Assistant Professor Department of Computer Science Virginia Tech djwillia@vt.edu 4207 Gilbert Place

Bio

I'm currently an Assistant Professor in the Department of Computer Science at Virginia Tech, which I joined in August 2021. Prior to joining VT, I spent 10 years as a Research Staff Member at the IBM T.J. Watson Research Center in Yorktown Heights, NY with whom I still collaborate and hold an affiliation with. I also taught operating systems as an Adjunct Assistant Professor at Vassar College in 2020. I received my PhD from Cornell University under the guidance of Hakim Weatherspoon.

My research investigates the systems abstractions for running programs securely and isolated from one another even in shared environments. I am the original author of the Solo5 unikernel execution environment, and a co-creator of unikernel-inspired Nabla containers.

Trends I am currently interested in:

• eBPF and safe user code, including Rust, in the kernel

• new mechanisms for process sandboxing and isolation

• lightweight computing abstractions in the cloud (e.g., serverless)

• confidential computing: enclaves (Intel SGX, TDX, AMD SEV, etc.)

I am actively looking to recruit students to work in my group! Please follow the instructions here and be sure to specify my name on your application!

Alert: It has been brought to my attention that scammers have been pretending to be me, emailing students and offering positions. If you receive an email claiming to be from me that is not from the vt.edu domain (e.g., from a gmail address) please delete it!

News

• our paper SEVeriFast: Minimizing the root of trust for fast startup of SEV microVMs has been accepted to ASPLOS 2024!

• I gave an invited talk entitled “The Future of Safe Kernel Extensions” at Bytedance!

• we have 3 talks on eBPF in the upcoming Linux Plumbers Conference in November!

• we have 3 papers accepted to the SIGCOMM eBPF workshop in September!

• our paper Kernel extension verification is untenable has been accepted to HotOS 2023

• congrats to the amazing undergrad Ben Holmes, who will start his PhD at MIT next year!

• honored to receive an NSF CAREER Award to improve the Linux kernel through extensions!

• our paper Securing Container-based Clouds with Syscall-aware Scheduling has been accepted to ASIACCS 2023

• our paper Protect the System Call, Protect (most of) the World with BASTION has been accepted to ASPLOS 2023

• our work on eBPF use for seccomp appeared at the Linux Plumbers Conference (on the eBPF and Networking track)!

• pleased to announce our paper SecQuant: Quantifying Container System Call Exposure has been accepted to ESORICS 2022

• invited to serve as co-PC chair of USENIX ATC ’23 with the amazing Julia Lawall

• pleased to announce our paper KASLR in the age of MicroVMs has been accepted to Eurosys 2022

• pleased to announce our paper Verified Programs Can Party: Optimizing Kernel Extensions via Post-Verification In-Kernel Merging has been accepted to Eurosys 2022

• I am one of three faculty teaching Computer Systems (CS 3214) this semester

• Austin Kuo passed his PhD candidacy exam at UIUC! Congrats Austin!

• invited to serve on the PC of USENIX ATC 2022

• invited to serve on the PC of ICDCS 2022

• invited to serve as co-PC chair of VEE 2022 with the amazing Yubin Xia

Professional Service

• PC member: USENIX ATC 2017, 2019, 2022, 2023 (co-PC chair), 2024

• PC member: ACM EUROSYS 2024, 2025

• PC member: ACM ASPLOS 2024

• PC member: ACM SYSTOR 2024

• PC member: USENIX HotCloud 2020

• PC member: ACM VEE 2018, 2019, 2022 (co-PC chair)

• PC member: IEEE ICDCS 2022

• PC member: IEEE IC2E 2013, 2014, 2016

• PC member: IEEE WoC 2018

• PC member: IEEE/ACM ESSCA 2018

• PC member: ACM CAN 2016, 2017

• Reviewer: ACM Transactions on Computer Systems 2020

• Reviewer: IEEE Transactions on Cloud Computing 2019, 2021

• Reviewer: IEEE Internet Computing 2019

• Reviewer: Elsevier JPDC 2013

Teaching

• Spring 2024 Advanced Topics in Operating Systems Through the Lens of Extensibility (CS 6204) (VT)

• Fall 2023 Computer Systems (CS 3214) (VT)

• Spring 2023 Computer Systems (CS 3214) (VT)

• Fall 2022 Operating Systems (CS 5204) (VT)

• Spring 2022 Computer Systems (CS 3214) (VT)

• Spring 2020 Operating Systems (CMPU 334) (Vassar)

Funding

NSF CAREER Award $602,686.00

Publications

• SEVeriFast: Minimizing the root of trust for fast startup of SEV microVMs
  (to appear) In ACM ASPLOS, San Diego, CA, April 2024
  Benjamin Holmes, Jason Waterman, and Dan Williams

• Broadly Enabling KLEE to Effortlessly Find Unrecoverable Errors in Rust
  (to appear) In ACM ICSE-SEIP, Lisbon, Portugal, April 2024
  Ying Zhang, Peng Li, Yu Ding, Wang Lingxiang, Dan Wililams, and Na Meng

• When BPF programs need to die : exploring the design space for early BPF termination
  In Linux Plumbers Conference, Richmond, VA, November 2023
  Raj Sahu and Dan Williams

• Overflowing the kernel stack with BPF
  In Linux Plumbers Conference, Richmond, VA, November 2023
  Siddharth Chintamaneni, Sai Roop Somaraju, and Dan Williams

• Advancing Kernel Control Flow Integrity with eBPF
  In Linux Plumbers Conference, Richmond, VA, November 2023
  Jinghao Jia, Michael Le, Salman Ahmed, Dan Williams, and Hani Jamjoom

• Enabling eBPF on Embedded Systems Through Decoupled Verification
  In Proceedings of ACM SIGCOMM Workshop on eBPF and Kernel Extensions (eBPF ’23), New York, New York, September 2023
  Milo Craun, Adam Oswald, and Dan Williams

• Enabling BPF Runtime policies for better BPF management
  In Proceedings of ACM SIGCOMM Workshop on eBPF and Kernel Extensions (eBPF ’23), New York, New York, September 2023
  Raj Sahu and Dan Williams

• Practical and Flexible Kernel CFI Enforcement using eBPF
  In Proceedings of ACM SIGCOMM Workshop on eBPF and Kernel Extensions (eBPF ’23), New York, New York, September 2023
  Jinghao Jia, Michael V. Le, Salman Ahmed, Dan Williams, Hani Jamjoom

• Securing Container-based Clouds with Syscall-aware Scheduling
  In Proceedings of ACM ASIACCS, Melbourne, Australia, July 2023
  Michael V. Le, Salman Ahmed, Dan Williams, and Hani Jamjoom

• Kernel extension verification is untenable
  In Proceedings of ACM HotOS, Providence, RI, June 2023
  Jinghao Jia, Raj Sahu, Adam Oswald, Dan Williams, Michael V. Le, and Tianyin Xu

• Protect the System Call, Protect (most of) the World with BASTION
  In Proceedings of ACM ASPLOS, Vancouver, Canada, March 2023
  Christopher Jelesnianski, Mohannad Ismail, Yeongjin Jang, Dan Williams, Changwoo Min

• SecQuant: Quantifying Container System Call Exposure
  In Proceedings of ESORICS, Copenhagen, Denmark, September 2022
  Sunwoo Jang, Somin Song, Byungchul Tak, Sahil Suneja, Michael V. Le, Chuan Yue and Dan Williams

• KASLR in the age of MicroVMs
  In Proceedings of ACM EuroSys, Rennes, France, April 2022
  Benjamin Holmes, Jason Waterman, and Dan Williams

• Verified Programs Can Party: Optimizing Kernel Extensions via Post-Verification In-Kernel Merging
  In Proceedings of ACM EuroSys, Rennes, France, April 2022
  Hsuan-Chi Kuo, Kai-Hsun Chen, Yicheng Lu, Dan Williams, Sibin Mohan, and Tianyin Xu

• A Linux in Unikernel Clothing
  In Proceedings of ACM EuroSys, Heraklion, Crete, Greece, April 2020
  Hsuan-Chi Kuo, Dan Williams, Ricardo Koller, and Sibin Mohan

• An Ounce of Prevention is Worth A Pound of Cure: Ahead-of-time Preparation for Safe High-Level Container Interfaces
  In Proceedings of USENIX HotStorage, Renton, WA, July 2019
  Ricardo Koller and Dan Williams

• Unikernels as Processes
  In Proceedings of ACM SOCC, Carlsbad, CA, October 2018
  Dan Williams, Ricardo Koller, Martin Lucina, and Nikhil Prakash

• Say Goodbye to Virtualization for a Safer Cloud
  In Proceedings of USENIX HotCloud, Boston, MA, July 2018
  Dan Williams, Ricardo Koller, and Brandon Lum

• Multi-Hypervisor Virtual Machines: Enabling an Ecosystem of Hypervisor-level Services
  In Proceedings of USENIX ATC, Santa Clara, CA, July 2017
  Kartik Gopalan, Rohit Kugve, Hardik Bagdi, Yahui Hu, Dan Williams and Nilton Bila.

• Will Serverless End the Dominance of Linux in the Cloud?
  In Proceedings of ACM SIGOPS HotOS, Whistler, BC, May 2017
  Ricardo Koller and Dan Williams.

• Unikernel Monitors: Extending Minimalism Outside of the Box
  In Proceedings of USENIX HotCloud, Denver, CO, June 2016
  Dan Williams and Ricardo Koller.

• Version Traveler: Fast and Memory-Efficient Version Switching in Graph Processing Systems
  In Proceedings of USENIX ATC, Denver, CO, June 2016
  Xiaoen Ju, Dan Williams, Hani Jamjoom and Kang Shin.

• Enabling Efficient Hypervisor-as-a-Service Clouds with Ephemeral Virtualization
  In Proceedings of ACM SIGPLANSIGOPS VEE, Atlanta, GA, April 2016/
  Dan Williams, Yaohui Hu, Umesh Deshpande, Piush K Sinha, Nilton Bila, Kartik Gopalan and Hani Jamjoom.

• Flux: Multi-Surface Computing in Android
  In Proceedings of ACM Eurosys, Bordeaux, France, April 2015
  Alexander Van't Hof, Hani Jamjoom, Jason Nieh, and Dan Williams.

• Don't Call Them Middleboxes, Call Them Middlepipes
  In Proceedings of ACM HotSDN, Chicago, IL, August 2014
  Hani Jamjoom, Dan Williams, and Upendra Sharama.

• Software Defining System Devices with the 'Banana’ Double-Split Driver Model
  In Proceedings of USENIX HotCloud, Philadelphia, PA, June 2014
  Dan Williams, Hani Jamjoom, and Hakim Weatherspoon.

• TideWatch: Fingerprinting the Cyclicality of Big Data Workloads
  In Proceedings of IEEE INFOCOM, Toronto, Canada, April 2014
  Dan Williams, Shuai Zheng, Xiangliang Zhang, and Hani Jamjoom.

• Pico Replication: A High Availability Framework for Middleboxes
  In Proceedings of ACM SOCC, Santa Clara, CA, October 2013
  Shriram Rajagopalan, Dan Williams, and Hani Jamjoom.

• Cementing High Availability in OpenFlow with RuleBricks
  In Proceedings of ACM SIGCOMM HotSDN, Hong Kong, August 2013
  Dan Williams and Hani Jamjoom.

• AIN: A Blueprint for an All-IP Data Center Network
  In Proceedings of USENIX HotCloud, San Jose, CA, June 2013
  Vasileios Pappas, Hani Jamjoom and Dan Williams.

• Escape Capsule: Explicit State Is Robust and Scalable
  In Proceedings of USENIX HotOS, Santa Ana Pueblo, NM, May 2013
  Shriram Rajagopalan, Dan Williams, Hani Jamjoom, and Andrew Warfield.

• Mizan: A System for Dynamic Load Balancing in Large-scale Graph Processing
  In Proceedings of ACM EuroSys, Prague, Czech Republic, April 2013
  Zuhair Khayyat, Karim Awara, Amani Alonazi, Hani Jamjoom, Dan Williams, and Panos Kalnis.

• Split/Merge: System Support for Elastic Execution in Virtual Middleboxes
  In Proceedings of USENIX NSDI, Lombard, IL, April 2013
  Shriram Rajagopalan, Dan Williams, Hani Jamjoom, and Andrew Warfield.

• Plug into the Supercloud
  In IEEE Internet Computing Special Issue on Virtualization, March-April 2013 (vol.17 no. 2)
  Dan Williams, Hani Jamjoom, and Hakim Weatherspoon.

• Towards Superclouds
  PhD Dissertation, Cornell University, Department of Computer Science, January, 2013
  Dan Williams.

• The Xen-Blanket: Virtualize Once, Run Everywhere
  In Proceedings of ACM EuroSys, Bern, Switzerland, April 2012
  Dan Williams, Hani Jamjoom, and Hakim Weatherspoon.

• Logical Attestation: An Authorization Architecture for Trustworthy Computing
  In Proceedings of ACM SOSP, Cascais, Portugal, October 2011
  Emin Gün Sirer, Willem de Bruijn, Patrick Reynolds, Alan Shieh, Kevin Walsh, Dan Williams, and Fred B. Schneider.

• Unshackle the Cloud!
  In Proceedings of USENIX HotCloud, Portland, OR, June 2011
  Dan Williams, Eslam Elnikety, Mohamed Eldehiry, Hani Jamjoom, Hai Huang, and Hakim Weatherspoon.

• Overdriver: Handling Memory Overload in an Oversubscribed Cloud
  In Proceedings of ACM VEE, Newport Beach, CA, March 2011
  Dan Williams, Hani Jamjoom, Yew-Huey Liu, and Hakim Weatherspoon.

• Device Driver Safety Through a Reference Validation Mechanism
  In Proceedings of USENIX OSDI, San Diego, CA, December 2008
  Dan Williams, Patrick Reynolds, Kevin Walsh, Emin Gün Sirer, and Fred B. Schneider.

• Nexus: A New Operating System For Trustworthy Computing (extended abstract)
  In Proceedings of ACM SOSP, Brighton, UK, October 2005
  Alan Shieh, Dan Williams, Emin Gün Sirer, and Fred B. Schneider.

• Optimal Parameter Selection for Efficient Memory Integrity Verification Using Merkle Hash Trees
  In Proceedings of IEEE (NCA) - Trustworthy Network Computing Workshop, Cambridge, MA, August 2004
  Dan Williams and Emin Gün Sirer.