Networking and Security Projects

People generally center their lives around their residence. This center of gravity is where we can be contacted, store our things, do our homework, play games, meet after disparate activities, eat our meals, and so on. Our digital lives are, however, not organized around such a hub. Rather, we use a myriad of services to communicate with one another, store pictures, work on documents, share videos, keep our music, deal with calendars, etc. In this arrangement we are the hub. Our content and information comes to us from a range of places to wherever we happen to be at the moment.

Traditional datacenters are built using servers, each of which tightly integrates a small amount of CPU, memory and storage onto a single motherboard. The slowdown of Moore's Law has led to surfacing of several fundamental limitations of such server-centric architectures (e.g, the memory-capacity wall making CPU-memory co-location unsustainable). As a result, a new computing paradigm is emerging --- a disaggregated datacenter architecture, where each resource type is built as a standalone "blade" and a network fabric interconnects the resource blades within and across datacenter racks.

ICSI is working with LBNL on refinements to Zeek (formerly known as Bro). The work includes troubleshooting and resolving the most complex problems with the Zeek network monitor, development/integration of the communication framework, development and implementation of new features for the Input framework, and development of a persistence solution for the NetControl and Catch-and Release frameworks of Zeek/Bro. Zeek/Bro is an open-source network intrustion detection system developed at ICSI and LBNL which is currently in use at Fortune 500 companies, universities, and governments.

The Internet has ushered in a new era of communication, and has supported an ever-growing set of applications that have transformed our lives. It is remarkable that all this has taken place with an Internet architecture that has remained unchanged for over forty years. While unfortunate, some view this architectural stagnation as inevitable. After all, it has long been a central tenet that the Internet needs a "narrow waist" at the internetworking layer (L3), a single uniform protocol adopted by everyone; given this assumption, changing this layer is inevitably hard.

When the DNS fails, nothing works. One does not need to look beyond many real-world advertising campaigns to appreciate that naming is one of the foundational elements upon which most higher layer Internet services are built. We use names as rendezvous points between users and services (e.g., www.twitter.com). Yet, we do not use names directly in traffic routing. Rather, we turn names into IP addresses via the Domain Name System (DNS). A DNS lookup is therefore a prerequisite for most Internet transactions.

In this collaborative project with UC Berkeley, ICSI PIs are working with the lead developer of the "Snowflake" censorship circumvention system to refine the code for production deployment in both the Tor Browser Bundle and as a stand-alone application. The work includes developing instrumentation to measure the usage of Snowflake as its deployment rolls out and analyzing the results to assess Snowflake's impact on enabling circumvention.

As scientific research requires free exchange of information and ideas among collaborators world-wide, scientists depend critically on full and open access to the Internet. Yet in today’s world, such open access also exposes sites to incessant network attacks. Some of the most powerful networks today remain particularly hard to defend: for the 100G environments and backbones that facilitate modern data-intensive sciences, classic inline firewalls remain infeasible options.

This project looks into the usage and collection of data by programs that operate behind the scenes. The collected data and its use by a network of sellers, brokers, and marketers represents a direct privacy threat as it can be used for marketing, profiling, crime, or government surveillance, and yet consumers have little knowledge about it and no legal means to access the data. ICSI researchers are conducting surveys and experiments to determine the current status of this data and observe its effects.

This project focuses on establishing a science of censorship resistance. Recent years have seen significant efforts on the part of both practitioners and researchers in countering large-scale Internet censorship imposed by nation-states. Driven by an active arms race, much of the research work in the field has been reactive in nature, lacking solid and methodical foundations.