PRONET: Network trust assessment based on incomplete provenance

Kannan Govindan; Xinlei Wang; Maifi Khan; Gulustan Dogan; Kai Zeng; Gerald M. Powell; Ted Brown; Tarekh Abdelzaher; Prasant Mohapatra

doi:10.1109/MILCOM.2011.6127466

PRONET: Network trust assessment based on incomplete provenance

Kannan Govindan, Xinlei Wang, Maifi Khan, Gulustan Dogan, Kai Zeng, Gerald M. Powell, Ted Brown, Tarekh Abdelzaher, Prasant Mohapatra

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

This paper presents a tool ProNet, that is used to obtain the network trust based on incomplete provenance. We consider a multihop scenario where a set of source nodes observe an event and disseminate their observations as an information item through a multihop path to the command center. Nodes are assumed to embed their provenance details on the information content. Received provenance may not be complete at the command center due to attackers dropping provenance or the unavailability of provenance. We design ProNet, a tool which is at the command center that acts on the received information item to determine the information trust, node-level trust and sequence-level trust. ProNet contains three steps. In the first step it reconstructs the complete provenance details of received information from the available provenance. In the second step it employs a data classification scheme to classify the data into a good and bad pool. In the third step it employs pattern mining on the reconstructed provenance of bad data pools to determine the frequently appearing node and node sequence. This frequent appearance will quantify the trust level of nodes and node sequence. Now an information quality/trust level of newly received information can be determined based on the occurrences of these node/sequence patterns on the provenance data. We provide a detailed analysis on false positive and false negatives.

Original language	English (US)
Title of host publication	2010 Military Communications Conference, MILCOM 2010
Pages	1213-1218
Number of pages	6
DOIs	https://doi.org/10.1109/MILCOM.2011.6127466
State	Published - 2011
Event	2011 IEEE Military Communications Conference, MILCOM 2011 - Baltimore, MD, United States Duration: Nov 7 2011 → Nov 10 2011

Publication series

Name	Proceedings - IEEE Military Communications Conference MILCOM

Other

Other	2011 IEEE Military Communications Conference, MILCOM 2011
Country/Territory	United States
City	Baltimore, MD
Period	11/7/11 → 11/10/11

ASJC Scopus subject areas

Electrical and Electronic Engineering

Online availability

10.1109/MILCOM.2011.6127466

Library availability

Discover UIUC Full Text

Cite this

Govindan, K., Wang, X., Khan, M., Dogan, G., Zeng, K., Powell, G. M., Brown, T., Abdelzaher, T., & Mohapatra, P. (2011). PRONET: Network trust assessment based on incomplete provenance. In 2010 Military Communications Conference, MILCOM 2010 (pp. 1213-1218). Article 6127466 (Proceedings - IEEE Military Communications Conference MILCOM). https://doi.org/10.1109/MILCOM.2011.6127466

Govindan, K, Wang, X, Khan, M, Dogan, G, Zeng, K, Powell, GM, Brown, T, Abdelzaher, T & Mohapatra, P 2011, PRONET: Network trust assessment based on incomplete provenance. in 2010 Military Communications Conference, MILCOM 2010., 6127466, Proceedings - IEEE Military Communications Conference MILCOM, pp. 1213-1218, 2011 IEEE Military Communications Conference, MILCOM 2011, Baltimore, MD, United States, 11/7/11. https://doi.org/10.1109/MILCOM.2011.6127466

@inproceedings{60bbcda115ae43a9915c2b8caea87828,

title = "PRONET: Network trust assessment based on incomplete provenance",

abstract = "This paper presents a tool ProNet, that is used to obtain the network trust based on incomplete provenance. We consider a multihop scenario where a set of source nodes observe an event and disseminate their observations as an information item through a multihop path to the command center. Nodes are assumed to embed their provenance details on the information content. Received provenance may not be complete at the command center due to attackers dropping provenance or the unavailability of provenance. We design ProNet, a tool which is at the command center that acts on the received information item to determine the information trust, node-level trust and sequence-level trust. ProNet contains three steps. In the first step it reconstructs the complete provenance details of received information from the available provenance. In the second step it employs a data classification scheme to classify the data into a good and bad pool. In the third step it employs pattern mining on the reconstructed provenance of bad data pools to determine the frequently appearing node and node sequence. This frequent appearance will quantify the trust level of nodes and node sequence. Now an information quality/trust level of newly received information can be determined based on the occurrences of these node/sequence patterns on the provenance data. We provide a detailed analysis on false positive and false negatives.",

author = "Kannan Govindan and Xinlei Wang and Maifi Khan and Gulustan Dogan and Kai Zeng and Powell, {Gerald M.} and Ted Brown and Tarekh Abdelzaher and Prasant Mohapatra",

year = "2011",

doi = "10.1109/MILCOM.2011.6127466",

language = "English (US)",

isbn = "9781467300810",

series = "Proceedings - IEEE Military Communications Conference MILCOM",

pages = "1213--1218",

booktitle = "2010 Military Communications Conference, MILCOM 2010",

note = "2011 IEEE Military Communications Conference, MILCOM 2011 ; Conference date: 07-11-2011 Through 10-11-2011",

}

TY - GEN

T1 - PRONET

T2 - 2011 IEEE Military Communications Conference, MILCOM 2011

AU - Govindan, Kannan

AU - Wang, Xinlei

AU - Khan, Maifi

AU - Dogan, Gulustan

AU - Zeng, Kai

AU - Powell, Gerald M.

AU - Brown, Ted

AU - Abdelzaher, Tarekh

AU - Mohapatra, Prasant

PY - 2011

Y1 - 2011

N2 - This paper presents a tool ProNet, that is used to obtain the network trust based on incomplete provenance. We consider a multihop scenario where a set of source nodes observe an event and disseminate their observations as an information item through a multihop path to the command center. Nodes are assumed to embed their provenance details on the information content. Received provenance may not be complete at the command center due to attackers dropping provenance or the unavailability of provenance. We design ProNet, a tool which is at the command center that acts on the received information item to determine the information trust, node-level trust and sequence-level trust. ProNet contains three steps. In the first step it reconstructs the complete provenance details of received information from the available provenance. In the second step it employs a data classification scheme to classify the data into a good and bad pool. In the third step it employs pattern mining on the reconstructed provenance of bad data pools to determine the frequently appearing node and node sequence. This frequent appearance will quantify the trust level of nodes and node sequence. Now an information quality/trust level of newly received information can be determined based on the occurrences of these node/sequence patterns on the provenance data. We provide a detailed analysis on false positive and false negatives.

AB - This paper presents a tool ProNet, that is used to obtain the network trust based on incomplete provenance. We consider a multihop scenario where a set of source nodes observe an event and disseminate their observations as an information item through a multihop path to the command center. Nodes are assumed to embed their provenance details on the information content. Received provenance may not be complete at the command center due to attackers dropping provenance or the unavailability of provenance. We design ProNet, a tool which is at the command center that acts on the received information item to determine the information trust, node-level trust and sequence-level trust. ProNet contains three steps. In the first step it reconstructs the complete provenance details of received information from the available provenance. In the second step it employs a data classification scheme to classify the data into a good and bad pool. In the third step it employs pattern mining on the reconstructed provenance of bad data pools to determine the frequently appearing node and node sequence. This frequent appearance will quantify the trust level of nodes and node sequence. Now an information quality/trust level of newly received information can be determined based on the occurrences of these node/sequence patterns on the provenance data. We provide a detailed analysis on false positive and false negatives.

UR - http://www.scopus.com/inward/record.url?scp=84863050414&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84863050414&partnerID=8YFLogxK

U2 - 10.1109/MILCOM.2011.6127466

DO - 10.1109/MILCOM.2011.6127466

M3 - Conference contribution

AN - SCOPUS:84863050414

SN - 9781467300810

T3 - Proceedings - IEEE Military Communications Conference MILCOM

SP - 1213

EP - 1218

BT - 2010 Military Communications Conference, MILCOM 2010

Y2 - 7 November 2011 through 10 November 2011

ER -

PRONET: Network trust assessment based on incomplete provenance

Abstract

Publication series

Other

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this