Sahil Suneja

Researcher at IBM Research T.J. Watson
sahil [at] cs [dot] toronto [dot] edu

My research interests lie broadly in the fields of Virtualization, Cloud Computing, Systems Security and Software Engineering (SE) in general, with a recent focus on Machine Learning and Artifical Intelligence (AI) within the SE context.

I started my research career exploring systems optimization. This included developing adaptive data prefetching schemes for parallel and distributed applicatons during my Master's, followed by leveraging heterogenous computing for cloud acceleration in the early part of my Ph.D.

Thereafter, I transitioned to cloud monitoring and analytics, focusing on developing non-intrusive approaches to achieve visibility into virtual machines and containers. 

Systems monitoring naturally transformed into systems security research, including vulnerability analysis of container images, exploration into secure container runtimes, as well as secure container sidecars.

Continuing within the security theme, my recent focus has been on AI-assisted software vulnerability detection. Specifically, I work towards reliable and trustworthy AI modeling of code, incorporating SE techniques into AI model learning to improve the models' signal awareness (i.e. focusing on the relevant source code features).

I graduated from University of Toronto in 2016 with a Doctorate in Computer Science (advisor: Eyal de Lara, IBM mentor: Canturk Isci). I have a Master's (advisor: Sanjeev K. Aggarwal) and Bachelor's degree from Indian Institute of Technology, Kanpur (2010). 

In the past, I have spent my summers at Microsoft Research Redmond in 2008 (Networking Research Group; mentor: Parveen Patel), Microsoft Research India in 2011 (Mobility, Networks and Systems Group; mentor: Vishnu Navda), and IBM Research T.J. Watson NY in 2012 and 2013 (Virtualization Runtime & Tools Group; mentor: Canturk Isci). 


Contributions to Research Community

- Reviewer / Sub-reviewer for papers in: Computers and Security '23, TOSEM'21, OOPSLA'21, TCC'20, TPDS'17, ASPLOS'17, IWOC'17, ICS'16, MASCOTS'15, SpringerPlus'15, SIGMETRICS'13, ICS'13, SYSTOR'12.

- Student Volunteer for UBICOMP'14 Program Committee Meeting.

- Session Summarizer for HotCloud'11; Reports in USENIX ;login: Magazine, Oct. 2011, Vol. 36, No. 5.

Patents

- Probing Model Signal Awareness. 2021
- Complexity Based Artificial Intelligence Model Training. 2021
- Artificial Intelligence Model Learning Introspection. 2021
- Training Data Augmentation Via Program Simplication. 2021
- Blackbox Security For Containers. 2019
- Secure System State Extraction Software Extensibility Via Plugin Sandboxing. 2018
- Safe Shell Container Facilitating Inspection Of A Virtual Container. 2018
- Peer-Based Optimal Performance Configuration Recommendation. 2017
- Always-On Monitoring In The Cloud. 2016
- Signal-aware data transfer in cellular networks. 2012

Blogs

- Go over Nabla: App Safety meets Host Isolation. 2018
- The choices we make: Impact of using host filesystem interface for secure containers. 2018
- Sidecar-container-based crawler plugin sandbox. 2017
- Mini-posix: Microservices over ukvm. 2017
- Containers vs. Unikernels. 2016

Publications

2023

- Incorporating Signal Awareness in Source Code Modeling: An Application to Vulnerability Detection
S. Suneja, Y. Zhuang, Y. Zheng, J. Laredo, A. Morari, and U. Khurana.
ACM Transactions on Software Engineering and Methodology (TOSEM). 2023

- Code Vulnerability Detection via Signal-Aware Learning
S. Suneja, Y. Zhuang, Y. Zheng, J. Laredo, A. Morari and U. Khurana
IEEE 8th European Symposium on Security and Privacy (EuroS&P). 2023

- Automated Code generation for Information Technology Tasks in YAML through Large Language Models
S Pujar, L Buratti, X Guo, N Dupuis, B Lewis, S Suneja, A Sood, G Nalawade, M Jones, A Morari, R Puri.
arXiv:2305.02783. 2023

- On the Value of Sequence-based System Call Filtering for Container Security.
S. Song, S. Suneja, M. V. Le, B. Tak.
IEEE International Conference on Cloud Computing (CLOUD). 2023

- Study of Distractors in Neural Models of Code
M.R.I. Rabin, A. Hussaim, S. Suneja, M. A. Alipour.
International Workshop on Interpretability and Robustness in Neural Software Engineering (InteNSE). 2023

- Sequence-based System Call Filtering for Enhanced Container Security, is it beneficial?
S. Song, S. Suneja, M. V. Le, B. Tak.
IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing (CCGRID). 2023 [Best Poster Award]

2022

- SecQuant: Quantifying Container System Call Exposure.
S. Jang, S. Song, B. Tak, S. Suneja, M. V. Le, C. Yue, D. Williams.
The 27th European Symposium on Research in Computer Security (ESORICS). 2022 [Local copy]

- VELVET: Ensemble Learning to Automatically Locate Vulnerable Statements.
Y. Ding, S. Suneja, Y. Zheng, J. Laredo, A. Morari, G. Kaiser, B. Ray.
The IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER). 2022 [Poster] [Local copy]

2021

- Towards Reliable AI for Source Code Understanding.
S. Suneja, Y. Zheng, Y. Zhuang, J. Laredo, A. Morari.
The 12th ACM Symposium on Cloud Computing (SoCC). 2021 [Local copy]

- Probing Model Signal-Awareness via Prediction-Preserving Input Minimization.
S Suneja*, Y Zheng*, Y Zhuang* (equal contribution), J Laredo, A Morari.
The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE). 2021 [Arxiv version]

- Software Vulnerability Detection via Deep Learning over Disaggregated Code Graph Representation.
Y Zhuang, S Suneja, V Thost, G Domeniconi, A Morari, J Laredo.
arXiv:2109.03341. 2021

2020

- Cryptomining Detection in Container Clouds Using System Calls and Explainable Machine Learning.
R. Karn, P. Kudva, H. Huang, S. Suneja, I. Elfadel.
IEEE Transactions on Parallel and Distributed Systems (IPDS). 2020 [Local copy]

- Can Container Fusion Be Securely Achieved?
S. Suneja, A. Kanso, and C. Isci.
The 5th International Workshop on Container Technologies and Container Clouds (WoC). 2020 [Local copy]

- Towards Non-Intrusive Software Introspection and Beyond.
A. Mohan, S. Nadgowda, B. Pipaliya, S. Varma, S. Suneja, C. Isci, G. Cooperman, P. Desnoyers, O. Krieger, and A. Turk.
The IEEE International Conference on Cloud Engineering (IC2E). 2020 [Local copy]

2019

- Learning to map source code to software vulnerability using code-as-a-graph.
S. Suneja, Y. Zheng, Y. Zhuang, J. Laredo, and A. Morari.
arXiv:2006.08614. 2019 [Local copy]

- Secure Extensibility for System State Extraction via Plugin Sandboxing.
S. Suneja and C. Isci.
arXiv:1905.08192. 2019 [Local copy]

- ConfAdvisor: A Performance-centric Configuration Tuning Framework for Containers on Kubernetes.
T. Chiba, R. Nakazawa, H. Horii, S. Suneja, and S. Seelam.
The IEEE International Conference on Cloud Engineering (IC2E). 2019 [Local copy]

2018

- RECap: Run-Escape Capsule for On-demand Managed Service Delivery in the Cloud.
S. Nadgowda, S. Suneja, and C. Isci.
10th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud). 2018 [Local copy]

- Security Analysis of Container Images using Cloud Analytics Framework.
B. Tak, H. Kim, S. Suneja, C. Isci, and P. Kudva.
The 16th International Conference on Web Services (ICWS). 2018 [Local copy][Best Paper]

2017

- Safe Inspection of Live Virtual Machines.
S. Suneja, R. Koller, C. Isci, E. de Lara, A. Hashemi, A. Bhattacharyya, and C. Amza.
The 13th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE). 2017 [Local copy]

- Paracloud: Bringing Application Insight into Cloud Operations.
S. Nadgowda, S. Suneja, and C. Isci.
9th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud). 2017 [Local copy]

- Voyager: Complete Container State Migration.
S. Nadgowda, S. Suneja, N. Bila, and C. Isci.
The 37th IEEE International Conference on Distributed Computing Systems (ICDCS). 2017 [Local copy]

- Usable Declarative Configuration Specification and Validation for Applications, Systems, and Cloud.
S. Baset, S. Suneja, N. Bila, O. Tuncer, and C. Isci.
Proceedings of the 18th International Middleware Conference (Industry Track) (Middleware). 2017 [Local copy]

- OpVis: Extensible, Cross-platform Operational Visibility and Analytics for Cloud.
F. A. Oliveira, S. Suneja, S. Nadgowda, P. Nagpurkar, and C. Isci.
Proceedings of the 18th International Middleware Conference (Industry Track) (Middleware). 2017 [Local copy] [Technical Report]

- Comparing Scaling Methods for Linux Containers.
S. Nadgowda, S. Suneja and A. Kanso.
The IEEE Third International Workshop on Container Technologies and Container Clouds (WoC). 2017 [Local copy]

2016

- Touchless and Always-on Cloud Analytics as a Service.
S. Suneja, C. Isci, R. Koller, and E. de Lara.
IBM Journal of Research and Development, vol. 60, 2016 [Local copy]

2015

- Unified Monitoring and Analytics in the Cloud.
R. Koller, C. Isci, S. Suneja, and E. de Lara.
Proceedings of the 7th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud). Santa Clara, CA, USA. 2015 [Local copy]

- Exploring VM Introspection: Techniques and Trade-offs.
S. Suneja, C. Isci, E. de Lara and V. Bala.
11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE). Istanbul, Turkey. 2015 [Local copy]

2014

- Protecting Data on Smartphones and Tablets from Memory Attacks. P. Colp, J. Zhang, J. Gleeson, S. Suneja, E. de Lara, H. Raj, S. Saroiu and A. Wolman.
Proceedings of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). Istanbul, Turkey. 2015 [Local copy]

- Non-intrusive, Out-of-band and Out-of-the-box Systems Monitoring in the Cloud.
S. Suneja, C. Isci, V. Bala, E. de Lara and T. Mummert.
Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS). Texas, USA. 2014 [Local copy]

- The Case for System Testing with Swift Hierarchical VM Fork.
J. Zhi, S. Suneja, E. de Lara.
The 6th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud), Philadelphia, PA, USA. 2014 [Local copy]

2013

- EnVi: Energy Efficient Video Player for Mobiles.
S. Suneja, V. Navda, R. Ramjee, E. de Lara.
The 2013 ACM Workshop on Cellular Networks: Operations, Challenges, and Future Design (CellNet). Taipei, Taiwan. 2013 [Local copy]

2011

- Accelerating the Cloud with Heterogeneous Computing.
S. Suneja, E. Baron, E. de Lara, R. Johnson.
3rd USENIX Workshop on Hot Topics in Cloud Computing (HotCloud). Portland, USA. 2011 [Local copy]

Presentations & Posters

- Safe Inspection and Customization of Live Virtual Machines
Poster at Usenix ATC 2016

- Non-intrusive and Out-of-band Systems Monitoring in the Cloud
Poster at 8th Eurosys Doctoral Workshop (EuroDW) 2014, Amsterdam, Netherlands.

- Accelerating the Cloud with Heterogeneous Computing
Poster at UofT's Research in Action Showcase 2013, Toronto ON.
Presentation in the AMD Fusion Developer Summit 2012, Bellevue WA.
Poster at HotCloud Workshop 2011, Portland OR.

- VMM-Based Cloud Analytics with Real-Time Memory Introspection
Poster at UofT's Research in Action Showcase 2013, Toronto ON.


[Last Updated in March 2023]