Computer Science Ph.D. alumnus Siva Kakarla has won a 2023 Applied Networking Research Prize from the Internet Research Task Force (IRTF). The award is given each year ”to recognize the best recent results in applied networking, interesting new research ideas of potential relevance to the Internet standards community, and upcoming people that are likely to have an impact on Internet standards and technologies.” Awardees receive a $1000 cash prize and give an invited talk at the IRTF Open Meeting.
Kakarla was selected for his research on validating the correctness of the Domain Name System (DNS), which is the global network protocol that translates user-friendly names like www.ucla.edu into IP addresses like 188.8.131.52 required by internet protocols. Specifically, Kakarla was selected for his paper ”SCALE: Automatically Finding RFC Compliance Bugs in DNS Nameservers,’‘ which appeared in the top-tier NSDI 2022 conference and is a joint work with Ryan Beckett from Microsoft Research as well as Siva’s UCLA Ph.D. co-advisors Professors Todd Millstein and George Varghese. “Siva is very well deserving of this recognition from the Internet research community. His work addresses a critical need, does so in a creative and principled way, and yields a practical tool that really works,” said Millstein, chair of the UCLA Computer Science department.
Errors in the DNS are common, and, due to its global nature, these errors can lead to widespread Internet outages. In their NSDI 2022 paper, Kakarla and colleagues introduced a technique to automatically generate tests for DNS nameservers, which are the pieces of software that translate domain names into IP addresses. Unlike prior testing approaches, their work is distinguished by the ability to systematically test a wide variety of DNS behaviors. They built a tool called Ferret based on their approach and used it to test eight open-source DNS implementations. Ferret identified 30 new unique errors, including at least one error in every implementation. Many of these errors existed in even the most popular DNS implementations, including a new critical vulnerability in the widely used BIND DNS implementation that attackers could easily exploit to crash the DNS system remotely. The BIND developers subsequently fixed this error and reported it as a high-severity security vulnerability.
Kakarla received his Ph.D. from UCLA in 2022. He is now a Senior Researcher at Microsoft Research in Redmond, WA.