Conference Articles

  1. Woo, S., Sherry, J., Han, S., Moon, S., Ratnasamy, S., & Shenker, S. (2018). Elastic Scaling of Stateful Network Functions. In Proceedings of the 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI 18) (pp. 299–312). Renton, WA: USENIX Association. [pdf] [abstract] [bibtex]
    Abstract: Elastic scaling is a central promise of NFV but has been hard to realize in practice. The difficulty arises because most Network Functions (NFs) are stateful and this state need to be shared across NF instances. Implementing state sharing while meeting the throughput and latency requirements placed on NFs is challenging and, to date, no solution exists that meets NFV’s performance goals for the full spectrum of NFs. S6 is a new framework that supports elastic scaling of NFs without compromising performance. Its design builds on the insight that a distributed shared state abstraction is well-suited to the NFV context. We organize state as a distributed shared object (DSO) space and extend the DSO concept with techniques designed to meet the need for elasticity and high-performance in NFV workloads. S6 simplifies development: NF writers program with no awareness of how state is distributed and shared. Instead, S6 transparently migrates state and handles accesses to shared state. In our evaluation, compared to recent solutions for dynamic scaling of NFs, S6 improves performance by 100x during scaling events, and by 2-5x under normal operation.
    BibTeX:
    @inproceedings{woo-nsdi18,
      author = {Woo, Shinae and Sherry, Justine and Han, Sangjin and Moon, Sue and Ratnasamy, Sylvia and Shenker, Scott},
      title = {Elastic Scaling of Stateful Network Functions},
      booktitle = {Proceedings of the 15th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 18)},
      year = {2018},
      isbn = {978-1-931971-43-0},
      address = {Renton, WA},
      pages = {299--312},
      publisher = {{USENIX} Association}
    }
    
  2. Lan, C., Sherry, J., Popa, R. A., Ratnasamy, S., & Liu, Z. (2016). Embark: Securely Outsourcing Middleboxes to the Cloud. In Proceedings of the 13th USENIX Conference on Networked Systems Design and Implementation (pp. 255–273). Berkeley, CA, USA: USENIX Association. [pdf] [abstract] [bibtex]
    Abstract: It is increasingly common for enterprises and other organizations to outsource network processing to the cloud. For example, enterprises may outsource firewalling, caching, and deep packet inspection, just as they outsource compute and storage. However, this poses a threat to enterprise confidentiality because the cloud provider gains access to the organization’s traffic. We design and build Embark, the first system that enables a cloud provider to support middlebox outsourcing while maintaining the client’s confidentiality. Embark encrypts the traffic that reaches the cloud and enables the cloud to process the encrypted traffic without decrypting it. Embark supports a wide-range of middleboxes such as firewalls, NATs, web proxies, load balancers, and data exfiltration systems. Our evaluation shows that Embark supports these applications with competitive performance.
    BibTeX:
    @inproceedings{lan-nsdi16,
      author = {Lan, Chang and Sherry, Justine and Popa, Raluca Ada and Ratnasamy, Sylvia and Liu, Zhi},
      title = {Embark: Securely Outsourcing Middleboxes to the Cloud},
      booktitle = {Proceedings of the 13th USENIX Conference on Networked Systems Design and Implementation},
      series = {NSDI'16},
      year = {2016},
      location = {Santa Clara, CA},
      pages = {255--273},
      numpages = {19},
      publisher = {USENIX Association},
      address = {Berkeley, CA, USA}
    }
    
  3. Sherry, J., Lan, C., Popa, R. A., & Ratnasamy, S. (2015). BlindBox: Deep Packet Inspection over Encrypted Traffic. In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication (pp. 213–226). New York, NY, USA: ACM. [pdf] [abstract] [bibtex]
    Abstract: Many network middleboxes perform deep packet inspection (DPI), a set of useful tasks which examine packet payloads. These tasks include intrusion detection (IDS), exfiltration detection, and parental filtering. However, a long-standing issue is that once packets are sent over HTTPS, middleboxes can no longer accomplish their tasks because the payloads are encrypted. Hence, one is faced with the choice of only one of two desirable properties: the functionality of middleboxes and the privacy of encryption. We propose BlindBox, the first system that simultaneously provides both of these properties. The approach of BlindBox is to perform the deep-packet inspection directly on the encrypted traffic. BlindBox realizes this approach through a new protocol and new encryption schemes. We demonstrate that BlindBox enables applications such as IDS, exfiltration detection and parental filtering, and supports real rulesets from both open-source and industrial DPI systems. We implemented BlindBox and showed that it is practical for settings with long-lived HTTPS connections. Moreover, its core encryption scheme is 3-6 orders of magnitude faster than existing relevant cryptographic schemes.
    BibTeX:
    @inproceedings{sherry-sigcomm15a,
      author = {Sherry, Justine and Lan, Chang and Popa, Raluca Ada and Ratnasamy, Sylvia},
      title = {BlindBox: Deep Packet Inspection over Encrypted Traffic},
      booktitle = {Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication},
      series = {SIGCOMM '15},
      year = {2015},
      location = {London, United Kingdom},
      pages = {213--226},
      numpages = {14},
      publisher = {ACM},
      address = {New York, NY, USA},
      keywords = {middlebox privacy, network privacy, searchable encryption}
    }
    
  4. Sherry, J., Gao, P. X., Basu, S., Panda, A., Krishnamurthy, A., Maciocco, C., … Shenker, S. (2015). Rollback-Recovery for Middleboxes. In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication (pp. 227–240). New York, NY, USA: ACM. Awarded Best Student Paper. [pdf] [abstract] [bibtex]
    Abstract: Network middleboxes must offer high availability, with automatic failover when a device fails. Achieving high availability is challenging because failover must correctly restore lost state (e.g., activity logs, port mappings) but must do so quickly (e.g., in less than typical transport timeout values to minimize disruption to applications) and with little overhead to failure-free operation (e.g., additional per-packet latencies of 10-100s of us). No existing middlebox design provides failover that is correct, fast to recover, and imposes little increased latency on failure-free operations. We present a new design for fault-tolerance in middleboxes that achieves these three goals. Our system, FTMB (for Fault-Tolerant MiddleBox), adopts the classical approach of "rollback recovery" in which a system uses information logged during normal operation to correctly reconstruct state after a failure. However, traditional rollback recovery cannot maintain high throughput given the frequent output rate of middleboxes. Hence, we design a novel solution to record middlebox state which relies on two mechanisms: (1) ’ordered logging’, which provides lightweight logging of the information needed after recovery, and (2) a ‘parallel release’ algorithm which, when coupled with ordered logging, ensures that recovery is always correct. We implement ordered logging and parallel release in Click and show that for our test applications our design adds only 30\mus of latency to median per packet latencies. Our system introduces moderate throughput overheads (5-30%) and can reconstruct lost state in 40-275ms for practical systems.
    BibTeX:
    @inproceedings{sherry-sigcomm15b,
      author = {Sherry, Justine and Gao, Peter Xiang and Basu, Soumya and Panda, Aurojit and Krishnamurthy, Arvind and Maciocco, Christian and Manesh, Maziar and Martins, Jo\~{a}o and Ratnasamy, Sylvia and Rizzo, Luigi and Shenker, Scott},
      title = {Rollback-Recovery for Middleboxes},
      booktitle = {Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication},
      series = {SIGCOMM '15},
      year = {2015},
      location = {London, United Kingdom},
      pages = {227--240},
      numpages = {14},
      publisher = {ACM},
      award = {Best Student Paper},
      address = {New York, NY, USA},
      keywords = {middlebox reliability, parallel fault-tolerance}
    }
    
  5. Jang, K., Sherry, J., Ballani, H., & Moncaster, T. (2015). Silo: Predictable Message Latency in the Cloud. In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication (pp. 435–448). New York, NY, USA: ACM. [pdf] [abstract] [bibtex]
    Abstract: Many cloud applications can benefit from guaranteed latency for their network messages, however providing such predictability is hard, especially in multi-tenant datacenters. We identify three key requirements for such predictability: guaranteed network bandwidth, guaranteed packet delay and guaranteed burst allowance. We present Silo, a system that offers these guarantees in multi-tenant datacenters. Silo leverages the tight coupling between bandwidth and delay: controlling tenant bandwidth leads to deterministic bounds on network queuing delay. Silo builds upon network calculus to place tenant VMs with competing requirements such that they can coexist. A novel hypervisor-based policing mechanism achieves packet pacing at sub-microsecond granularity, ensuring tenants do not exceed their allowances. We have implemented a Silo prototype comprising a VM placement manager and a Windows filter driver. Silo does not require any changes to applications, guest OSes or network switches. We show that Silo can ensure predictable message latency for cloud applications while imposing low overhead.
    BibTeX:
    @inproceedings{jang-sigcomm15,
      author = {Jang, Keon and Sherry, Justine and Ballani, Hitesh and Moncaster, Toby},
      title = {Silo: Predictable Message Latency in the Cloud},
      booktitle = {Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication},
      series = {SIGCOMM '15},
      year = {2015},
      location = {London, United Kingdom},
      pages = {435--448},
      numpages = {14},
      publisher = {ACM},
      address = {New York, NY, USA},
      keywords = {guaranteed latency, latency SLA, network QoS, network calculus, traffic pacing}
    }
    
  6. Mittal, R., Sherry, J., Ratnasamy, S., & Shenker, S. (2014). Recursively Cautious Congestion Control. In Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation (pp. 373–385). Berkeley, CA, USA: USENIX Association. [pdf] [abstract] [bibtex]
    Abstract: TCP’s congestion control is deliberately cautious, avoiding network overloads by starting with a small initial window and then iteratively ramping up. As a result, it often takes flows several round-trip times to fully utilize the available bandwidth. In this paper we propose RC3, a technique to quickly take advantage of available capacity from the very first RTT. RC3 uses several levels of lower priority service and a modified TCP behavior to achieve near-optimal throughputs while preserving TCP-friendliness and fairness. We implement RC3 in the Linux kernel and in NS-3. In common wide-area scenarios, RC3 results in over 40% reduction in average flow completion times, with strongest improvements - more than 70% reduction in flow completion time - seen in medium to large sized (100KB - 3MB) flows.
    BibTeX:
    @inproceedings{mittal-nsdi14,
      author = {Mittal, Radhika and Sherry, Justine and Ratnasamy, Sylvia and Shenker, Scott},
      title = {Recursively Cautious Congestion Control},
      booktitle = {Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation},
      series = {NSDI'14},
      year = {2014},
      location = {Seattle, WA},
      pages = {373--385},
      numpages = {13},
      publisher = {USENIX Association},
      address = {Berkeley, CA, USA}
    }
    
  7. Vulimiri, A., Godfrey, P. B., Mittal, R., Sherry, J., Ratnasamy, S., & Shenker, S. (2013). Low Latency via Redundancy. In Proceedings of the Ninth ACM Conference on Emerging Networking Experiments and Technologies (pp. 283–294). New York, NY, USA: ACM. [pdf] [bibtex]
    BibTeX:
    @inproceedings{vulmiri-conext13,
      author = {Vulimiri, Ashish and Godfrey, Philip Brighten and Mittal, Radhika and Sherry, Justine and Ratnasamy, Sylvia and Shenker, Scott},
      title = {Low Latency via Redundancy},
      booktitle = {Proceedings of the Ninth ACM Conference on Emerging Networking Experiments and Technologies},
      series = {CoNEXT '13},
      year = {2013},
      location = {Santa Barbara, California, USA},
      pages = {283--294},
      numpages = {12},
      publisher = {ACM},
      address = {New York, NY, USA},
      keywords = {latency, performance, reliability}
    }
    
  8. Sherry, J., Hasan, S., Scott, C., Krishnamurthy, A., Ratnasamy, S., & Sekar, V. (2012). Making Middleboxes Someone Else’s Problem: Network Processing As a Cloud Service. In Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (pp. 13–24). New York, NY, USA: ACM. [pdf] [bibtex]
    BibTeX:
    @inproceedings{sherry-sigcomm12,
      author = {Sherry, Justine and Hasan, Shaddi and Scott, Colin and Krishnamurthy, Arvind and Ratnasamy, Sylvia and Sekar, Vyas},
      title = {Making Middleboxes Someone Else's Problem: Network Processing As a Cloud Service},
      booktitle = {Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication},
      series = {SIGCOMM '12},
      year = {2012},
      isbn = {978-1-4503-1419-0},
      location = {Helsinki, Finland},
      pages = {13--24},
      numpages = {12},
      publisher = {ACM},
      address = {New York, NY, USA},
      keywords = {cloud, middlebox, outsourcing}
    }
    
  9. Sherry, J., Katz-Bassett, E., Pimenova, M., Madhyastha, H. V., Anderson, T., & Krishnamurthy, A. (2010). Resolving IP Aliases with Prespecified Timestamps. In Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement (pp. 172–178). New York, NY, USA: ACM. [pdf] [bibtex]
    BibTeX:
    @inproceedings{sherry-imc10,
      author = {Sherry, Justine and Katz-Bassett, Ethan and Pimenova, Mary and Madhyastha, Harsha V. and Anderson, Thomas and Krishnamurthy, Arvind},
      title = {Resolving IP Aliases with Prespecified Timestamps},
      booktitle = {Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement},
      series = {IMC '10},
      year = {2010},
      isbn = {978-1-4503-0483-2},
      location = {Melbourne, Australia},
      pages = {172--178},
      numpages = {7},
      publisher = {ACM},
      address = {New York, NY, USA},
      keywords = {alias resolution, ip options, ip timestamp}
    }
    
  10. Katz-Bassett, E., Madhyastha, H. V., Adhikari, V. K., Scott, C., Sherry, J., Van Wesep, P., … Krishnamurthy, A. (2010). Reverse Traceroute. In Proceedings of the 7th USENIX Conference on Networked Systems Design and Implementation (pp. 15–15). Berkeley, CA, USA: USENIX Association. Awarded Best Paper. [pdf] [bibtex]
    BibTeX:
    @inproceedings{katzbassett-nsdi10,
      author = {Katz-Bassett, Ethan and Madhyastha, Harsha V. and Adhikari, Vijay Kumar and Scott, Colin and Sherry, Justine and Van Wesep, Peter and Anderson, Thomas and Krishnamurthy, Arvind},
      title = {Reverse Traceroute},
      booktitle = {Proceedings of the 7th USENIX Conference on Networked Systems Design and Implementation},
      series = {NSDI'10},
      year = {2010},
      location = {San Jose, California},
      pages = {15--15},
      numpages = {1},
      publisher = {USENIX Association},
      address = {Berkeley, CA, USA},
      award = {Best Paper}
    }
    

Journal Articles

  1. Panda, A., McCauley, J. M., Tootoonchian, A., Sherry, J., Koponen, T., Ratnasamy, S., & Shenker, S. (2016). Open Network Interfaces for Carrier Networks. SIGCOMM Comput. Commun. Rev., 46(1), 5–11. [pdf] [abstract] [bibtex]
    Abstract: With the increasing prevalence of middleboxes, networks today are capable of doing far more than merely delivering packets. In fact, to realize their full potential for both supporting innovation and generating revenue, we should think of carrier networks as service-delivery platforms. This requires providing open interfaces that allow third-parties to leverage carrier-network infrastructures in building global-scale services. In this position paper, we take the first steps towards making this vision concrete by identifying a few such interfaces that are both simple-to-support and safe-to-deploy (for the carrier) while being flexibly useful (for third-parties).
    BibTeX:
    @article{panda-ccr16,
      author = {Panda, Aurojit and McCauley, James Murphy and Tootoonchian, Amin and Sherry, Justine and Koponen, Teemu and Ratnasamy, Syliva and Shenker, Scott},
      title = {Open Network Interfaces for Carrier Networks},
      journal = {SIGCOMM Comput. Commun. Rev.},
      issue_date = {January 2016},
      volume = {46},
      number = {1},
      month = jan,
      year = {2016},
      pages = {5--11},
      numpages = {7},
      publisher = {ACM},
      address = {New York, NY, USA},
      keywords = {edge services, services}
    }
    

Workshop Articles

  1. Mittal, R., Sherry, J., Ratnasamy, S., & Shenker, S. (2013). How to Improve Your Network Performance by Asking Your Provider for Worse Service. Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks. New York, NY, USA: ACM. [pdf] [bibtex]
    BibTeX:
    @workshop{mittal-hotnets13,
      author = {Mittal, Radhika and Sherry, Justine and Ratnasamy, Sylvia and Shenker, Scott},
      title = {How to Improve Your Network Performance by Asking Your Provider for Worse Service},
      booktitle = {Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks},
      series = {HotNets-XII},
      year = {2013},
      location = {College Park, Maryland},
      pages = {25:1--25:7},
      articleno = {25},
      numpages = {7},
      publisher = {ACM},
      address = {New York, NY, USA}
    }
    
  2. Rao, A., Choffnes, D., Sherry, J., Legaut, A., Krishnamurthy, A., & Dabbous, W. (2012). Meddle: Middleboxes for Increased Transparency and Control of Mobile Traffic. CoNEXT 2012 Student Workshop. New York, NY, USA: ACM. Awarded Best Paper. [pdf] [bibtex]
    BibTeX:
    @workshop{rao-conextstudent12,
      author = {Rao, A. and Choffnes, D. and Sherry, J. and Legaut, A. and Krishnamurthy, A. and Dabbous, W.},
      title = {Meddle: Middleboxes for Increased Transparency and Control of Mobile Traffic},
      booktitle = {CoNEXT 2012 Student Workshop},
      year = {2012},
      publisher = {ACM},
      address = {New York, NY, USA},
      award = {Best Paper}
    }
    

Miscellaneous

  1. Bailis, P., Sherry, J., & Peter, S. (2016, April). Introducing Research for Practice: NFV and Middleboxes. Queue. New York, NY, USA: ACM. [pdf] [bibtex]
    BibTeX:
    @misc{bailis-queue16,
      author = {Bailis, Peter and Sherry, Justine and Peter, Simon},
      title = {Introducing Research for Practice: NFV and Middleboxes},
      journal = {Queue},
      issue_date = {March-April 2016},
      volume = {14},
      number = {2},
      month = apr,
      year = {2016},
      pages = {70:76--70:90},
      articleno = {70},
      numpages = {15},
      publisher = {ACM},
      address = {New York, NY, USA}
    }
    

Technical Reports

  1. Wang, S., Sherry, J., & Han, S. (2013). A Dual-Channel Approach to Protocol Design in the Presence of Middleboxes (UCB/EECS-2013-205). UC Berkeley, Department of Electrical Engineering and Computer Sciences. [pdf] [bibtex]
    BibTeX:
    @techreport{wang-techreport13,
      title = {A Dual-Channel Approach to Protocol Design in the Presence of Middleboxes},
      author = {Wang, S. and Sherry, J. and Han, S.},
      institution = {UC Berkeley, Department of Electrical Engineering and Computer Sciences},
      year = {2013},
      type = {UCB/EECS-2013-205}
    }
    
  2. Sherry, J., Kim, D. C., Mahalingam, S. S., Tang, A., Wang, S., & Ratnasamy, S. (2012). Netcalls: End Host Function Calls to Network Traffic Processing Services (UCB/EECS-2012-175). UC Berkeley, Department of Electrical Engineering and Computer Sciences. [pdf] [abstract] [bibtex]
    Abstract: Function calls are a basic primitive by which applications invoke services from external entities. In this paper, we propose “network calls” (netcalls), a general primitive to invoke advanced traffic processing services – such as firewalling or caching – from the network. We design and implement the netcalls API and a backend architecture to support netcalls, allowing end host applications to interact with services not only in their own access network, but any network their traffic traverses. Demonstrating the utility of netcalls, we built three applications to invoke netcalls, along with corresponding network services: interdomain firewalling for DDoS defense,‘opportunistic’ traffic compression, and intrusion detection for mobile phones.
    BibTeX:
    @techreport{sherry-techreport12,
      title = {Netcalls: End Host Function Calls to Network Traffic Processing Services},
      author = {Sherry, J. and Kim, D. C. and Mahalingam, S. S. and Tang, A. and Wang, S. and Ratnasamy, S.},
      institution = {UC Berkeley, Department of Electrical Engineering and Computer Sciences},
      year = {2012},
      type = {UCB/EECS-2012-175}
    }
    

Theses

  1. Sherry, J. (2016, November). Middleboxes as a Cloud Service. EECS Department, University of California, Berkeley. Awarded SIGCOMM Doctoral Dissertation Award. [pdf] [abstract] [bibtex]
    Abstract: Today’s networks do much more than merely deliver packets. Through the deployment of middleboxes, enterprise networks today provide improved security – e.g., filtering malicious content – and performance capabilities – e.g., caching frequently accessed content. Although middleboxes are deployed widely in enterprises, they bring with them many challenges: they are complicated to manage, expensive, prone to failures, and challenge privacy expectations. In this thesis, we aim to bring the benefits of cloud computing to networking. We argue that middlebox services can be outsourced to cloud providers in a similar fashion to how mail, compute, and storage are today outsourced. We begin by presenting APLOMB, a system that allows enterprises to outsource middlebox processing to a third party cloud or ISP. For enterprise networks, APLOMB can reduce costs, ease management, and provide resources for scalability and failover. For service providers, APLOMB offers new customers and business opportunities, but also presents new challenges. Middleboxes have tighter performance demands than existing cloud services, and hence supporting APLOMB requires redesigning software at the cloud. We re-consider classical cloud challenges including fault-tolerance and privacy, showing how to implement middlebox software solutions with throughput and latency 2-4 orders of magnitude more efficient than general-purpose cloud approaches.
    BibTeX:
    @thesis{sherry-phdthesis,
      author = {Sherry, Justine},
      title = {Middleboxes as a Cloud Service},
      school = {EECS Department, University of California, Berkeley},
      year = {2016},
      month = nov,
      number = {UCB/EECS-2016-165},
      award = {SIGCOMM Doctoral Dissertation Award}
    }
    
  2. Sherry, J. (2012, December). Future Architectures for Middlebox Processing Services on the Internet and in the Cloud. EECS Department, University of California, Berkeley. [pdf] [abstract] [bibtex]
    Abstract: Middleboxes, such as caches, firewalls, and intrusion detection systems, form a vital part of network infrastructure today. Administrators deploy middleboxes in diverse scenarios from enterprise networks, to datacenters, to access networks. However, middleboxes are universally deployed under what we call the ‘unilateral model’, where middleboxes are deployed and configured by administrators alone, for the benefit of hosts in a single domain alone. In this thesis, we present two new deployment models for middleboxes which offer new capabilities for middlebox usage as well as new business models for middlebox deployment. Netcalls is an extension to the Internet architecture that allows end host applications to invoke and configure middleboxes in any network their traffic traverses; for example, we present a web server that invokes inter-domain DDoS defense when it detects that it is under attack. APLOMB is a system that allows enterprise networks (as well as individual end hosts) to tunnel their traffic to and from a cloud service that applies middlebox processing to their traffic, avoiding the costly and management-intensive burden of administering middleboxes in a local network. Netcalls and APLOMB allow ISPs and cloud providers (respectively) to monetize their deployment of middleboxes by offering them as a service to third-party clients; all the while presenting new capabilities, in the case of netcalls by enabling application interaction and in the case of APLOMB by providing better scalability and easier management. We discuss both of these proposals and their benefits in detail; we then discuss challenges and opportunities towards their deployment and adoption.
    BibTeX:
    @thesis{sherry-mastersthesis,
      author = {Sherry, Justine},
      title = {Future Architectures for Middlebox Processing Services on the Internet and in the Cloud},
      school = {EECS Department, University of California, Berkeley},
      year = {2012},
      month = dec,
      number = {UCB/EECS-2012-240}
    }
    
  3. Sherry, J. (2010, March). Applications of the IP Timestamp Option to Internet Measurement. Computer Science & Engineering, University of Washington. Awarded CSE Best Senior Thesis. [pdf] [abstract] [bibtex]
    Abstract: Limited support and inconsistent behavior for IP options has led to the common belief that most options cannot be useful. IP timestamp was no exception, until recently, when prespecified IP timestamp measurements were successfully integrated into the Reverse traceroute system. Prespecified timestamps allow the sender to request a series of up to four timestamps from all routers which may receive the packet. Each machine that receives a timestamp probe checks to see whether the next, unstamped IP address matches its own, and if so, provides a timestamp. In this paper, we provide a more extended argument for the role of prespecified timestamps in the measurement toolkit, and demonstrate two new practical use cases for timestamp measurements. We discover over 47% of ICMP ping-responsive routers in our sample support timestamp options, and both document and suggest methods for dealing with some of the differences between implementations of the timestamp option. Where supported, timestamp probes can take advantage of several attributes uncharacteristic of other common measurement tools: a view of the complete path the probe takes, combined responses from up to four requested addresses, and timestamp values from each responsive address. Illustrating these characteristics, we provide several use cases for timestamp probes. First, we describe how timestamps are integrated into the Reverse traceroute system, discovering routers on the path taken from a destination back to the requesting source. Next, we confirm IP aliases by combining multiple timestamp requests for candidate alias pairs in the same probe. In our application, we identify thousands of alias clusters currently unaddressable by the leading alias resolution technique. As our final use case, we apply the literal timestamp values to assessing one-way link delay. With this technique, we measure the delay between backbone PoPs on the Internet2 network with values comparable to those discovered through measurements at the source.
    BibTeX:
    @thesis{sherry-bsthesis,
      author = {Sherry, Justine},
      title = {Applications of the IP Timestamp Option to Internet Measurement},
      school = {Computer Science & Engineering, University of Washington},
      month = mar,
      year = {2010},
      award = {CSE Best Senior Thesis}
    }
    
  4. Sherry, J. (2009, March). Unlocking the Potential of Cell Phones. In ’From the Bottom Up: Rethinking United States Development Assistance’. Editors S. Arbogast, A. O’Leary, W. Latsch. Jackson School of International Studies, University of Washington. [pdf] [abstract] [bibtex]
    Abstract: The rapid rise of mobile phone use in poor countries is well known as an exemplary case of a technology enabling bottom-up empowerment through information access, driven by smallmargin business and end-user innovation. While many are not mobile phone owners themselves, few today face a several mile walk to access an often-disconnected landline phone for communication, which was a regular occurrence only ten years ago. But even as some marvel at the rapid changes brought about by mobile phone use, a second generation boom is already occurring, developing innovative applications for the now widespread mobile phone platform. Building off this new connectivity, there are new programs aiming to provide public information access, data storage and accounting, and even mobile banking, mostly utilizing only the cheapest phone models. Whether for-profit or as charity, these applications are seen by many as the next step in leveraging the power of mobile phone diffusion to provide information access cheaply and efficiently to the world’s poorest. While some may see this new movement as over-exuberant, high-profile new programs are being driven by enthusiasts representing the technology industry, academic research groups, and international aid organizations. As a result, the future of mobile phone applications, as well as most technology in development, is relevant to business and trade policy, research investment, as well as traditional development aid programs.
    BibTeX:
    @thesis{sherry-bsthesis2,
      author = {Sherry, Justine},
      title = {Unlocking the Potential of Cell Phones},
      pages = {200-321},
      school = {In 'From the Bottom Up: Rethinking United States Development Assistance'. Editors S. Arbogast, A. O'Leary, W. Latsch. Jackson School of International Studies, University of Washington},
      month = mar,
      year = {2009}
    }