Visible to the public Leveraging Data Provenance to Enhance Cyber Resilience

TitleLeveraging Data Provenance to Enhance Cyber Resilience
Publication TypeConference Paper
Year of Publication2016
AuthorsMoyer, T., Chadha, K., Cunningham, R., Schear, N., Smith, W., Bates, A., Butler, K., Capobianco, F., Jaeger, T., Cable, P.
Conference Name2016 IEEE Cybersecurity Development (SecDev)
Keywordsbackground information, Computer architecture, cyber resilience, data integrity, data provenance, Databases, Electronic mail, Instruments, Kernel, Linux, pubcrawl, Resiliency, Resilient Security Architectures, secure systems, security of data
Abstract

Building secure systems used to mean ensuring a secure perimeter, but that is no longer the case. Today's systems are ill-equipped to deal with attackers that are able to pierce perimeter defenses. Data provenance is a critical technology in building resilient systems that will allow systems to recover from attackers that manage to overcome the "hard-shell" defenses. In this paper, we provide background information on data provenance, details on provenance collection, analysis, and storage techniques and challenges. Data provenance is situated to address the challenging problem of allowing a system to "fight-through" an attack, and we help to identify necessary work to ensure that future systems are resilient.

URLhttp://ieeexplore.ieee.org/document/7839803/
DOI10.1109/SecDev.2016.034
Citation Keymoyer_leveraging_2016