Skip to content. | Skip to navigation

Personal tools

This is SunRain Plone Theme


You are here: Home / Publications


Matthias Vallentin, Dominik Charousset, Thomas C. Schmidt, Vern Paxson, Matthias Wählisch,
Native Actors: How to Scale Network Forensics,
In: Proc. of ACM SIGCOMM, Demo Session, p. 141–142, ACM : New York, August 2014.

Abstract: When an organization detects a security breach, it undertakes a forensic analysis to figure out what happened. This investigation involves inspecting a wide range of heterogeneous data sources spanning over a long period of time. The iterative nature of the analysis procedure requires an interactive experience with the data. However, the distributed processing paradigms we find in practice today fail to provide this requirement: the batch-oriented nature of MapReduce cannot deliver sub-second round-trip times, and distributed in-memory processing cannot store the terabytes of activity logs needed to inspect during an incident. We present the design and implementation of Visibility Across Space and Time~(VAST), a distributed database to support interactive network forensics, and libcppa, its exceptionally scalable messaging core. The extended actor framework libcppa enables VAST to distribute lightweight tasks at negligible overhead. In our live demo, we showcase how VAST enables security analysts to grapple with the huge amounts of data often associated with incident investigations.

Themes: Network Security, Distributed Programming


This page generated by bibTOhtml on Sun 21 Jul 00:05:06 CEST 2019

Document Actions

« July 2019 »
Upcoming Events
IETF 105 Jul 20, 2019 - Jul 26, 2019 — Montreal
RIOT Hack'n'ACK (2019/07) Jul 30, 2019 05:00 PM - 11:00 PM — HAW Hamburg, BT7, R4.60
RIOT Hack'n'ACK (2019/08) Aug 27, 2019 05:00 PM - 11:00 PM — HAW Hamburg, BT7, R4.60
Upcoming events…