The Provenance of WINE

Author

Dumitras, Tudor ; Efstathopoulos, Petros

fYear

2012

fDate

8-11 May 2012

Firstpage

126

Lastpage

131

Abstract

The results of cyber security experiments are often impossible to reproduce, owing to the lack of adequate descriptions of the data collection and experimental processes. Such provenance information is difficult to record consistently when collecting data from distributed sensors and when sharing raw data among research groups with variable standards for documenting the steps that produce the final experimental result. In the WINE benchmark, which provides field data for cyber security experiments, we aim to make the experimental process self-documenting. The data collected includes provenance information -- such as when, where and how an attack was first observed or detected -- and allows researchers to gauge information quality. Experiments are conducted on a common test bed, which provides tools for recording each procedural step. The ability to understand the provenance of research results enables rigorous cyber security experiments, conducted at scale.

Keywords

benchmark testing; security of data; sensor fusion; WINE benchmark; cyber security experiments; data attacks; data collection; distributed sensors; field data; information quality; provenance information; raw data sharing; research groups; self-documenting experimental process; variable standards; Benchmark testing; Distributed databases; Malware; Pipelines; Software; Provenance; WINE; cyber security; dependability benchmarking; experimental research;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Computing Conference (EDCC), 2012 Ninth European

Conference_Location

Sibiu

Print_ISBN

978-1-4673-0938-7

Type

conf

DOI

10.1109/EDCC.2012.29

Filename

6214767