Shaddi Hasan

Making middleboxes someone else's problem: network processing as a cloud service

Modern enterprises almost ubiquitously deploy middlebox processing services to improve security and performance in their networks. Despite this, we find that todays middlebox infrastructure is expensive, complex to manage, and creates new failure modes for the networks that use them. Given the promise of cloud computing to decrease costs, ease management, and provide elasticity and fault-tolerance, we argue that middlebox processing can benefit from outsourcing the cloud. Arriving at a feasible implementation, however, is challenging due to the need to achieve functional equivalence with traditional middlebox deployments without sacrificing performance or increasing network complexity. In this paper, we motivate, design, and implement APLOMB, a practical service for outsourcing enterprise middlebox processing to the cloud. Our discussion of APLOMB is data-driven, guided by a survey of 57 enterprise networks, the first large-scale academic study of middlebox deployment. We show that APLOMB solves real problems faced by network administrators, can outsource over 90% of middlebox hardware in a typical large enterprise network, and, in a case study of a real enterprise, imposes an average latency penalty of 1.1ms and median bandwidth inflation of 3.8%.

Computing security in the developing world: a case for multidisciplinary research

Technology users in the developing world face a varied and complex set of computer security concerns. These challenges are deeply tied to a range of contextual factors including poor infrastructure, non-traditional usage patterns, and different attitudes towards security, which make simply importing security solutions from industrialized nations inadequate. Recognizing this, we describe some of the specific security risks in developing regions and their relationships with technical, political, social, and economic factors. We present concrete examples of how these factors affect the security of individuals, groups, and key applications such as mobile banking. Our analysis highlights the urgency of the concerns that need attention and presents an important intellectual challenge for the research community.

GSM whitespaces: An opportunity for rural cellular service

The GSM network is the largest network on Earth, providing vital communications service to billions of people. Yet hundreds of millions of people live outside the coverage of existing cellular providers. Recently, researchers have demonstrated a new model of cellular connectivity, community cellular, that has the potential to bring coverage to extremely rural populations. Although the total capital costs for these networks (<;US

Enhancing rural connectivity with software defined networks

10,000) are affordable for rural communities, the high financial and political cost of access to spectrum in GSM bands makes running a legal community cellular network nearly impossible. This is despite the fact that very rural areas typically have substantial amounts of licensed GSM spectrum that is not actively used. We define this unused spectrum as GSM whitespace. Like TV whitespaces, we argue that GSM whitespaces should be regulated for dynamic spectrum sharing, and that doing so will support the growth of community cellular networks and thereby improve rural access to communications services. We propose a hybrid sensing and database-driven spectrum sharing scheme called Nomadic GSM that provides safe coexistence between primary and secondary users without requiring coordination or cooperation from existing license holders. Nomadic GSM also mitigates concerns about “spectrum squatting” by secondaries and provides regulators visibility into and control of the spectrum usage of secondary operators. Lastly, we implement and evaluate a prototype Nomadic GSM system that is fully compatible with existing, unmodified GSM handsets and has been deployed in a real-world community cellular network in Papua, Indonesia.

Analysis of smartphone adoption and usage in a rural community cellular network

Software-defined networks (SDNs) have simplified management of complex data center and enterprise networks. We argue that SDNs can play a similar role in rural wireless networks, especially those in developing regions. Operating a rural network in the developing world means coping with unpredictability, low profit margins, and resource constraints; the increased flexibility and simplified management that software-defined networks provide are a major benefit in this context. Network virtualization, also enabled by SDN, could allow rural networks to operate as infrastructure providers to existing ISPs, thus enabling cooperation rather than competition with powerful incumbent providers.

Macroscopically sustainable networking: on internet quines

The smartphone has been touted as the technology of the 21st century. Global smartphone adoption rates are growing rapidly, up to over 24% in 2014, with usage increasing 25% in the last year. However, rural areas are often the last places to benefit from these technological trends. Utilizing cellular network registration logs, we explore the adoption and usage of smartphones in an extremely remote community in Indonesia. We found that 16% of the phones in the area were smartphones (compared to between 14--24% in Indonesia). This shows that smartphone adoption in rural Indonesia is similar to the rest of the country. We also explored usage in the network, and found that smartphone users were more likely to text, especially to other smartphone users.

The Challenges of Scaling WISPs

The Internet stands atop an unseen industrial system required for its continued growth, operation, and maintenance. Its scale could not have been achieved without this reliance, and its dependencies---ranging from sophisticated manufacturing facilities to limited raw materials---make it vulnerable to supply-chain disruptions, which are more likely as human society faces global ecological limits. We introduce the concept of an Internet quine, a metaphor that represents a collection of devices, protocols, manufacturing facilities, software tools, and other related components that is self-bootstrapping and capable of being used (by engineers or autonomously) to reproduce itself and all the needed components of the Internet. In this paper, we study the nature of Internet quines and discuss how they could be built. We also attempt to identify a collection of such tools and facilities, and how small and inexpensive they can be made.

MultiWAN: WAN aggregation for developing region

Wireless ISPs (WISPs) are one of the primary means of delivering broadband Internet access to rural and underserved areas of the world. However, WISP operators often struggle to maintain let alone grow their operations. We set out both to understand what challenges WISP operators face and to develop new approaches to help them in managing their networks. First, we present a study we conducted of operating WISPs to understand what barriers they face. Second, we describe our experiences building and using a software system for WISP management, and a new WISP we have built from the ground up using that system. We found that WISPs appear to reach natural scaling limits, and that despite excitement in the networking community about the promise of Software Defined Networking (SDN) in new environments, more mundane functionality like subscriber management provides much of the actual benefit to WISPs.

Local, sustainable, small-scale cellular networks

For rural ISPs and organizations, purchasing high-bandwidth, high-quality Internet connections is expensive, if such connections are even available. Subscribing to multiple low-capacity connections and load balancing flows across them presents an attractive alternative. However, this limits the burst rate of each flow to the capacity of the connection to which it has been bound. For example, a single file transfer could not take advantage of unused capacity on other connections. This increases flow completion times, an important metric of user-perceived performance.