Publications
Red Hat Research collaborates with universities and government agencies to produce papers that bring open source contributions along with them. We also publish informative articles about many of our projects in our own journal, the Red Hat Research Quarterly.
Latest Publications
Explore these publications which are the result of cooperation between Red Hat Research and the Academic sector around the globe focused on open research.
The eBPF Runtime in the Linux Kernel
Abstract Extended Berkeley Packet Filter (eBPF) is a runtime that enables users to load programs...
Performance Analysis of Lightweight Container Orchestration Platforms for Edge-Based IoT Applications
Abstract The rise of Microservices architecture has introduced a surge in the demand for containerized software provisioning and orchestration. Kubernetes is a leading container orchestration platform widely adopted for its efficient management of containerized...
Measuring Network Latency from a Wireless ISP: Variations Within and Across Subnets
Abstract While Internet Service Providers (ISPs) have traditionally focused on marketing network throughput, it is becoming increasingly recognized that network latency also plays a significant role for the quality of experience. However, many ISPs lack the means to...
Abstract Extended Berkeley Packet Filter (eBPF) is a runtime that enables users to load programs into the operating system (OS) … Abstract The rise of Microservices architecture has introduced a surge in the demand for containerized software provisioning and orchestration. Kubernetes … Abstract While Internet Service Providers (ISPs) have traditionally focused on marketing network throughput, it is becoming increasingly recognized that network … Abstract Network latency is a critical factor for the perceived quality of experience for many applications. With an increasing focus … Abstract This paper explores opportunities to utilize Large Language Models (LLMs) to make network configuration human-friendly, simplifying the configuration of … Abstract Usability is a crucial aspect that increases the willingness to adopt more demanding two-factor authentication (2FA) methods. There is … Abstract Several security issues in open-source projects demonstrate that developer accounts get misused or stolen if weak authentication is used. … Authors Zhijie Qiao, Mingyan Zhou, Zhijun Zhuang, Tejas Agarwal, Felix Jahncke, Po-Jen Wang, Jason Friedman, Hongyi Lai, Divyanshu Sahu, Tomáš … AuthorsTarikul Islam Papon, Boston University; Ju Hyong Mun, Boston University; and Konstantion Karatsenidis, Boston University; Shahin Roozkhosh, Boston University; Denis. … AuthorsHafsah Shahzad, Boston University; Ahmed Sanaullah, Red Hat; Sanjay Arora, Red Hat; Uli Drepper, Red Hat; and Martin Herbordt, Boston … Abstract We propose XVO, a semi-supervised learning method for training generalized monocular Visual Odometry (VO) models with robust off-the-self operation … AuthorsJimuyang Zhang, Zanming Huang, Eshed Ohn-BarBoston University AbstractWe propose a novel knowledge distillation framework for effectively teaching a sensorimotor student … AbstractLog-structured merge trees (LSM trees) are increasingly used as part of the storage engine behind several data systems, and are … Many services offer fingerprint authentication, including sensitive services such as mobile banking. This broad adoption could make an impression to … Abstract The role of user authentication in software repositories can significantly impact those using open-source projects as a basis for … AuthorsRobert Munafo, Boston University; Hafsah Shazad, Boston University; Ahmed Sanauallah, Red Hat; Sanjay Arora, Red Hat; Uli Drepper, Boston University; … AuthorsRuizhao Zhu, Peng Huang, Eshed Ohn-Bar, Venkatesh SaligramaBoston University AbstractHuman drivers can seamlessly adapt their driving decisions across geographical locations … AuthorsZhenpeng Shi, Boston University, USA; Nikolay Matyunin, Honda Research Institute Europe GmbH, Germany; Kalman Graffi, Technische Hochschule Bingen, Germany; David … AuthorsNovak Boskov, Ari Trachtenberg, and David Starobinski, Boston University AbstractThe problem of data synchronization arises in networked applications that require … AuthorsNovak Boskov, Sevval Simsek, Ari Trachtenberg, and David Starobinski, Department of Electrical and Computer Engineering, Boston University, Boston, Massachusetts, USA … Packet drops caused by congestion are a fundamental problem in network operation. Yet, it is difficult to detect where drops are happening, let alone which flows are most affected. Detecting the small-timescale drops caused by short bursts of traffic is even more challenging, and traditional monitoring techniques can easily miss them. To uncover packet drops as they occur inside a switch, the analysis must be real-time, fine-grained, and efficient. Modern defenses against cyberattacks increasingly rely on proactive approaches, e.g., to predict the adversary’s next actions based on past events. Building accurate prediction models requires knowledge from many organizations; alas, this entails disclosing sensitive information, such as network structures, security postures, and policies, which might often be undesirable or outright impossible. The increase in computational capability of low-power Arm architectures has seen them diversify from their more traditional domain of portable … Big data analytics frameworks, such as Spark and Giraph, need to process and cache massive amounts of data that do … Scaling up the performance of managed applications on Non-Uniform Memory Access (NUMA) architectures has been a challenging task, as it … We study the Traffic Light Control (TLC) problem for a single intersection, considering both straight driving vehicle flows and corresponding … Abstract:The papers in this special section focus on the development of smart city networks. In recent years, there has been … AuthorsAli Raza (1), Thomas Unger (1), Matthew Boyd (1), Eric Munson (1), Parul Sohal (1), Ulrich Drepper (2), Richard Jones … Timing attacks are among the most devastating side-channel attacks, allowing remote attackers to retrieve secret material, including cryptographic keys, with … Authors Hun Namkung, Carnegie Mellon University; Zaoxing Liu, Boston University; Daehyeok Kim, Carnegie Mellon University and Microsoft; Vyas Sekar and … In the last five years, FPGA presence in the cloud has gone from near zero (except for deeply embedded devices) … In this article, we survey existing academic and commercial efforts to provide Field-Programmable Gate Array (FPGA) acceleration in datacenters and … Host-FPGA connectivity is critical for enabling a vast number of FPGA use cases in data centers, edge, and IoT. This … High Level Synthesis (HLS) offers a possible programmability solution for FPGAs by automatically compiling CPU codes to custom hardware configurations, … Fully Homomorphic Encryption (FHE) offers protection to private data on third-party cloud servers by allowing computations on the data in encrypted form. However, to support general-purpose encrypted computations, all existing FHE schemes require an expensive operation known as “bootstrapping”. Unfortunately, the computation cost and the memory bandwidth required for bootstrapping add significant overhead to FHE-based computations, limiting the practical use of FHE. In this work, we propose FAB, an FPGA-based accelerator for bootstrappable FHE. Prior FPGA-based FHE accelerators have proposed hardware acceleration of basic FHE primitives for impractical parameter sets without support for bootstrapping. Analytical database systems are typically designed to use a column first data layout to access only the desired fields. On the other hand, storing data row-first works great for accessing, inserting, or updating entire rows. Transforming rows to columns at runtime is expensive, hence, many analytical systems ingest data in row-first form and transform it in the background to columns to facilitate future analytical queries. How will this design change if we can always efficiently access only the desired set of columns? To address this question, we present a radically new approach to data transformation from rows to columns. We build upon recent advancements in embedded platforms with re-programmable logic to design native in-memory access on rows and columns. This paper introduces GCNSplit, a streaming graph partitioning framework capable of handling unbounded streams with bounded state requirements. We frame partitioning as a classification problem and we employ an unsupervised model whose loss function minimizes edge-cuts. GCNSplit leverages an inductive graph convolutional network (GCN) to embed graph characteristics into a low-dimensional space and assign edges to partitions in an online manner. We evaluate GCNSplit with real-world graph datasets of various sizes and domains. Our results demonstrate that GCNSplit provides high-throughput, top-quality partitioning, and successfully leverages data parallelism. It achieves a throughput of 430K edges/s on a real-world graph of 1.6B edges using a bounded 147KB-sized model, contrary to the state-of-the-art HDRF algorithm that requires > 116GB in-memory state. With a well-balanced normalized load of 1.01, GCNSplit achieves a replication factor on par with HDRF, showcasing high partitioning quality while storing three orders of magnitude smaller partitioning state. Owing to the power of GCNs, we show that GCNSplit can generalize to entirely unseen graphs while outperforming the state-of-the-art stream partitioners in some cases. We present the first performance evaluation study of model serving integration tools in stream processing frameworks. Using Apache Flink as a representative stream processing system, we evaluate alternative Deep Learning serving pipelines for image classification. Our performance evaluation considers both the case of embedded use of Machine Learning libraries within stream tasks and that of external serving via Remote Procedure Calls. The results indicate superior throughput and scalability for pipelines that make use of embedded libraries to serve pre-trained models. Whereas, latency can vary across strategies, with external serving even achieving lower latency when network conditions are optimal due to better specialized use of underlying hardware. We discuss our findings and provide further motivating arguments towards research in the area of ML-native data streaming engines in the future. We present a vision for the automatic optimisation of distributed stream processing programs. StrIoT — a distributed stream-processing framework built using purely-functional programming — enables a set of validated logical optimisation rules to generate a set of possible deployment plans. A cost model then filters and ranks the plans before the best is automatically deployed across the cloud and edge devices. We describe StrIoT’s functional operators for writing stream-processing programs; the design, implementation and performance of StrIoT’s logical optimiser; and the cost model, which filters and ranks re-written programs and deployment plans in terms of two non-functional requirements: bandwidth and cost. The StrIoT vision is being explored through an open-source proof-of-concept implementation. We present our initial results with a motivating example before outlining the success criteria for future work in this area. Applications that process streams of events generated by sensors are important in a wide range of domains. It is now common to distribute stream processing across edge devices and the cloud. This exploits processing power near the sensors, reducing the load on the cloud and often the required network bandwidth. In this paper we focus on one challenge in distributed stream processing: automatically adapting the partitioning of the processing between the edge and the cloud without a loss of service. An example is when the event arrival rate increases and the edge processor can no longer meet performance requirements. Re-partitioning without loss of service involves moving computations between the edge and the cloud while events are still being processed. In this paper we describe StrIoT – a stream processing system that supports automatic re-partitioning. It is based on a set of functional stream operators, and the paper describes how the run-time system can automatically adapt applications that use them. A key feature is support for the fission and fusion of operators during adaptations. Performance evaluation shows that StrIoT can move parts of a stream processing application between the cloud and edge with only a low, temporary impact on performance. In recent years, we have witnessed a new kind of DDoS attack, the burst attack(Chai, 2013; Dahan, 2018), where the … Auto-scaling mechanisms are an important line of defense against Distributed Denial of Service (DDoS) in the cloud. Using auto-scaling, machines … AbstractThe integrity of the entire computing ecosystem depends on the security of our operating systems (OSes). Unfortunately, due to the … AbstractToday edge devices commonly connect to the cloud to use its storage and compute capabilities. This leads to security and … Paper presented at 17th Swedish National Computer Networking Workshop (SNCNW 2022), KTH, Stockholm, June 16-17, 2022 Abstract: Network latency plays … The Linux eXpress Data Path, or XDP, has found numerous uses in the industry, such as mitigating DoS attacks, load-balancers, and intrusion prevention systems. XDP provides a high-performance programmable network data path using the BPF framework and al- lows programmers to process packets early out of the driver. While XDP excels in forwarding packets, it currently has no mechanism for queueing or reordering packets and cannot implement traffic scheduling policies. In this paper, we present our ongoing work to address this challenge. We have designed a programmable packet scheduling extension for the XDP framework using recently pro- posed schemes for programmable queues. This extension allows programmers to define their packet schedulers using BPF while benefiting from the XDP fast data path. AuthorsAntonis Manousis, Carnegie Mellon University; Zhuo Cheng, Carnegie Mellon University; Ran Ben Basat, University College London; Zaoxing (Alan) Liu, Boston … AuthorsEitan Kosman, Technion, Israel Institute of Technology, Haifa, Israel; Ilya Kolchinsky, Red Hat and Technion, Israel Institute of Technology, Haifa, … AuthorsNovak Boskov, Ari Trachtenberg, and David Starobinski; all Boston University AbstractIn the set reconciliation problem, remote parties seek to reconcile … Abstract Industrial microservice architectures vary so wildly in their characteristics, such as size or communication method, that comparing systems is … AuthorsMuhammad Anas Imtiaz, David Starobinski, and Ari Trachtenberg; all Boston University AbstractBlock relay protocols play a key role in the … AuthorsAdar Amir, Technion, Israel Institute of Technology, Haifa, Israel; Ilya Kolchinsky, Red Hat and Technion, Israel Institute of Technology, Haifa, … AuthorsNovak Boskov, Boston University; Naor Radami, Ben-Gurion University; Trishita Tiwari, Cornell University; and Ari Trachtenberg, Boston University AbstractSoftware containers provide … AuthorsMaor Yankovitch, Technion, Israel Institute of Technology, Haifa, Israel; Ilya Kolchinsky, Red Hat and Technion, Israel Institute of Technology, Haifa, … AuthorsParul Sohal, Boston University; Michael Bechtel, University of Kansas; Renato Mancuso, Boston University; Heechul Yun, University of Kansas; Orran Krieger, … Abstract: Log-Structured Merge trees (LSM trees) are increasingly used as the storage engines behind several data systems, frequently deployed in … Abstract: Effectively utilizing the vast amounts of ego-centric navigation data that is freely available on the internet can advance generalized … Block-based programming is a popular approach to teaching introductory programming. Block-based programming often works in the context of microworlds, where students solve specific puzzles. It is used, for example, within the Hour of Code event, which targets millions of students. AuthorsParul Sohal, Boston University; Rohan Tabish, University of Illinois at Urbana-Champaign; Ulrich Drepper, Red Hat; Renato Mancuso, Boston University AbstractThe … On the internet, images are no longer static; they have become dynamic content. Thanks to the availability of smartphones with … AuthorsMohammad Hossein Hajkazemi, NetApp; Vojtech Aschenbrenner, EPFL; Mania Abdi, Northeastern University; Emine Ugur Kaynar, Boston University; Amin Mossayebzadeh, Boston University; … AuthorsHan Dong, Boston Universty; Sanjay Arora, Red Hat; Yara Award, Boston University; Tommy Unger, Boston University; Orran Krieger, Boston University; Jonathan Appavoo, Boston University AbstractThis … AuthorsKoral Chapnik, Technion, Israel Institute of Technology, Haifa, Israel; Ilya Kolchinsky, Red Hat and Technion, Israel Institute of Technology, Haifa, … A big dichotomy in data system design is the column vs. row-stores one. The first supports analytical, and the latter … The proliferation of multi-core, accelerator-enabled embedded systems has introduced new opportunities to consolidate real-time systems of increasing complexity. But the … FPGAs have typically achieved high speedups for 3D Fast Fourier Transforms (FFTs) due to the presence of hard floating point … Improved support for OpenCL has been an important step towards the mainstream adoption of FPGAs as compute resources. Current research … FPGAs have been demonstrated to be capable of very high performance, especially power-performance, but generally at the cost of hand-tuned … As modern Data Center workloads become increasingly complex, constrained, and critical, mainstream CPU-centric computing has had ever more difficulty in … Multi-Party Computation (MPC) is a technique enabling data from several sources to be used in a secure computation revealing only … Kariz is a new architecture for caching data from data-lakes accessed, potentially concurrently, by multiple analytic platforms. It integrates rich … “Many analytics computations are dominated by iterative processing stages, executed until a convergence condition is met. To accelerate such workloads … “In recent years, heterogeneous computing has emerged as the vital way to increase computers’ performance and energy efficiency by combining … The ever-growing demand for more memory capacity from applications has always been a challenging factor in computer architecture. The advent … Introduction – why stream processing? It is commonly known that we are living in the era of Big Data. At … We analyse whether the smartcards of the JavaCard platform correctly validate primality of domain parameters. We present our discovery of a group of side-channel vulnerabilities in implementations of the ECDSA signature algorithm in a widely … The evaluation of student models involves many methodological decisions, e.g., the choice of performance metric, data filtering, and cross-validation setting. Such issues may seem like technical details, and they do not get much attention in published research. Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale … AuthorsRudolph Pienaar, Ata Turk, Jorge Bernal-Rusiel, Nicolas Rannou, Daniel Haehn, P. Ellen Grant, Orran Krieger AbstractWeb browsers are increasingly used … Existing bare-metal cloud services that provide users with physical servers have a number of serious disadvantages over their virtual alternatives, … To get good performance for data stored in Object storage services like S3, data analysis clusters need to cache data … Bolted is a new architecture for a bare metal cloud with the goal of providing security-sensitive customers of a cloud … SecCloud is a new architecture for bare-metal clouds that enables tenants to control tradeoffs between security, price, and performance. It … The received wisdom suggests that Unix’s unusual combination of fork() and exec() for process creation was an inspired design. In … Unikernels have demonstrated enormous advantages over Linux in many important domains, causing some to propose that the days of Linux’s … Modern FaaS systems perform well in the case of repeat executions when function working sets stay small. However, these platforms … Current caching methods for improving the performance of big-data jobs assume high (e.g., full bi-section) bandwidth; however many enterprise data … This paper presents a system-level method for achieving the rapid deployment and high-density caching of serverless functions in a FaaS … Complex event processing (CEP) is widely employed to detect occurrences of predefined combinations (patterns) of events in massive data streams. Complex event processing (CEP) is a prominent technology used in many modern applications for monitoring and tracking events of interest in massive data streams. Additive Factors Model is a widely used student model, which is primarily used for refining knowledge component models (Q-matrices). Continuous verification and security analysis of software systems are of paramount importance to many organizations. The state-of-the-art for such operations … Software applications that employ secure multi-party computation (MPC) can empower individuals and organizations to benefit from privacy-preserving data analyses when … Secure multi-party computation (MPC) enables joint computation over private data sets contributed by multiple entities. Using MPC in real-world software … Additive Factors Model is a widely used student model, which is primarily used for refining knowledge component models (Q-matrices). In this paper, we present a novel framework for real-timemulti-pattern complex event processing. An important step toward adoption of formal methods in software development is support for mainstream programming languages. Unfortunately, these languages … In model checking of real-life C and C++ programs, both search efficiency and counterexample readability are very important. In this … We present a new release of the parallel and distributed LTL model checker DiVinE. The major improvement in this new release … Model checking became a standard method of analyzing complex systems in many application domains. No doubt, a number of applications … We present a new design and a C++ implementation of a high-performance, cache-efficient hash table suitable for use in implementation … In this paper, we present substantial improvements in efficiency of explicit-state LTL model checking of C & C++ programs, building … In this paper, we present substantial improvements in efficiency of explicit-state LTL model checking of C & C++ programs, building … We present an extension of the DIVINE software model checker to support programs with exception handling. The extension consists of … Abstract: The fourth version of the DIVINE model checker provides a modular platform for verification of real-world programs. It is … Data races are among the most difficult software bugs to discover. They arise from multiple threads accessing the same memory … Many full disk encryption applications rely on a strong password-based key derivation function to process a passphrase. This article defines … Full disk encryption (FDE) is a common way to prevent unauthorized use of data by encrypting the whole storage device. … Full Disk Encryption (FDE) provides confidentiality of a data-at-rest stored on persistent devices like disk or solid state drives (SSD). … Research cooperation of CRoCS, Faculty of Informatics, Masaryk University and Red Hat. Authors: Martin Ukrop and Vashek Matyas Conference: RSA Cryptographers’ Track 2018 Paper details: Pge … Many starting teachers of computer science have great professional skill but often lack pedagogical training. Since providing expert mentorship directly … Flawed TLS certificates are not uncommon on the Internet. While they signal a potential issue, in most cases they have benign causes (e.g., misconfiguration or even deliberate deployment). This adds fuzziness to the decision on whether to trust a connection or not. Little is known about perceptions of flawed certificates by IT professionals, even though their decisions impact high numbers of end users. Moreover, it is unclear how much does the content of error messages and documentation influence these perceptions. Programmable packet processing is increasingly implemented using kernel bypass techniques, where a userspace application takes complete control of the networking … In this paper, we elaborate an abstract domain for C strings, that is, null-terminated arrays of characters. We describe the abstract semantics of basic string operations and prove their soundness with regards to previously established concrete semantics of those operations. DIVINE is an LLVM-based verification tool focusing on anal- ysis of real-world C and C++ programs. Such programs often interact with their environment, for example via inputs from users or network. When these programs are analyzed, it is desirable that the verification tool can deal with inputs symbolically and analyze runs for all inputs. In DIVINE, it is now possible to deal with input data via symbolic computa- tion instrumented into the original program at the level of LLVM bitcode. Symbolic computation is an important approach in automated program analysis. Most state-of-the-art tools perform symbolic computation as interpreters and directly maintain symbolic data. In this paper, we show that it is feasible, and in fact practical, to use a compiler-based strategy instead. Publication Summary Universities Collaborations Institutes hf:tax:partner_university The eBPF Runtime in the Linux Kernel Karlstad University, University of Pisa karlstad-university university-of-pisa Performance Analysis of Lightweight Container Orchestration Platforms for Edge-Based IoT Applications Karlstad University karlstad-university Measuring Network Latency from a Wireless ISP: Variations Within and Across Subnets Karlstad University karlstad-university Efficient continuous latency monitoring with eBPF Karlstad University karlstad-university NetConfEval: Can LLMs Facilitate Network Configuration? KTH Royal Institute of Technology Research Institutes of Sweden AB (RISE) kth-royal-institute-of-technology Two-factor authentication time: How time-efficiency and time-satisfaction are associated with perceived security and satisfaction Masaryk University masaryk-university What Johnny thinks about using two-factor authentication on GitHub: A survey among open-source developers Masaryk University CROCS masaryk-university AV4EV: Open-Source Modular Autonomous Electric Vehicle Platform for Making Mobility Research Accessible University of Pennsylvania university-of-pennsylvania Effortless Locality on Data Systems Using Relational Fabric Boston University Red Hat Collaboratory At Boston University boston-university AutoAnnotate: Reinforcement Learning basedCode Annotation for High Level Synthesis Boston University Red Hat Collaboratory At Boston University boston-university XVO: Generalized Visual Odometry via Cross-Modal Self-Training Boston University Red Hat Collaboratory At Boston University boston-university CaT: Coaching a Teachable Student Boston University Red Hat Collaboratory At Boston University boston-university Towards flexibility and robustness of LSM trees Boston University Red Hat Collaboratory At Boston University boston-university Fingerprint forgery training: Easy to learn, hard to perform Masaryk University CROCS masaryk-university Authentication of IT Professionals in the Wild – A Survey Masaryk University CROCS masaryk-university Improved Models for Policy-Agent Learning of Compiler Directives in HLS Boston University Red Hat Collaboratory At Boston University boston-university Learning to Drive Anywhere Uncovering CWE-CVE-CPE Relations with Threat Knowledge Graphs Boston University Red Hat Collaboratory At Boston University boston-university Enabling Cost-Benefit Analysis of Data Sync Protocols Boston University Red Hat Collaboratory At Boston University boston-university SREP: Out-Of-Band Sync of Transaction Pools for Large-Scale Blockchains Boston University Red Hat Collaboratory At Boston University boston-university Flow-Level Loss Detection with Δ-Sketches Boston University Red Hat Collaboratory At Boston University boston-university Cerberus: Exploring Federated Prediction of Security Events Boston University Red Hat Collaboratory At Boston University boston-university Just-In-Time Compilation on ARM—A Closer Look at Call-Site Code Consistency University of Manchester university-of-manchester TeraHeap: Reducing Memory Pressure in Managed Big Data Frameworks University of Crete university-of-crete Scaling Up Performance of Managed Applications on NUMA Systems University of Manchester university-of-manchester Adaptive Traffic Light Control for Competing Vehicle and Pedestrian Flows Boston University Red Hat Collaboratory At Boston University boston-university Guest Editorial Special Issue on Smart City-Networks Boston University Red Hat Collaboratory At Boston University boston-university Integrating Unikernel Optimizations in a General Purpose OS Boston University Red Hat Collaboratory At Boston University boston-university “They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks SketchLib: Enabling Efficient Sketch-based Monitoring on Programmable Switches Boston University, Carnegie Mellon University Red Hat Collaboratory At Boston University boston-university carnegie-mellon-university Survey and Future Trends for FPGA Cloud Architectures Boston University boston-university The Future of FPGA Acceleration in Datacenters and the Cloud Boston University, Manchester University, Northeastern University, UMass Amherst, University of Florida, University of Toronto boston-university manchester-university northeastern-university umass-amherst university-of-florida university-of-toronto Enabling VirtIO Driver Support on FPGAs Boston University boston-university Reinforcement Learning Strategies for Compiler Optimization in High level Synthesis Boston University boston-university FAB: An FPGA-based Accelerator for Bootstrappable Fully Homomorphic Encryption Boston University Red Hat Collaboratory At Boston University boston-university Relational Memory: Native In-Memory Accesses on Rows and Columns Boston University Red Hat Collaboratory At Boston University boston-university GCNSplit: bounding the state of streaming graph partitioning Boston University Red Hat Collaboratory At Boston University boston-university Evaluating model serving strategies over streaming data Boston University Red Hat Collaboratory At Boston University boston-university Logical Optimisation and Cost Modelling of Stream-Processing Programs Written in a Purely-Functional Framework Newcastle University newcastle-university Run-time Adaptation of Stream Processing Spanning the Cloud and the Edge Newcastle University newcastle-university Kubernetes Autoscaling: YoYo Attack Vulnerability and Mitigation Reichman University reichman-university DDoS Attack on Cloud Auto-scaling Mechanisms Reichman University reichman-university No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions RISE: RISC-V SoC for En/decryption Acceleration on the Edge for Homomorphic Encryption Boston University Red Hat Collaboratory At Boston University boston-university Passive Monitoring of Network Latency at High Line Rates Karlstad University karlstad-university Bringing Packet Queueing to XDP Karlstad University karlstad-university Enabling Efficient and General SubpopulationAnalytics In Multidimensional Data Streams Boston University Red Hat Collaboratory At Boston University boston-university Mining Logical Arithmetic Expressions From Proper Representations Technion technion GenSync: A New Framework for Benchmarking and Optimizing Reconciliation of Data Boston University Red Hat Collaboratory At Boston University boston-university Identifying Mismatches Between Microservice Testbeds and Industrial Perceptions of Microservices Emory University, Tufts University emory-university tufts-university Empirical Comparison of Block Relay Protocols Boston University Red Hat Collaboratory At Boston University boston-university DLACEP: A Deep-Learning Based Framework for Approximate Complex Event Processing Technion technion Union Buster: A Cross-Container Covert-Channel Exploiting Union Mounting Ben Gurion University, Boston University Red Hat Collaboratory At Boston University ben-gurion-university boston-university HYPERSONIC: A Hybrid Parallelization Approach for Scalable Complex Event Processing Technion technion A Closer Look at Intel Resource Director Technology (RDT) Boston University Red Hat Collaboratory At Boston University boston-university Endure: A Robust Tuning Paradigm for LSM Trees Under Workload Uncertainty Boston University Red Hat Collaboratory At Boston University boston-university SelfD: Self-Learning Large-Scale Driving Policies From the Web Boston University Red Hat Collaboratory At Boston University boston-university Design and Analysis of Microworlds and Puzzles for Block-Based Programming Masaryk University masaryk-university Profile-driven memory bandwidth management for accelerators and CPUs in QoS-enabled platforms Boston University boston-university Motif Mining: Finding and Summarizing Remixed Image Content University of Notre Dame KROC Institute for International Peace Studies university-of-notre-dame Beating the I/O bottleneck: a case for log-structured virtual disks Boston University, Northeastern University Red Hat Collaboratory At Boston University boston-university northeastern-university Slowing Down for Performance and Energy: An OS-Centric Study in Network Driven Workloads Boston University Red Hat Collaboratory At Boston University boston-university DARLING: Data-Aware Load Shedding in Complex Event Processing Systems Technion technion Transparent Data Transformation: Can I have my Rows and eat my Columns too? Boston University Red Hat Collaboratory At Boston University boston-university E-WarP: A System-wide Framework for Memory Bandwidth Profiling and Management Boston University Red Hat Collaboratory At Boston University boston-university FPGA HPC using OpenCL: Case Study in 3D FFT Boston University Red Hat Collaboratory At Boston University boston-university Unlocking Performance-Programmability by Penetrating the Intel FPGA OpenCL Toolflow Boston University Red Hat Collaboratory At Boston University boston-university An Empirically Guided Optimization Framework for FPGA OpenCL Boston University Red Hat Collaboratory At Boston University boston-university Towards Hardware as a Reconfigurable, Elastic, and Specialized Service Boston University Red Hat Collaboratory At Boston University boston-university Secret Sharing MPC on FPGAs in the Datacenter Boston University Red Hat Collaboratory At Boston University boston-university The community cache with complete information Boston University, Northeastern University Mass Open Cloud boston-university northeastern-university Say Goodbye to Off-heap Caches! On-heap Caches Using Memory-Mapped I/O University of Crete university-of-crete Transparent Compiler and Runtime Specializations for Accelerating Managed Languages on FPGAs University of Manchester university-of-manchester You can’t hide you can’t run: a performance assessment of managed applications on a NUMA machine University of Manchester university-of-manchester Real-Time Data Stream Processing Technion technion Fooling primality tests on smartcards Masaryk University CROCS masaryk-university Minerva: The curse of ECDSA nonces Masaryk University CROCS masaryk-university Impact of methodological choices on the evaluation of student models Masaryk University masaryk-university Conclave: secure multi-party computation on big data (extended TR) Boston University Mass Open Cloud boston-university CHIPS: A Service for Collecting, Organizing, Processing, and Sharing Medical Image Data in the Cloud Boston Children's Hospital, Boston University, Harvard University Mass Open Cloud, Red Hat Collaboratory At Boston University boston-childrens-hospital boston-university harvard-university M2: Malleable Metal as a Service Boston University, Northeastern University Mass Open Cloud, Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university northeastern-university Caching in the Multiverse Boston University, Northeastern University Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university northeastern-university A Secure Cloud with Minimal Provider Trust Boston University, Northeastern University Mass Open Cloud, Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university northeastern-university Supporting Security Sensitive Tenants in a Bare-Metal Cloud Boston University, Northeastern University Mass Open Cloud, Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university northeastern-university A fork() in the road Boston University Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university Unikernels: The Next Stage of Linux’s Dominance Boston University Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university SEUSS: Rapid serverless deployment using environment snapshots Boston University Mass Open Cloud, Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university D3N: A multi-layer cache for the rest of us Boston University, Northeastern University Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university northeastern-university SEUSS: skip redundant paths to make serverless fast Boston University Mass Open Cloud, Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university Efficient Adaptive Detection of Complex Event Patterns Technion technion Join Query Optimization Techniques for Complex Event Processing Applications Technion technion Beyond Binary Correctness: Classification of Students’ Answers in Learning Systems Masaryk University masaryk-university Towards Non-Intrusive Software Introspection and Beyond Boston University, Northeastern University Mass Open Cloud boston-university northeastern-university Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications Boston University Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university Tutorial: Deploying Secure Multi-Party Computation on the Web Using JIFF Boston University Red Hat Collaboratory At Boston University Hariri Institute for Computing boston-university Exploration of the Robustness and Generalizability of the Additive Factors Model Masaryk University masaryk-university Real-Time Multi-Pattern Detection over Event Streams Technion technion Using Off-the-Shelf Exception Support Components in C++ Verification Masaryk University masaryk-university Context-Switch-Directed Verification in DIVINE Masaryk University masaryk-university DiVinE 3.0 – An Explicit-State Model Checker for Multithreaded C & C++ Programs Masaryk University masaryk-university DiVinE: Parallel Distributed Model Checker Masaryk University masaryk-university Fast, Dynamically-Sized Concurrent Hash Table Masaryk University masaryk-university Improved State Space Reductions for LTL Model Checking of C & C++ Programs Masaryk University masaryk-university Improved State Space Reductions for LTL Model Checking of C & C++ Programs Masaryk University masaryk-university Model Checking C++ with Exceptions Masaryk University masaryk-university Model Checking of C and C++ with DIVINE 4 Masaryk University masaryk-university Weak Memory Models as LLVM-to-LLVM Transformations Masaryk University masaryk-university Selecting a New Key Derivation Function for Disk Encryption Masaryk University masaryk-university The TrueCrypt On-Disk Format—An Independent View Masaryk University masaryk-university Extending Full Disk Encryption for the Future Masaryk University masaryk-university Why Johnny the Developer Can’t Work with Public Key Certificates Masaryk University CROCS masaryk-university Reflective Diary for Professional Development of Novice Teachers Masaryk University masaryk-university Will You Trust This TLS Certificate? Perceptions of People Working in IT Masaryk University CROCS masaryk-university The eXpress Data Path: Fast Programmable Packet Processing in the Operating System Kernel String Abstraction for Model Checking of C Programs Masaryk University masaryk-university Extending DIVINE with Symbolic Verification Using SMT Masaryk University masaryk-university Symbolic Computation via Program Transformation Masaryk University masaryk-university