Phillipa Gill
Phillipa Gill is a research scientist at Google where she works on computer networking and network measurement. Prior to joining Google she was an associate professor in the Computer Science Department at the University of Massachusetts -- Amherst. Her work focuses on many aspects of computer networking and security with a focus on designing novel network measurement techniques to improve the security and reliability of networks.
Research Areas
Authored Publications
Sort By
CAPA: An Architecture For Operating Cluster Networks With High Availability
Bingzhe Liu
Mukarram Tariq
Omid Alipourfard
Rich Alimi
Deepak Arulkannan
Virginia Beauregard
Patrick Conner
Brighten Godfrey
Xander Lin
Mayur Patel
Joon Ong
Amr Sabaa
Alex Smirnov
Manish Verma
Prerepa Viswanadham
Google, Google, 1600 Amphitheatre Pkwy, Mountain View, CA 94043 (2023)
Preview abstract
Management operations are a major source of outages for networks. A number of best practices designed to reduce and mitigate such outages are well known, but their enforcement has been challenging, leaving the network vulnerable to inadvertent mistakes and gaps which repeatedly result in outages. We present our experiences with CAPA, Google’s “containment and prevention architecture” for regulating management operations on our cluster networking fleet. Our goal with CAPA is to limit the systems where strict adherence to best practices is required, so that availability of the network is not dependent on the good intentions of every engineer and operator. We enumerate the features of CAPA which we have found to be necessary to effectively enforce best practices within a thin “regulation“ layer. We evaluate CAPA based on case studies of outages prevented, counterfactual analysis of past incidents, and known limitations. Management-plane-related outages have substantially reduced both in frequency and severity, with a 82% reduction in cumulative duration of incidents normalized to fleet size over five years
View details
Improving Network Availability with Protective ReRoute
Abdul Kabbani
Van Jacobson
Jim Winget
Brad Morrey
Uma Parthavi Moravapalle
Steven Knight
SIGCOMM 2023
Preview abstract
We present PRR (Protective ReRoute), a transport technique for shortening user-visible outages that complements routing repair. It can be added to any transport to provide benefits in multipath networks. PRR responds to flow connectivity failure signals, e.g., retransmission timeouts, by changing the FlowLabel on packets of the flow, which causes switches and hosts to choose a different network path that may avoid the outage. To enable it, we shifted our IPv6 network architecture to use the FlowLabel, so that hosts can change the paths of their flows without application involvement. PRR is deployed fleetwide at Google for TCP and Pony Express, where it has been protecting all production traffic for several years. It is also available to our Cloud customers. We find it highly effective for real outages. In a measurement study on our network backbones, adding PRR reduced the cumulative region-pair outage time for RPC traffic by 63--84%. This is the equivalent of adding 0.4--0.8 "nines'" of availability.
View details
The Prevalence of Domain Name Encryption and its Impact on Internet Filtering
Michalis Polychronakis
Phong Nguyen
Passive and Active Measurement Conference (PAM), ACM (2022) (to appear)
Preview abstract
Most online communications rely on DNS to map domain names to their hosting IP
address(es). Previous work has shown that DNS-based network interference is
widespread due to the unencrypted and unauthenticated nature of the original
DNS protocol.
In addition to DNS, accessed domain names can also be monitored by on-path
observers during the TLS handshake when the SNI extension is used. These
lingering issues with exposed plaintext domain names have led to the
development of a new generation of protocols that keep accessed domain names
hidden. DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH) hide the domain names of
DNS queries, while Encrypted Server Name Indication (ESNI) encrypts the domain
name in the SNI extension.
In this paper we present DNEye, a measurement system built on top of a
network of distributed vantage points, which we used to study the
accessibility of DoT/DoH and ESNI, and to investigate whether these protocols
are tampered with by network providers (e.g., for censorship). Moreover, we
evaluate the efficacy of these new protocols in circumventing network
interference when accessing content that is blocked by traditional DNS
manipulation. We find evidence of blocking efforts against domain name
encryption technologies in several countries, including China, Russia, and
Saudi Arabia. At the same time, we discover that domain name encryption can
help with unblocking more than 55\% and 95\% of censored domains in China and
other countries where DNS-based filtering is heavily employed.
View details
M-Lab: User initiated Internet data for the research community
Lai Yi Ohlsen
Matt Mathis
ACM SIGCOMM Computer Communication Review (2022) (to appear)
Preview abstract
Measurement Lab (M-Lab) is an open, distributed server platform on which researchers can deploy measurement tools. Its mission is to measure the Internet, save the data and make it universally accessible and useful. This paper serves as an update on the M-Lab platform 10+ years after its initial introduction to the research community. This paper details the current state of the M-Lab distributed platform, highlights existing measurements/data available on the platform, and describes opportunities for further engagement between the networking research community and the platform.
View details
Data-driven Networking Research: models for academic collaboration with Industry (a Google point of view)
Computer Communication Review, 51:4 (2021), pp. 47-49
Preview abstract
We (Google's networking teams) would like to increase our collaborations with academic researchers related to data-driven networking research.
There are some significant constraints on our ability to directly share data, and in case not everyone in the community understands these, this document provides a brief summary.
There are some models which can work (primarily, interns and visiting scientists).
We describe some specific areas where we would welcome proposals to work within those models
View details