Presentation on theme: "Nick Feamster Research: Network security and operations –Helping network operators run the network better –Helping users help themselves Lab meetings:"— Presentation transcript:
Nick Feamster Research: Network security and operations –Helping network operators run the network better –Helping users help themselves Lab meetings: Wednesdays at 12 p.m. (free lunch) –Informal seminar. Papers on wireless, virtualization, etc. –Come visit us if you want to learn more Teaching 7001 this fall. Willing to supervise 8903s/mini-projects Klaus 3348
Ph.D. Students Anirudh Ramachandran spam, phishing, traffic monitoring Yiyi Huang diagnosis, traffic monitoring Murtaza Motiwala availability (splicing), diagnosis Mohammed Mukarram bin Tariq network management, provisioning, machine learning, etc. Vytautas Valancius economics, routing, connectivity markets Shuang Hao spam, botnets, monitoring
My Research Focus: Network Security & Operations Goal: Improve network reliability and availability in the face of both accidental and malicious faults Sub-areas –Reliability: fast recovery from failures –Management: fault diagnosis, provisioning, etc. –Security and trust: spam filtering, phishing, etc. –Anti-censorship: for example, defeating the great firewall of China –Economics: improving the efficiency of the Internets connectivity markets
My Research Approach Interdisciplinary: Learn and apply variety of domains –Machine learning, signal processing, algorithms, data mining –Collaboration with Profs. Gray, Lee, Vempala, Vazirani, Xu Practical: Build working systems that people use –Problem driven: network management, anti-censorship, fighting spam, etc. –Implementation and deployment of working systems Relevant: Close interaction with research and industry –Spam: Cisco/Ironport, Yahoo!, Secure Computing –Management/Diagnosis: AOL, Thomson, Georgia Tech Campus –Availability/Economics: NSF Future Internet Design (FIND/GENI) From practice, to theory, to practice. Attack practical networking problems with principled methods. Transfer the solutions to the real world with working systems.
New Research Projects Systems for defeating Internet censorship Bootstrapping relationships in social networks (e.g., Facebook) to build trusted communications channels at the network layer Applying path splicing to wireless networks Monitoring networks for violations of network neutrality Hardware support for network virtualization More information These slides (plus supplements for above projects): me subject Fall research Come to group meetings: Wednesdays at 12 p.m. Contact Ph.D. students Mini-projects:
Circumventing Net Censorship 59+ countries block access to content on the Internet –News, political information, etc. Idea: Use the increasing amount of user-generated content on the Internet (e.g., photo-sharing sites) as the basis for covert channels Some problems: –How do publishers and consumers agree on places to exchange content? –How to design for robustness against blocking? –How to provide deniability for users? –Incentives for participation –System design and implementation
Detecting Network Neutrality Violations ISPs are increasingly applying discriminatory access to different ISPs, application traffic, etc. Problem: Can data that is passively collected from end users be used to distinguish normal degradations (e.g., due to transient failure, congestion, etc.) from intentional discrimination?
Leveraging Trust in Social Networks Many applications rely on trusted communications between end hosts Social networks contain rich information about interpersonal relationships (How) can the trust that is inherent in these relationships be used to bootstrap trusted communications at the network layer? –Access control –File sharing / Cooperative backup –Key exchange
Improving Network Reliability Step 1: Run multiple instances of the routing protocol, each with slightly perturbed versions of the configuration Step 2: Allow traffic to switch between instances at any node in the protocol t s Compute multiple forwarding trees per destination. Allow packets to switch slices midstream. Joint with Prof. Santosh Vempala Student: Murtaza Motiwala
Paths become longer simply because two ASes decide not to interconnect Comcast Abilene AT&T Cogent $$ Peering points in Atlanta Peering point in Washington, D.C. Structure of Internet paths Exploit new structure to allow new types of contracts Improving Network Efficiency Two Changes Joint with Prof. Vijay Vazirani and Prof. Ramesh Johari (Stanford)