Arvind Krishnamurthy

High-Performance Transactional Storage

Transactional Application Protocol for Inconsistent Replication, or TAPIR, is a new protocol for linearizable distributed transactions built atop a new replication protocol that provides no consistency guarantees. TAPIR eliminates expensive coordination from the replication layer, yet provides the same transaction model and consistency semantics as existing transactional storage systems (e.g., Google's Spanner). It can commit transactions in a single round-trip, greatly improving both latency and throughput relative to existing systems.

Co-Designing Data Center Networks and Distributed Systems

Distributed systems are traditionally designed independently from the underlying network, making worst-case assumptions about its behavior. Such an approach is well-suited for the Internet, where one cannot predict what paths messages might take or what might happen to them along the way. However, many distributed applications are today deployed in data centers, where the network is more reliable, predictable, and extensible. We argue that in these environments, it is possible to co-design distributed systems with their network layer, and doing so can offer substantial benefits.

Sapphire: Designing new operating system abstractions for mobile/cloud applications

Mobile/cloud applications are distributed over users' mobile devices and across back-end cloud servers around the world. As a consequence, application programmers now face deployment decisions that were visible only to designers of large-scale distributed systems in the past. These decisions include where data and computation should be located, what data should be replicated or cached and what data consistency level is needed. We are working on how to separate deployment from applications, while still giving application programmers control over performance trade-offs in the Sapphire project.

Arrakis: The Operating System is the Control Plane

Arrakis is a new operating system that is designed around recent application and hardware trends: Applications are becoming so complex that they are miniature operating systems in their own right and are hampered by the existing OS protection model. On the hardware side, virtualization technologies and I/O devices have become increasingly sophisticated and take on more and more functions traditionally carried out by the operating system.

Distributed storage systems

We are pushing the limits of today’s distributed storage systems on several fronts. Scatter, a scalable peer-to-peer key-value storage system, preserves serializable consistency even under adverse conditions. Comet is a distributed key-value store that lets clients inject snippets of code into storage elements, creating an active key-value store that greatly increases the power and range of applications that use distributed storage applications. Faculty: Anderson, Kohno, Krishnamurthy, Levy.


uProxy is a browser extension that lets users share alternative more secure routes to the Internet. It's like a personalised VPN service that you set up for yourself and your friends. uProxy helps users protect each other from third parties who may try to watch, block, or redirect users’ Internet connections.

BotLab: a Real-Time Botnet Monitoring Platform

BotLab is a platform that continually monitors and analyzes the behavior of spam-oriented botnets. BoLab gathers multiple real-time streams of information about botnets taken from distinct perspectives. By combining and analyzing these streams, BoLab can produce accurate, timely, and comprehensive data about spam botnet behavior.

Privacy-preserving data sharing

Increasing interconnectivity and data sharing can compromise data security and privacy. OneSwarm is a peer-to-peer tool that provides users with explicit control over data privcy by letting them determine how data is to be shared. Instead of sharing data indiscriminately, data shared with OneSwarm can be made public, shared with friends, shared with some friends but not others, and so forth -- an approach we termed friend-to-friend (F2F) data sharing. Faculty: Anderson, Krishnamurthy.

Reverse Traceroute

Traceroute has long had a fundamental limitation that affects all these applications: it does not provide reverse path information. In this project, we address this longstanding limitation by building a reverse traceroute tool. Our tool provides the same information as traceroute, but for the reverse path, and it works in the same case as traceroute, when the user may lack control of the destination.

Seattle: the Internet as a Testbed

Seattle is a platform for networking and distributed systems research. It's free, community-driven, and offers a large deployment of computers spread across the world. Seattle works by operating on resources donated by users and institutions. The global distribution of the Seattle network provides the ability to use it in application contexts that include cloud computing, p2p, ubiquitous/mobile computing, distributed systems.

Synoptic: Studying Logged Behavior with Inferred Models

Computer systems are often difficult to understand and debug. A common way of gaining insight into a system's behavior is to inspect execution logs. Unfortunately, manual inspection of logs is an arduous process. We have developed a tool called Synoptic that helps developers by inferring a concise and accurate system model, in the form of a finite state machine, from execution logs. Synoptic processes the logs that most systems already produce, and it requires developers only to specify a set of regular expressions for parsing the logs. Synoptic models have been used to find new bugs, increase developer confidence in the correctness of their code, and help developers better understand their programs.

iPlane: Information Plane for Distributed Services

iPlane is a scalable service providing accurate predictions of Internet path performance for emerging overlay services. Unlike the more common black box latency prediction techniques in use today, iPlane builds a structural model of the Internet. We construct an annotated map of the Internet and predict end-to-end performance by composing measured performance of segments of known Internet paths.