NeTS:Medium:Invigorating Empirical Network Research via Mediated Trace Analysis

NeTS：Medium：通过中介跟踪分析激发实证网络研究

• 批准号: 0905631
• 负责人: Robin Sommer
• 金额: $ 80万
• 依托单位: International Computer Science Institute
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2012-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0905631&HistoricalAwards=false
• 关键词: NeTS; Medium; Invigorating; Empirical; Network

Scientific network research relies heavily on sound, empirical analysis of real-world network traffic. It is often not possible to robustly validate a proposed mechanism, enhancement, or new service without understanding how it will interact with real networks and real users. Yet obtaining the necessary raw measurement data?in particular packet traces including payload?can prove exceedingly difficult. Simply put, the lack of public access to current, representative datasets significantly hinders the progress of our scientific field. Not having appropriate traces for a study can stall the most promising research. There have been extensive efforts by the community at large to change the status quo by providing collections of public network traces. However, the community?s major push to encourage institutions to release anonymized data has achieved only very limited successes. The risks involved with any release still outweigh the potential benefits in almost all environments. The lack of significant progress in this direction?despite extensive efforts?is an undeniable indication that the community needs a new approach. Towards this end, the PIs are developing in a systematic fashion a scheme that has been used informally numerous times over two decades of network research: rather than bringing the data to the experimenter, bring the experiment to the data. Past studie have packaged up an analysis for execution by somebody external who had the privileges to access network traffic out of our reach. These people crunched the traffic with our scripts and then manually verified that the output did not leak any sensitive information before passing it on to us. The PIs are establishing such mediated trace analysis as a standard approach to empirical network research. The aim is to formalize the process sufficiently to facilitate researchers tapping into a potentially broad pool of providers willing to mediate access to traces for research studies. Several large-scale network environments have already confirmed to us that they consider this model a feasible approach, and are willing to participate. The main challenge to overcome is the burden the process imposes on trace providers and on the research ?development cycle?. The basic tenet is that it possible to greatly improve many of the tedious mediation steps by devising a systematic framework that accounts for the legitimate concerns of providers while reducing their effort to such a degree that it becomes practical for them to provide mediated trace analysis on a routine basis. The key challenge is to automate the common steps of the mediation process without compromising the core requirement of the trace provider maintaining thorough control over the process. Starting with carefully examining the threats that arise, the PIs are devising a formal framework for trace mediations that will include a computational model specifically tailored to the process? unique requirements, along with a powerful suite of tools to provide extensive support for the different elements of the undertaking.The mediation approach has the potential to broadly improve how scientists tackle network measurement studies?both opening up access to a far greater range of empirical data than is currently viable, and instilling a greater degree of scientific rigor into the process of conducting such research. By making empirical data available to many more teams of researchers than occurs today, this work will significantly broaden efforts within the field.

科学的网络研究在很大程度上依赖于对现实世界网络流量的可靠的实证分析。在不了解所提出的机制、增强或新服务将如何与真实的网络和真实的用户交互的情况下，通常不可能稳健地验证所提出的机制、增强或新服务。然而，获得必要的原始测量数据？特别是包括有效载荷的分组跟踪？会非常困难简而言之，缺乏公众对当前代表性数据集的访问，严重阻碍了我们科学领域的进步。没有适当的研究痕迹可能会阻碍最有前途的研究。整个社区已经做出了广泛的努力，通过提供公共网络痕迹的集合来改变现状。然而，社区？美国政府鼓励机构发布匿名数据的主要努力只取得了非常有限的成功。在几乎所有的环境中，任何版本所涉及的风险仍然超过了潜在的好处。在这方面缺乏重大进展？尽管付出了巨大的努力？无可否认，这表明社会需要一种新的做法。为此，PI正在以系统的方式开发一种在20年的网络研究中已被非正式地使用过无数次的方案：不是将数据带给实验者，而是将实验带到数据中。过去的研究已经打包了一个分析，由外部某个有权访问我们无法访问的网络流量的人执行。这些人用我们的脚本处理流量，然后手动验证输出在传递给我们之前没有泄露任何敏感信息。PI正在建立这种中介痕迹分析作为经验网络研究的标准方法。其目的是使这一过程充分正规化，以方便研究人员利用愿意为研究提供痕迹的潜在广泛的供应商。几个大规模的网络环境已经向我们证实，他们认为这种模式是可行的，并愿意参与。要克服的主要挑战是这个过程给追踪提供者和研究带来的负担。发展周期？基本原则是，通过设计一个系统框架，可以大大改善许多繁琐的调解步骤，该框架考虑到提供者的合理关切，同时减少他们的努力，使他们能够在常规基础上提供调解跟踪分析。关键的挑战是在不影响跟踪提供者维护对过程的全面控制的核心需求的情况下，自动化中介过程的公共步骤。从仔细检查出现的威胁开始，PI正在为跟踪中介设计一个正式的框架，其中将包括一个专门为该过程量身定制的计算模型。独特的要求，沿着一套强大的工具，为不同的任务要素提供广泛的支持。中介方法有可能广泛地改善科学家如何处理网络测量研究？这两方面都使人们能够获得比目前可行的范围更广的经验数据，并使进行这种研究的过程具有更高的科学严谨性。通过向比今天更多的研究团队提供经验数据，这项工作将大大拓宽该领域的努力。