Tuesday, October 30, 2007

Saturday, October 20, 2007

New hardware toys

Over the past month or so, I have been searching for low-cost prototype boards for exploring our RIPPS and ScaleBox work. I think I finally have a winner to play with for the near term with the Atmel NGW 100 Network Gateway kit. It has native dual Ethernet support to allow me to do pass through operations with a customized version of Linux already running. A host of other options less important for networking but very cool for tinkering (SD slot, USB, I2C, SPI, GPIO). Most important of all, the price is just about perfect at only $89. For a few more dollars, it would have been nice to see a power supply tossed in but I already had a few 12V supplies lying around from our my mass of external drive purchases in January.

The board is quite fascinating both as an implementation platform and potentially as a teaching platform. At sub-$100, it is close to tolerable to have students simply buy one for themselves. For teaching, a JTAG debugger (enabling remote GDB and recovery from hosing the flash) would be essential but at a $320 list from Digikey, it is a bit pricey but is not necessary for each and every board. I am a bit concerned about how well it could run our current RIPPS code at only a 133 MHz processor but that gives some incentive to help speed it up / streamline it anyway. Perhaps making a hardware version of the WANRay is finally in order without having to toss on a $700 Cisco PIX box.

Initial forays into the box are very promising. I was really surprised how much stuff is running. Telnet into the box worked right away with ssh and ftp already supported. The box is also running a web server as well as a DHCP server for eth1 (labeled LAN). I did not have a chance to test the serial operations as I could not dig up a serial cable amongst my bank of cables at work.

We'll be putting up a Wiki web fairly soon to collect the various information :)

Friday, October 19, 2007

Weekly Papers - Oct 17

SMACK, aka Simplified Mandatory Access Control Kernel by Casey Schaufler attempts to bring MAC (Mandatory Access Control that is, not the network MAC) to the masses via a LSM in Linux. For those unfamiliar with MAC in the security context, think that everything is labeled with explicit access control and stricter rules on changing access. The CIPSO network tagging is also interesting as we had been considering how to convey local context as part of Lockdown during the TCP SYN phase.

Interesting also that the work in that it is a real live implementation.

Wednesday, October 10, 2007

Weekly Papers - Oct 10

Playing Devil’s Advocate: Inferring Sensitive Information from Anonymized Network Traces

The paper by Coull, Wright, Monrose, Collins, and Reiter that looks at how good the state of the art anonomyzation schemes with regards to hiding identity appeared in NDSS 2007. With a bit of data mining (clustering), DNS, and search engines, the work attempts to infer identity despite anonymization.

Very cool results demonstrating what I think those who have been skeptical of anonymization have suspected for quite some time.

Weekly Group Papers

An interesting dilemma facing a new assistant professor is how to manage their fledgling research group. During my graduate work, I came from a fairly small group (3 or 4 students maximum) where we primarily had only individual meetings. The meetings with my adviser were largely informal (just drop in) rather than a specific time. Other groups at Iowa State had specific schedules for meetings.

From my experiences as an assistant professor, I have hopped between multiple management styles, group meetings, group and individual meetings, individual-only meetings, seminar meetings, etc. Currently, we have a weekly group meeting, weekly status reports (via e-mail and on the wiki), and at least one meeting (scheduled or not) outside of the group meeting. This seems to work alright for the students that are fairly well organized near as I can tell. I have been mulling making students include written summaries of individual meetings on the wiki but have held off on that. Cristina Nita-Rotaru of Purdue mentioned how she used that to help improve student writing skills.

One of the neat changes that I started in the spring was an outgrowth of the system seminar. Each week, each student in the group must read and write a quick summary of a current research paper (in area or out) and then discuss that paper briefly in the group meeting. The summaries are posted on our Repository wiki on the NetScale server for full public consumption. Each paper summary should have the appropriate citation info, an abstract, and the DOI link if possible. The students supplement the abstract with commentary regarding the novelty of the work, future papers to follow up on, and discussion related that work to our own. The specific paper topics are often left up to the student with occasional suggestions tendered by myself.

Out of all of the various management decisions, this has certainly been one of the most successful. At a minimum, it forces the students to continually keep up on research and build their bibliography for their upcoming thesis or dissertation. The broader effect is that everyone in the group (especially myself) benefits from getting a quick summary of current work going on in the field. For myself, that can be especially challenging to find time to simply read papers outside of my normal review duties. With networking as diversified as it is across so many conferences, I do not doubt for a moment that I am missing insightful work that occurs out of the top tier conferences. I find it to be quite intellectually stimulating to poke and prod at various works to see how it might relate or could be improved. In some sense, it resembles a conference setting but at a much more rapid pace (6 to 7 papers per week from a more diverse topic pool). Amusingly enough and perhaps others would agree, I find myself the most productive in terms of new ideas when attending conferences, in part from new views imparted by the speakers but often for simply having time to think in largely uninterrupted blocks (no e-mail, no meetings, no visitors).

In keeping with the spirit of our group discussions, I will try to add in weekly posts regarding the most interesting papers discussed that week with a small bit of personal commentary. If one or two readers (most likely my entire blog reading base, ha) pick up on a more obscure paper and help give that paper a bit of prominence, I will consider my endeavor a success.

Monday, October 1, 2007

HotNets VI Review Results Out

Alas, no HotNets paper for our group this year. I'll be posting our submission on-line to our wiki shortly as the paper was geared strictly towards HotNets, i.e. primarily opinion / philosophy versus raw technical substance. It was definitely a learning experience (euphemism for definite reject) as we do not usually dive into the philosophical domain with papers. Certainly a fun paper to write though as we were quite a bit more casual with various bits of puffery throughout the paper. The use of words such as "scurrilous" and phrases of "having your cake and eating it too" are certainly not typical academse fair.

The executive summary of the paper was fairly simple, sites would love to be centralized as it makes a host of management / resource issues much simpler but often do not have the scale to do so. In that context, we described our concept of ScaleBox which represents the amalgamation of my NSF CAREER work on Transparent Bandwidth Conservation, bringing in packet caching, TCP pre-fetching, tail synchronization, and stealth multicast in a single unified architecture. Unfortunately, fitting all of that in only six pages coupled with various larger scale musings which I thought were much more profound (does TCP apply when bandwidth conservation is involved, does it work with the current Internet, how should multicast economics really work) is a recipe for disaster. Couple that with thoroughly imbibing one's one Kool Aid as I was knee deep in writing a DARPA proposal with an incorrect assumption of reader rapport and that spells R-E-J-E-C-T.

With the wikifying of the submission, I'll also be taking the step of putting the raw reviews themselves on-line. An added bonus is that I get to do a point-by-point rebuttal :) I have long been intrigued by the review process with all of its nuance. The Global Internet Symposium approach of having all reviews signed with fully public reviews for accepted papers was quite interesting with mixed results. Those that took the experiment seriously were not the ones where problems with reviewers existed in the first place which was unfortunate. I would have liked to have seen a bit of a post-mortem on GI via the TCCC mailing list but perhaps it was discussed at the TCCC meeting at INFOCOM. The raw reviews being posted was a fantastic step that should be encouraged in the community to foster transparency.

Alternatively, the public review of SIGCOMM and CCR is a bit of a let down in my opinion. While it is certainly wonderful as a more junior professor to have a well established person writing the front article (having Jon Crowcroft write the public review for our edge-to-edge QoS paper, ERM, was a special treat), the public reviews especially for a conference like SIGCOMM often seemed to get watered down. Some had reasonable anecdotes from the TPC but most were fairly bland relative to the paper. Given the tight interweaving of accepted papers at SIGCOMM versus TPC members, I guess this would only be natural. Coming as a relative outsider, the raw reviews give significant more confidence in the thoroughness of the process than the rough equivalent of a NSF panel summary.

While I won't muse too much on where conferences in networking are going as that is best left to the TCCC mailing list or other venues, it is interesting that the philosophy espoused by HotNets is actually the norm outside of systems / networking. Works in progress or abstract-only submissions drive conference submissions rather than conference papers representing completed works in and of themselves. A roommate of one of my graduate students was shocked to find out that conference submissions were actually rejected in our field, even more shocked when he found out the average acceptance ratios.

It is my humble opinion that we are doing ourselves a disservice by focusing so much on completeness or practicality (perceived or actual) rather than the potential discussion or outgrowth points for the paper. Perhaps I am a bit older school but my perception of conferences was that they were a venue for unfinished work with the on-site discussion and reviews serving as an incubation testbed for thought provoking questions. Suffice to say, I find it a bit troubling that there were more interesting works in terms of posing new questions / opening new research areas at BroadNets than INFOCOM this past year. The average quality of the papers at INFOCOM were better but the opportunities for future work seemed considerably less. SIGCOMM is a whole different entity that I'll leave for another day.