Secure network provenance

Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles Pub Date : 2011-10-23 DOI:10.1145/2043556.2043584

Wenchao Zhou, Qiong Fei, Arjun Narayan, Andreas Haeberlen, B. T. Loo, M. Sherr

{"title":"Secure network provenance","authors":"Wenchao Zhou, Qiong Fei, Arjun Narayan, Andreas Haeberlen, B. T. Loo, M. Sherr","doi":"10.1145/2043556.2043584","DOIUrl":null,"url":null,"abstract":"This paper introduces secure network provenance (SNP), a novel technique that enables networked systems to explain to their operators why they are in a certain state -- e.g., why a suspicious routing table entry is present on a certain router, or where a given cache entry originated. SNP provides network forensics capabilities by permitting operators to track down faulty or misbehaving nodes, and to assess the damage such nodes may have caused to the rest of the system. SNP is designed for adversarial settings and is robust to manipulation; its tamper-evident properties ensure that operators can detect when compromised nodes lie or falsely implicate correct nodes. We also present the design of SNooPy, a general-purpose SNP system. To demonstrate that SNooPy is practical, we apply it to three example applications: the Quagga BGP daemon, a declarative implementation of Chord, and Hadoop MapReduce. Our results indicate that SNooPy can efficiently explain state in an adversarial setting, that it can be applied with minimal effort, and that its costs are low enough to be practical.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"155","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2043556.2043584","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 155

Abstract

This paper introduces secure network provenance (SNP), a novel technique that enables networked systems to explain to their operators why they are in a certain state -- e.g., why a suspicious routing table entry is present on a certain router, or where a given cache entry originated. SNP provides network forensics capabilities by permitting operators to track down faulty or misbehaving nodes, and to assess the damage such nodes may have caused to the rest of the system. SNP is designed for adversarial settings and is robust to manipulation; its tamper-evident properties ensure that operators can detect when compromised nodes lie or falsely implicate correct nodes. We also present the design of SNooPy, a general-purpose SNP system. To demonstrate that SNooPy is practical, we apply it to three example applications: the Quagga BGP daemon, a declarative implementation of Chord, and Hadoop MapReduce. Our results indicate that SNooPy can efficiently explain state in an adversarial setting, that it can be applied with minimal effort, and that its costs are low enough to be practical.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

安全的网络来源

本文介绍了安全网络溯源(SNP)，这是一种新技术，它使网络系统能够向运营商解释为什么它们处于某种状态——例如，为什么在某个路由器上存在可疑的路由表项，或者给定的缓存项来自何处。SNP通过允许运营商跟踪故障或行为不端的节点，并评估这些节点可能对系统其余部分造成的损害，从而提供网络取证功能。SNP是为对抗环境设计的，对操纵具有鲁棒性;它的防篡改特性确保操作人员可以检测到受损节点是否存在或错误地牵连正确节点。我们还介绍了通用SNP系统SNooPy的设计。为了证明SNooPy是实用的，我们将其应用于三个示例应用程序:Quagga BGP守护进程、Chord的声明性实现和Hadoop MapReduce。我们的研究结果表明，SNooPy可以在对抗环境中有效地解释状态，它可以以最小的努力应用，并且它的成本足够低，具有实用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

自引率

0.00%

发文量