This paper presents secure network provenance (SNP), a novel technique for tracking down compromised nodes in a distributed system and assessing the damage that they may have caused to other nodes. SNP enables operators to ask the system why it is in a certain state – for example, why a suspicious routing table entry is present on a certain router, or where a given cache entry originated. SNP is robust to manipulation; its tamper-evident properties ensure that operators can detect when compromised nodes lie or falsely implicate correct nodes. Thus, compromised nodes can at worst refuse to participate, making their presence evident to operators. We describe an algorithm for answering SNP queries, as well as a proof-of-concept implementation
A malicious foe may introduce additional nodes within the network or compromise existing ones. There...
In this paper, we argue that networks should be able to explain to their operators why they are in a...
We demonstrate NetTrails, a declarative platform for maintaining and interactively querying network ...
This paper introduces secure network provenance (SNP), a novel technique that enables networked syst...
This paper introduces secure network provenance (SNP), a novel technique that enables networked syst...
In large-scale networks, many things can go wrong: routers can be misconfigured, programs can be bug...
In large-scale networks, many things can go wrong: routers can be misconfigured, programs can be bug...
Network accountability and forensic analysis have become increasingly important, as a means of perfo...
Operators of distributed systems often find themselves needing to answer forensic questions, to perf...
In this paper, we argue that networks should be able to explain to their operators why they are in a...
In recent years, network accountability and forensic analysis have become increasingly important, as...
Operators of distributed systems often find themselves needing to answer forensic questions, to perf...
In recent years, network accountability and forensic analysis have become increasingly important, as...
A series of systems are connected to form a network. Vast amount of data moves through this network....
Diagnosing and repairing problems in complex distributed systems has always been challenging. A wide...
A malicious foe may introduce additional nodes within the network or compromise existing ones. There...
In this paper, we argue that networks should be able to explain to their operators why they are in a...
We demonstrate NetTrails, a declarative platform for maintaining and interactively querying network ...
This paper introduces secure network provenance (SNP), a novel technique that enables networked syst...
This paper introduces secure network provenance (SNP), a novel technique that enables networked syst...
In large-scale networks, many things can go wrong: routers can be misconfigured, programs can be bug...
In large-scale networks, many things can go wrong: routers can be misconfigured, programs can be bug...
Network accountability and forensic analysis have become increasingly important, as a means of perfo...
Operators of distributed systems often find themselves needing to answer forensic questions, to perf...
In this paper, we argue that networks should be able to explain to their operators why they are in a...
In recent years, network accountability and forensic analysis have become increasingly important, as...
Operators of distributed systems often find themselves needing to answer forensic questions, to perf...
In recent years, network accountability and forensic analysis have become increasingly important, as...
A series of systems are connected to form a network. Vast amount of data moves through this network....
Diagnosing and repairing problems in complex distributed systems has always been challenging. A wide...
A malicious foe may introduce additional nodes within the network or compromise existing ones. There...
In this paper, we argue that networks should be able to explain to their operators why they are in a...
We demonstrate NetTrails, a declarative platform for maintaining and interactively querying network ...