I primarily work in the fields of operating systems and networking; my current projects include:

Isolation and Consolidation at the Edge: The shift of computation away from centralized data centers into 5G-based edge clouds promises to reduce latency… but only if our software infrastructures can evolve to efficiently host a diverse range of applications in a safely isolated multi-tenant environment. We have several projects exploring problems in this space, ranging from clean slate OS designs (Usenix ATC 2020) to secure lightweight containers. Much of our work focuses on how Serverless computing can be redesigned to be more efficient (EuroSys 21) and better fit Edge environments (SoCC 21). This work is supported in part by NSF grants CNS-1763548, CNS-1815690, and CPS-1837382.

Software Defined Network Function Virtualization: We are designing the software infrastructures and management algorithms needed to transition network services like routers, firewalls, and intrusion detection systems from running on hardware to more flexible, software-based environments. The basis for our research is OpenNetVM (NSDI 14, HotMiddlebox 16), a high performance NFV platform that we have released as open source to the research community. Through careful optimizations at the systems-level, OpenNetVM can achieve packet processing rates of nearly 70Gbps, while retaining a flexible, SDN-controlled design. We have demonstrated the power of this platform with a self-managing, high speed load balancer for memcached clusters (ICAC 16 Best Paper), explored extreme scalability (Co-NEXT 16), service chain scheduling (SIGCOMM 17), and protocol-stack (SIGCOMM 18) related challenges. This work is supported in part by NSF CNS-1422362 and NSF CRI-1823236. More info here!

Efficient, Flexible, and Dependable Clouds: Modern data centers rely on virtualization to partition servers into isolated components. My early work on “black-box” and “gray-box” virtual machine management (NSDI 07) sought to evaluate the benefits and drawbacks of sending information across the virtualization abstraction layer for resource management. Since then we’ve explored how carefully puncturing the virtualization abstraction layer can be used to dynamically manage memory (VEE 09 Best Paper, Usenix ATC 12, VEE 14), storage (SC 15, IC2E 16) and CPU (IWQoS 12 Best Paper, CCGrid 14). We’ve also investigated the challenges with defending cloud services from both natural disasters (SoCC 11) and malicious attacks (EuroSys 11, HotCloud 16). This work is supported in part by NSF CNS-1525992, an NSF CAREER Award, NSF SaTC-1814234, the Comcast Technology Research and Development Fund, and a Google Faculty Award.

Selected Recent Publications

My full publication list is available on Google Scholar or on my CV. Here are some recent publications most representative of my ongoing work.