Jason Nieh

Jason Nieh
Columbia University | CU · Department of Computer Science

About

176
Publications
44,978
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
5,174
Citations
Citations since 2017
24 Research Items
1241 Citations
2017201820192020202120222023050100150200250
2017201820192020202120222023050100150200250
2017201820192020202120222023050100150200250
2017201820192020202120222023050100150200250

Publications

Publications (176)
Article
Full-text available
The articles in this special section focus on microservices and containers. These services allow an application to be comprised of many independently operating and scalable components, have become a common service paradigm. The ability to construct an application by provisioning these interoperating components has various advantages, including the...
Conference Paper
Full-text available
As smartphones and tablets proliferate, there is a growing demand for multi-mobile computing, the ability to combine multiple mobile systems into more capable ones. We present M2, a system for multi-mobile computing that enables existing unmodified mobile apps to share and combine multiple devices, including cameras, displays, speakers, microphones...
Conference Paper
Full-text available
As smartphones and tablets proliferate, there is a growing demand for multi-mobile computing [1, 2], the ability to combine multiple commodity mobile systems into more capable ones, including using multiple hardware devices such as cameras, displays, speakers, microphones, sensors, GPS, and input. However, the tremendous device, hardware, and softw...
Conference Paper
Full-text available
With the continued proliferation of drones, unmanned aerial vehicles, additional uses for them are growing and the demand for their services is on the rise. We present AnDrone, a drone-as-a-service solution that makes drones accessible in the cloud. AnDrone pairs a cloud service with the first drone virtualization architecture. This enables a physi...
Conference Paper
Full-text available
Email privacy is of crucial importance. Existing email encryption approaches are comprehensive but seldom used due to their complexity and inconvenience. We take a new approach to simplify email encryption and improve its usability by implementing receiver-controlled encryption: newly received messages are transparently downloaded and encrypted to...
Article
ARM servers are becoming increasingly common, making server technologies such as virtualization for ARM of growing importance. We present the first study of ARM virtualization performance on server hardware, including multi-core measurements of two popular ARM and x86 hypervisors, KVM and Xen. We show how ARM hardware support for virtualization can...
Conference Paper
Mobile apps make extensive use of GPUs on smartphones and tablets to access Web content. To support pervasive Web content, we introduce three key OS techniques for binary graphics compatibility necessary to build a real-world system to run iOS and Android apps together on the same smartphone or tablet. First diplomat usage patterns manage resources...
Conference Paper
Full-text available
Nested virtualization, the ability to run a virtual machine inside another virtual machine, is increasingly important because of the need to deploy virtual machines running software stacks on top of virtualized cloud infrastructure. As ARM servers make inroads in cloud infrastructure deployments, supporting nested virtualization on ARM is a key req...
Article
This book focuses on the core question of the necessary architectural support provided by hardware to efficiently run virtual machines, and of the corresponding design of the hypervisors that run them. Virtualization is still possible when the instruction set architecture lacks such support, but the hypervisor remains more complex and must rely on...
Chapter
We now describe in a sequence of three chapters the architectural support for virtualization in x86-64 processors. This architectural support is the combination of innovation in the CPU (Chapter 4), MMU (Chapter 5), and I/O subsystem (Chapter 6).
Chapter
This chapter introduces the basic concepts of virtualization, virtual machines, and virtual machine monitors. This is necessary for clarity as various articles, textbooks, and commercial product descriptions sometimes use conflicting definitions. We use the following definitions in this book.
Chapter
The previous chapters define virtual machines in terms of the three key attributes proposed by Popek and Goldberg—equivalence, safety, and performance—which help us to reason about virtualization from a CPU and MMU perspective. When introducing I/O capabilities to virtual machines, a fourth attribute becomes handy: interposition. The ability to int...
Chapter
In 1974, Gerald Popek and Robert Goldberg published in Communications of the ACM the seminal paper “Formal Requirements for Virtualizable Third-Generation Architectures” that defines the necessary and sufficient formal requirements to ensure that a VMM can be constructed [143]. Precisely, their theorem determines whether a given instruction set arc...
Chapter
Hypervisors must virtualize physical memory, so that each virtual machine has the illusion of managing its own contiguous region of physical memory. Recall the definitions of §1.6: each virtual machine is provided the abstraction of guest-physicalmemory, while the hypervisor manages host-physical memory, the actual underlying physical resource.
Chapter
This chapter presents a comparison of ARM and x86 virtualization performance on multicore server hardware, including measurements of two popular open-source ARM and x86 hypervisors, KVM and Xen. These hypervisors are useful to compare given their popularity and their different design choices. This work is based on a measurement study published in 2...
Chapter
This chapter is about the past. Practitioners who are only interested in understanding how virtualization operates on contemporary hardware and hypervisors may be tempted to skip to Chapter 4.
Chapter
This chapter describes the current, state-of-the-art support for virtualization in modern ARM processors. Much of this work is based on the original paper on KVM/ARM, the Linux kernel virtual machine for ARM [60]. §7.1 first describes the key design principles behind ARM’s virtualization technology. §7.2 describes the approach to CPU virtualization...
Article
Full-text available
ARM servers are becoming increasingly common, making server technologies such as virtualization for ARM of growing importance. We present the first study of ARM virtualization performance on server hardware, including multicore measurements of two popular ARM and x86 hypervisors, KVM and Xen. We show how ARM hardware support for virtualization can...
Conference Paper
Full-text available
The POSIX standard, developed 25 years ago, comprises a set of operating system (OS) abstractions that aid application portability across UNIX-based OSes. While OSes and applications have evolved tremendously over the last 25 years, POSIX, and the basic set of abstractions it provides, has remained largely unchanged. Little has been done to measure...
Patent
Apparatus, systems, and methods can operate to provide efficient data transfer in a peer-to-peer network. A list of peer computers can be accessed and sorted by a data exchange metric. A requester peer is selected by traversing the list from a peer computer with a smallest data exchange metric to a peer computer with a largest data exchange metric...
Article
Full-text available
With the continued proliferation of mobile devices, apps will increasingly become multi-surface, running seamlessly across multiple user devices (e.g., phone, tablet, etc.). Yet general systems support for multi-surface app is limited to (1) screencasting, which relies on a single master device's computing power and battery life or (2) cloud backin...
Article
Full-text available
The growing demand for data-driven features in today's Web applications - such as targeting, recommendations, or predictions - has transformed those applications into complex conglomerates of services operating on each others' data without a coherent, manageable architecture. We present Synapse, an easy-to-use, strong-semantic system for largescale...
Article
Full-text available
Although millions of users download and use third-party Android applications from the Google Play store, little information is known on an aggregated level about these applications. We have built PlayDrone, the first scalable Google Play store crawler, and used it to index and analyze over 1,100,000 applications in the Google Play store on a daily...
Article
As ARM CPUs become increasingly common in mobile devices and servers, there is a growing demand for providing the benefits of virtualization for ARM-based devices. We present our experiences building the Linux ARM hypervisor, KVM/ARM, the first full system ARM virtualization solution that can run unmodified guest operating systems on ARM multicore...
Article
We present Cider, an operating system compatibility architecture that can run applications built for different mobile ecosystems, iOS or Android, together on the same smartphone or tablet. Cider enhances the domestic operating system, Android, of a device with kernel-managed, per-thread personas to mimic the application binary interface of a foreig...
Article
Full-text available
We present Cider, an operating system compatibility architecture that can run applications built for different mobile ecosystems, iOS or Android, together on the same smartphone or tablet. Cider enhances the domestic operating system, Android, of a device with kernel-managed, per-thread personas to mimic the application binary interface of a foreig...
Article
Full-text available
As ARM CPUs become increasingly common in mobile devices and servers, there is a growing demand for providing the benefits of virtualization for ARM-based devices. We present our experiences building the Linux ARM hypervisor, KVM/ARM, the first full system ARM virtualization solution that can run unmodified guest operating systems on ARM multicore...
Conference Paper
Learning about operating systems often involves modifying a large and complex code base. Grading student projects can be difficult and time consuming, yet students often do not learn from their programming errors and struggle to understand core operating system concepts. We present GradeBoard, a code review system designed to simplify grading for i...
Conference Paper
Full-text available
We present Cider, an operating system compatibility architecture that can run applications built for different mobile ecosystems, iOS or Android, together on the same smartphone or tablet. Cider enhances the domestic operating system, Android, of a device with kernel-managed, per-thread personas to mimic the application binary interface of a foreig...
Conference Paper
Full-text available
As ARM CPUs become increasingly common in mobile devices and servers, there is a growing demand for providing the benefits of virtualization for ARM-based devices. We present our experiences building the Linux ARM hypervisor, KVM/ARM, the first full system ARM virtualization solution that can run unmodified guest operating systems on ARM multicore...
Patent
Full-text available
Methods, systems; and media for application fault containment are provided. In accordance with some embodiments, a method for application fault containment is provided, the method comprising: determining a plurality of applications associated with a processing device; isolating each of the plurality of applications into an application container; re...
Patent
Methods, media and systems for responding to a Denial of Service (DoS) attack are provided. In some embodiments, a method includes detecting a DoS attack, migrating one or more processes that provide a service to an unaffected system; authenticating users that are authorized to use the service; and routing traffic generated by authenticated users t...
Article
Full-text available
We present Dora, a mutable record-replay system which allows a recorded execution of an application to be replayed with a modified version of the application. This feature, not available in previous record-replay systems, enables powerful new functionality. In particular, Dora can help reproduce, diagnose, and fix software bugs by replaying a versi...
Conference Paper
We present Dora, a mutable record-replay system which allows a recorded execution of an application to be replayed with a modified version of the application. This feature, not available in previous record-replay systems, enables powerful new functionality. In particular, Dora can help reproduce, diagnose, and fix software bugs by replaying a versi...
Article
Full-text available
Clouds commonly store Virtual Machine (VM) images on networked storage. This poses a serious potential scalability bottleneck as launching a single fresh VM instance requires, at minimum, several hundred MB of network reads. As this bottleneck occurs most severely during read-intensive launching of new VMs, we focus on scalably minimizing time to b...
Article
As more and more information is designed for human visual consumption through computer displays, the need to capture and process display-centric content is becoming increasingly important, especially for visually impaired users. We present Capture, a novel display-centric text recorder that facilitates real-time access to onscreen text and its stru...
Article
Full-text available
Peer-to-peer file-sharing applications suffer from a fundamental problem of unfairness. Free-riders cause slower download times for others by contributing little or no upload bandwidth while consuming much download bandwidth. Previous attempts to address this fair bandwidth allocation problem suffer from slow peer discovery, inaccurate predictions...
Article
Full-text available
Smartphones are increasingly ubiquitous, and many users carry multiple phones to accommodate work, personal, and geographic mobility needs. We present Cells, a virtualization architecture for enabling multiple virtual smartphones to run simultaneously on the same physical cellphone in an isolated, secure manner. Cells introduces a usage model of ha...
Article
Full-text available
The computing landscape is shifting towards mobile devices. To learn about operating systems, it is increasingly important for students to gain hands-on kernel programming experience in these environments, which are quite different from traditional desktops and servers. We present our work at Columbia University to teach operating systems using And...
Article
Full-text available
The problem of managing computers is growing in com- plexity due to the increasing amount of physical and virtual computers that one has to administer as well as the varying roles that those computers fill. As each machine is effec- tively fully independent, the amount of work an administra- tor does scales linearly with the amount of machines. In...
Conference Paper
Full-text available
Smartphones are increasingly ubiquitous, and many users carry multiple phones to accommodate work, personal, and geographic mobility needs. We present Cells, a virtualization architecture for enabling multiple virtual smartphones to run simultaneously on the same physical cellphone in an isolated, secure manner. Cells introduces a usage model of ha...
Conference Paper
Full-text available
Process races occur when multiple processes access shared operating system resources, such as files, without proper synchronization. We present the first study of real process races and the first system designed to detect them. Our study of hundreds of applications shows that process races are numerous, difficult to debug, and a real threat to reli...
Conference Paper
While thread races have drawn huge attention from the research community, little has been done for process races, where multiple--possibly sequential--processes access a shared resource, such as a file, without proper synchronization. We present a preliminary study of real process races and show that they are numerous, dangerous, and difficult to d...
Article
Full-text available
VoIP (Voice over IP) services are using the Internet infras-tructure to enable new forms of communication and collab-oration. A growing number of VoIP service providers such as Skype, Vonage, Broadvoice, as well as many cable ser-vices are using the Internet to offer telephone services at much lower costs. However, VoIP services rely on the user's...
Article
Full-text available
P2P file-sharing has been recognized as a powerful and effi-cient distribution model due to its ability to leverage users' upload bandwidth. However, companies that sell digital con-tent on-line are hesitant to rely on P2P models for paid con-tent distribution due to the free file-sharing inherent in P2P models. In this paper we present Aequitas, a...
Article
Full-text available
Linux has emerged as a widely-used platform for enabling hands-on kernel programming experience to learn about op-erating system concepts. However, developing pedagogically-effective programming projects in the context of a complex, production operating system can be a challenge. We present a structured series of five Linux kernel programming proje...
Conference Paper
Full-text available
Software bugs that occur in production are often difficult to reproduce in the lab due to subtle differences in the application environment and nondeterminism. To address this problem, we present Transplay, a system that captures production software bugs into small per-bug recordings which are used to reproduce the bugs on a completely different op...
Article
Full-text available
As ARM CPUs grow in performance and ubiquity across phones, netbooks, and embedded computers, pro-viding virtualization support for ARM-based devices is increasingly important. We present KVM/ARM, a KVM-based virtualization solution for ARM-based de-vices that can run virtual machines with nearly unmod-ified operating systems. Because ARM is not vi...
Conference Paper
Virtual Appliances (VAs) are Virtual Machines (VMs) geared towards a specific set of tasks. They require little or no configuration, working out-of-the-box. VAs fit neatly into the Cloud Computing paradigm - many copies of an identical machine can be launched in a data center, or home/business users can grab the appliance they need from the cloud t...
Conference Paper
Full-text available
We present Scribe, the first system to provide transparent, low-overhead application record-replay and the ability to go live from replayed execution. Scribe introduces new lightweight operating system mechanisms, rendezvous and sync points, to efficiently record nondeterministic interactions such as related system calls, signals, and shared memory...
Conference Paper
Full-text available
We present RSIO, a processor scheduling framework for improving the response time of latency-sensitive applications by monitoring accesses to I/O channels and inferring when user interactions occur. RSIO automatically identifies processes involved in a user interaction and boosts their priorities at the time the interaction occurs to improve system...
Article
We present MediaPod, a portable system that allows mobile users to maintain the same persistent, personalized multimedia desktop environment on any available computer. Regardless of which computer is being used, MediaPod provides a consistent multimedia desktop session, maintaining all of a user's applications, documents and configuration settings....
Conference Paper
Full-text available
Operating system (OS) virtualization can provide a number of important benefits, including transparent migration of applications, server consolidation, online OS maintenance, and enhanced system security. However, the construction of such a system presents a myriad of challenges, even for the most cautious developer, that if overlooked may result i...
Conference Paper
Full-text available
Students learn more through hands-on project experience for computer science courses such as operating systems, but pro- viding the infrastructure support for a large class to learn by doing can be hard. To address this issue, we introduce a new approach to managing and grading operating system home- work assignments based on virtual appliances, a...
Article
Full-text available
A system virtual machine is a software implementation of a real computer that can execute unmodified applications and an operating system. This issue contains articles and interviews that explore virtual machine use in pervasive computing.
Article
Full-text available
We present GamePod, a portable system that enables mo-bile users to use the same persistent, gaming environment on any available computer. No matter what computer is being used, GamePod provides a consistent gaming en-vironment, maintaining all of a user's games, including active game state. This is achieved by leveraging rapid improvements in capa...
Conference Paper
Full-text available
While peer-to-peer (P2P) file-sharing is a powerful and cost-effective content distribution model, most paid-for digital-content providers (CPs) use direct download to deliver their content. CPs are hesitant to rely on a P2P distribution model because it introduces a number of security concerns including content pollution by malicious peers, and la...
Conference Paper
Full-text available
Developing CPU scheduling algorithms and understanding their impact in practice can be difficult and time consuming due to the need to modify and test operating system kernel code and measure the resulting performance on a consistent workload of real applications. To address this problem, we have developed WARP, a trace-driven virtualized scheduler...
Conference Paper
Full-text available
Software failures in server applications are a significant problem for preserving system availability. We present ASSURE, a system that introduces rescue points that recover software from unknown faults while maintaining both system integrity and availability, by mimicking system behavior under known error conditions. Rescue points are locations in...
Conference Paper
Software failures in server applications are a significant problem for preserving system availability. We present ASSURE, a system that introduces rescue points that recover software from unknown faults while maintaining both system integrity and availability, by mimicking system behavior under known error conditions. Rescue points are locations in...
Conference Paper
Full-text available
Modern computing systems are complex and difficult to administer, making them more prone to system administration faults. Faults can occur simply due to mistakes in the process of administering a complex system. These mistakes can make the system insecure or unavailable. Faults can also occur due to a malicious act of the system administrator. Syst...
Conference Paper
Full-text available
The lack of fair bandwidth allocation in Peer-to-Peer systems causes many performance problems, includ- ing users being disincentivized from contributing upload bandwidth, free riders taking as much from the system as possible while contributing as little as possible, and a lack of quality-of-service guarantees to support stream- ing applications....
Conference Paper
Full-text available
We present MediaPod, a portable system that al- lows mobile users to maintain the same persistent, personalized multimedia desktop environment on any available computer. Regardless of which computer is being used, MediaPod pro- vides a consistent multimedia desktop session, maintaining all of a user's applications, documents and configuration setti...
Article
Full-text available
Software bugs that occur in production are often dif-ficult to reproduce in the lab due to subtle differ-ences in the application environment and nondeter-minism. Toward addressing this problem, we present Transplay, a system that captures application soft-ware bugs as they occur in production and deter-ministically reproduces them in a completely...
Article
Full-text available
Desktop computers are often compromised by the interaction of untrusted data and buggy software. To address this problem, we present Apiary, a system that transparently contains application faults while retaining the usage metaphors of a traditional desktop environment. Apiary accomplishes this with three key mechanisms. It isolates applications in...
Article
Full-text available
The objective of the study was to develop and implement an architecture for remote training that can be used in the narrowband home telemedicine environment. A remote training architecture, the REmote Patient Education in a Telemedicine Environment (REPETE) architecture, using a remote control protocol (RCP) was developed. A set of design criteria...
Article
Full-text available
Operating system upgrades and patches sometimes break applications that worked fine on the older version. We present an autonomic approach to testing of OS updates while minimizing downtime, usable without local regression suites or IT expertise. Deux utilizes a dual-layer virtual machine architecture, with lightweight application process checkpoin...
Article
As users interact with the world and their peers through their computers, it is becoming important to archive and later search the information that they have viewed . We present DejaView, a personal virtual computer recorder that provides a complete record of a desktop computing experience that a user can playback, browse, search, and revive seamle...
Conference Paper
Full-text available
We present a new technique that enables software recovery in legacy applications by retrofitting exception-handling capabilities, error virtualization using rescue points. We introduce the idea of "rescue points" as program locations to which an application can recover its execution in the presence of failures. The use of rescue points reduces the...
Article
Full-text available
As the availability of home broadband increases, there is an increasing need for a broadband-based home telemedicine architecture. A home tele-medicine architecture supporting broadband and remote training is presented.
Conference Paper
Full-text available
The ability to checkpoint a running application and restart it later can provide many useful benefits including fault recovery, advanced resources sharing, dynamic load bal- ancing and improved service availability. However, appli- cations often involve multiple processes which have de- pendencies through the operating system. We present a transpar...