High-throughput Ingest of Provenance Records into Accumulo
Thomas Moyer, Vijay Gadepally
TL;DR
This paper explores high-throughput ingestion of system provenance data into Accumulo using D4M, enabling scalable storage and analysis for detecting data integrity attacks across distributed systems.
Contribution
It demonstrates a method for efficiently ingesting large volumes of provenance data into Accumulo, supporting real-time security monitoring.
Findings
Ingests 3,970 graph components per second.
Enables detection of data integrity attacks.
Supports scalable provenance data management.
Abstract
Whole-system data provenance provides deep insight into the processing of data on a system, including detecting data integrity attacks. The downside to systems that collect whole-system data provenance is the sheer volume of data that is generated under many heavy workloads. In order to make provenance metadata useful, it must be stored somewhere where it can be queried. This problem becomes even more challenging when considering a network of provenance-aware machines all collecting this metadata. In this paper, we investigate the use of D4M and Accumulo to support high-throughput data ingest of whole-system provenance data. We find that we are able to ingest 3,970 graph components per second. Centrally storing the provenance metadata allows us to build systems that can detect and respond to data integrity attacks that are captured by the provenance system.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsScientific Computing and Data Management · Data Quality and Management · Advanced Data Storage Technologies