I am a Computer Science graduate student in the PhD program at UC Berkeley. My advisor is Sylvia Ratnasamy, and my research interests are primarily in computer networks. My dissertation focuses on new opportunities and challenges arising from moving middlebox services to clouds and ISPs.

I have graduated! Visit my new homepage here.

Selected Projects

I'm interested in big networking questions surrounding middleboxes, networked systems, measurement, Internet architecture, and cloud computing. Some of my past and current projects are below; more details are in my publications and in my CV.

APLOMB: Making Middleboxes Someone Else's Problem

In a study of 57 enterprise networks, we found that middleboxes like firewalls and caches are expensive, failure-prone, and difficult to manage. To resolve these challenges, we built APLOMB, a service which allows enterprises to ditch their middleboxes entirely. With APLOMB, cloud providers offer middleboxes as a "service" to enterprise clients who tunnel their traffic to a nearby datacenter to receive security and performance processing services.

Text [SIGCOMM 2012] Slides (PDF) Slides (PPTX) Video (YouTube)

FTMB: Rollback Recovery for Middleboxes

Awarded Best Student Paper at SIGCOMM 2015. Network middleboxes must offer high availability, with automatic failover when a device fails. Unlike routers, when middleboxes fail they most recover lost state about active network connections to perform properly; without this lost state clients face connection resets, downtime, or insecure behaviors. No existing middlebox design provides failover that is correct, fast to recover, and imposes little increased latency on failure-free operations. Our system, FTMB, adds only 30us of latency to median per packet latencies -- a 100-1000x improvement over existing fault-tolerance mechanisms. Our system introduces moderate throughput overheads (5-30%) and can reconstruct lost state in 40-275ms for practical system configurations.

Text [SIGCOMM 2015] Slides (PDF) Slides (KEY) Video (YouTube)

BlindBox: Deep Packet Inspection over Encrypted Traffic

The rapid rise in adoption of encrypted protocols like HTTPS means that middleboxes are in trouble. Unable to access the data they need to inspect or modify, they either fail to do their job entirely, or adopt supsicious "man in the middle" approaches to decrypt the user's traffic and circumvent user privacy goals. We propose and implement BlindBox, a middlebox which uses new cryptographic algorithms to process user connections while leaving the user's traffic encrypted. BlindBox is the first system which can both meet users demands for privacy and permit network providers to inspect and process traffic, e.g., for intrusion detection.

Text [SIGCOMM 2015] Extended Report [ePrint] Slides (PDF) Slides (KEY) Video (YouTube)

Silo: Predictable Message Latency in the Cloud

In cloud environments, many tenants share access to the network where their traffic may be queued, dropped, or throttled by the presence of other tenants' traffic. We designed and built Silo, a network architecture for public cloud architectures that can guarantee message completion times for all users; for large tranfers and even for short and latency-sensitive applications. Silo builds upon network calculus to determine how tenants with competing requirements can coexist, using a novel packet pacing mechanism to ensure the requirements are met. With Silo, clients can have the same kinds of guarantees from their public cloud as they would from a tightly engineered private network.

Text [SIGCOMM 2015]

RC3: Recursively Cautious Congestion Control

At startup, congestion control algorithms must carefully balance the desire to send aggressively -- making best use of available resources -- and to send cautiously -- in order to avoid congestion, heavy packet loss, and unfairness. TCP slow start takes the cautious route, sending only 4-10 packets in the first round trip time, and only slowly ramping up the sending rate from there. We propose RC3, which allows senders to send aggressively without the threat of heavy congestion or unfairness. RC3 `keeps the pipe full' from the very first RTT, sending additional traffic (beyond what TCP might send) at strictly lower priorities than normal traffic. We find that RC3 improves flow completion times in the wide area by 40-80%.

Text [NSDI 2014] Text [HotNets 2013] Simulation Code

Publications

Here is the obligatory list of all my publications for download :)

Conference Papers

1. Embark: Securely Outsourcing Middleboxes to the Cloud
   C. Lan, J. Sherry, R. A. Popa, S. Ratnasamy
   Proc. USENIX NSDI, 2016
   
2. Rollback Recovery for Middleboxes Awarded Best Student Paper
   J. Sherry, P. X. Gao, S. Basu, A. Panda, A. Krishnamurthy, C. Macciocco, M. Manesh, J. Martins, S. Ratnasamy, L. Rizzo, S. Shenker
   Proc. ACM SIGCOMM, 2015
3. BlindBox: Deep Packet Inspection over Encrypted Traffic
   J. Sherry, C. Lan, R. A. Popa, S. Ratnasamy
   Proc. ACM SIGCOMM, 2015. Extended Report and Proofs
4. Silo: Predictable Message Latency in the Cloud
   K. Jang, J. Sherry, H. Ballani, and T. Moncaster
   Proc. ACM SIGCOMM, 2015
5. Recursively Cautious Congestion Control
   R. Mittal, J. Sherry, S. Ratnasamy, S. Shenker
   Proc. USENIX NSDI, 2014
6. Low Latency via Redundancy.
   A. Vulimiri, P. B. Godfrey, R. Mittal, J. Sherry, S. Ratnasamy, S. Shenker
   Proc. ACM CoNeXT, 2013
7. Making Middleboxes Someone Else's Problem: Network Processing as a Cloud Service
   J. Sherry, S. Hasan, C. Scott, A. Krishnamurthy, S. Ratnasamy, V. Sekar
   Proc. ACM SIGCOMM, 2012
8. Resolving IP Aliases with Prespecified Timestamps
   J. Sherry, E. Katz-Bassett, M. Pimenova, H.V. Madhyastha, T. Anderson, A. Krishnamurthy
   Proc. ACM Internet Measurement Conference, 2010 CAIDA's Motu Dealiasing Tool
9. Reverse traceroute Awarded Best Paper
   E. Katz-Bassett, H.V. Madhayastha, V. Adhikari, C. Scott, J. Sherry, P. van Wesep, A. Krishnamurthy, T. Anderson
   Proc. USENIX NSDI, 2010.

Journal Papers

1. Open Interfaces to Carrier Networks
   A. Panda, M. McCauley, A. Toontoonchian, J. Sherry, T. Koponen, S. Ratnasamy, S. Shenker
   ACM Computer Communications Review, January 2016

Workshop Papers

1. How to improve your network performance by asking your provider for worse service
   R. Mittal, J. Sherry, S. Ratnasamy, S. Shenker
   Proc. ACM Workshop on Hot Topics in Networks (HotNets) 2013
2. Meddle: Middleboxes for Increased Transparency and Control of Mobile Traffic Awarded Best Paper
   A. Rao, D. Choffnes, J. Sherry, A. Legaut, A. Krishnamurthy, and W. Dabbous
   CoNEXT 2012 Student Workshop

Technical Reports & Manuscripts

Manuscripts superceded by conference versions are omitted.

1. A Dual-Channel Approach to Protocol Design in the Presence of Middleboxes
   S. Wang, J. Sherry, S. Han
   UC Berkeley, Department of Electrical Engineering and Computer Sciences
   Technical Report No. UCB/EECS-2013-205
2. Netcalls: End Host Function Calls to Network Traffic Processing Services
   J. Sherry, D. C. Kim, S. S. Mahalingam, A. Tang, S. Wang, S. Ratnasamy
   UC Berkeley, Department of Electrical Engineering and Computer Sciences
   Technical Report No. UCB/EECS-2012-175

Theses

1. Future Architectures for Middlebox Processing Services on the Internet and in the Cloud
   Masters Report
   UC Berkeley, Department of Electrical Engineering and Computer Sciences
   Technical Report No. UCB/EECS-2012-240
   Advisor: Sylvia Ratnasamy. Second Reader: Scott Shenker
2. Applications of the IP Timestamp Option to Internet Measurement Awarded Best Senior Thesis
   Honors Bachelor's Thesis
   Computer Science & Engineering, University of Washington, March 2010
   Advisors: Tom Anderson and Arvind Krishnamurthy
3. Unlocking the Potential of Cell Phones
   In From the Bottom Up: Rethinking United States Development Assistance, pp 200-321
   Editors S. Arbogast, A. O’Leary, W. Latsch
   Task Force Report
   Jackson School of International Studies, University of Washington, March 2009

Etc.

• My talk bio is here.
• That one time I was on the Packet Pushers podcast.
• That one time I gave a talk in Spanish.
• Seattle people really are coffee snobs; I used to have coffee recs here but it got so big I had to move it to a separate page.
• Tiny Transactions on Computer Science is the premier research venue for computer science research in 140 characters or less.
• A long, rambling, mostly personal corpus of advice on applying to Computer Science grad school (by me for UWCSE students)
  • If you are a UW or Cal undergrad thinking about CS grad school, I'd be happy to talk to you in person (just email me). If you go to another school, I promise there are equivalent people to talk to at your institution (please contact them).
• A literary tour of academia. Things that are worth reading:
  • The Loss of the Creature, by Walker Percy
  • The Library of Babel, by Jorge Luis Borges
  • Also Borges: Tlon, Uqbar, Orbis Tertius
  • The Structure of Scientific Revolutions, by Thomas Kuhn
  • Tussle in Cyberspace: Defining Tomorrow's Internet, by Clark, Wroclawski, Sollins, and Braden
  • Enoch Soames, by Max Beerbohm
  • The Dead Past, by Isaac Asimov
  • Lord Moulton's 1914 Address on Babbage and the Analytical Engine

Elsewhere:

• I keep a blog.
• Facebook
• Last.fm
• Twitter
• RenRen (no, I don't speak Chinese)
• Wikipedia