DOCSLIB.ORG

D8.5 Data Provenance and Tracing for Environmental Sciences: System Design

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
D8.5 Data Provenance and Tracing for Environmental Sciences: System Design ENVRIplus DELIVERABLE D8.5 Data provenance and tracing for environmental sciences: system design WORK PACKAGE 8 – Data Curation and Cataloging LEADING BENEFICIARY: Umweltbundesamt GmbH (Environment Agency Austria) Author(s): Beneficiary/Institution Barbara Magagna Umweltbundesamt GmbH (EAA) Doron Goldfarb Umweltbundesamt GmbH (EAA) Paul Martin UvA Frank Toussaint, Stephan Kindermann DKRZ Malcolm Atkinson University of Edinburgh Keith Jeffery NERC Margareta Hellström Lund University Markus Fiebig NILU Abraham Nieva de la Hidalga University of Cardiff Alessandro Spinuso KNMI Accepted by: Keith Jeffery (WP 8 leader) Deliverable type: [REPORT] Dissemination level: PUBLIC A document of ENVRIplus project - www.envri.eu/envriplus 1 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 654182 Deliverable due date: 30.04.2018/M36 Actual Date of Submission: 30.04.2018/M36 2 ABSTRACT This deliverable reports the group efforts of Working Package 8 Task T8.3 on Inter RI data provenance and trace services during M24-36. Project internal reviewer(s): Project internal reviewer(s): Beneficiary/Institution Markus Stocker Technische Informationsbibliothek (TIB) Robert Huber UniHB Document history: Date Version 16th April 2018 Draft for comments 26th April 2018 Corrected version 28th April 2018 Accepted by Keith Jeffery DOCUMENT AMENDMENT PROCEDURE Amendments, comments and suggestions should be sent to the author (Barbara Magagna [email protected]) TERMINOLOGY A complete project glossary is provided online here: https://envriplus.manageprojects.com/s/text-documents/LFCMXHHCwS5hh PROJECT SUMMARY ENVRIplus is a Horizon 2020 project bringing together Environmental and Earth System Research Infrastructures, projects and networks together with technical specialist partners to create a more coherent, interdisciplinary and interoperable cluster of Environmental Research Infrastructures across Europe. It is driven by three overarching goals: 1) promoting cross- fertilization between infrastructures, 2) implementing innovative concepts and devices across RIs, and 3) facilitating research and innovation in the field of environment for an increasing number of users outside the RIs. ENVRIplus aligns its activities to a core strategic plan where sharing multi-disciplinary expertise will be most effective. The project aims to improve Earth observation monitoring systems and strategies, including actions to improve harmonization and innovation, and generate common solutions to many shared information technology and data related challenges. It also seeks to 3 harmonize policies for access and provide strategies for knowledge transfer amongst RIs. ENVRIplus develops guidelines to enhance transdisciplinary use of data and data-products supported by applied use-cases involving RIs from different domains. The project coordinates actions to improve communication and cooperation, addressing Environmental RIs at all levels, from management to end-users, implementing RI-staff exchange programs, generating material for RI personnel, and proposing common strategic developments and actions for enhancing services to users and evaluating the socio-economic impacts. ENVRIplus is expected to facilitate structuration and improve quality of services offered both within single RIs and at the pan-RI level. It promotes efficient and multi-disciplinary research offering new opportunities to users, new tools to RI managers and new communication strategies for environmental RI communities. The resulting solutions, services and other project outcomes are made available to all environmental RI initiatives, thus contributing to the development of a coherent European RI ecosystem. 4 TABLE OF CONTENTS 1 Introduction 10 1.1 Motivation 10 1.2 Task description 10 1.3 Activities in the task 11 1.4 Layout 11 2 Background 12 2.1 Definition and demarcation 12 2.1.1 Historic provenance principles 12 2.1.2 Definition 12 2.1.3 Provenance and metadata 13 2.1.4 Provenance and logs 13 2.2 Basic aspects on provenance 13 2.2.1 Referable object 13 2.2.2 Uses of provenance 14 2.2.3 Provenance life cycle 15 2.2.4 Types of provenance information 15 2.2.5 Challenges 16 2.3 Technology review 17 2.3.1 Provenance for manual processes 18 2.3.2 Provenance for automated processes 19 2.3.3 Provenance data management, discovery and retrieval 23 2.3.4 Provenance visualization 24 2.4 Provenance models 27 2.4.1 Open Provenance Model (OPM) 27 2.4.2 PROV 28 2.4.3 Provenir 33 2.4.4 P-PLAN 33 2.4.5 OPMW 34 2.4.6 ProvONE 35 2.4.7 PROV-Wf 35 2.4.8 S-PROV 36 2.4.9 W4Ever models 37 2.4.10 CERIF 41 2.4.11 Blockchain 42 5 2.4.12 CKAN 42 2.5 Provenance related initiatives 42 2.5.1 The DataONE perspective 42 2.5.2 The ESIP perspective 44 2.5.3 The RDA perspective 45 3 ENVRIplus provenance requirements 46 3.1 Methodology 46 3.2 Requirements and use cases background 47 3.2.1 Definitions 47 3.2.2 RDA Provenance Use Cases 48 3.2.3 Provenance Incubator Group requirements 48 3.2.4 Process for requirements and use case collection 49 3.2.4.1 First requirements gathering (2015/2016) 49 3.2.4.2 Second requirements and use case gathering (2018) 50 3.3 Synopsis on ENVRIplus provenance needs 51 3.3.1 Provenance needs specified for each individual RI 51 3.3.2 Synopsis on use cases 59 3.3.3 ENVRIplus use cases to be included as new Use Cases in the PPD 59 3.3.4 Synopsis on requirements 60 4 Best practices and implementations 60 4.1 RDA Provenance Patterns 60 4.2 EPOS 61 4.2.1 EPOS data lifecycle 61 4.2.2 VERCE 62 4.2.3 S-ProvFlow 64 4.3 IS-ENES 66 4.3.1 Scientific background and application domain 66 4.3.2 ENES data life cycle 67 4.3.3 Use case: data typing in CMIP6 69 4.3.4 IS-ENES provenance support roadmap 71 5 Provenance related ENVRIPLUS Implementation Cases 71 5.1 Provenance-related issues in (dynamic) data identification 71 5.1.1 Dynamic data 71 5.1.2 Subsets and collections 72 5.2 Connecting the particle formation research community to research infrastructure 73 6 5.2.1 Short description 73 5.2.2 Problems 75 5.2.3 Implementation 75 5.2.4 Provenance 75 5.2.5 Discussion and Conclusion 76 5.3 Quantitative Accounting of Open Data Use 76 5.3.1 Objective 77 5.3.2 Achievements 77 5.3.3 Next Steps 78 5.4 Data acquisition aspects of LTER data life cycle expressed in PROV-O 78 5.4.1 Data collection 79 5.4.1.1 Sensor based data collection 79 5.4.1.2 Observation based data collection 80 5.4.1.3 Sample based data collection 81 5.4.2 Data transfer, storage and query/file export 84 5.4.2.1 Import of datasets into central DB 84 5.4.2.2 Creating datasets for export 85 5.4.3 Data upload/export to EUDAT B2Share 85 5.4.4 Lessons learned from modeling LTER Data Life Cycle with PROV 86 6 Recommendations 87 6.1 Provenance in the ENVRI RM 87 6.2 Provenance and semantic linking 89 6.3 Provenance and the ENVRI architecture 90 6.4 Provenance in the longer term 92 6.4.1 A fundamental transition 92 6.4.2 Enabling professional judgement and responsibility 94 6.4.3 Incrementally introducing pervasive provenance 95 6.4.4 Architectural interdependencies 96 6.4.5 Professional groups and modes of working 98 6.4.6 Pervasive Persistent Provenance (P3) 100 6.4.7 Functions 102 6.4.8 Uses 102 6.4.9 Summary and implications 106 7 REFERENCES 107 8 APPENDIX A. PROVENANCE REQUIREMENTS TEMPLATE 114 7 8.1 Template for use cases and requirements 114 8 EXECUTIVE SUMMARY D8.5 Data provenance and tracing for environmental sciences: system design CONTENT OF DOCUMENT What the reader of this report can expect is listed below: Definition and demarcation A description of relevant aspects of provenance management Challenges related to provenance A review of the latest technologies for data provenance An overview on existing standards and provenance models A description of international initiatives on provenance A collection of requirements and use cases of ENVRI Research Infrastructures Bringing this collection in relation to requirements and use cases of other initiatives A description of provenance practices of two ENVRI Research Infrastructures A description of ENVRI provenance related implementation cases How provenance relates to the ENVRI Reference Model and the OIL-E ontology How provenance relates to the ENVRI architecture A long term perspective on provenance 9 1 INTRODUCTION The main objective of the T8.3 “Inter RI data provenance and trace services” is to provide an overview of common standards and best practices related to data provenance management and to increase the scientists’ awareness of the benefit of proper provenance information. 1.1 Motivation Provenance has – over the last decade – gained some prominence in academic discussions surrounding curation, cataloguing and system architecture. There is a broad consensus that provenance is central to the requirement that scientific research should be reproducible. Yet only a few Research Infrastructures (RIs) have implemented provenance services or embedded tools in their system architecture. Data (but not only, also software versions, workflows, etc,) are useful if accompanied by context on how they are captured, processed, analyzed, and validated and other relevant information that enables interpretation and use. This is what provenance is about. For users of data, the scientific basis of their analysis relies to a great extent on the credibility and trustworthiness of their input data. For publishers of data, the provision of provenance as part of their cited data is crucial for scholarship and reproducibility.
Load more

Recommended publications
  • Provenance Data in Social Media
    Series ISSN: 2151-0067 • GUNDECHA •LIUBARBIER • FENG DATA INSOCIAL MEDIA PROVENANCE SYNTHESIS LECTURES ON M Morgan & Claypool Publishers DATA MINING AND KNOWLEDGE DISCOVERY &C Series Editors: Jiawei Han, University of Illinois at Urbana-Champaign, Lise Getoor, University of Maryland, Wei Wang, University of North Carolina, Chapel Hill, Johannes Gehrke, Cornell University, Robert Grossman, University of Illinois at Chicago Provenance Data Provenance Data in Social Media Geoffrey Barbier, Air Force Research Laboratory Zhuo Feng, Arizona State University in Social Media Pritam Gundecha, Arizona State University Huan Liu, Arizona State University Social media shatters the barrier to communicate anytime anywhere for people of all walks of life. The publicly available, virtually free information in social media poses a new challenge to consumers who have to discern whether a piece of information published in social media is reliable. For example, it can be difficult to understand the motivations behind a statement passed from one user to another, without knowing the person who originated the message. Additionally, false information can be propagated through social media, resulting in embarrassment or irreversible damages. Provenance data associated with a social media statement can help dispel rumors, clarify opinions, and confirm facts. However, Geoffrey Barbier provenance data about social media statements is not readily available to users today. Currently, providing this data to users requires changing the social media infrastructure or offering subscription services. Zhuo Feng Taking advantage of social media features, research in this nascent field spearheads the search for a way to provide provenance data to social media users, thus leveraging social media itself by mining it for the Pritam Gundecha provenance data.
    [Show full text]
  • FATF Guidance Politically Exposed Persons (Recommendations 12 and 22)
    FATF GUIDANCE POLITICALLY EXPOSED PERSONS (recommendations 12 and 22) June 2013 FINANCIAL ACTION TASK FORCE The Financial Action Task Force (FATF) is an independent inter-governmental body that develops and promotes policies to protect the global financial system against money laundering, terrorist financing and the financing of proliferation of weapons of mass destruction. The FATF Recommendations are recognised as the global anti-money laundering (AML) and counter-terrorist financing (CFT) standard. For more information about the FATF, please visit the website: www.fatf-gafi.org © 2013 FATF/OECD. All rights reserved. No reproduction or translation of this publication may be made without prior written permission. Applications for such permission, for all or part of this publication, should be made to the FATF Secretariat, 2 rue André Pascal 75775 Paris Cedex 16, France (fax: +33 1 44 30 61 37 or e-mail: [email protected]). FATF GUIDANCE POLITICALLY EXPOSED PERSONS (RECOMMENDATIONS 12 AND 22) CONTENTS ACRONYMS ..................................................................................................................................................... 2 I. INTRODUCTION .................................................................................................................................... 3 II. DEFINITIONS ......................................................................................................................................... 4 III. THE RELATIONSHIP BETWEEN RECOMMENDATIONS 10 (CUSTOMER DUE DILIGENCE)
    [Show full text]
  • Guides to German Records Microfilmed at Alexandria, Va
    GUIDES TO GERMAN RECORDS MICROFILMED AT ALEXANDRIA, VA. No. 32. Records of the Reich Leader of the SS and Chief of the German Police (Part I) The National Archives National Archives and Records Service General Services Administration Washington: 1961 This finding aid has been prepared by the National Archives as part of its program of facilitating the use of records in its custody. The microfilm described in this guide may be consulted at the National Archives, where it is identified as RG 242, Microfilm Publication T175. To order microfilm, write to the Publications Sales Branch (NEPS), National Archives and Records Service (GSA), Washington, DC 20408. Some of the papers reproduced on the microfilm referred to in this and other guides of the same series may have been of private origin. The fact of their seizure is not believed to divest their original owners of any literary property rights in them. Anyone, therefore, who publishes them in whole or in part without permission of their authors may be held liable for infringement of such literary property rights. Library of Congress Catalog Card No. 58-9982 AMERICA! HISTORICAL ASSOCIATION COMMITTEE fOR THE STUDY OP WAR DOCUMENTS GUIDES TO GERMAN RECOBDS MICROFILMED AT ALEXAM)RIA, VA. No* 32» Records of the Reich Leader of the SS aad Chief of the German Police (HeiehsMhrer SS und Chef der Deutschen Polizei) 1) THE AMERICAN HISTORICAL ASSOCIATION (AHA) COMMITTEE FOR THE STUDY OF WAE DOCUMENTS GUIDES TO GERMAN RECORDS MICROFILMED AT ALEXANDRIA, VA* This is part of a series of Guides prepared
    [Show full text]
  • FDA DSCSA: Blockchain Interoperability Pilot Project Report
    FDA DSCSA Blockchain Interoperability Pilot Project Report February, 2020 0 FDA DSCSA Blockchain Interoperability Pilot Report Table of Contents Content Page Number Executive Summary 2 Overview 4 Blockchain Benefits 5 Solution Overview 6 Results and Discussion 7 Test Results 7 Blockchain Evaluation and Governance 8 Value Beyond Compliance 9 Future Considerations and Enhancements 9 Appendix 10 Acknowledgements 11 Definitions 12 Serialization and DSCSA Background 13 DSCSA Industry Challenges 14 Blockchain Benefits Expanded 15 Solution Approach and Design 16 Functional Requirements 17 User Interactions 22 Solution Architecture 26 Solution Architecture Details 27 Solution Testing 31 List of Tables and Figures 33 Disclaimers and Copyrights 34 1 FDA DSCSA Blockchain Interoperability Pilot Report Executive Summary (Page 1 of 2) With almost half of the United States population taking prescription medications for various ailments and medical conditions1; an increase in the number of aging Americans projected to nearly double from 52 million in 2018 to 95 million by 20602; and adoption of new federal laws3, there is a significant opportunity and need to enhance transparency and trust in an increasingly complex pharmaceutical supply chain4. With these factors as a backdrop, the Drug Supply Chain Security Act (DSCSA) was signed into law in 2013, with the intention to allow the pharmaceutical trading partners to collaborate on improving patient safety. The law outlines critical steps to build an electronic, interoperable system by November 27, 2023, where members of the pharmaceutical supply chain are required to verify, track and trace prescription drugs as they are distributed in the United States. Various organizations and government entities collaborate to ensure medications are safe, efficacious and are produced using the highest quality ingredients.
    [Show full text]
  • Fine-Grained Provenance for Linear Algebra Operators
    Fine-grained provenance for linear algebra operators Zhepeng Yan Val Tannen Zachary G. Ives University of Pennsylvania fzhepeng, val, [email protected] Abstract A u v Provenance is well-understood for relational query operators. In- x B C I 0 creasingly, however, data analytics is incorporating operations ex- pressed through linear algebra: machine learning operations, net- work centrality measures, and so on. In this paper, we study prove- y D E 0 I nance information for matrix data and linear algebra operations. Sx Sy Our core technique builds upon provenance for aggregate queries and constructs a K−semialgebra. This approach tracks prove- I 0 Tu nance by annotating matrix data and propagating these annotations I = iden'ty matrix through linear algebra operations. We investigate applications in 0 = zero matrix matrix inversion and graph analysis. 0 I Tv 1. Introduction For many years, data provenance was modeled purely as graphs Figure 1. Provenance partitioning and its selectors capturing dataflows among “black box” operations: this repre- sentation is highly flexible and general, and has ultimately led erations such as addition, multiplication and inversion. We show to the PROV-DM standard. However, the database community building blocks towards applications in principal component anal- has shown that fine-grained provenance with “white-box” oper- ysis (PCA), frequently used for dimensionality reduction, and in ations [3] (specifically, for relational algebra operations) enables computing PageRank-style scores over network graphs. richer reasoning about the relationship between derived results and data provenance. The most general model for relational algebra queries, provenance semirings [7, 1], ensures that equivalent re- 2.
    [Show full text]
  • Investigation Into the Provenance of the Chassis Owned by Bruce Linsmeyer
    Investigation into the provenance of the chassis owned by Bruce Linsmeyer Conducted by Michael Oliver November 2011-August 2012 1 Contents Contents .................................................................................................................................................. 2 Summary ................................................................................................................................................. 3 Introduction ............................................................................................................................................ 4 Background ............................................................................................................................................. 5 Design, build and development .............................................................................................................. 6 The month of May ................................................................................................................................ 11 Lotus 56/1 - Qualifying ...................................................................................................................... 12 56/3 and 56/4 - Qualifying ................................................................................................................ 13 The 1968 Indy 500 Race ........................................................................................................................ 14 Lotus 56/1 – Race-day livery ............................................................................................................
    [Show full text]
  • Ten Years of Provenance Trials and Application of Multivariate Random Forests Predicted the Most Preferable Seed Source for Silv
    Article Ten Years of Provenance Trials and Application of Multivariate Random Forests Predicted the Most Preferable Seed Source for Silviculture of Abies sachalinensis in Hokkaido, Japan Ikutaro Tsuyama 1,*, Wataru Ishizuka 2 , Keiko Kitamura 1, Haruhiko Taneda 3 and Susumu Goto 4 1 Hokkaido Research Center, Forestry and Forest Products Research Institute, 7 Hitsujigaoka, Toyohira, Sapporo, Hokkaido 062-8516, Japan; [email protected] 2 Forestry Research Institute, Hokkaido Research Organization, Koushunai, Bibai, Hokkaido 079-0198, Japan; [email protected] 3 Department of Biological Sciences, Graduate School of Science, The University of Tokyo, 7-3-1, Hongo, Bunkyo, Tokyo 113-0033, Japan; [email protected] 4 Education and Research Center, The University of Tokyo Forests, Graduate School of Agricultural and Life Sciences, The University of Tokyo, 1-1-1 Yayoi, Bunkyo-ku, Tokyo 113-8657, Japan; [email protected] * Correspondence: [email protected] Received: 10 August 2020; Accepted: 27 September 2020; Published: 30 September 2020 Abstract: Research highlights: Using 10-year tree height data obtained after planting from the range-wide provenance trials of Abies sachalinensis, we constructed multivariate random forests (MRF), a machine learning algorithm, with climatic variables. The constructed MRF enabled prediction of the optimum seed source to achieve good performance in terms of height growth at every planting site on a fine scale. Background and objectives: Because forest tree species are adapted to the local environment, local seeds are empirically considered as the best sources for planting. However, in some cases, local seed sources show lower performance in height growth than that showed by non-local seed sources.
    [Show full text]
  • Evaluation of International Provenance Trials of Casuarina Equisetifolia
    ACRC100.book Page 1 Wednesday, June 23, 2004 1:42 PM Evaluation of International Provenance Trials of Casuarina equisetifolia K. Pinyopusarerk, A. Kalinganire, E.R. Williams and K.M. Aken Australian Tree Seed Centre CSIRO Forestry and Forest Products PO Box E4008 Kingston ACT 2604 Australia Australian Centre for International Agricultural Research Canberra 2004 Evaluation of international provenance trials of Casuarina equisetifolia K. Pinyopusarerk, A. Kalinganire, E.R. Williams and K.M. Aken ACIAR Technical Reports No 58e (printed version published in 2004) ACRC100.book Page 2 Wednesday, June 23, 2004 1:42 PM The Australian Centre for International Agricultural Research (ACIAR) was established in June 1982 by an Act of the Australian Parliament. Its mandate is to help identify agricultural problems in developing coun- tries and to commission collaborative research between Australia and developing country researchers in fields where Australia has a special research competence. Where trade names are used this constitutes neither endorsement of nor discrimination against any product by the Centre. ACIAR TECHNICAL REPORTS SERIES This series of publications contains technical information resulting from ACIAR-supported programs, projects and workshops (for which proceedings are not being published), reports on Centre-supported fact-finding studies, or reports on other useful topics resulting from ACIAR activities. Publications in the series are distributed internationally to a selected audience. © Australian Centre for International Agricultural Research, GPO Box 1571, Canberra, ACT 2601 K. Pinyopusarerk, A. Kalinganire, E.R. Williams and K.M. Aken 2004. Evaluation of international provenance trials of Casuarina equisetifolia. ACIAR Technical Report No. 58, 106p. ISBN 1 86320 440 7 (printed) ISBN 1 86320 441 5 (online) Cover design: Design One Solutions Cover photo by K.
    [Show full text]
  • Quercus Lobata Née) at Two California Sites1
    Establishing a Range-Wide Provenance Test in Valley Oak (Quercus lobata Née) at 1 Two California Sites 2 3 4 Annette Delfino Mix, Jessica W. Wright, Paul F. Gugger, 5 6 Christina Liang, and Victoria L. Sork Abstract We present the methods used to establish a provenance test in valley oak, Quercus lobata. Nearly 11,000 acorns were planted and 88 percent of those germinated. The resulting seedlings were measured after 1 and 2 years of growth, and were outplanted in the field in the winter of 2014-2015. This test represents a long-term resource for both research and conservation. Key words: Provenance tests, Quercus lobata, valley oak Introduction We set out to establish a long-term provenance test of valley oak (Quercus lobata) collected from across the species range. Provenance tests are designed to compare survival and growth (plus other morphological and phenological traits) among trees sampled from different parts of the species range (Mátyás 1996). By having different sources grown in a common environment, we are able to look at how different sources perform in a novel climate, and how they might respond to climate change (Aitken and others 2008). This study has a multitude of goals, from very practical management questions on how to source seeds for ecological restoration projects involving oaks, to very detailed ecological genomic studies. Our collecting and plant propagating methods were developed with a standard quantitative genetic analysis in mind (with plans for genomic analyses as well in the future). Here we outline the methods used to establish a provenance test of Quercus lobata trees in California, and we present some very early results from the study.
    [Show full text]
  • Tree Improvement at Species and Provenance Level
    Tree improvement at species and provenance level Pedersen, Anders P.; Olesen, Kirsten; Graudal, Lars Ole Visti Publication date: 1993 Document version Publisher's PDF, also known as Version of record Citation for published version (APA): Pedersen, A. P., Olesen, K., & Graudal, L. O. V. (1993). Tree improvement at species and provenance level. Danida Forest Seed Centre. Lecture Note D-3 Download date: 23. Sep. 2021 LECTURE NOTE D-3 - JUNE 1993 TREE IMPROVEMENT AT SPECIES AND PROVENANCE LEVEL compiled by Anders P. Pedersen, Kirsten Olesen and Lars Graudal Titel Tree improvement at species and provenance level Authors Anders P. Pedersen, Kirsten Olesen and Lars Graudal Publisher Danida Forest Seed Centre Series - title and no. Lecture Note D-3 DTP Melita Jørgensen Citation Pedersen, A.P., Kirsten Olesen and Lars Graudal. 1993. Identification, establishment and management of seed sources. Lecture Note D-3. Danida Forest Seed Centre, Humlebaek, Denmark. Citation allowed with clear source indication Written permission is required if you wish to use Forest & Landscape's name and/or any part of this report for sales and advertising purposes. The report is available free of charge [email protected] Electronic Version www.SL.kvl.dk CONTENTS 1. INTRODUCTION 1 2. DEFINITIONS 2 3. SELECTION 2 3.1 Preparatory Considerations for Selection 2 3.2 Selection Criteria 4 4. TESTING 5 4.1 Species Trials 5 4.2 Simple Designs of Species Trials 5 4.3 Provenance Trials 7 4.4 Experimental Sites 8 4.5 Outline of Species and Provenance Trials 10 5. USE OF TRIAL RESULTS 11 6.
    [Show full text]
  • High Accuracy Attack Provenance Via Binary-Based Execution Partition
    High Accuracy Attack Provenance via Binary-based Execution Partition KyuHyungLee XiangyuZhang DongyanXu Department of Computer Science and CERIAS, Purdue University, West Lafayette, IN 47907, USA {kyuhlee,xyzhang,dxu}@cs.purdue.edu Abstract—An important aspect of cyber attack forensics is to access is identified as the initial step of the attack, it is still understand the provenance of suspicious events, as it discloses difficult to pin-point the culprit email. the root cause and ramifications of cyber attacks. Traditionally, Most causal analysis techniques use logging to record this is done by analyzing audit log. However, the presence of long running programs makes a live process receiving a large important events during system execution and then correlate volume of inputs and produce many outputs and each output these events during investigation. The logging of events can may be causally related to all the preceding inputs, leading be at the network (e.g. messages being sent or received), to dependence explosion and making attack investigations OS (e.g. system calls), or program (e.g. memory reads and almost infeasible. We observe that a long running execution writes) level. However, many existing logging techniques can be partitioned into individual units by monitoring the execution of the program’s event-handling loops, with each are too coarse-grained by attributing events to individual iteration corresponding to the processing of an independent processes. For example, system call logging-based tech- input/request. We reverse engineer such loops from application niques (e.g., [18], [15]) treat processes as subjects and files, binaries. We also reverse engineer instructions that could sockets, and other passive entities as objects.
    [Show full text]
  • Numb3rs Episode Guide Episodes 001–118
    Numb3rs Episode Guide Episodes 001–118 Last episode aired Friday March 12, 2010 www.cbs.com c c 2010 www.tv.com c 2010 www.cbs.com c 2010 www.redhawke.org c 2010 vitemo.com The summaries and recaps of all the Numb3rs episodes were downloaded from http://www.tv.com and http://www. cbs.com and http://www.redhawke.org and http://vitemo.com and processed through a perl program to transform them in a LATEX file, for pretty printing. So, do not blame me for errors in the text ^¨ This booklet was LATEXed on June 28, 2017 by footstep11 with create_eps_guide v0.59 Contents Season 1 1 1 Pilot ...............................................3 2 Uncertainty Principle . .5 3 Vector ..............................................7 4 Structural Corruption . .9 5 Prime Suspect . 11 6 Sabotage . 13 7 Counterfeit Reality . 15 8 Identity Crisis . 17 9 Sniper Zero . 19 10 Dirty Bomb . 21 11 Sacrifice . 23 12 Noisy Edge . 25 13 Man Hunt . 27 Season 2 29 1 Judgment Call . 31 2 Bettor or Worse . 33 3 Obsession . 37 4 Calculated Risk . 39 5 Assassin . 41 6 Soft Target . 43 7 Convergence . 45 8 In Plain Sight . 47 9 Toxin............................................... 49 10 Bones of Contention . 51 11 Scorched . 53 12 TheOG ............................................. 55 13 Double Down . 57 14 Harvest . 59 15 The Running Man . 61 16 Protest . 63 17 Mind Games . 65 18 All’s Fair . 67 19 Dark Matter . 69 20 Guns and Roses . 71 21 Rampage . 73 22 Backscatter . 75 23 Undercurrents . 77 24 Hot Shot . 81 Numb3rs Episode Guide Season 3 83 1 Spree .............................................
    [Show full text]