A - Z Index | Phone Book | Careers

Vern Paxson Honored

ACM SIGCOMM Award cites lifetime contributions to Internet measurement, security

August 11, 2011

Contact: Jon Bashor, Jbashor@lbl.gov, +1 510 486 5849

XBD200802-00060.jpg

Vern Paxson, holder of joint appointments at UC Berkeley, the International Computer Science Institute and Berkeley Lab’s Computational Research Division, has been named recipient of this year’s ACM SIGCOMM Award (Photo: LBNL)

Vern Paxson, who holds joint appointments at UC Berkeley, the International Computer Science Institute and Berkeley Lab’s Computational Research Division, has been named recipient of this year’s ACM SIGCOMM Award "for his seminal contributions to the fields of Internet measurement and Internet security, and for distinguished leadership and service to the Internet community."

The award is given annually by the Association for Computing Machinery's Special Interest Group on Data Communications (SIGCOMM) and recognizes lifetime contribution to the field of communication networks. The award will be presented at the 2011 ACM SIGCOMM Technical Conference to be held Aug. 15-19 in Toronto.

Paxson will deliver the opening keynote address at the conference, giving his "Reflections on Measurement Research: Crooked Lines, Straight Lines, and Moneyshots."

"It's a huge honor because this is the top award for researchers in network communications," Paxson said. "I’m very flattered. And though it’s hard for me to look at my own work objectively, it’s clear that several of my papers have been very influential, which is immensely satisfying."

At the outset of his career in the early 1990s, Paxson admits, he didn’t find networking particularly interesting. But Van Jacobson, head of the Lab’s Network Research Group, lobbied hard to convince him that networking was interesting and that, in fact, the Internet was going to be a really big thing. While working at the Lab, Paxson continued his studies at UC Berkeley.

"There is no way I would have been able to earn my Ph.D. and have the career I do today without the support of the Lab and the work study program," he said. "And the support of Van Jacobson and Stu Loken was critical. I have always been very grateful for the Lab’s support."

Paxson is perhaps best known for his development work on the Bro intrusion detection system. Named after George Orwell’s always watching Big Brother, Bro monitors incoming and outgoing network traffic, constantly on the lookout for suspicious traffic patterns. When threats are detected, Bro automatically blocks the traffic and notifies security personnel.

"Bro continues to be the cornerstone of Berkeley Lab’s cyber security system," said Berkeley Lab CIO Rosio Alvarez. "Vern’s original architecture design is extremely adaptable and allows Bro to easily keep up with emerging threats, which makes it unique among security applications. Every day, Bro continues to block thousands of hostile attempts aimed at Berkeley Lab."

Not only has Bro served as Berkeley Lab’s primary cyber security application for a decade, but it has also be adopted by leading universities, including the University of California, UCLA, University of Colorado, The Ohio State University, Penn State University Indiana University, University of Albany, Syracuse University, Baylor University and the University of Auckland, New Zealand.  Supercomputing centers like Berkeley Lab’s National Energy Research Scientific Computing (NERSC) Center are particular attractions for internet hackers, and Bro is used at NERSC, as well as Argonne National Laboratory, the National Center for Atmospheric Research (NCAR), the National Center for Supercomputing Applications (NCSA), the Pittsburgh Supercomputing Center and the Texas Advanced Computing Center.

Bro grew out of Paxson’s research in measuring and characterizing traffic on the Internet. In 2008, ACM recognized his work in this field with the Grace Murray Hopper Award. In its announcement, ACM noted “Paxson’s Ph.D. thesis—a tome at over 400 pages—is one of the only dissertations that was (and still is) widely read by other researchers in the networking community,” according to the ACM. “His early measurement papers are still widely cited, and his style of research adopted as a gold standard for how to measure a complex, heterogeneous network like the Internet and make statistically sound statements about its properties and their implications. The vibrancy of the Internet Measurement Conference (which he co-created in 2001) and the prevalence of measurement papers at other networking conferences are a testament to the influence of his initial research in this area.”

In 2006, Paxson received ACM SIGCOMM’s first-ever “Test of Time Award” for his 1996 paper developing a measurement methodology to effectively collect and assess the performance of the Internet, even though the data came from stations sitting at the edge — instead of the center — of the network. The award recognizes research from 10 to 12 years ago that marked a milestone in its field and continues to provide insight today.

The award noted that Paxson carried out his research at a time when measuring the network’s performance had become increasingly difficult for scientists. The growing number of competing Internet service providers and privacy worries had created roadblocks for researchers interested in accessing data about the network’s core. It was in this context that Paxson was pursuing his Ph.D. dissertation research at UC Berkeley while working as a member of the Lab’s Network Research Group (NRG). His overall topic was “What sort of performance do Internet transfers achieve, and why?” To address this question in a sound fashion required judicious application of the right tools, including the tcpdump and traceroute utilities developed by NRG’s Van Jacobson (and now ubiquitously employed in network measurement).

Paxson gathered and produced meaningful analysis of 40,000 route measurements conducted in a “mesh” across 37 Internet sites. The work, published in the annual SIGCOMM conference in a paper titled “End-to-End Routing Behavior in the Internet,” sought to answer questions about the network’s stability, symmetry, infrastructure failures, temporary outages, and routing pathologies.

According to Deb Agarwal, head of the Advanced Computing for Science Department within CRD, Paxson’s latest award is well-deserved recognition of work done by the NRG during its heyday in the 1990s. In fact, the award has also been given to former NRG members Van Jacobson (2001) and Sally Floyd (2007).

“It’s really remarkable what came out of that group and it all began with Van and his vision and leadership,” Paxson said.