Shuwen Jethro Sun – Publications

Summary: I research principles and ways for building systems to improve performance, reliability and security.

Under submission works

Endpoint-Defined In-Network Functions. Shuwen Sun and David Choffnes. Under submission, 2022
Networks today increasingly support in-network functionality via network function virtualization (NFV) or similar technologies. Such approaches enable a wide range of functionality to be deployed on behalf of end systems, such as offloading security or privacy enforcement, accelerating applications, or enabling new in-network services. However, most of the research in this area focuses on relatively simple functions intended to run on behalf of a network provider or enterprise, assume limited opportunities for resource contention, and evaluate performance using metrics like packet throughput. In this paper, we consider what would happen if end systems (eg, user devices, servers) bring their own end device defined functionality and deploy it in their network provider, wherever they are connected}. Specifically, we show that these new functions consume a broader set of network resources (similar to VMs in the cloud computing environment) but with relatively predictable resource utilization due to the single-purpose nature of each function (similar to traditional NFs). Thus, we identify an opportunity to design and implement a new kind of in-network functionality that we call endpoint-defined, in-network functions (EDFs). We show that \edfs require different performance metrics than simple packet throughput and latency, and that their performance can be accurately modeled and predicted based on baseline resource consumption measurements. We then demonstrate the advantage of these models, namely enabling intelligent placement of EDFs on servers to minimize such harmful interactions under contention.
 @inproceedings{sun:EDIF:2022,
 author = {Sun, Shuwen and Choffnes, David},
 title = {{Endpoint-Defined} {In-Network} {Functions}},
 journal= {Under submission},
 year = {2022},
}

Peer-reviewed workshop papers

Toward Flexible Auditing for In-Network Functionality. Shuwen Sun and David Choffnes. CoNEXT Student Workshop 2022, 2022
Networks today increasingly support in-network functionality via network function virtualization (NFV) or similar technologies. Such approaches enable a wide range of functionality to be deployed on behalf of end systems, such as offloading Tor services, enforcing network usage policies on encrypted traffic, or new functionality in 5G. An important open problem with such approaches is auditing. Namely, such services rely on third-party network providers to faithfully deploy and run their functionality as intended, but often have little to no insight as to whether providers do so. To address this problem, prior work provides point solutions such as verifiable routing with per-packet overhead, or audits of security practices; however, these approaches are not flexible, they are limited to auditing a small set of functionality and do not allow trade-offs between auditing coverage and overhead. In this paper, we propose NFAudit, which allows auditing of deployed NFs with a flexible approach where a wide range of important properties can be audited with configurable, low overhead. Our key insight is that the design of simple, composable, and flexible auditing primitives, combined with limited trust (in the form of secure enclaves) can permit a wide range of auditing functionality and configurable, and often low-cost.
 @inproceedings{sun:FlexibleAuditing:2022,
 author = {Sun, Shuwen and Choffnes, David},
 title = {{Toward} {Flexible} {Auditing} for {In-Network} {Functionality}},
 journal= {CoNEXT Student Workshop},
 year = {2022},
}

Non-peer reviewed papers

FlexNet: Enabling Flexibility in Cloud Networks. Da Yu, Luo Mai, Shuwen Sun, Raja Sambasivan, Jason Hennessey, Piyanai Saowarattitada, Rodrigo Fonseca, Orran Krieger. Non-peer reviewed, 2018
Changing demands on datacenter networking have resulted in a host of new networking protocals in recent years. Unfortunately, today’s datacenter architectures generally impose a “one-size-fits-all” solution, where a protocol must accomodate all applications, and all applications must use the same protocol. We introduce FlexNet a new datacenter network architecture that creates a narrow waist for the datacenter, enabling multiple protocols to co-exist and applications to pick and choose between them. We evaluate FlexNet through a prototype implementation and deployment, and demonstrate that it can accommodate different networking technologies and upgrades, and foster innovation.
 @inproceedings{yu:Flexibility:2018,
 author = {Yu, Da and Mai, Luo and Sun, Shuwen and Sambasivan, Raja and Hennessey, Jason and Saowarattitada, Piyanai and Fonseca, Rodrigo and Krieger, Orran },
 title = {{FlexNet:} {Enabling} {Flexibility} in {Cloud} {Network}},
 booktitle = {TBA},
 series = {TBA},
 year = {2018},
 location = {TBA},
}


License

Copyright © 2015–2021 Shuwen Jethro Sun. All rights reserved.