BibTeX
@MISC{Allman_trafficmonitoring,
author = {Mark Allman and I. Position},
title = {Traffic Monitoring Considered Reasonable},
year = {}
}
Share
 |
 |
 |
 |
||
OpenURL
Abstract
Networking and security researchers must grapple with the following four potential constraints in the course of their work: (i) legal issues, (ii) institutional policies, (iii) community norms and (iv) personal ethics. These possible constraints can be intertwined and inform one another. In this position paper we set aside all except the third constraint: community norms. We do not mean to diminish the importance of considering the others, but, rather aim to make the case that the community has organically developed a community norm with respect to traffic monitoring. Position: network traffic monitoring—broadly defined—fits well within the networking and security research community’s norms. We believe this position is demonstrated through the community’s rough consensus and running code. II. COMMUNITY HISTORY The following illustrative references show that our community has leveraged network monitoring (i) for over two decades, (ii) for a variety of purposes, (iii) using various types of monitors—from packet traces to application layer logs, with many stops in-between—and (iv) across a large number of investigators and institutions.
Keyphrases
traffic monitoring considered community norm layer log large number network traffic rough consensus third constraint institutional policy traffic monitoring network monitoring security research community norm various type security researcher possible constraint potential constraint position paper following illustrative reference packet trace personal ethic many stop community history legal issue
