Jawad Said Saidi

Said Jawad Saidi

Address
Max-Planck-Institut für Informatik
Saarland Informatics Campus
Campus E1 4
66123 Saarbrücken
Location
E1 4 - 516
Phone
+49 681 9325 3516
Fax
+49 681 9325 3599

Personal Information

Apart from being a dad, I spend my free time on: 

  • Reading articles on foreign policy and economy
  • Taking online courses   
  • Watching movies, and series
  • Cooking
  • Going for long walks and occasional hiking
  • Loads of side projects

Publications

2020
Saidi, S. J., Mandalari, A. M., Kolcun, R., Haddadi, H., Dubois, D. J., Choffnes, D., … Feldmann, A. (2020). A Haystack Full of Needles: Scalable Detection of IoT Devices in the Wild. In IMC’20, 20th ACM Internet Measurement Conference. Virtual Event, USA: ACM. doi:10.1145/3419394.3423650
Export
BibTeX
@inproceedings{Saidi_IMC2020, TITLE = {A Haystack Full of Needles: {Scalable} Detection of {IoT} Devices in the Wild}, AUTHOR = {Saidi, Said Jawad and Mandalari, Anna Maria and Kolcun, Roman and Haddadi, Hamed and Dubois, Daniel J. and Choffnes, David and Smaragdakis, Georgios and Feldmann, Anja}, LANGUAGE = {eng}, ISBN = {9-781-4503-8138-3}, DOI = {10.1145/3419394.3423650}, PUBLISHER = {ACM}, YEAR = {2020}, MARGINALMARK = {$\bullet$}, DATE = {2020}, BOOKTITLE = {IMC'20, 20th ACM Internet Measurement Conference}, PAGES = {87--100}, ADDRESS = {Virtual Event, USA}, }
Endnote
%0 Conference Proceedings %A Saidi, Said Jawad %A Mandalari, Anna Maria %A Kolcun, Roman %A Haddadi, Hamed %A Dubois, Daniel J. %A Choffnes, David %A Smaragdakis, Georgios %A Feldmann, Anja %+ Internet Architecture, MPI for Informatics, Max Planck Society External Organizations External Organizations External Organizations External Organizations External Organizations Internet Architecture, MPI for Informatics, Max Planck Society Internet Architecture, MPI for Informatics, Max Planck Society %T A Haystack Full of Needles: Scalable Detection of IoT Devices in the Wild : %G eng %U http://hdl.handle.net/21.11116/0000-0007-72B5-C %R 10.1145/3419394.3423650 %D 2020 %B 20th ACM Internet Measurement Conference %Z date of event: 2020-10-27 - 2020-10-29 %C Virtual Event, USA %B IMC'20 %P 87 - 100 %I ACM %@ 9-781-4503-8138-3 %U https://dl.acm.org/doi/10.1145/3419394.3423650
Saidi, S. J., Maghsoudlou, A., Foucard, D., Smaragdakis, G., Poese, I., & Feldmann, A. (2020a). Exploring Network-Wide Flow Data with Flowyager. IEEE Transactions on Network and Service Management, 17(4). doi:10.1109/TNSM.2020.3034278
Export
BibTeX
@article{Saidi_10.1109/TNSM.2020.3034278, TITLE = {Exploring Network-Wide Flow Data with {Flowyager}}, AUTHOR = {Saidi, Said Jawad and Maghsoudlou, Aniss and Foucard, Damien and Smaragdakis, Georgios and Poese, Ingmar and Feldmann, Anja}, LANGUAGE = {eng}, ISSN = {1932-4537}, DOI = {10.1109/TNSM.2020.3034278}, PUBLISHER = {IEEE}, ADDRESS = {Piscataway, NJ}, YEAR = {2020}, MARGINALMARK = {$\bullet$}, DATE = {2020}, JOURNAL = {IEEE Transactions on Network and Service Management}, VOLUME = {17}, NUMBER = {4}, PAGES = {1988--2006}, }
Endnote
%0 Journal Article %A Saidi, Said Jawad %A Maghsoudlou, Aniss %A Foucard, Damien %A Smaragdakis, Georgios %A Poese, Ingmar %A Feldmann, Anja %+ Internet Architecture, MPI for Informatics, Max Planck Society Internet Architecture, MPI for Informatics, Max Planck Society External Organizations Internet Architecture, MPI for Informatics, Max Planck Society External Organizations Internet Architecture, MPI for Informatics, Max Planck Society %T Exploring Network-Wide Flow Data with Flowyager : %G eng %U http://hdl.handle.net/21.11116/0000-0007-7295-0 %R 10.1109/TNSM.2020.3034278 %7 2020 %D 2020 %J IEEE Transactions on Network and Service Management %V 17 %N 4 %& 1988 %P 1988 - 2006 %I IEEE %C Piscataway, NJ %@ false
Saidi, S. J., Maghsoudlou, A., Foucard, D., Smaragdakis, G., Poese, I., & Feldmann, A. (2020b). Exploring Network-Wide Flow Data with Flowyager. Retrieved from https://arxiv.org/abs/2010.13120
(arXiv: 2010.13120)
Abstract
Many network operations, ranging from attack investigation and mitigation to traffic management, require answering network-wide flow queries in seconds. Although flow records are collected at each router, using available traffic capture utilities, querying the resulting datasets from hundreds of routers across sites and over time, remains a significant challenge due to the sheer traffic volume and distributed nature of flow records. In this paper, we investigate how to improve the response time for a priori unknown network-wide queries. We present Flowyager, a system that is built on top of existing traffic capture utilities. Flowyager generates and analyzes tree data structures, that we call Flowtrees, which are succinct summaries of the raw flow data available by capture utilities. Flowtrees are self-adjusted data structures that drastically reduce space and transfer requirements, by 75% to 95%, compared to raw flow records. Flowyager manages the storage and transfers of Flowtrees, supports Flowtree operators, and provides a structured query language for answering flow queries across sites and time periods. By deploying a Flowyager prototype at both a large Internet Exchange Point and a Tier-1 Internet Service Provider, we showcase its capabilities for networks with hundreds of router interfaces. Our results show that the query response time can be reduced by an order of magnitude when compared with alternative data analytics platforms. Thus, Flowyager enables interactive network-wide queries and offers unprecedented drill-down capabilities to, e.g., identify DDoS culprits, pinpoint the involved sites, and determine the length of the attack.
Export
BibTeX
@online{Saidi_arXiv2010.13120, TITLE = {Exploring Network-Wide Flow Data with Flowyager}, AUTHOR = {Saidi, Said Jawad and Maghsoudlou, Aniss and Foucard, Damien and Smaragdakis, Georgios and Poese, Ingmar and Feldmann, Anja}, LANGUAGE = {eng}, URL = {https://arxiv.org/abs/2010.13120}, EPRINT = {2010.13120}, EPRINTTYPE = {arXiv}, YEAR = {2020}, MARGINALMARK = {$\bullet$}, ABSTRACT = {Many network operations, ranging from attack investigation and mitigation to traffic management, require answering network-wide flow queries in seconds. Although flow records are collected at each router, using available traffic capture utilities, querying the resulting datasets from hundreds of routers across sites and over time, remains a significant challenge due to the sheer traffic volume and distributed nature of flow records. In this paper, we investigate how to improve the response time for a priori unknown network-wide queries. We present Flowyager, a system that is built on top of existing traffic capture utilities. Flowyager generates and analyzes tree data structures, that we call Flowtrees, which are succinct summaries of the raw flow data available by capture utilities. Flowtrees are self-adjusted data structures that drastically reduce space and transfer requirements, by 75% to 95%, compared to raw flow records. Flowyager manages the storage and transfers of Flowtrees, supports Flowtree operators, and provides a structured query language for answering flow queries across sites and time periods. By deploying a Flowyager prototype at both a large Internet Exchange Point and a Tier-1 Internet Service Provider, we showcase its capabilities for networks with hundreds of router interfaces. Our results show that the query response time can be reduced by an order of magnitude when compared with alternative data analytics platforms. Thus, Flowyager enables interactive network-wide queries and offers unprecedented drill-down capabilities to, e.g., identify DDoS culprits, pinpoint the involved sites, and determine the length of the attack.}, }
Endnote
%0 Report %A Saidi, Said Jawad %A Maghsoudlou, Aniss %A Foucard, Damien %A Smaragdakis, Georgios %A Poese, Ingmar %A Feldmann, Anja %+ Internet Architecture, MPI for Informatics, Max Planck Society Internet Architecture, MPI for Informatics, Max Planck Society External Organizations Internet Architecture, MPI for Informatics, Max Planck Society External Organizations Internet Architecture, MPI for Informatics, Max Planck Society %T Exploring Network-Wide Flow Data with Flowyager : %G eng %U http://hdl.handle.net/21.11116/0000-0007-8562-4 %U https://arxiv.org/abs/2010.13120 %D 2020 %X Many network operations, ranging from attack investigation and mitigation to traffic management, require answering network-wide flow queries in seconds. Although flow records are collected at each router, using available traffic capture utilities, querying the resulting datasets from hundreds of routers across sites and over time, remains a significant challenge due to the sheer traffic volume and distributed nature of flow records. In this paper, we investigate how to improve the response time for a priori unknown network-wide queries. We present Flowyager, a system that is built on top of existing traffic capture utilities. Flowyager generates and analyzes tree data structures, that we call Flowtrees, which are succinct summaries of the raw flow data available by capture utilities. Flowtrees are self-adjusted data structures that drastically reduce space and transfer requirements, by 75% to 95%, compared to raw flow records. Flowyager manages the storage and transfers of Flowtrees, supports Flowtree operators, and provides a structured query language for answering flow queries across sites and time periods. By deploying a Flowyager prototype at both a large Internet Exchange Point and a Tier-1 Internet Service Provider, we showcase its capabilities for networks with hundreds of router interfaces. Our results show that the query response time can be reduced by an order of magnitude when compared with alternative data analytics platforms. Thus, Flowyager enables interactive network-wide queries and offers unprecedented drill-down capabilities to, e.g., identify DDoS culprits, pinpoint the involved sites, and determine the length of the attack. %K Computer Science, Networking and Internet Architecture, cs.NI
2019
Shukla, A., Saidi, S. J., Schmid, S., Canini, M., Zinner, T., & Feldmann, A. (2019a). Towards Consistent SDNs: A Case for Network State Fuzzing. IEEE Transactions on Network and Service Management, 17(2). doi:10.1109/TNSM.2019.2955790
Export
BibTeX
@article{Shukla_2019, TITLE = {Towards Consistent {SDNs}: {A} Case for Network State Fuzzing}, AUTHOR = {Shukla, Apoorv and Saidi, Said Jawad and Schmid, Stefan and Canini, Marco and Zinner, Thomas and Feldmann, Anja}, LANGUAGE = {eng}, ISSN = {1932-4537}, DOI = {10.1109/TNSM.2019.2955790}, PUBLISHER = {IEEE}, ADDRESS = {Piscataway, NJ}, YEAR = {2019}, MARGINALMARK = {$\bullet$}, JOURNAL = {IEEE Transactions on Network and Service Management}, VOLUME = {17}, NUMBER = {2}, PAGES = {668--681}, }
Endnote
%0 Journal Article %A Shukla, Apoorv %A Saidi, Said Jawad %A Schmid, Stefan %A Canini, Marco %A Zinner, Thomas %A Feldmann, Anja %+ External Organizations Internet Architecture, MPI for Informatics, Max Planck Society External Organizations External Organizations External Organizations Internet Architecture, MPI for Informatics, Max Planck Society %T Towards Consistent SDNs: A Case for Network State Fuzzing : %G eng %U http://hdl.handle.net/21.11116/0000-0005-492A-B %R 10.1109/TNSM.2019.2955790 %7 2019 %D 2019 %J IEEE Transactions on Network and Service Management %V 17 %N 2 %& 668 %P 668 - 681 %I IEEE %C Piscataway, NJ %@ false
Shukla, A., Saidi, S. J., Schmid, S., Canini, M., Zinner, T., & Feldmann, A. (2019b). Consistent SDNs through Network State Fuzzing. Retrieved from http://arxiv.org/abs/1904.08977
(arXiv: 1904.08977)
Abstract
The conventional wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Nevertheless, bugs, misconfigurations, faults or attacks can introduce inconsistencies that undermine correct operation. Previous work in this area, however, lacks a holistic methodology to tackle this problem and thus, addresses only certain parts of the problem. Yet, the consistency of the overall system is only as good as its least consistent part. Motivated by an analogy of network consistency checking with program testing, we propose to add active probe-based network state fuzzing to our consistency check repertoire. Hereby, our system, PAZZ, combines production traffic with active probes to continuously test if the actual forwarding path and decision elements (on the data plane) correspond to the expected ones (on the control plane). Our insight is that active traffic covers the inconsistency cases beyond the ones identified by passive traffic. PAZZ prototype was built and evaluated on topologies of varying scale and complexity. Our results show that PAZZ requires minimal network resources to detect persistent data plane faults through fuzzing and localize them quickly.
Export
BibTeX
@online{Shukla_arXiv1904.08977, TITLE = {Consistent {SDNs} through Network State Fuzzing}, AUTHOR = {Shukla, Apoorv and Saidi, Said Jawad and Schmid, Stefan and Canini, Marco and Zinner, Thomas and Feldmann, Anja}, LANGUAGE = {eng}, URL = {http://arxiv.org/abs/1904.08977}, EPRINT = {1904.08977}, EPRINTTYPE = {arXiv}, YEAR = {2019}, MARGINALMARK = {$\bullet$}, ABSTRACT = {The conventional wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Nevertheless, bugs, misconfigurations, faults or attacks can introduce inconsistencies that undermine correct operation. Previous work in this area, however, lacks a holistic methodology to tackle this problem and thus, addresses only certain parts of the problem. Yet, the consistency of the overall system is only as good as its least consistent part. Motivated by an analogy of network consistency checking with program testing, we propose to add active probe-based network state fuzzing to our consistency check repertoire. Hereby, our system, PAZZ, combines production traffic with active probes to continuously test if the actual forwarding path and decision elements (on the data plane) correspond to the expected ones (on the control plane). Our insight is that active traffic covers the inconsistency cases beyond the ones identified by passive traffic. PAZZ prototype was built and evaluated on topologies of varying scale and complexity. Our results show that PAZZ requires minimal network resources to detect persistent data plane faults through fuzzing and localize them quickly.}, }
Endnote
%0 Report %A Shukla, Apoorv %A Saidi, Said Jawad %A Schmid, Stefan %A Canini, Marco %A Zinner, Thomas %A Feldmann, Anja %+ External Organizations Internet Architecture, MPI for Informatics, Max Planck Society External Organizations External Organizations External Organizations Internet Architecture, MPI for Informatics, Max Planck Society %T Consistent SDNs through Network State Fuzzing : %G eng %U http://hdl.handle.net/21.11116/0000-0003-F027-2 %U http://arxiv.org/abs/1904.08977 %D 2019 %X The conventional wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Nevertheless, bugs, misconfigurations, faults or attacks can introduce inconsistencies that undermine correct operation. Previous work in this area, however, lacks a holistic methodology to tackle this problem and thus, addresses only certain parts of the problem. Yet, the consistency of the overall system is only as good as its least consistent part. Motivated by an analogy of network consistency checking with program testing, we propose to add active probe-based network state fuzzing to our consistency check repertoire. Hereby, our system, PAZZ, combines production traffic with active probes to continuously test if the actual forwarding path and decision elements (on the data plane) correspond to the expected ones (on the control plane). Our insight is that active traffic covers the inconsistency cases beyond the ones identified by passive traffic. PAZZ prototype was built and evaluated on topologies of varying scale and complexity. Our results show that PAZZ requires minimal network resources to detect persistent data plane faults through fuzzing and localize them quickly. %K Computer Science, Networking and Internet Architecture, cs.NI
2018
Saidi, S. J., Foucard, D., Smaragdakis, G., & Feldmann, A. (2018). Flowtree: Enabling Distributed Flow Summarization at Scale. In SIGCOMM’18. Budapest, Hungary: ACM. doi:10.1145/3234200.3234225
Export
BibTeX
@inproceedings{Saidi_SIGCOMM2018, TITLE = {Flowtree: Enabling Distributed Flow Summarization at Scale}, AUTHOR = {Saidi, Said Jawad and Foucard, Damien and Smaragdakis, Georgios and Feldmann, Anja}, LANGUAGE = {eng}, ISBN = {978-1-4503-5915-3}, DOI = {10.1145/3234200.3234225}, PUBLISHER = {ACM}, YEAR = {2018}, DATE = {2018}, BOOKTITLE = {SIGCOMM'18}, PAGES = {30-32}, ADDRESS = {Budapest, Hungary}, }
Endnote
%0 Conference Proceedings %A Saidi, Said Jawad %A Foucard, Damien %A Smaragdakis, Georgios %A Feldmann, Anja %+ Internet Architecture, MPI for Informatics, Max Planck Society External Organizations External Organizations Internet Architecture, MPI for Informatics, Max Planck Society %T Flowtree: Enabling Distributed Flow Summarization at Scale : %G eng %U http://hdl.handle.net/21.11116/0000-0002-1577-1 %R 10.1145/3234200.3234225 %D 2018 %B SIGCOMM 2018 %Z date of event: 2018-08-20 - 2018-08-25 %C Budapest, Hungary %B SIGCOMM'18 %P 30-32 %I ACM %@ 978-1-4503-5915-3

Research Interests

  • Wide Area Data Analytics
  • Internet Measurement
  • Software Defined Networking
  • Data Aggregation

Education

March 2018 - present:
Ph. D. student in Computer Science at the Universität des Saarlandes, Saarbrücken, Germany and the Max-Planck-Institut für Informatik

May 2017 - March 2018:
Ph. D. student in Computer Science at the Technische Universität Berlin, Berlin, Germany

January 2014 - November 2016:
M.Sc. in Computer Science at the Technical University of Berlin
Master's Thesis (Diplomarbeit): Investigating Mechanisms for Tracing Packets through SDN (supervisor: Prof. Dr. Anja Feldmann)