Overview
Distributed systems have rapidly evolved, from simple
client/server applications in local area networks, to Internet-scale
peer-to-peer networks and large-scale cloud platforms deployed on
thousands of nodes across multiple administrative domains and
geographical areas. Despite of the growing popularity and interests,
designing and deploying distributed systems remain challenging, due to
their ever-increasing scales and the complexity and unpredictability
of the system executions.
Operators of distributed systems often find themselves needing to
answer forensic questions, to perform a variety of managerial tasks
including fault detection, system debugging, accountability
enforcement, and attack analysis. We present NetTrails, a novel
provenance-based approach that provides the fundamental functionality
required for answering such forensic questions -- the capability to
"explain" the existence (or change) of a certain distributed system
state at a given time in a potentially adversarial environment.
The NetTrails project makes
several contributions,
including distributed provenance maintenance and querying, secure
provenance support in dynamic and adversarial environments, and a
visualization toolkit that allows users to explore and understand
provenance in an interactive manner.
Code Release
An initial prototype of NetTrails has been developed using the RapidNet declarative networking system. This release includes support for Network Provenance [NetDB08, SIGMOD10]. Source code is available at download.