Doctoral Thesis Oral Defense - Nirav Atre August 29, 2025 10:00am — 11:30am Location: In Person and Virtual - ET - Traffic21 Classroom and Zoom Speaker: NIRAV ATRE , Ph.D. Candidate Computer Science Department Carnegie Mellon University https://www.cs.cmu.edu/~natre/ Refining Classical Abstractions of Network Subsystems We reason about computer systems via models of their behavior — whether implicit mental models, or explicit mathematical models. These models are the linchpins of our decision-making ability, e.g., in formulating service-level agreements (SLAs), or tendering performance claims. Unfortunately, a growing disconnect between how systems are modeled and how they are actually deployed has engendered a class of problems I call model incongruity: circumstances where a model's prediction deviates significantly from real-world behavior. Model incongruities are highly pervasive in modern systems, resulting in expensive performance anomalies, scalability bottlenecks, and security vulnerabilities.In this thesis, we argue that many incongruities observed in practice today are not a fundamental limitation of our modeling capabilities, but rather artifacts of using the wrong models. We show that: (a) assumptions centrally underpinning contemporary models of network subsystems have drifted far from deployment realities; (b) these assumptions are frequently violated in the field, subverting the operator's expectations about key metrics in highly unexpected ways; and, (c) making modest model refinements not only yields designs with state-of-the-art performance, attack resilience, and scalability, but also enables us to make rigorous mathematical guarantees about the resulting system's behavior.We exemplify this point using case studies of three ubiquitous network subsystems. First, I will describe "delayed hits", an incongruity arising in high-performance caching systems which breaks the textbook caching principle that maximizing cache hit-rate also minimizes latency, and causes every existing caching algorithm to make latency-suboptimal decisions; in this context, I will introduce Minimum-AggregateDelay (MAD), a turnkey augmentation to existing algorithms that makes them aware of delayed hits, yielding 5-35% lower request latencies. Second, I will describe "algorithmic complexity attacks" (ACAs), a highly potent class of Denial-of-Service attacks arising from transient workload incongruity; in this context, I will introduce SurgeProtector, an adversarial scheduling framework that provably protects network dataplanes against ACAs, resulting in 90-99% reduction in harm for the same volume of attack traffic. Finally, I will describe BBQ, a system borne out of addressing design incongruity in hardware packet schedulers which, for the first time, makes it feasible to deploy packet scheduling at line-rate on modern switches and SmartNICs. Thesis CommitteeJustine Sherry (Chair)Vyas Sekar Weina Wang Brighten Godfrey (University of Illinois Urbana-Champaign)In Person and Zoom Participation. See announcement. For More Information: matthewstewart@cmu.edu Add event to Google Add event to iCal
