{"title":"测量的敌人","authors":"V. Paxson","doi":"10.1145/1005686.1005688","DOIUrl":null,"url":null,"abstract":"Many concepts and techniques developed for general Internet measurement have counterparts in the domain of detecting and analyzing network attacks. The task is greatly complicated, however, by the fact that the object of study is adversarial: attackers do not wish to be \"measured\" and will take steps to thwart observation. We look at the far-ranging consequences of this different measurement environment: the analysis difficulties-some fundamental-that arise due to subtle ambiguities in the true semantics of observed traffic; new notions of \"active measurement\"; the highly challenging task of rapidly characterizing Internet-scale pheonmena such as global worm pandemics; the need for detailed application-level analysis and related policy and legal difficulties; attacks that target passive analysis tools; and the inherent \"arms race\" nature of the undertaking.","PeriodicalId":172626,"journal":{"name":"SIGMETRICS '04/Performance '04","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2004-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Measuring adversaries\",\"authors\":\"V. Paxson\",\"doi\":\"10.1145/1005686.1005688\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many concepts and techniques developed for general Internet measurement have counterparts in the domain of detecting and analyzing network attacks. The task is greatly complicated, however, by the fact that the object of study is adversarial: attackers do not wish to be \\\"measured\\\" and will take steps to thwart observation. We look at the far-ranging consequences of this different measurement environment: the analysis difficulties-some fundamental-that arise due to subtle ambiguities in the true semantics of observed traffic; new notions of \\\"active measurement\\\"; the highly challenging task of rapidly characterizing Internet-scale pheonmena such as global worm pandemics; the need for detailed application-level analysis and related policy and legal difficulties; attacks that target passive analysis tools; and the inherent \\\"arms race\\\" nature of the undertaking.\",\"PeriodicalId\":172626,\"journal\":{\"name\":\"SIGMETRICS '04/Performance '04\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2004-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"SIGMETRICS '04/Performance '04\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1005686.1005688\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"SIGMETRICS '04/Performance '04","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1005686.1005688","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Many concepts and techniques developed for general Internet measurement have counterparts in the domain of detecting and analyzing network attacks. The task is greatly complicated, however, by the fact that the object of study is adversarial: attackers do not wish to be "measured" and will take steps to thwart observation. We look at the far-ranging consequences of this different measurement environment: the analysis difficulties-some fundamental-that arise due to subtle ambiguities in the true semantics of observed traffic; new notions of "active measurement"; the highly challenging task of rapidly characterizing Internet-scale pheonmena such as global worm pandemics; the need for detailed application-level analysis and related policy and legal difficulties; attacks that target passive analysis tools; and the inherent "arms race" nature of the undertaking.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
