Secure network provenance

Abstract

This paper introduces secure network provenance (SNP), a novel technique that enables networked systems to explain to their operators why they are in a certain state -- e.g., why a suspicious routing table entry is present on a certain router, or where a given cache entry originated. SNP provides network forensics capabilities by permitting operators to track down faulty or misbehaving nodes, and to assess the damage such nodes may have caused to the rest of the system. SNP is designed for adversarial settings and is robust to manipulation; its tamper-evident properties ensure that operators can detect when compromised nodes lie or falsely implicate correct nodes.

References

Page 1

	Year	Citations
The Byzantine Generals Problem Leslie Lamport, Robert E. Shostak, Marshall C. Pease ACM Transactions on Programming Languages and Systems	1982	5.9K
Practical byzantine fault tolerance and proactive recovery Miguel Castro, Barbara Liskov ACM Transactions on Computer Systems Distributed File SystemBlockchain Consensus ProtocolEngineeringInformation SecurityFault Tolerance	2002	2.4K
Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software James Newsome, Dawn Song Figshare	2005	1.3K
Using magpie for request extraction and workload modelling Paul Barham, Austin Donnelly, Rebecca Isaacs, Operating Systems Design and Implementation Software MaintenanceEngineeringComputer ArchitectureSoftware EngineeringSimulation	2004	575
The stable paths problem and interdomain routing Timothy G. Griffin, F. Bruce Shepherd, Gordon Wilfong IEEE/ACM Transactions on Networking Network Routing AlgorithmNetwork ScienceDynamic BehaviorEngineeringEdge Computing	2002	514
Provenance-aware storage systems Kiran‐Kumar Muniswamy‐Reddy, David A. Holland, Uri Braun, Digital Access to Scholarship at Harvard (DASH) (Harvard University)	2006	503
VisTrails Steven P. Callahan, Juliana Freire, Emanuele Santos, Interactive VisualizationVistrails SystemVisualization ProductEngineeringData Science	2006	477
Trio: A System for Integrated Management of Data, Accuracy, and Lineage Jennifer Widom	2004	477
PeerReview Andreas Haeberlen, Petr Kouznetsov, Peter Druschel EngineeringCorrect NodeInformation SecurityByzantine FaultOverlay Multicast System	2007	337
Pip: detecting the unexpected in distributed systems Patrick Reynolds, Charles Killian, Janet L. Wiener, Software MaintenanceEngineeringVerificationSoftware EngineeringFault Tolerance	2006	315

Page 1