NeTS:Medium:Invigorating Empirical Network Research via Mediated Trace Analysis

NeTS：Medium：通过中介跟踪分析激发实证网络研究

• 批准号: 0905631
• 负责人: Robin Sommer
• 金额: $ 80万
• 依托单位: International Computer Science Institute
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2012-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0905631&HistoricalAwards=false
• 关键词: NeTS; Medium; Invigorating; Empirical; Network

Scientific network research relies heavily on sound, empirical analysis of real-world network traffic. It is often not possible to robustly validate a proposed mechanism, enhancement, or new service without understanding how it will interact with real networks and real users. Yet obtaining the necessary raw measurement data?in particular packet traces including payload?can prove exceedingly difficult. Simply put, the lack of public access to current, representative datasets significantly hinders the progress of our scientific field. Not having appropriate traces for a study can stall the most promising research. There have been extensive efforts by the community at large to change the status quo by providing collections of public network traces. However, the community?s major push to encourage institutions to release anonymized data has achieved only very limited successes. The risks involved with any release still outweigh the potential benefits in almost all environments. The lack of significant progress in this direction?despite extensive efforts?is an undeniable indication that the community needs a new approach. Towards this end, the PIs are developing in a systematic fashion a scheme that has been used informally numerous times over two decades of network research: rather than bringing the data to the experimenter, bring the experiment to the data. Past studie have packaged up an analysis for execution by somebody external who had the privileges to access network traffic out of our reach. These people crunched the traffic with our scripts and then manually verified that the output did not leak any sensitive information before passing it on to us. The PIs are establishing such mediated trace analysis as a standard approach to empirical network research. The aim is to formalize the process sufficiently to facilitate researchers tapping into a potentially broad pool of providers willing to mediate access to traces for research studies. Several large-scale network environments have already confirmed to us that they consider this model a feasible approach, and are willing to participate. The main challenge to overcome is the burden the process imposes on trace providers and on the research ?development cycle?. The basic tenet is that it possible to greatly improve many of the tedious mediation steps by devising a systematic framework that accounts for the legitimate concerns of providers while reducing their effort to such a degree that it becomes practical for them to provide mediated trace analysis on a routine basis. The key challenge is to automate the common steps of the mediation process without compromising the core requirement of the trace provider maintaining thorough control over the process. Starting with carefully examining the threats that arise, the PIs are devising a formal framework for trace mediations that will include a computational model specifically tailored to the process? unique requirements, along with a powerful suite of tools to provide extensive support for the different elements of the undertaking.The mediation approach has the potential to broadly improve how scientists tackle network measurement studies?both opening up access to a far greater range of empirical data than is currently viable, and instilling a greater degree of scientific rigor into the process of conducting such research. By making empirical data available to many more teams of researchers than occurs today, this work will significantly broaden efforts within the field.

科学的网络研究很大程度上依赖于对现实世界网络流量的合理、实证分析。如果不了解提议的机制、增强功能或新服务如何与真实网络和真实用户交互，通常不可能对其进行稳健验证。然而，获得必要的原始测量数据（特别是包括有效负载的数据包跟踪）可能非常困难。简而言之，公众无法获取当前的代表性数据集极大地阻碍了我们科学领域的进步。没有适当的研究痕迹可能会阻碍最有前途的研究。整个社区做出了广泛的努力，通过提供公共网络痕迹的收集来改变现状。然而，社区大力鼓励机构发布匿名数据的努力只取得了非常有限的成功。在几乎所有环境中，任何版本所涉及的风险仍然超过潜在的好处。尽管做出了广泛的努力，但在这个方向上缺乏重大进展，这无可否认地表明社区需要一种新的方法。为此，PI 正在以系统的方式开发一种方案，该方案在二十年的网络研究中已被非正式地多次使用：不是将数据带给实验者，而是将实验带到数据中。过去的研究已经打包了一项分析，供有权访问我们无法访问的网络流量的外部人员执行。这些人使用我们的脚本处理流量，然后在将输出传递给我们之前手动验证输出没有泄漏任何敏感信息。 PI 正在建立这种中介跟踪分析作为实证网络研究的标准方法。目的是使该过程充分正规化，以方便研究人员利用愿意调解研究痕迹访问的潜在广泛的提供者群体。几个大型网络环境已经向我们证实，他们认为这种模式是可行的方法，并且愿意参与。需要克服的主要挑战是该过程给跟踪提供者和研究“开发周期”带来的负担。基本原则是，通过设计一个系统框架，考虑到提供者的合理关切，同时减少他们的工作量，使他们能够切实可行地提供中介跟踪分析，从而可以极大地改进许多繁琐的调解步骤。常规基础。关键的挑战是在不影响跟踪提供商保持对流程的彻底控制的核心要求的情况下，实现中介流程的常见步骤的自动化。从仔细检查出现的威胁开始，PI 正在设计一个正式的跟踪中介框架，其中将包括专门针对该过程定制的计算模型？独特的要求，以及一套强大的工具，可为任务的不同要素提供广泛的支持。调解方法有可能广泛改善科学家处理网络测量研究的方式？两者都可以获取更广泛的经验数据比目前可行的方法，并在进行此类研究的过程中注入更高程度的科学严谨性。通过向比现在更多的研究团队提供经验数据，这项工作将显着拓宽该领域的工作范围。