Jad Naous

Short bio

CV

Projects

• WARP (at MIT):
• I joined WARP after the first iteration of it was done and the paper accepted to SOSP 2011. WARP is a time machine for Web applications that allows you to go back in time, apply a change and see what the results of that change where. For example, WARP can be used to retroactively apply a patch that fixes a vulnerability and to automatically undo any exploits resulting from that vulnerability.
• I am working on building the undo framework for distributed systems (such as a datacenter), tracking what data was leaked due to an exploit, and using WARP as a QA tool.


• Expedient and Network Virtualization:
• GENI is a US effort to build a large virtualized network (end-hosts and networking fabric) that allows multiple researchers to be simultaneously running their experiments. Expedient is a pluggable control framework for GENI that simplifies the developers' and the experimenters' lives.
• Implemented a modular all-capable kickass Expedient Clearinghouse
• Worked on the OpenFlow Aggregate architecture


• ICING
• ICING is a network architecture that allows an almost unlimited number of security policy types. In any communication, there are several participants whose resources are consumed or who would like to choose resources to consume: senders, receivers, and providers. We would like to enable source routing for the senders without violating the policies of the receivers and providers. At the same time, the receivers and providers would like to choose the path that packets take. ICING allows the conjunction of all these concerns, and makes sure that the path that was agreed to by all participants is followed. All this at line-rate! We even have an implementation running on NetFPGA that can run at line-rate for almost all packet sizes.


• ident++:
• A protocol that enables administrators to delegate security policies to users, machines, or other third-parties hierarchically. We implement ident++ by adding a daemon on the end-hosts and modifying the firewalls. We have also developed a language that makes it easy to write rules for ident++.
• Makes security policies more precise
• Allows the administrator to write policies in a more natural and understandable language


• NetFPGA:
• NetFPGA is a hardware platform for networking research and education. The NetFPGA device itself is a PCI card with 4 GigE ports, a Virtex2pro FPGA, SRAM and DRAM. Many research systesm run on NetFPGA, and it is being used around the world.
• Designed the "reference pipeline" architecture
• Designed and implemented most of the current reference implementations.


• Buffer Sizing:
• It is difficult to know how buffer sizes change in high-speed routers. So I implemented an Event Capturing system on NetFPGA that can monitor router/switch buffer occupancy at clock cycle precision
• The data can be relayed out to a remote machine for analysis


• Virtualization-enabled NIC:
• Used NetFPGA to implement a virtualized NIC to accelerate networking


• OpenFlow:
• Implemented an OpenFlow switch on NetFPGA
  


• Live CD for OpenFlow and NetFPGA:
• Currently outdated. But if someone asks me, I'll update it
• Can be found here
  

Contact

Publications

• "Path-policy compliant networking and a platform for heterogeneous IaaS managemenent"
  Jad Naous
  PhD Thesis, submitted to the Department of Electrical Engineering of Stanford University
  117 pages pdf
• "Verifying and enforcing network paths with ICING"
  Jad Naous, Michael Walfish, Antonio Nicolosi, David Mazières, Michael Miller, and Arun Seehra
  CoNEXT 2011, Tokyo, Japan, December 2011.
  12 pages pdf
• "Defining and enforcing transit policies in a future Internet"
  Jad Naous, Arun Seehra, Michael Walfish, David Mazières, Antonio Nicolosi, and Scott Shenker
  Department of Computer Sciences, Technical Report TR-10-07, The University of Texas at Austin, February 2010.
  15 pages pdf
• "Network Security via Explicit Consent"
  Jad Naous, Michael Walfish, David Mazières, Antonio Nicolosi, and Arun Seehra
  Department of Computer Sciences, Technical Report TR-09-12, The University of Texas at Austin, March 2009.
  15 pages pdf
• "A Policy Framework for the Future Internet"
  Arun Seehra, Jad Naous, Michael Walfish, David Mazières, Antonio Nicolosi, and Scott Shenker
  ACM Workshop on Hot Topics in Networks (HotNets), New York, NY, October 2009.
  6 pages pdf
• "Enabling Delegation with More Information"
  Jad Naous, Ryan Stutsman, David Mazières, Nick McKeown, and Nickolai Zeldovich
  SIGCOMM WREN Workshop, Barcelona, Spain, August 21, 2009.
  8 pages pdf
• "Spider Transparent Clock"
  John Eidson, Andrew Fernandez, Bruce Hamilton, Jad Naous, and Dieter Vook
  ISPCS 2008, Ann Arbor, Michingan, September 22-26 2008.
  5 pages pdf
• "Implementing an OpenFlow Switch on the NetFPGA platform"
  Jad Naous, David Erickson, Adam Covington, Guido Appenzeller, and Nick McKeown
  ANCS'08, San Jose, CA, USA, November 6-7, 2008.
  9 pages pdf
• "NetFPGA: Reusable Router Architecture for Experimental Research"
  Jad Naous, Glen Gibb, Sara Bolouki, and Nick McKeown
  SIGCOMM PRESTO Workshop, Seattle, WA, August 2008.
  7 pages pdf
• "NetFPGA -- Open Platform for Teaching How to Build Gigabit-rate Network Switches and Routers"
  Glen Gibb, John W. Lockwood, Jad Naous, Paul Hartke, and Nick McKeown
  IEEE Transactions on Education, 2008
  22 pages pdf
• "NetFPGA - An Open Platform for Gigabit-rate Network Switching and Routing"
  John W. Lockwood, Nick McKeown, Greg Watson, Glen Gibb, Paul Hartke, Jad Naous, Ramanan Raghuraman, and Jianying Luo
  MSE 2007, San Diego, June 2007.
  2 pages pdf

Links

• My blog
• ICING homepage
• NetFPGA homepage
• My favorite Linux distro openSUSE