

Hat Tip Gizmodo

Wicked cool enhanced VR glasses

2009-09-03T21:10:00.002-04:00

Very cool video from BMW about enhanced virtual reality glasses for mechanics. I doubt this will be making its way out soon but cool to ponder something like this for say home yard machine repair (mower, trimmer, etc.).

Link to Gizmodo

Surface Trip to Ball State

2009-08-19T08:51:00.002-04:00

Recently, a group of staff traveled to Ball State for a mini-conference on the Microsoft Surface to see what the various groups were up to. There were attendees from Ball State, Notre Dame, and Ohio State. Eric Morgan from the library recorded a video of the various aspects of the Surface.

Surface control of the home

2009-08-15T22:22:00.003-04:00

A bit pricey at $10k but very cool immersive app that allows the surface to use a camera to then control all of the various gadgets in the room. Might be a fairly cool app to try to duplicate as part of the course.

The approach, Cristal, uses gestures to control the various devices and I am assuming, a fair amount of under the hood operation to get things going. It would be very cool if you could blend a limited range Bluetooth to automatically discover devices but the camera input is a bit more intuitive, i.e. I see what is in my room and then can manipulate it.

Hat tip to Gizmodo

Touchable Holography

2009-08-05T12:54:00.002-04:00

From SIGGRAPH 2009, touchable holography using a combination of convex mirrors (for the holography), Wiimotes (for hand position detection), and point focused ultrasound (for the sensation of touch).

Video

That is wicked cool!

WPF Line Graph Control

2009-08-04T21:43:00.003-04:00

Very cool line graph control that automatically scrolls operating strictly in WPF

Link

As part of our ramping up for using the Wiimote as a rehabilitation tool, I have been toying with the WiiFit board. Beyond the initial snafus getting Brian Peek's WiimoteLib to work with WPF, it has been relatively smooth sailing since then.

In particular, the weird threading model of WPF and the WiimoteLib was one of those undocumented / magic fixes that seem to crop up every once and a while. Fortunately, several of the example apps with WiimoteLib were fully built in WPF demonstrating how the dispatcher needed to be used to preserve thread safety.

Public vs. Private Firewalls

2009-07-19T22:42:00.002-04:00

Got a bit distracted getting our Microsoft Surface devices up and going. While initially ambivalent about Windows Presentation Format (and its quirky XAML), I am starting to warm up to it. More on that later.

On a very cool note, we recently got our paper on public versus private firewalls accepted into NPSec 2009, a workshop at ICNP. We had a very near miss at HotSec which was a bummer but very good feedback / discussion with the chairs which helped on our shorter submission to NPSec.

In short, the paper tries to debunk the myth that private firewalls are better. The fact that this security through obscurity of private firewall rules has long been a pet peeve of mine but I have not had the math skills to do a reasonable argument beyond random, flailing hyperbole. Enter my graduate student Qi who was willing to try to prove the ramblings of his advisor. With his wife, they constructed a very nice game theory concept showing how private firewalls are lose, lose, lose across the board.

Think of the debate of public versus private in the following manner. Private firewalls back in the day could be argued to provide a reasonable defense. Inference of private rules would take time and would create a glowing, red beacon that one's network would soon be under attack. Beyond exposing oneself or small number of compromised machines, it was not easy back in the day to conduct said inference.

Contrast that with the scenario of today. Botnets are out there and are dirt cheap with massive volumes of machines. Scanning now can be done quite discretely with "disposable" hosts for folks that are more than likely extremely patient enough to wait a few hours or days for the rule inference.

Hence, what do you get from private firewall rules? You get distributed applications being a pain to debug due to how firewalls are typically configured as black holes. Moreover, distributed applications are not going away nor is the next distributed pattern likely to be easy to predict. Thus, one is paying valuable employee or system administration time tracking the problem back to the firewall. Is it your firewall? Is it my firewall?

Certainly, there are a slew vendors that would help you with that task. But why do we even need to go through that? Unless the scanner (bad guy) has some sort of ADD and can't wait just a little bit for a result (perhaps for terrorism / cyber-warfare with state-vested interests might be an exception), there is absolutely no gain to be had with the private firewall rule setup.

The paper has some nice explanations via game theory why this is the case. Moreover, while not listed in this paper, they also derived results that show if you can selectively lie, it can be used as an insurance to actually improve the overall system which is very cool. The partial truth / untruth could be used as an enhanced honey that draws attackers into a honeypot or other system.

Reactions from pitching this to various folks has been an interesting illustration in and of itself. Folks that work in security tend to instinctively flinch while folks that work in systems tend to be intrigued by it. Then again, I would add the caveat that I think that NATs are probably one of the most important security technologies :)

Gearing up - yet again

2009-06-30T09:31:00.002-04:00

Finally, I'm back again after a very, very long hiatus. Tenured (whoot) which means that I can post a bit more freely now.

Should have weekly updates in preparation for this becoming a course / technology blog once again.

Firewall Complexity

2009-02-25T10:39:00.004-05:00

It appears that our work looking at firewall complexity in the most recent ISSA Journal is nicely coinciding with work being done in industry. Secure Passage just released a survey coming to roughly the same conclusions that we did albeit focusing primarily on Fortune 1000 companies whereas our survey was more broadly based.

Of particular note, the top two most shocking findings from the Secure Passage report:

Top 10 Shockers Revealed by Respondents:
1. 73 percent think firewall rule bases are too complex or out of control
2. 59 percent feel that a lack of management tools makes policy management difficult

Living firmly in the land of academia and hence being able to speak from the ivory tower, these works should be a huge wake up call for how security research should proceed. All too often in security research, the perfect becomes the enemy of the good but I think researchers forget that easy to use security (yes, Virginia there is such a thing) offers a huge benefit to the overall health of the Internet ecosystem. Certainly, there is a need for high end, complex systems such as for DARPA / etc. but by in large, complexity is not a friend of security.

Moreover, I do not think the problem is one of building a better interface for the existing tools. It is a general philosophy where complexity is viewed as an informal indicator of correctness or completeness. Unfortunately as my students can attest, try publishing something novel but not terribly complex and the results are often less than heartening. Perhaps that is best left to industry but certainly these surveys attest to the security elephant in the room that we know things are bad and really can not do too much about it*.

Hat Tip: Athena Security which has a tool for improving firewall complexity Athena FirePAC

Front page baby!

2009-02-04T21:29:00.003-05:00

Very cool, our journal article looking at firewall management practices managed to make the cover of the ISSA journal. My student Mike Chapple did a very nice survey of current firewall administrators and IT managers to determine what self impressions administrators had of the correctness of their firewall configurations.

The short / sweet version is that firewall configurations are likely wrong and we know it and things are not getting better. System administrators are swamped and hoping that nothing major goes wrong. For those of you in the security business, I highly recommend using it as justification for a better raise or for hiring new people.

On spam and publicity

2009-02-04T21:22:00.002-05:00

As one transitions later in the world of academia from naive, newly minted junior professor to slightly older but still naive junior professor, the opportunities for service become quite numerous. Recently, I have served / am serving as the track chair or publicity chair for several conferences. After having surveyed the landscape for various lists, I have several definite preferences. Keep in mind that this is network-centric and individual experiences may vary.

- The DB World and ACM SIGOPS method are very, very cool. Plug in conference info into a web form and voila, instant posting at an easy to recall location.

- The WTC form is not a bad outlet with the web output being checked before being sent out. This is nice but the form needs a bit of work as it could very easily send out multiple copies.

- The good old standby of tccc is slowly getting over run with everyone and their brother advertising Calls for Papers. Being a member of the list and being in the position of track chair and publicity chair, I have seen things from every angle. Not getting enough papers or getting nervous, one more CFP into the void. *sigh* yet another CFP from that same conference, yeesh.

There is a fairly cool effort that my recent spamming on lists as publicity chair for a conference must solicited an e-mail, WikiCFP. Looks cool and yes, we will be posting our conference there too.

PS For any publicity chairs in the networking area, send me a note and I can give you a definite run-down of pretty much all of the major mailing lists :)

I still function

2009-01-29T15:47:00.003-05:00

Very cool site for those of you in academia needing to cull the newest fad of the h-index from Google Scholar.

Harzing.com

The quick explanation of the h-index is that you have h publications with at least h citations. In other words, an h factor of 3 means you have 3 publications with at least 3 citations each. A h index of 25 means 25 publications with each of them having 25 citations a piece.

Who knew I had an h-index of 11? Web of Science, the normal index for such things give me a 4 but they are heavily journal-centric. Pretty sweet and I should have put that in my tenure package.

Virus scanners

2008-10-06T16:34:00.002-04:00

I'm in print and not quoted too badly in our local paper, the Notre Dame Observer .

Back from ICCCN 2008

2008-08-08T15:58:00.002-04:00

Just got back from ICCCN 2008. Very nice conference although the Virgin Islands were certainly quite hot and humid. More highlights to come later in the week regarding the panel discussions / etc.

Over-provisioning++

2008-06-17T16:29:00.002-04:00

No wonder over-provisioning is the norm in the core of the network. Wow.

Per the text:

Cogent this morning is announcing new discounts for customers who commit to three-year contracts and for higher volume service provider customers. The new three-year price for Ethernet service is a flat $7 a megabit, a dollar less than the previous rate for contracts of two years or more. For service providers who buy Ethernet services at volumes between 100 megabits per second and a Gigabit, rates are as low as $6 per megabit for a three-year contract. Service providers who buy between one Gigabit and 10 gigabits will enjoy a three-year contract rate of $5 a meg, and those that consume a full 10 gigabit port can pay as little as $4 a meg on a three-year contract.

HD as a Natural DRM

2008-06-16T16:53:00.002-04:00

I think my list of tasks is now finally approaching a manageable level hopefully giving a bit more time to post what should be at least weekly content. Up this week is our recent position paper on using the size of HD as a natural DRM. While the paper unfortunately did not make it into NSPW, the topic is interesting enough that we have converted it over to a technical report and wiki-fied it. If anyone has a good LaTeX to Wiki converter, please let me know.

The thrust of the paper is relatively simple, is the size of high definition content (30+ GB) sufficient to act as a natural DRM and deterrent to file sharing. Taking a cue from music sharing, WAV file sharing certainly existed but the content was fairly large and the bandwidth speeds for exceptionally bad at that time. With the emergence of the MP3, all of that changed making sharing much easier. In some sense, HD content follows a similar parallel in that it is an order of magnitude greater in terms of size versus DVD and two orders of magnitude greater than CD-focused content.

If one looks at the general dynamics of beginning the seed of a movie say via BitTorrent, a fully symmetric link would take roughly 40 minutes to grab a 30 GB Blu-Ray disc (12.5 MB/s net speed ignoring headers, assuming TCP kept the pipe full, ignoring the ramp up in congestion avoidance). Now, while I would love for 100 Mb/s symmetric bandwidth to rapidly grow in the US, I simply do not see that happening any time in the near term. Taking DSL and sharing cuts bandwidth down by a factor of 10 on the downstream and 100 on the upstream. While P2P helps with that sharing, the file still has to get distributed out past that initial seeder. Given that one probably does not want to hang out too long on a given torrent with pirated content (*AA actions) nor wants to pay the potential bandwidth costs (size caps via Time Warner), is anyone going to be all that keen to share pirated HD content?

Ah, but what about smaller content as several of the reviewers raised? Sure, feel free to DRM away but the premise of the paper is that for HD content, it doesn't add all that match. With the analog hole (for any content) and nearly every DRM mechanism being cracked shortly after release, why bother? Can disc copying occur then? Most definitely but it is more like copying the analog tape of old rather than the easy, quick file sharing of today. Is it easier to copy or just to loan a disc? My thinking is that the economics of sharing (size caps on the upstream) will be a far more effective deterrent at sharing than DRM will ever be. Moreover, as the paper mentions, it is in the interest of the ISPs to try to swat down the heavy tail or at least convert that heavy tail into a net economic gain. We've already seen this with the recent brouhaha over P2P throttling and as much as one would like the all you upload buffet to continue, those days are likely numbered at least for the near term. It is quite easy to pick out the heavy tail on the upload and keep the "good" netizens from being penalized (good as in profitable subscribers to an ISP).

Long story short, it is an interesting topic of discussion in general with regards to design. Interesting questions as well would be quantifying the total energy cost of HD DRM or comparing it to applying it on Folding@Home or SETI@Home (computations spent). Alternatively, could one embed multiple signatures from the source side (ala steganography) to assist with tracing the root of shared content (40 GB is a lot of space to hide stuff but can it be done fast on the production side)? At what point are speeds feasible where DRM might need to be imposed, i.e. what is the cutoff where DRM is necessary (if at all)?

I still function....

2008-05-04T21:34:00.002-04:00

Wow, long time since the blog has seen an honest to goodness post. I'll just make a mental note that teaching a second course, even if it is a boutique course, and serving on a few university level committees are an amazing time sink.

Anyway, a few interesting updates since the last time I posted:

INFOCOM TPC: Whoot! Finally made it in which was nice and just in time for the promotion and tenure package for the fall. Special thanks to the anonymous individuals who pulled me in :)

RIPPS Demo We did a slightly working of RIPPS (our work on detecting rogue wireless access points) at INFOCOM 2008. USB and Mac Mini's do not play that well together when you toss libpcap into the mix.

Travel, travel, travel Per the recommendations of Azer Bestavros, I did the first leg of my CAREER evangelization tour visiting Univ. of Connecticut, Boston University, MIT, and Univ. of Kentucky in a one week span. Plenty of wonderful feedback and comments on the two works presented (RIPPS and my CAREER work).

Now that the semester is almost winding down, my goal is to bring the inter-post time way, way down and to muse on our weekly papers. We tried an experiment of discussion topics and papers which did not fare nearly as well.

USB Flash Drive Characteristics

2008-02-22T11:05:00.005-05:00

We recently had two papers accepted at the upcoming IEEE WoWMoM, one on loss sourcing in 802.11 (more info in a later post) and the other on USB flash drive performance characteristics with respect to read/write speeds and power consumption. The work itself was done in large part by one of my summer REU students which is very cool to see those results turn into a tangible research output.

The paper in itself was an outgrowth of discussions related to a DARPA WAND proposal from last year. While we weren't funded, we had proposed the usage of USB flash to provide a cheap and easy method for significant on-demand storage for our packet caching architecture. There were some discussions that the flash drives would be too expensive power-wise and we were at a loss to directly respond to that. Long story short, that led to the above REU project to pin down the energy costs and performance of the drives which would be a necessity if the grant got funded (it was not, unfortunately).

The net result was that our initial hypothesis was correct, i.e. the cost of the flash drive in terms of power was dwarfed by the cost of the wireless adapter itself, especially in a USB 1.1 setup that would have likely been in place. We were not entirely vindicated as we discovered that by in large, the flash drive itself would never enter a low power mode when not in use, i.e. the file system is in essence permanently mounted which in turn triggered periodic "Keep Alive" messages across the USB bus, never allowing the flash drive to enter suspend mode. The REU student did a nice job diving into the ugly innards of the Linux kernel USB module to hacking up a suspend API for some basic testing. While it did offer the option to manually force a suspend, the performance results that could certainly use some tweaking as it would be ill-suited for significant amounts of suspend/resume operations.

All in all, a neat project for a REU. We posted a Wiki form version of the original submission here if anyone would care to peruse it. The final camera version of the paper (accepted as a short paper) will be posted in the next month or so to the website and will be available on the same link. The USB flash profiling tool is also posted on-line available via the same link or the above direct link.

Finally, I am finally taking the plunge and starting a policy of putting reviews from accepted papers on-line when I can. The nice part is that it gives us a chance to do a minor rebuttal but also it gives some nice transparency to the review process which in my opinion is a very good thing. The review / response notes for the paper can be found here.

New Cisco Research Site

2008-02-19T09:42:00.001-05:00

For those interested, Cisco has a new front-end for Cisco research.

Yikes, long times between postings

2007-12-30T12:16:00.000-05:00

Well, the holidays have certainly made things difficult to keep things updated as regularly as I was hoping. Toss in a family emergency to a tight schedule and all bets are off.

A few quick notes for those that do peruse this:

- The INFOCOM 2008 is now on-line and it is a monster. The inclusion of the mini-conference on the main list kept me busy noting relevant papers for my students to look at. Multicast and classical QoS (that isn't pure theory) outside of wireless are definitely minor niche research areas now. I'll certainly be out at Phoenix for the conference despite not having a paper in the main conference (sigh, yet again). Amusingly enough, we have a very good chance (nearly finalized) of getting Cisco funding for our work that was rejected so I guess I'll take money over a publication.

- NDSI 08 results are also out. By in large the reviews were very thorough (a nice trait of the USENIX arena of conferences) but a near miss for us on our Lockdown work. Unfortunately, a single reviewer whose criticisms and ratings were out of sync with the rest of the reviews pretty much doomed the paper. We certainly made the discussion phase but with only 30 out of 175 papers making it in, a killer review like that is too hard to overcome. Eh, not much one can in those cases but grin and bear it and simply note to the students that it indeed happens to everyone in the field.

Long story short, we targeted ease of use and intuitiveness (i.e. just make it work) and the reviewer wanted novelty and complexity (i.e. simplicity is bad). Certainly fair for a conference like Security and Privacy but I thought a bit too pointed for the systems-oriented nature of NSDI. Interestingly enough, a core argument in the paper is that a huge problem in security is that we are making these wonderful complex systems that are hard to use and they aren't being used because well .... they are hard to use. It makes me wonder if Ethernet were proposed today (work with me here) would ever have a chance at a major conference or grant review panel. I certainly have some strong opinions on how the networking conference track is going the wrong direction (too much gatekeeping, not enough prospecting) but that is a post for a different day (post tenure of course). Let's just say I no longer frown upon abstract only submissions like I used to that other areas of CS heavily use. If I have time, I'll post the reviews on-line with the comment/response notes that we did for the HotNets paper which I think was a good exercise.

Weekly papers - back again

2007-11-27T22:20:00.000-05:00

Finally, back with the weekly papers segment after a rough beginning of November. Perhaps it was dodging reactions from INFOCOM reviews and how it went with various folks. More on that later when I have time to do a length post.

Diversity and multiplexing: a fundamental tradeoff in multiple-antenna channels This paper comes from our weekly papers meeting two weeks ago from discussions regarding our INFOCOM reviews regarding the relevance of MIMO to our current work. Transactions on Information Theory is a bit out of our normal purview so kudos to Dave for taking the time to digest the paper in its entirety.

The paper looked at the tradeoffs in a multi-antenna environment with regards to reliability versus capacity. The most relevant portion of the paper is the strong dropoff with regards to either dimension, i.e. if you choose to do both, you will not get a solution that is strong in either dimension. Not exactly a shocking result but the work in the paper is quite sound and a nice discussion point to discuss why our current work on wireless reliability is very interesting.

Near as I can tell, industry has gone the route of capacity over reliability meaning that our results regarding channel reliability are especially apt. In short, our most recent work has been looking at if the reliability of the channel for nodes in close proximity. If loss is primarily from the medium, losses should be correlated in nearby spaces but not necessarily correlated across larger spaces. In contrast, if losses are not correlated in a tight area, it means that it is likely an individual device going crazy, not the medium itself. Most of the works in the literature regarding burstiness / etc. seem to trust that the device itself is good and that the packet got corrupted before arriving, not that the device itself may be a significant source of the packet errors.

While previous works such as SRD by Balakrishnan reached what would be a similar conclusion, the works reached their conclusion for quite different reasons. Put simply, the physical sensors were highly scattered (i.e. APs over 30 feet+ apart) allowing for multi-path effects for different loss probabilities. In contrast, we showed that losses tended to also show a lack of correlation in short distances regardless of orientation, small distance between, and heavy background traffic. Moreover, there were also "weird" periodicity aspects to some of the devices that bear further investigation (Intel Centrino chipset).

The day the routers died

2007-10-30T09:31:00.000-04:00

Highly amusing video from RIPE

The day the routers died

New hardware toys

2007-10-20T21:34:00.000-04:00

Over the past month or so, I have been searching for low-cost prototype boards for exploring our RIPPS and ScaleBox work. I think I finally have a winner to play with for the near term with the Atmel NGW 100 Network Gateway kit. It has native dual Ethernet support to allow me to do pass through operations with a customized version of Linux already running. A host of other options less important for networking but very cool for tinkering (SD slot, USB, I2C, SPI, GPIO). Most important of all, the price is just about perfect at only $89. For a few more dollars, it would have been nice to see a power supply tossed in but I already had a few 12V supplies lying around from our my mass of external drive purchases in January.

The board is quite fascinating both as an implementation platform and potentially as a teaching platform. At sub-$100, it is close to tolerable to have students simply buy one for themselves. For teaching, a JTAG debugger (enabling remote GDB and recovery from hosing the flash) would be essential but at a $320 list from Digikey, it is a bit pricey but is not necessary for each and every board. I am a bit concerned about how well it could run our current RIPPS code at only a 133 MHz processor but that gives some incentive to help speed it up / streamline it anyway. Perhaps making a hardware version of the WANRay is finally in order without having to toss on a $700 Cisco PIX box.

Initial forays into the box are very promising. I was really surprised how much stuff is running. Telnet into the box worked right away with ssh and ftp already supported. The box is also running a web server as well as a DHCP server for eth1 (labeled LAN). I did not have a chance to test the serial operations as I could not dig up a serial cable amongst my bank of cables at work.

We'll be putting up a Wiki web fairly soon to collect the various information :)

Weekly Papers - Oct 17

2007-10-19T23:04:00.000-04:00

SMACK, aka Simplified Mandatory Access Control Kernel by Casey Schaufler attempts to bring MAC (Mandatory Access Control that is, not the network MAC) to the masses via a LSM in Linux. For those unfamiliar with MAC in the security context, think that everything is labeled with explicit access control and stricter rules on changing access. The CIPSO network tagging is also interesting as we had been considering how to convey local context as part of Lockdown during the TCP SYN phase.

Interesting also that the work in that it is a real live implementation.

Weekly Papers - Oct 10

2007-10-10T14:52:00.000-04:00

Playing Devil’s Advocate: Inferring Sensitive Information from Anonymized Network Traces

The paper by Coull, Wright, Monrose, Collins, and Reiter that looks at how good the state of the art anonomyzation schemes with regards to hiding identity appeared in NDSS 2007. With a bit of data mining (clustering), DNS, and search engines, the work attempts to infer identity despite anonymization.

Very cool results demonstrating what I think those who have been skeptical of anonymization have suspected for quite some time.

Weekly Group Papers

2007-10-10T12:04:00.000-04:00

An interesting dilemma facing a new assistant professor is how to manage their fledgling research group. During my graduate work, I came from a fairly small group (3 or 4 students maximum) where we primarily had only individual meetings. The meetings with my adviser were largely informal (just drop in) rather than a specific time. Other groups at Iowa State had specific schedules for meetings.

From my experiences as an assistant professor, I have hopped between multiple management styles, group meetings, group and individual meetings, individual-only meetings, seminar meetings, etc. Currently, we have a weekly group meeting, weekly status reports (via e-mail and on the wiki), and at least one meeting (scheduled or not) outside of the group meeting. This seems to work alright for the students that are fairly well organized near as I can tell. I have been mulling making students include written summaries of individual meetings on the wiki but have held off on that. Cristina Nita-Rotaru of Purdue mentioned how she used that to help improve student writing skills.

One of the neat changes that I started in the spring was an outgrowth of the system seminar. Each week, each student in the group must read and write a quick summary of a current research paper (in area or out) and then discuss that paper briefly in the group meeting. The summaries are posted on our Repository wiki on the NetScale server for full public consumption. Each paper summary should have the appropriate citation info, an abstract, and the DOI link if possible. The students supplement the abstract with commentary regarding the novelty of the work, future papers to follow up on, and discussion related that work to our own. The specific paper topics are often left up to the student with occasional suggestions tendered by myself.

Out of all of the various management decisions, this has certainly been one of the most successful. At a minimum, it forces the students to continually keep up on research and build their bibliography for their upcoming thesis or dissertation. The broader effect is that everyone in the group (especially myself) benefits from getting a quick summary of current work going on in the field. For myself, that can be especially challenging to find time to simply read papers outside of my normal review duties. With networking as diversified as it is across so many conferences, I do not doubt for a moment that I am missing insightful work that occurs out of the top tier conferences. I find it to be quite intellectually stimulating to poke and prod at various works to see how it might relate or could be improved. In some sense, it resembles a conference setting but at a much more rapid pace (6 to 7 papers per week from a more diverse topic pool). Amusingly enough and perhaps others would agree, I find myself the most productive in terms of new ideas when attending conferences, in part from new views imparted by the speakers but often for simply having time to think in largely uninterrupted blocks (no e-mail, no meetings, no visitors).

In keeping with the spirit of our group discussions, I will try to add in weekly posts regarding the most interesting papers discussed that week with a small bit of personal commentary. If one or two readers (most likely my entire blog reading base, ha) pick up on a more obscure paper and help give that paper a bit of prominence, I will consider my endeavor a success.

HotNets VI Review Results Out

2007-10-01T22:50:00.000-04:00

Alas, no HotNets paper for our group this year. I'll be posting our submission on-line to our wiki shortly as the paper was geared strictly towards HotNets, i.e. primarily opinion / philosophy versus raw technical substance. It was definitely a learning experience (euphemism for definite reject) as we do not usually dive into the philosophical domain with papers. Certainly a fun paper to write though as we were quite a bit more casual with various bits of puffery throughout the paper. The use of words such as "scurrilous" and phrases of "having your cake and eating it too" are certainly not typical academse fair.

The executive summary of the paper was fairly simple, sites would love to be centralized as it makes a host of management / resource issues much simpler but often do not have the scale to do so. In that context, we described our concept of ScaleBox which represents the amalgamation of my NSF CAREER work on Transparent Bandwidth Conservation, bringing in packet caching, TCP pre-fetching, tail synchronization, and stealth multicast in a single unified architecture. Unfortunately, fitting all of that in only six pages coupled with various larger scale musings which I thought were much more profound (does TCP apply when bandwidth conservation is involved, does it work with the current Internet, how should multicast economics really work) is a recipe for disaster. Couple that with thoroughly imbibing one's one Kool Aid as I was knee deep in writing a DARPA proposal with an incorrect assumption of reader rapport and that spells R-E-J-E-C-T.

With the wikifying of the submission, I'll also be taking the step of putting the raw reviews themselves on-line. An added bonus is that I get to do a point-by-point rebuttal :) I have long been intrigued by the review process with all of its nuance. The Global Internet Symposium approach of having all reviews signed with fully public reviews for accepted papers was quite interesting with mixed results. Those that took the experiment seriously were not the ones where problems with reviewers existed in the first place which was unfortunate. I would have liked to have seen a bit of a post-mortem on GI via the TCCC mailing list but perhaps it was discussed at the TCCC meeting at INFOCOM. The raw reviews being posted was a fantastic step that should be encouraged in the community to foster transparency.

Alternatively, the public review of SIGCOMM and CCR is a bit of a let down in my opinion. While it is certainly wonderful as a more junior professor to have a well established person writing the front article (having Jon Crowcroft write the public review for our edge-to-edge QoS paper, ERM, was a special treat), the public reviews especially for a conference like SIGCOMM often seemed to get watered down. Some had reasonable anecdotes from the TPC but most were fairly bland relative to the paper. Given the tight interweaving of accepted papers at SIGCOMM versus TPC members, I guess this would only be natural. Coming as a relative outsider, the raw reviews give significant more confidence in the thoroughness of the process than the rough equivalent of a NSF panel summary.

While I won't muse too much on where conferences in networking are going as that is best left to the TCCC mailing list or other venues, it is interesting that the philosophy espoused by HotNets is actually the norm outside of systems / networking. Works in progress or abstract-only submissions drive conference submissions rather than conference papers representing completed works in and of themselves. A roommate of one of my graduate students was shocked to find out that conference submissions were actually rejected in our field, even more shocked when he found out the average acceptance ratios.

It is my humble opinion that we are doing ourselves a disservice by focusing so much on completeness or practicality (perceived or actual) rather than the potential discussion or outgrowth points for the paper. Perhaps I am a bit older school but my perception of conferences was that they were a venue for unfinished work with the on-site discussion and reviews serving as an incubation testbed for thought provoking questions. Suffice to say, I find it a bit troubling that there were more interesting works in terms of posing new questions / opening new research areas at BroadNets than INFOCOM this past year. The average quality of the papers at INFOCOM were better but the opportunities for future work seemed considerably less. SIGCOMM is a whole different entity that I'll leave for another day.

Public vs. Private Firewall Policies

2007-09-27T13:11:00.000-04:00

One of the mantras in the security world that has perplexed me is the notion that firewall policies should always be kept hidden from everyone else. The rationale of course is that if the rules are hidden, it will make it that much harder to the attacker to gain entry into the system.

However, I am not sure I completely buy that rationale. Is it really that much effort to probe for open ports on guarded systems? Does it really take that long or is itjust a few more minutes while one of the countless botsin the botnet does the remote scanning? Moreover, does the detection of said port scan do any good either withthe sheer volume of typical port scanning going on in a day to day sense?

From a distributed systems vantage point, the silent failure modes of firewalls can be painful to debug. Sure, if the firewall sends an ICMP Port Not Available, that would be great but most simply sink traffic off into /dev/nullleaving the application to slowly time out, often with abysmal service properties. At what point does the benefit of faster debugging outweigh the "security" benefit of hidden firewall rules? I'm guessing the threshold is much lower than what is typically employed. Debugging a normal system is hard, make the system distributed and itturns quickly into a nightmare.

To be fair, there are cases where I think hiding rules is appropriate, specifically when access is constrained to asubset of hosts. The important information to hide is notnecessarily what ports are exposed but to whom access is granted. One could argue that the hiding of this information does significantly impede the progress of the attack as scanning from an arbitrary host gives imprecise information, sort of a Byzantine-esque (I use this term loosely, not precisely) quality to information gathering. Then again,there are likely levels also in this case as well. A simple 'restrict to the local network' policy (aka the local subnet) really doesn't buy that much time or defense but a 'restrict to an obscure host or bank of admin hosts' would potentially improve defenses.

Perhaps should there be a notional ICMP Firewall Denied message to assist with debugging? Likely too problematic for security purposes(reflection DoS attacks) but interesting from a debugging standpoint. The increased tamping down of ICMP messaging (our campus blocks inbound) also likely makes this a non-starter. Perhaps something in TCP? A can of worms but maybe a nominal TCP options field? Something truly crazy would be the ability to query any host for its firewall ruleset. Crazy indeed.

NC State, IEEE BroadNets

2007-09-17T22:13:00.001-04:00

Back to the Midwest after my week long foray to North Carolina.

On Monday, I had a chance to visit Vince Freeh and a few folks at NC State in the Electrical/Computer Engineering and Computer Science departments. Their new building is simply amazing I must say. I gave a seminar on our ScaleBox work which had a wonderful attendance despite competing against a speaker on video games who had given a talk earlier that day. Fortunately, it is early in the semester but I was quite impressed by the sheer number of students we packed into the seminar room. The slides should be posted shortly to the NetScale wiki sometime tomorrow (Tuesday).

Tuesday through Thursday was the IEEE BroadNets conference, a nice smaller conference that had evolved out of the former Opticomm with three tracks on general Internet networking, wireless networking, and optical networking. I mixed quite a bit between the Internet symposium and the wireless networking symposium and unfortunately missed a few good talks here and there. There was a paper on Layer 3 Rogue Wireless Access Point detection that I missed and did not have a chance to catch the authors to get a bit more information.

Some of the highlights I thought were:

TCP acceleration for low-bandwidth links: The paper that received the best paper award for the Internet symposium focused on neat tricks for improving the perceived performance for bandwidth-limited mobile devices. Neat tricks that are certainly timely in today's current Internet.
eMIST testbed: The testbed was a collection of Java test tools for profiling of Internet connectivity on cell phones out of Kevin Almeroth's group at UCSB. Very neat suite of tools that showed some of the pitfalls when trying to design real-time / delay-sensitive applications (primarily games) for mobile devices.
TCP Quick Start: A paper by Scharf analyzed the performance of the Experimental TCP Quick Start RFC. Interesting in that Quick Start seems to share some of the properties of the work in the recent DARPA Control Plane effort led by Tim Gibson as the DARPA PM. While the paper focused exclusively on performance, the core protocol is especially interesting in light of our accelerated admission control schemes. In short, Quick Start probes for capacity via IP Options and then ramps up CWND without probing. Of course, the use of IP Options are a non-starter for any real deployment but a gateway or hybrid setup could have quite a bit of promise.
PoMo: Interesting work by Griffeon, Calvert of University of Kentucky and Bhatterjee (sp?) of Maryland. The work is sponsored by FIND and makes a good faith effort at separating routing from addressing. Plenty of work to be done as the work is still in its infancy but something to keep an eye on.
Ethernet vs. IP in the MAN/WAN: Thanks to my adviser, Arun Somani (the chair at ISU - my alma mater), and Gigi Karmous-Edwards I got roped into serving on a panel discussing the previous topic of a panel consisting of Adel Saleh (DARPA PM), K. K. Ramikrishan (AT&T), and David Allen (Nortel). I learned quite a bit but unfortunately had to follow David Allen who certainly is at the forefront of pushing out Ethernet farther. I highly encourage people to track down both David Allen's slides and K. K. Ramakrishnan's slides as they had interesting perspectives from the ISP and vendor sides. The RFCs governing MACinMAC and PBB-TE are on my list for late night reading when I have a chance. Also neat is that IS-IS is the preferred link state of choice due to its independence of addressing. Research-wise, Adel Saleh's slides are perhaps the most thought provoking as they look at what different permutations might emerge and ask more questions than providing answers. Needless to say I was but a humble assistant professor in the group but I certainly thank Dr. Karmous-Edwards for the wonderful opportunity to be up with the group. You can catch my slides on my musings on what the last-mile is bringing on the NetScale wiki.

All in all, the conference was a very nice small setting where people had excellent opportunities to interact rather than being one among the horde of other attendees (thanks Dr. Rouskas). Next year's BroadNets will be in the UK which should up the European participation significantly and I am guessing will also likely follow the three track formula.

Google Talk to iChat

2007-09-11T16:11:00.000-04:00

I'm out traveling to IEEE BroadNets for the week and attempting unsuccessfully to connect up to folks using iChat. I'm traveling with my Lenovo tablet as it makes working much easier on the plane (amen to rotating screens and the stylus for doing work).

The use of my tablet of course means that I'm stuck using Windows. While there is an iTunes version for Windows, there is as of yet, no version of iChat for Windows. Hence, I go with option number two, Google Talk which in the past has worked alright. During the winter, it became the stand in for a Ph. D defense at Western Michigan due to inclement weather. Not great but not too bad either.

Anyway, iChat has been positively wonderful on my Mac at work. I can add Google Talk users quite easily and chat without any major issues. Being naive, I assumed the reverse would be true with Google Talk. Perhaps someone can enlighten as to why Google Talk despite using the open Jabber standard insists that I invite users to get a Google Talk account before I can chat with them? The core Jabber protocol isn't terribly difficult and one would think that Google Talk could intermesh nicely with. The whole point of the IETF Jabber effort was to try to standardize these things to get rid of counter-intuitive interactions like this. Near as I could tell, the only way one could chat is with the iChat user initiating the conversation, not the Google Talk user.

More later in the day (or tomorrow) regarding my visit to NC State and the first day of the conference...

Batch scheduling - grid computing

2007-09-05T11:21:00.000-04:00

One of the recent problems we have been looking at is how to correctly schedule batches of tasks in grid computing where the batches consist of multiple synchronization barriers. For instance, REM (Replica Exchange Management) from the field of bio-complexity sends out a set of N tasks that are synchronized X times (the replica exchange) over the course of the simulation. In short at each synchronization point, all N replicas must finish their respective computation and then a small subset of the data is then exchange to help drive the next set of simulations. Loss tolerance in an m,k sense (m out of k must finish) varies depending upon the application but our current bio-complexity group does not allow for it in their batches.

Currently, the state of the art seems to be employing a catchup cluster of extremely fast machines that notice lagging execution hosts and then migrate the sub-task to the faster catchup cluster. At first glance, this appears to be a rather brute force mechanism for improving performance. While it is hard to argue that it does not have a benefit (who wouldn't benefit from having an idle cluster of fast machines?), there is some interesting theory and tradeoffs to be examined in what the optimal schedule would be and what sort of missed opportunity comes from dedicating the catchup cluster. Moreover, there are certainly practical tradeoffs with regards to job migration (network transfer time) that are also of concern for capturing the tradeoffs correctly. Toss in heterogeneous job execution length (due to parameters), heterogeneous processing capacity of the grid, and possibly the potential for job failure (eviction, node crashing, etc.) and it all gets complicated fairly quickly.

A fascinating problem as it has roots in both grid computing and real-time computing / scheduling (my initial graduate school work). Most interesting is that I think it can draw from some of the properties of the multi-processor EDF (Earliest Deadline First) bound estimation work and may or may not need to employ heuristic-based schemes ala the original Spring kernel scheduling approach. Comments are of course welcome if anyone has any work of note in this particular area.

Welcome

2007-08-30T15:47:00.001-04:00

Welcome to my humble entry in the blogosphere. While I certainly won't claim to be quite as eloquent as others here, my intention is to post various interesting tidbits for subjects of interest, specifically topics related to my areas of research on computer networking and computer security.

As to where the title comes from, it is a wordplay on my core research thrust on Transparent Bandwidth Conservation which seeks to eliminate redundancy from network traffic without modifications to the client. More information can be found on my research group webpage at the NetScale Laboratory.