Title:
Packets with Provenance
Packets with Provenance
dc.contributor.author | Ramachandran, Anirudh | |
dc.contributor.author | Bhandankar, Kaushik | |
dc.contributor.author | Tariq, Mukarram Bin | |
dc.contributor.author | Feamster, Nick | |
dc.contributor.corporatename | Georgia Institute of Technology. College of Computing | |
dc.contributor.corporatename | Georgia Institute of Technology. School of Computer Science | |
dc.date.accessioned | 2008-11-07T22:00:22Z | |
dc.date.available | 2008-11-07T22:00:22Z | |
dc.date.issued | 2008 | |
dc.description.abstract | Traffic classification and distinction allows network operators to provision resources, enforce trust, control unwanted traffic, and traceback unwanted traffic to its source. Today’s classification mechanisms rely primarily on IP addresses and port numbers; unfortunately, these fields are often too coarse and ephemeral, and moreover, they do not reflect traffic’s provenance, associated trust, or relationship to other processes or hosts. This paper presents the design, analysis, user-space implementation, and evaluation of Pedigree, which consists of two components: a trusted tagger that resides on hosts and tags packets with information about their provenance (i.e., identity and history of potential input from hosts and resources for the process that generated them), and an arbiter, which decides what to do with the traffic that carries certain tags. Pedigree allows operators to write traffic classification policies with expressive semantics that reflect properties of the actual process that generated the traffic. Beyond offering new function and flexibility in traffic classification, Pedigree represents a new and interesting point in the design space between filtering and capabilities, and it allows network operators to leverage host-based trust models to decide treatment of network traffic. | en |
dc.identifier.uri | http://hdl.handle.net/1853/25467 | |
dc.language.iso | en_US | en |
dc.publisher | Georgia Institute of Technology | en |
dc.relation.ispartofseries | SCS Technical Report ; GT-CS-08-02 | en |
dc.subject | Arbiters | en |
dc.subject | Network traffic | en |
dc.subject | Pedigree | en |
dc.subject | Taggers | en |
dc.subject | Tracking | en |
dc.title | Packets with Provenance | en |
dc.type | Text | |
dc.type.genre | Technical Report | |
dspace.entity.type | Publication | |
local.contributor.corporatename | College of Computing | |
local.contributor.corporatename | School of Computer Science | |
local.relation.ispartofseries | College of Computing Technical Report Series | |
local.relation.ispartofseries | School of Computer Science Technical Report Series | |
relation.isOrgUnitOfPublication | c8892b3c-8db6-4b7b-a33a-1b67f7db2021 | |
relation.isOrgUnitOfPublication | 6b42174a-e0e1-40e3-a581-47bed0470a1e | |
relation.isSeriesOfPublication | 35c9e8fc-dd67-4201-b1d5-016381ef65b8 | |
relation.isSeriesOfPublication | 26e8e5bc-dc81-469c-bd15-88e6f98f741d |