Recent jsys items

[SoK] Systematizing Inference Placement For Deep Learning Across Edge And Cloud Platforms: A Multi-Objective Optimization Perspective

Sun, 25 Jan 2026 00:00:00 +0000

Edge intelligent applications like VR/AR and language model based chatbots have become widespread with the rapid expansion of IoT and mobile devices. However, constrained edge devices often cannot serve the increasingly large and complex deep learning (DL) models. To mitigate these challenges, researchers have proposed optimizing and offloading partitions of DL models among user devices, edge servers, and the cloud. In this setting, users can take advantage of different services to support their intelligent applications. For example, edge resources offer low response latency. In contrast, cloud platforms provide low monetary cost computation resources for computation-intensive workloads. However, communication between DL model partitions can introduce transmission bottlenecks and pose risks of data leakage. Recent research aims to balance accuracy, computation delay, transmission delay, and privacy concerns. They address these issues with model compression, model distillation,...

[SOK] Large Language Models in Security Code Review and Testing

Fri, 23 Jan 2026 00:00:00 +0000

In this paper, we systematically present and discuss practical applications of Large Language Models (LLMs) in software security, concretely in code vulnerability detection, fuzz testing, and exploit generation. Measurements of various research outcomes are analyzed to answer questions about the performance of LLMs in those fields, including a comparison with tools that follow traditional approaches. In addition, the drawbacks and a future outlook, along with a delineation of technical challenges, are provided. Challenges include the cost- and time-intensive training of LLMs, the limited context-length understanding of program code, the high false positive rate due to hallucinations, and keeping the data up-to-date so that definitions of newly detected vulnerabilities are covered.

[Solution] IPA: Inference Pipeline Adaptation to achieve high accuracy and cost-efficiency

Thu, 25 Apr 2024 00:00:00 +0000

Efficiently optimizing multi-model inference pipelines for fast, accurate, and cost-effective inference is a crucial challenge in machine learning production systems, given their tight end-to-end latency requirements. To simplify the exploration of the vast and intricate trade-off space of latency, accuracy, and cost in inference pipelines, providers frequently opt to consider one of them. However, the challenge lies in reconciling latency, accuracy, and cost trade-offs. To address this challenge and propose a solution to efficiently manage model variants in inference pipelines, we present IPA, an online deep learning Inference Pipeline Adaptation system that efficiently leverages model variants for each deep learning task. Model variants are different versions of pre-trained models for the same deep learning task with variations in resource requirements, latency, and accuracy. IPA dynamically configures batch size, replication, and model variants to optimize accuracy, minimize...

[SoK] Evaluations in Industrial Intrusion Detection Research

Tue, 31 Oct 2023 00:00:00 +0000

Industrial systems are increasingly threatened by cyberattackswith potentially disastrous consequences. To counter suchattacks, industrial intrusion detection systems strive to timelyuncover even the most sophisticated breaches. Due to its criticality for society, this fast-growing field attracts researchersfrom diverse backgrounds, resulting in 130 new detectionapproaches in 2021 alone. This huge momentum facilitatesthe exploration of diverse promising paths but likewise risksfragmenting the research landscape and burying promisingprogress. Consequently, it needs sound and comprehensibleevaluations to mitigate this risk and catalyze efforts into sustainable scientific progress with real-world applicability. Inthis paper, we therefore systematically analyze the evaluationmethodologies of this field to understand the current stateof industrial intrusion detection research. Our analysis of609 publications shows that the rapid growth of this researchfield has positive and negative...

[Tool] Automatically Extracting Hardware Descriptions from PDF Technical Documentation

Tue, 31 Oct 2023 00:00:00 +0000

The ever-increasing variety of microcontrollers aggravatesthe challenge of porting embedded software to new devicesthrough much manual work, whereas code generators can beused only in special cases. Moreover, only little technical documentation for these devices is available in machine-readableformats that could facilitate automating porting efforts. Instead, the bulk of documentation comes as print-orientedPDFs. We hence identify a strong need for a processor toaccess the PDFs and extract their data with a high quality toimprove the code generation for embedded software.

In this paper, we design and implement a modular processor for extracting detailed datasets from PDF files containing technical documentation using deterministic table processing for thousands of microcontrollers. Namely, we systematically extract device identifiers, interrupt tables, package and pinouts, pin functions, and register maps. In our evaluation, we compare the documentation from STMicro againstexisting...

[Solution] Mason: Scalable, Contiguous Sequencing for Building Consistent Services

Wed, 14 Jun 2023 00:00:00 +0000

Some recent services use a sequencer to simplify ordering operations on sharded data. The sequencer assigns each operation a multi-sequence number which explicitly orders the operation on each shard it accesses. Existing sequencers have two shortcomings. First, failures can result in some multi-sequence numbers never being assigned, exposing a non-contiguous multi-sequence, which requires complex scaffolding to handle. Second, existing implementations use single-machine sequencers, limiting service throughput to the ordering throughput of one machine.

We make two contributions. First, we posit that sequencers should expose our new contiguous multi-sequence abstraction. Contiguity guarantees every sequence number is assigned an operation, simplifying the abstraction. Second, we design and implement MASON , the first system to expose the contiguous multi-sequence abstraction and the first to provide a scalable multi-sequence. MASON is thus an ideal building block for consistent,...

[Solution] Byzantine Cluster-Sending in Expected Constant Cost and Constant Time

Mon, 12 Jun 2023 00:00:00 +0000

Traditional resilient systems operate on fully-replicated fault-tolerant clusters, which limits their scalability and performance. One way to make the step towards resilient high-performance systems that can deal with huge workloads is by enabling independent fault-tolerant clusters to efficiently communicate and cooperate with each other, as this also enables the usage of high-performance techniques such as sharding. Recently, such inter-cluster communication was formalized as the Byzantine cluster-sending problem. Unfortunately, existing worst-case optimal protocols for cluster-sending all have linear complexity in the size of the clusters involved.

In this paper, we propose probabilistic cluster-sending techniques as a solution for the cluster-sending problem with only an expected constant message complexity, this independent of the size of the clusters involved and this even in the presence of highly unreliable communication. Depending on the robustness of the clusters...

[Problem] Cerberus: Minimalistic Multi-shard Byzantine-resilient Transaction Processing

Tue, 6 Jun 2023 00:00:00 +0000

To enable scalable resilient blockchain systems, several powerful general-purpose approaches toward sharding such systems have been demonstrated. Unfortunately, these approaches all come with substantial costs for ordering andexecution of multi-shard transactions.

In this work, we ask whether one can achieve significantcost reductions for processing multi-shard transactions by limiting the type of workloads supported. To initiate the study of this problem, we propose CERBERUS, a family of minimalistic primitives for processing single-shard and multi-shard UTXO-like transactions. The first CERBERUS variant we propose is core-CERBERUS (CCERBERUS). CCERBERUS uses strict UTXO-based environmental requirements to enable powerful multi-shard transaction processing with an absolute minimum amount of coordination between shards. In the environment we designed CCERBERUS for, CCERBERUS will operate perfectly with respect to all transactions proposed and approved by well-behaved...

[Solution] Algorithmic Heap Layout Manipulation in the Linux Kernel

Wed, 1 Feb 2023 00:00:00 +0000

To evaluate the severity of a security vulnerability a security researcher usually tries to prove its exploitability by writing an actual exploit. In the case of buffer overflows on the heap, a necessary part of this is manipulating the heap layout in a way that creates an exploitable state, usually by placing a vulnerable object adjacent to a target object. This requires manual effort and extensive knowledge of the target. With a target as complex as the Linux kernel, this problem becomes highly non-trivial. At the current time, there has been little research in terms of employing algorithmic solutions for this. In this work, we present Kernel-SIEVE, a framework for evaluating heap layout manipulation algorithms that target the SLAB/SLUB allocator in the Linux kernel. Inspired by previous work that targets user-space allocators [33–35] it provides an interface for triggering allocations/deallocations in the kernel and contains a feedback loop that returns the resulting distance...

[Solution] Mir-BFT: Scalable and Robust BFT for Decentralized Networks

Mon, 24 Oct 2022 00:00:00 +0000

This paper presents Mir-BFT, a robust Byzantine fault-tolerant (BFT) total order broadcast protocol aimed at maxi-mizing throughput on wide-area networks (WANs), targetingdeployments in decentralized networks, such as permissionedand Proof-of-Stake permissionless blockchain systems.

Mir-BFT is the first BFT protocol that allows multiple lead-ers to propose request batches independently (i.e., parallelleaders), while effectively precluding performance degrada-tion due to request duplication by rotating the assignmentof a partitioned request hash space to leaders. As this mech-anism removes the single-leader bandwidth bottleneck andexposes a computation bottleneck related to authenticatingclients even on a WAN, our protocol further boosts through-put using a client signature verification sharding optimization.Our evaluation shows that Mir-BFT outperforms state-of-the-art single-leader protocols and orders more than 60000 signedBitcoin-sized (500-byte) transactions per second...

[SoK] The Great GAN Bake Off, An Extensive Systematic Evaluation of Generative Adversarial Network Architectures for Time Series Synthesis

Wed, 28 Sep 2022 00:00:00 +0000

There is no standard approach to compare the success ofdifferent neural network architectures utilized for time seriessynthesis. This hinders the evaluation and decision process,as to which architecture should be leveraged for an unknowndata set. We propose a combination of metrics, which empiri-cally evaluate the performance of neural network architecturestrained for time series synthesis. With these measurementswe are able to account for temporal correlations, spatial cor-relations and mode collapse issues within the generated timeseries.

We further investigate the interaction of different genera-tor and discriminator architectures between each other. Theconsidered architectures include recurrent neural networks,temporal convolutional networks and transformer-based net-works. So far, the application of transformer-based models islimited for time series synthesis. Hence, we propose a newtransformer-based architecture, which is able to synthesisetime series. We evaluate...

[Solution] End-to-end Scheduling of Real-time Task Pipelines on Multiprocessors

Sun, 28 Aug 2022 00:00:00 +0000

Task pipelines are common in today’s embedded systems, as data moves from source to sink in sensing-processing-actuation task chains. A real-time task pipeline is constructed by connecting a series of periodic tasks with data buffers. In a time-critical system, end-to-end timing and data-transfer properties of a task pipeline must be guaranteed. A guarantee could be mathematically expressed by assigning constraints to the tasks of a pipeline. However, deriving task scheduling parameters to meet end-to-end guarantees is an NP-hard constraint optimization problem. Hence, a traditional constraint solver is not a suitable runtime solution.

In this paper, we present a heuristic constraint solver algorithm, CoPi, to derive the execution times and periods of pipelined tasks that meet the end-to-end constraints and schedulability requirements. We consider two upper bound constraints on a task pipeline: end-to-end delay and loss-rate. After satisfying these constraints, CoPi schedules...

[Solution] Prepare your video for streaming with Segue

Thu, 21 Jul 2022 00:00:00 +0000

We identify new opportunities in video streaming, involving the joint consideration of offline video chunking and on-line rate adaptation. Due to a video’s complexity varyingover time, certain parts are more likely to cause performanceimpairments during playback with a particular rate adaptationalgorithm. To address such an issue, we propose Segue ,which carefully uses variable-length video segments, and augment specific segments with additional bitrate tracks. The keynovelty of our approach is in making such decisions basedon the video’s time-varying complexity and the expected rateadaptation behavior over time. We propose and implementseveral methods for such adaptation-aware chunking. Ourresults show that Segue substantially reduces rebufferingand quality fluctuations, while maintaining video quality delivered; Segue improves QoE by 9% on average, and by 22%in low-bandwidth conditions. Finally, we view our problemframing as a first step in a new thread on algorithmic anddesign...

[SoK] Identifying Mismatches Between Microservice Testbeds and Industrial Perceptions of Microservices

Tue, 21 Jun 2022 00:00:00 +0000

Industrial microservice architectures vary so wildly in their characteristics, such as size or communication method, that comparing systems is difficult and often leads to confusion and misinterpretation. In contrast, the academic testbeds used to conduct microservices research employ a very constrained set of design choices. This lack of systemization in these key design choices when developing microservice architectures has led to uncertainty over how to use experiments from testbeds to inform practical deployments and indeed whether this should be done at all. We conduct semi-structured interviews with industry participants to understand the representativeness of existing testbeds’ design choices. Surprising results included the presence of cycles in industry deployments, as well as a lack of clarity about the presence of hierarchies. We then systematize the possible design choices we learned about from the interviews, and identify important mismatches between our interview...

[Solution] ALCC: Migrating Congestion Control To The Application Layer In Cellular Networks

Sat, 5 Mar 2022 00:00:00 +0000

TCP is known to perform poorly in cellular network environ- ments. Yet, most mobile applications are explicitly built on the conventional TCP stack or implicitly leverage TCP tun- nels to various cellular middleboxes, including performance- enhancing proxies, application-specific edge proxies, VPN proxies and NAT boxes. Despite significant advances in the design of new congestion control (CC) protocols for cellular networks, deploying these protocols without bypassing the underlying TCP tunnels has remained a challenging propo- sition. This paper proposes the design of a new Application Layer Congestion Control (ALCC) framework that allows any new CC protocol to be implemented easily at the application layer, within or above an application-layer protocol that sits atop a legacy TCP stack. It drives it to deliver approximately the same as the native performance. The ALCC socket sits on top of a traditional TCP socket. Still, it can leverage the large congestion windows opened...

[Tool] Designing Replicable Networking Experiments With Triscale

Sun, 14 Nov 2021 00:00:00 +0000

When designing their performance evaluations, networking researchers often encounter questions such as: How long should a run be? How many runs to perform? How to account for the variability across multiple runs? What statistical methods should be used to analyze the data? Despite their best intentions, researchers often answer these questions differently, thus impairing the replicability of their evaluations and the confidence in their results.

In this paper, we propose a concrete methodology for the design and analysis of performance evaluations. Our approach hierarchically partitions the performance evaluation into three timescales, following the principle of separation of concerns. The idea is to understand, for each timescale, the temporal characteristics of variability sources, and then to apply rigorous statistical methods to derive performance results with quantifiable confidence in spite of the inherent variability. We implement this methodology in a software...

[Solution] Matchmaker Paxos: A Reconfigurable Consensus Protocol

Wed, 22 Sep 2021 00:00:00 +0000

State machine replication protocols, like MultiPaxos and Raft, are at the heart of numerous distributed systems. To tol- erate machine failures, these protocols must replace failed machines with new machines, a process known as reconfigu- ration. Reconfiguration has become increasingly important over time as the need for frequent reconfiguration has grown. Despite this, reconfiguration has largely been neglected in the literature. In this paper, we present Matchmaker Paxos and Matchmaker MultiPaxos, a reconfigurable consensus and state machine replication protocol respectively. Our protocols can perform a reconfiguration with little to no impact on the latency or throughput of command processing; they can per- form a reconfiguration in a few milliseconds; and they present a framework that can be generalized to other replication pro- tocols in a way that previous reconfiguration techniques can not. We provide proofs of correctness for the protocols and optimizations, and present...

SoK: A Generalized Multi-Leader State Machine Replication Tutorial

Mon, 20 Sep 2021 00:00:00 +0000

MultiPaxos and Raft are the two most popular and widely deployed state machine replication protocols. There is a more sophisticated family of generalized multi-leader state machine replication protocols like EPaxos, Caesar, and Atlas that have better performance, but they are extremely complicated and hard to understand. Due to their complexity, they have seen little to no industry adoption, and academically there has been a lack of clarity in analyzing, comparing, and extending the protocols. This paper is a tutorial on generalized multi-leader protocols. We explain why the protocols work the way they do, what they have in common, where they differ, which parts of the protocols are straightforward, which are more subtle than they appear, and so on. In doing so, we present four new generalized multi-leader protocols, identify key insights into existing protocols, and taxonomize the space.

SoK: Function-As-A-Service: From An Application Developer’s Perspective

Mon, 20 Sep 2021 00:00:00 +0000

In the past few years, FaaS has gained significant popularity and became a go-to choice for deploying cloud applications and micro-services. FaaS with its unique ‘pay as you go’ pricing model and key performance benefits over other cloud services, offers an easy and intuitive programming model to build cloud applications. In this model, a developer focuses on writing the code of the application while infrastructure management is left to the cloud provider who is responsible for the underlying resources, security, isolation, and scaling of the application. Recently, a number of commercial and open-source FaaS platforms have emerged, offering a wide range of features to application developers. In this paper, first, we present measurement studies demystifying various fea- tures and performance of commercial and open-source FaaS platforms that can help developers with deploying and con- figuring their serverless applications. Second, we discuss the distinct performance and cost...