CyLab faculty named Intel’s 2021 Outstanding Researchers

Daniel Tkacik

Feb 15, 2022

CyLab faculty

Source: CyLab

(left to right): CyLab faculty Justine Sherry, Vyas Sekar, and James Hoe are recipients of Intel's 2021 Outstanding Research Awards.

CyLab faculty Justine Sherry, Vyas Sekar, and James Hoe have been selected among the winners of Intel’s 2021 Outstanding Researcher Award for their collaborative work on “Pigasus: FPGA-Accelerated Intrusion Detection and Prevention System” with Intel. Their work is to the fastest open-source intrusion detection system to date.

“We are excited for the recognition that this award brings to Pigasus,” says Sherry, one of the work’s principal investigators. “Pigasus is maturing at a very rapid pace due to its growing developer base in the research community.” 

Sherry is a professor in Carnegie Mellon’s Computer Science Department, and Sekar and Hoe are professors in the Department of Electrical and Computer Engineering.

As cyberattacks become more and more commonplace, intrusion detection systems (IDS) play a crucial role of scanning network data, looking for any hints of one of the tens of thousands of cyberattacks the systems know to look for. To keep up with increasing Internet speeds and data flows, IDS’ footprints have grown, taking up entire rooms and driving up energy costs for organizations that rely on them.

Faced with this challenge, Sherry, Sekar, and Hoe led the development of “Pigasus,” an IDS that achieves speeds of 100 gigabits per second using a single server by capturing most of the processing on an FPGA-based smart network interface card. A comparable software-based system would consume hundreds of processor cores.

One obvious reason Pigasus gained attention initially was its game-changing performance properties.

Justine Sherry, professor, Computer Science Department

“One obvious reason Pigasus gained attention initially was its game-changing performance properties,” says Sherry. “I often tell people what used to require an entire rack of machines, Pigasus can do with a single pizza box-sized server.”

Pigasus is developed under the Crossroads 3D FPGA Research Center, an Intel and VMWare co-funded, multi-university, multi-disciplinary effort involving students and faculty from Carnegie Mellon University, the University of Toronto and the University of Texas-Austin (UT-Austin).

The Crossroads teams bring a wide range of backgrounds, all of which make Pigasus possible, Sherry says. Hoe's group brings expertise on field-programmable gate arrays (FPGAs), an integrated circuit for which users can write code and customize, Sekar's team brings in-depth network security experience, and Sherry’s group brings skills in high-performance network functions and packet processing.

The project now hosts a monthly developer’s meeting for the seven universities and four companies that are actively engaging with the Pigasus codebase. The first team to run Pigasus outside of CMU was a research group at the University of Washington. Extensions to Pigasus are being developed by researchers at the University of Toronto, Harvard, the University of California-San Diego, Massachusetts Institute of Technology, UT-Austin, and the University of Virginia.

Pigasus’ open-source code is available on Github. Anyone interested in learning more about current Pigasus developments can sign up to join the Pigasus mailing list.