I am an associate professor in the Electrical and Computer Engineering and Computer Science departments at the University of Toronto. My research spans various areas in operating systems and focuses on reliability and security. As software systems have grown in size and complexity, they have become increasingly prone to failures and attacks. I am interested in building systems that allow detecting these problems and recovering from them. Some of my current research projects are listed below. If you are a prospective student, please visit the students page also.
End-to-End Data Reliability
The goal of this project is to ensure data integrity in the face of software bugs. Currently, the project is focused on improving the reliability of file-system software. When file systems are buggy, they can cause data corruption and persistent application crashes. We have developed a system that ensures that a file-system disk image will remain consistent in the face of arbitrary file-system bugs. The key idea is to verify all file-system operations that update the disk at runtime using a well-defined set of consistency properties. This is joint work with Prof. Angela Demke Brown.
Operating System Instrumentation
A binary instrumentation system enables monitoring and manipulating every instruction in an executing binary. Binary instrumentation systems have been used for developing bug-finding and security tools. For example, Memcheck uses binary instrumentation to detect various types of memory errors dynamically, such as accessing memory after it has been freed. We have developed a binary instrumentation system for the Linux operating system (here is our initial design). We aim to use this system to develop tools to find memory bugs in the Linux kernel and to harden the kernel against buggy device drivers. This is joint work with Prof. Angela Demke Brown.
Data Protection and Recovery
The goal of this project is to simplify analysis and recovery from intrusions. When systems are compromised, they provide limited support for accurately analyzing the activities that occurred in the past, and thus intrusion analysis and recovery is a time-taking and error-prone operation. We have constructed an intrusion analysis system called Forensix that allows system administrators and security experts to quickly and easily track down sources of security incidents after they have happened. We have used Forensix to design a data recovery system called Taser that helps automatically revert the effects of intrusion activity, without affecting data that is unrelated to intrusions. We have also designed an application-level virtualization environment called Solitude for running untrusted network applications. Solitude protects critical data by limiting the propagation of attacks, thus complementing the Taser recovery system. We have applied these techniques for recovering data in web applications and for securing web browsers.
- Daniel Fryer, Jack Sun, Rahat Mahmood, TingHao Cheng, Shaun Benjamin, Ashvin Goel and Angela Demke Brown. Recon: Verifying File System Consistency at Runtime. In Conference on File and Storage Technologies(FAST), Feb 2012. (awarded best paper).
- Peter Feiner, Angela Demke Brown and Ashvin Goel. Comprehensive Kernel Instrumentation via Dynamic Binary Translation. In Architectural Support for Programming Languages and Operating Systems (ASPLOS), Feb 2012.
- Vladan Djeric and Ashvin Goel. Securing Script-Based Extensibility in Web Browsers. In Proceedings of the USENIX Security Symposium, August 2010.
- Shvetank Jain and Fareha Shafique and Vladan Djeric and Ashvin Goel. Application-Level Isolation and Recovery with Solitude. In Proceedings of the EuroSys conference, Apr 2008.
- Ashvin Goel, Kenneth Po, Kamran Farhadi, Zheng Li and Eyal de Lara. The Taser Intrusion Recovery System. In Proceedings of the Symposium on Operating Systems Prinicples (SOSP), Oct 2005.
- Ashvin Goel, Luca Abeni, Charles Krasic, Jim Snow, and Jonathan Walpole. Supporting time-sensitive applications on general-purpose operating systems. In Proceedings of the Fifth USENIX Symposium on Operating Systems Design and Implementation (OSDI), Dec 2002.
- David Steere, Ashvin Goel, Joshua Gruenberg, Dylan McNamee, Calton Pu, and Jonathan Walpole. A feedback-driven proportion allocator for real-rate scheduling. In Proceedings of the Third USENIX Symposium on Operating Systems Design and Implementation (OSDI). USENIX, February 1999.
I am currently serving on the following program committees:
- DSN, 2013.
- FAST, 2013.
- Submission editor for Operating Systems Review (OSR), starting 2007.
I have served in the following program committees in the past:
- Eurosys, 2012, 2010.
- ICDCS, 2012, 2011 (vice chair, OS track), 2006.
- DSN, 2011, 2010.
- Hotdep, 2009, 2007.
- EuroSec, 2009, 2008.