Each year, the University of Washington’s College of Engineering recognizes alumni and friends who have made outstanding contributions to the field of engineering through its Diamond Awards. Among the 2022 honorees are two Allen School alumni whose cutting-edge research has helped steer the future of computer networking with far-reaching impacts: Stefan Savage (Ph.D., ’02), recipient of the Distinguished Achievement in Academia Award, and Justine Sherry (B.S., ‘10), recipient of the Early Career Award.
Stefan Savage: Distinguished Achievement in Academia
Those who say “crime doesn’t pay” might have crossed paths with University of California San Diego professor Stefan Savage — or at least, come across the results of his work. It was Savage who led a team of researchers in demonstrating how to disrupt the global web of electronic criminals by analyzing the economic, as well as technical, aspects of the problem. Before he helped to untangle the connections between email spam and the financial services used to monetize it, attempts to combat such networks amounted to a game of “whack a mole”: shut down one domain name, for example, and the criminals could easily and cheaply switch to another.
Savage and his colleagues developed an infrastructure to track on the order of hundreds of millions of spam emails, which enabled them to piece together the entire value chain of these illicit enterprises. This led them to discover a weak link: payment processing. Unlike much of the computing network infrastructure that the criminals relied on, the handful of financial institutions hosting their merchant accounts and processing the credit card payments that allowed them to profit off of their activities were not so easy or inexpensive to replace. Banks, law enforcement, the International Anti-Counterfeiting Coalition, and regulatory agencies such as the U.S. Food and Drug Administration and Federal Trade Commission have since applied the lessons learned through Savage’s work to combat online drug trafficking and the sale of counterfeit goods.
Savage was also instrumental in advancing the field’s understanding of the scope and mechanics of internet denial of service attacks, worms and other malware — along with effective countermeasures. For example, he co-led the development of a technique called backscatter analysis that uses packets sent from the victim in response to spoofed packets from an attacker to measure the number, duration and focus of denial of service attacks. He and his team then applied the technique to provide the first-ever estimate of denial of service activity worldwide. According to Allen School professor Ed Lazowska, Savage’s contributions to the safety and security of modern computing cannot be overstated.
“Stefan is the most creative person working in the hugely important fields of network security, privacy, and reliability today,” said Lazowska, who is the Bill & Melinda Gates Chair Emeritus at the Allen School. “He has an uncanny ability to ask exactly the right question, devise exactly the right methodology to explore that question, propose exactly the right solution, and see that solution through to impact.”
That uncanny ability was on full display when Savage and Allen School professor Tadayoshi Kohno co-led a team of researchers in exploring how the increasing computerization of automobiles introduced the potential for new security threats. After showing how they could physically infiltrate a vehicle’s onboard networks to gain control of critical systems, Savage and his collaborators followed up by demonstrating how the same systems were also vulnerable to remote wireless attacks — including, at one point, using a laptop to interfere with a car’s braking system as it cruised down an abandoned airstrip.
By turning their students loose on a pair of Chevy Impalas, Savage and Kohno ultimately helped turn the entire automobile industry in a new direction and, as Savage himself put it, influenced “how products are built and how policies are written.” As part of those changes, manufacturers began hiring dedicated security teams, while regulatory bodies established new security standards and devoted resources to addressing emerging threats. It is yet another example of how Savage’s combination of curiosity, creativity and technical excellence has had a tangible impact in the field of computer security and beyond — an impact that has earned not one but two Test of Time Awards from the IEEE Symposium on Security and Privacy recognizing the enduring influence of his electronic crime-fighting and automobile cybersecurity work.
“Stefan is somebody who very much embodies the values of the University of Washington,” said Geoffrey Voelker (Ph.D., ‘00), Savage’s UCSD colleague and fellow Allen School alum. “He is a world-class researcher who has had tremendous impact in his field. He’s also just an amazing person who is very generous and positively affects everybody he comes in contact with.”
Justine Sherry: Early Career
Justine Sherry may still be in the first decade of her faculty career at Carnegie Mellon University, but she has already established herself as a consummate researcher and sought-after thought leader when it comes to the design and implementation of networked systems that can handle the scale and complexity of the modern internet. Since graduating from the UW with bachelor’s degrees in computer science and international studies, she has produced a succession of groundbreaking contributions that have advanced network performance, reliability, security and fairness.
“Justine is among the very best young computer science researchers in the world,” said Dan Grossman, professor and vice director of the Allen School. “Her work is hard to pigeonhole because it spans much of modern networking, from algorithms, to measurements, to arguments on how to evaluate a network policy’s ‘goodness.’ Justine’s leadership among computer networking experts is impressive for someone of any age, and truly extraordinary for someone so early in their career.”
That extraordinary early leadership was evident in her Ph.D. research at the University of California, Berkeley, where she devised a method for managing network traffic in the cloud that came to be known as network function virtualization. Conventional enterprise network management relied on a collection of hardware devices dedicated to various functions, from intrusion detection to load balancing. The entire system was expensive to assemble, complicated to manage, difficult to scale, and vulnerable to security breaches. Sherry developed an architecture to support outsourcing middlebox functions to the cloud, accompanied by practical approaches for addressing concerns such as latency and fault tolerance to meet performance demands. Network function virtualization has grown into a $12 billion business — and is projected to triple over the next few years.
Sherry has also emerged as an expert in the theory and practice of congestion control, which is essential to maintaining fairness and reliability of internet services by managing demand for total available bandwidth. As part of this work, she and her team explore fundamental questions about what makes congestion control algorithms “good” — including what properties matter most under which conditions — and how to evaluate whether one algorithm is better than another. These issues are particularly salient as cloud operators’ congestion control algorithms, which are generally proprietary, affect the experience of billions of internet users.
For example, traditional algorithms are designed to reduce the portion of bandwidth their service is using in proportion to the number of other services seeking a share. Using a combination of experiments and mathematical modeling, Sherry and her colleagues discovered that Google’s newly released BBR algorithm for YouTube consumed a fixed portion of available bandwidth regardless of the level of demand from other services — leading to one experiment where a single BBR connection took up 40% of the network, with 16 competing services attaining less than 4% each. She and the team developed an evaluation framework based on a metric of “harm” to evaluate new algorithms in relation to the status quo prior to deployment.
“Justine was described by one of her colleagues as being fearless, and that fearlessness shows itself in her problem formulations, in the questions that she asks.” said Christopher Ramming, senior director of research and innovation at VMWare. “It’s that combination of properties that makes her stand out.”
That fearlessness prompted Sherry and her collaborators to question the conventional approach to intrusion detection and prevention processing. The goal was to determine whether it was possible to use a single software server to manage these critical workloads — among the most demanding network functions — for networks on the order of 100 Gbps and involving hundreds of thousands concurrent connections and more than 10,000 rules. Sherry and her team demonstrated that it is not only feasible, but also practical, with Pigasus, a FPGA-first architecture capable of handling the majority of intrusion detection and prevention processing for a 100 Gbps network using five cores and a single FPGA. In addition to being more cost-effective, they demonstrated that their FPGA-first model consumes 38x less energy than existing CPU-based approaches. This work has opened up new research directions in energy-efficient large-scale computing and the performance of network-intensive computation on hybrid software/hardware platforms in the cloud.
Sherry, Savage and their fellow award recipients were formally honored at an event hosted by the College last month. Learn more about the 2022 Diamond Award recipients here.
Congratulations, Stefan and Justine, and thank you for being such wonderful ambassadors for UW, the College and the Allen School!