Data provenance collects comprehensive information about the events and operations in a computer system at both application and system levels. It provides a detailed and accurate history of transactions that help delineate the data flow scenario across the whole system. Data provenance helps achieve system resilience by uncovering several malicious attack traces after a system compromise that are leveraged by the analyzer to understand the attack behavior and discover the level of damage. Existing literature demonstrates a number of research efforts on information capture, management, and analysis of data provenance. In recent years, provenance in IoT devices attracts several research efforts because of the proliferation of commodity IoT devices. In this survey paper, we present a comparative study of the state-of-the-art approaches to provenance by classifying them based on frameworks, deployed techniques, and subjects of interest. We also discuss the emergence and scope of data provenance in IoT networks. Finally, we present the urgency in several directions that data provenance needs to pursue, including data management and analysis.
翻译:数据出处有助于在分析者利用系统妥协办法发现若干恶意攻击痕迹,从而实现系统的复原力。现有文献表明,在信息采集、管理和数据出处分析方面进行了一些研究努力。近年来,IoT装置的出处由于商品IoT装置的扩散而吸引了若干项研究工作。我们在本调查文件中根据框架、部署技术和感兴趣的主题对其进行分类,从而比较了最先进的出处方法。我们还讨论了IoT网络中数据出处的出现和范围。最后,我们从几个方面说明了数据出处需要追求的迫切性,包括数据管理和分析。