N 37.43032°, W 122.17309°
Bio: Keith Winstein is an assistant professor of computer science and, by courtesy, of electrical engineering at Stanford University. His research group creates new kinds of networked systems by rethinking abstractions around communication, compression, and computing. Some of his research has found broader use, including the Mosh tool, the Puffer video-streaming site, the Lepton compression tool, the Mahimahi network emulators, the gg lambda-computing framework, and the use of a temporal reordering threshold to detect packet loss. His work has received the Sloan Research Fellowship, the Usenix NSDI Community Award (2020, 2017), the Applied Networking Research Prize (2021, 2014), the Usenix ATC Best Paper Award, a Google Faculty Research Award (2017, 2015), a Facebook Faculty Award, the ACM SIGCOMM Doctoral Dissertation Award, and a Sprowls award for best doctoral thesis in computer science at MIT. Winstein previously served as a staff reporter at The Wall Street Journal, was one of the story consultants for HBO's "Silicon Valley," and worked at Ksplice, a startup company (now part of Oracle) where he was the vice president of product management and business development and also cleaned the bathroom. He did his undergraduate and graduate work at MIT.
CV: Here is my CV.
In the Fall 2020 term, I am teaching CS 144: Introduction to Computer Networking with Nick McKeown.
I have also taught CS 181/181W: Computers, Ethics, and Public Policy, a first-year seminar (CS 81N: Hackers and Heroes), a graduate networking seminar (CS 344G: Network Application Studio), and CS 244: Advanced Topics in Networking.
Tong Li, Kai Zheng, Ke Xu, Rahul Arvind Jadhav, Tao Xiong, KW, and Kun Tan, TACK: Improving Wireless Transport Performance by Taming Acknowledgments, SIGCOMM 2020.Tong Li and I met and had dinner together when I visited Huawei in 2018, and we talked about Tong's efforts with his Huawei and Tsinghua colleagues to design a new acknowledgment scheme for TCP. Tong ended up developing TACK in part by iterating its design on our Pantheon of Congestion Control, a testbed that included nodes with cellular connectivity around the world and, until 2020, ran automated bake-offs every week and published the resulting packet traces. Tong deployed 16 different versions of the TACK scheme on the Pantheon as the system collected many gigabytes of packet traces throughout 2018 and 2019. The TACK scheme is now deployed for real on Huawei's smart TVs and Mate 20 smartphones.
Zhixiong Niu, Hong Xu, Peng Cheng, Qiang Su, Yongqiang Xiong, Tao Wang, Dongsu Han, and KW, NetKernel: Making Network Stack Part of the Virtualized Infrastructure, USENIX ATC, July 2020.
Earlier: Zhixiong Niu, Hong Xu, Dongsu Han, Peng Cheng, Yongqiang Xiong, Guo Chen, and KW, Network Stack as a Service in the Cloud, ACM HotNets, Palo Alto, Calif., November 2017.What if VMs interacted with the outside world not via a virtual NIC, but through stream sockets, with the TCP implementation provided by the host?
Francis Y. Yan, Hudson Ayers, Chenzhi Zhu, Sadjad Fouladi, James Hong, Keyi Zhang, Philip Levis, and KW, Learning in situ: a randomized experiment in video streaming, Usenix NSDI 2020, Santa Clara, Calif., 2020 (won 2020 Community Award).Francis and our co-authors set up a website that streamed 38+ years of video to 63,500+ users over the course of a year; we found that variability, and therefore statistical uncertainty, is bigger than had been documented (calling into question the reliability of some past research in this area), and that "dumb" ABR schemes may be able to outperform some more-sophisticated schemes. We describe a way of learning in place (in situ) that appears to alleviate, at least partly, some of the pitfalls that have afflicted other ML approaches. The website is still live, and we welcome contributions from researchers who would like to evaluate or develop new algorithms for ABR selection, throughput prediction, or congestion control. We also welcome contributions from viewers who would like to contribute to the experiments by watching TV.
Cracking open the DNN black-box: Video Analytics with DNNs across the Camera-Cloud Boundary,
Workshop on Hot Topics in Video Analytics and Intelligent Edges (HotEdgeVideo 2019),
Los Cabos, Mexico.|
With our collaborators at Microsoft, we explored outsourcing computer-vision computations given three constraints: limited compute power (or actual power!) on a device, limited communications capacity off the device, and limited tolerance for end-to-end loss (e.g., classification mistakes). To me, one of the biggest contributions our paper made may have been in the axes: the idea that (given equal end-to-end accuracy, or at least an equal tolerance for loss) there is a tradeoff between the need for local compute (on the x-axis, above) and communication (y-axis), and that schemes should be evaluated in this way and viewed as part of a tradeoff space.
Sadjad Fouladi, Francisco Romero, Dan Iter, Qian Li, Shuvo Chatterjee, Christos Kozyrakis, Matei Zaharia, and KW, From Laptop to Lambda: Outsourcing Everyday Jobs to Thousands of Transient Functional Containers, USENIX ATC, Renton, Wash., 2019.Framework to "functionalize" everyday tasks (e.g., software compilation, unit tests, video encoding, object recognition, ...) and, with their data-dependencies well-described, offload them efficiently to quick bursts of 5,000+ lambda functions executing in parallel. Imagine expressing workflows in, auto-converting existing workflows into, a sort of Parallel-Haskell-like representation. This paper tries to bust the myths that S3 is slow for small files (it depends on the client implementation), lambdas are slow to start en masse (it depends on the client implementation) and that AWS Lambda forbids direct network communication between workers (NAT-traversal techniques can connect them). More practical info is in the followup paper in Usenix ;login: magazine.
Kalev Alpernas, Cormac Flanagan, Sadjad Fouladi, Leonid Ryzhyk, Mooly Sagiv, Thomas Schmitz, and KW, Secure serverless computing using dynamic information flow control, Proc. ACM Program. Lang. 2, OOPSLA, Article 118 (November 2018).How do you reason about information flow in a complex application of interconnected “serverless” functions? One answer is that if the application expresses its jobs in a functional content-addressed way (as in our gg system), enforcing and reasoning about information flow control becomes almost trivial.
Francis Y. Yan, Jestin Ma, Greg Hill, Deepti Raghavan, Riad S. Wahby, Philip Levis, and KW, Pantheon: the training ground for Internet congestion-control research, USENIX ATC ’18, Boston, Mass., July 2018 (won Best Paper award).
The Pantheon is a community evaluation platform for academic research on congestion control. It includes a curated collection of working implementations of congestion-control schemes, a testbed of measurement nodes on wired and cellular networks, a collection of network emulators (each calibrated to match the performance of a real network path or to capture some form of pathological network behavior), and a continuous-testing system that evaluates the Pantheon protocols over the real Internet between pairs of testbed nodes and publicly archives the resulting packet traces and analyses. Pantheon evaluations have assisted congestion-control research that appeared at NSDI 2018 (Copa and Vivace), ICML 2019 (Aurora), and SIGCOMM 2020 (TACK).
Sadjad Fouladi, John Emmons, Emre Orbay, Catherine Wu, Riad S. Wahby, and KW, Salsify: low-latency network video through tighter integration between a video codec and a transport protocol, in USENIX NSDI ’18, Renton, Wash., April 2018 (won 2021 Applied Networking Research Prize).
Salsify is a new design for real-time Internet video that jointly controls a video codec and a network transport protocol. Current systems (Skype, Facetime, WebRTC) run these components independently, which produces more glitches and stalls when the network is unpredictable. In testing, Salsify consistently outperformed today’s real-time video systems in both quality and delay.
Dmitry Kogan, Henri Stern, Ashley Tolbert, David Mazières, and KW, The Case For Secure Delegation, ACM HotNets, Palo Alto, Calif., November 2017.
Dima and Henri developed and released an open-source tool, called Guardian Agent, that performs secure ssh-agent forwarding for SSH and Mosh in a backwards-compatible way.
Michael Schapira and KW, Congestion-Control Throwdown, ACM HotNets, Palo Alto, Calif., November 2017.
Michael (as Hamilton) and I (Burr) were stuck on an airplane together and found ourselves at loggerheads about Internet congestion control. We put our disagreement to good use by collaborating on a throwdown-in-the-form-of-a-paper (and later an actual throwdown, at HotNets 2017).
Judson Wilson, Riad S. Wahby, Henry Corrigan-Gibbs, Dan Boneh, Philip Levis, and KW, Trust but Verify: Auditing the Secure Internet of Things, MobiSys 2017.
A way of using TLS that can allow the owners of IoT devices to learn what their own devices are saying about them to the cloud, without compromising the integrity of encrypted communications.
Sadjad Fouladi, Riad S. Wahby, Brennan Shacklett, Karthikeyan Vasuki Balasubramaniam, William Zeng, Rahul Bhalerao, Anirudh Sivaraman, George Porter, and KW, with demo by John Emmons, Encoding, Fast and Slow: Low-Latency Video Processing using Thousands of Tiny Threads, NSDI 2017, Boston, Mass., March 2017.We think ExCamera started the movement to (mis-)use cloud-functions services for massively “burst-parallel” data processing. The system achieves low-latency video processing by combining a purely functional implementation of a VP8 codec (to allow parallelization at granularities smaller than the interval between key frames) with a framework that starts thousands of tiny jobs on AWS Lambda at once, each processing a small segment of the video.
Daniel Reiter Horn, Ken Elkabany, Chris Lesniewski-Laas, and KW, The Design, Implementation, and Deployment of a System to Transparently Compress Hundreds of Petabytes of Image Files For a File-Storage Service, NSDI 2017, Boston, Mass., March 2017 (won 2017 Community Award).
We added transparent recompression of JPEGs to the Dropbox back-end fileservers, compressing more than 200 petabytes of user data by about 23 percent. To achieve this, we created a purely functional implementation of the JPEG DC-predicted Huffman coder and adapted the VP8 format, to be able to resume compression and decompression at the arbitrary boundaries between prespecified filesystem blocks. The system is about 9x faster, and within 1 percentage point of the compression efficiency, of the best prior work. It is available as free software.
In 2007, an academic cardiologist downloaded 42 medical studies from the Web site of drug giant GlaxoSmithKline, combined them in a meta-analysis, and found that Avandia, the world's best-selling diabetes drug, caused heart attacks. GSK lost about $12 billion in sales and market value. But a different way to analyze the same data—a “Bayesian” way—finds that the drug actually reduces heart attacks. Or does it?
We often hear of this conflict, between Bayesian and “frequentist” statistics. But much of the conflict is misguided. Viewed formally, on the same axes, the two schools of statistics turn out to share a tight symmetry. Criticisms of each can be transformed into a corresponding criticism of the other.
Slides from talk given at University of Chicago (January 2009), U.T. Austin (April 2011), MIT CSAIL (October 2013), Boston Children's Hospital (October 2013), Harvard Medical School (February 2014), MongoDB Inc. (October 2016). Also written version of the main section of the talk.
Amit Levy, James Hong, Laurynas Riliskis, Philip Levis, and KW, Beetle: Flexible Communication for Bluetooth Low Energy, MobiSys 2016, Singapore, June 2016.
Amit figured out and implemented a cool way to interpose on Bluetooth Low Energy to allow multiplexing device services to multiple applications at the same time, with fine-grained access control.
Ravi Netravali, Anirudh Sivaraman, Somak Das, Ameesh Goyal, KW, James Mickens, and Hari Balakrishnan, Mahimahi: Accurate Record-and-Replay for HTTP, in USENIX ATC 2015, Santa Clara, Calif., July 2015.
Mahimahi is a series of cascading network emulators, each one modeling one aspect of a network path (delay, independent per-packet loss, autocorrelated loss or intermittency, varying bottlneck link capacity with a specified queue discipline, etc. Each one opens a container and affects processes launched within that container, and the emulators can be nested arbitrarily inside each other to build up a chain of emulated effects. Mahimahi is included in Debian and Ubuntu and has been used in a number of network research studies.
Anirudh Sivaraman, KW, Pratiksha Thaker, and Hari Balakrishnan, An Experimental Study of the Learnability of Congestion Control, in SIGCOMM 2014, Chicago, Ill., August 2014.
Working with my colleagues Anirudh Sivaraman and Pratiksha Thaker, we used the Remy automatic protocol-design program as a tool to investigate the “learnability” of the Internet congestion-control problem: how easy is it to “learn” a network protocol to achieve desired goals, given a necessarily imperfect model of the networks where it will ultimately be deployed?
Anirudh Sivaraman, KW, Pauline Varley, Somak Das, Joshua Ma, Ameesh Goyal, João Batalha, and Hari Balakrishnan, Protocol Design Contests, SIGCOMM Computer Communications Review, July 2014.
We ran an in-class contest to develop a congestion-control algorithm, asking 40 students in a graduate networking class to develop protocols that would outperform Sprout. Spurred on by a live “leaderboard,” the students submitted 3,000 candidate algorithms that mapped a region of realizable throughput-vs.-delay tradeoffs. The winners became co-authors on an article describing the contest and their winning entries.
Working with my colleagues Anirudh Sivaraman and Suvinay Subramanian, we demonstrated bidirectional cyclic preference loops among three popular algorithms that control queueing and scheduling behavior within a packet-switched network. Our thesis: no such scheme can remain dominant as application objectives evolve, so routers and switches should be programmable in this respect.
Remy is a computer program that creates TCP congestion-control algorithms from first principles, given uncertain prior knowledge about the network and an objective to achieve. I used to say that these computer-generated schemes can outperform their human-generated forebears, even ones that benefit from running code inside the network—I should have been equally emphatic that it matters a lot how the designer specifies their assumption and how closely those assumptions are met by the real network. The real contribution here, I think, was in the idea that the design of a CC algorithm can be the product of reinforcement learning: a process where the emphasis is appropriately on the designer's assumptions and goals, and less-so on the mechanism. (Joint work with my advisor, Hari Balakrishnan.)
We showed that on today's cellular networks, with some simple inferential techniques it is possible to achieve 7–9× less delay than Skype, Facetime, and Google Hangout, while achieving 2–4× the throughput of these applications at the same time. We packaged the evaluation into one VM and held a contest for 40 students to try to find a better algorithm on the same conditions. We were able to match the performance of the in-network CoDel algorithm, while operating purely end-to-end. (Joint work with my colleague Anirudh Sivaraman and Hari Balakrishnan.)
On the divergence of Google Flu Trends from the target U.S., French, and Japanese indexes in 2012–2013. Presentation slides (March 14, 2013), delivered at Children's Hospital Informatics Program | Interview 1 | Interview 2 | Radio interview
Mosh: An Interactive Remote Shell for Mobile Clients, in USENIX ATC 2012, Boston, Mass., June 2012.
We built a novel datagram protocol that synchronizes the state of abstract objects over a challenged, mobile network. We used this to implement a replacement for the venerable SSH application that tolerates intermittent connectivity and roaming, and has a predictive local user interface. The program is in wide release with hundreds of thousands of downloads. Joint work with Hari Balakrishnan (research) and with Keegan McAllister, Anders Kaseorg, Quentin Smith, and Richard Tibbetts (software).
We show it is possible to produce reasonable transmission control from first principles and Bayesian inference, when contending only with nonresponsive cross traffic. The workshop paper that eventually became Remy. (Joint work with Hari Balakrishnan.)
This technique allows us to empirically test traditional statistical rules of thumb, like the appropriateness of the chi-square test when E[ n p ] > 5, or the notion that exact tests are unnecessarily conservative. It also allows us to design new tests and intervals that minimize conservatism and ripple. The above graph shows the benefit of applying a “prior” to classical (frequentist) inference. Barnard's test for superiority controls false positives unconditionally (the red line is always below 0.05), but at a cost of conservatism in the region of p=0.35. We find that if we are able to state a region where the parameter is assumed to lie a priori, we can produce a modified hypothesis test with better performance inside that region.
Text Classification by Authorship and Date
English Text Classification by Authorship and Date(class project). The n-grams used by the U.S. Supreme Court evolve quickly enough that it's possible to build a pretty good classifier to identify the year of authorship of an opinion, based only on its four-letter-grams. Other corpora, like the titles used by high-school students in their winning entries to the Westinghouse/Intel science contest, can display some amusing long-term trends. (Joint work with Adam Belay, Mujde Pamuk, and Tucker Sylvestro.)
MIT OpenCourseWare taped my 8-hour Introduction to Copyright Law course, which I taught for the EECS department in MIT's Independent Activities Period of 2006.
qrpff DVD descrambler, written for an IAP seminar at MIT on DVD and the Digital Millennium Copyright Act, joined by DVD-CCA representative David Barr, Harvard Law School's Jonathan Zittrain, and MIT's Hal Abelson. (Joint work with Marc Horowitz.) Eventually, in 2015, the “algorithm” was sold at a charity art auction to benefit the Cooper Hewitt Smithsonian Design Museum. Coverage by CNET | IDG | Wired | The Tech | New Yorker | Wall Street Journal.
In 2000, I took over the job of MIT Infinite Corridor Astronomer from Ken Olum. We later captured the “MIThenge” phenomenon on video and improved the accuracy of the predictions. It turns out most models of atmospheric refraction don't work well within <0.8 degrees of the horizon. Strangely, real astronomers rarely find this to be a big problem...
New frontiers in optical character recognition, recognized by the prestigious Obfuscated Perl Contest.
The first automated linguistic steganography.