Changes between Version 38 and Version 39 of ExDescLang

Timestamp:

Oct 14, 2010 4:23:04 PM (14 years ago)

Author:

sunshine

Comment:

--

ExDescLang

@@ -30 +30 @@
 = Diving in =
 
-I'll now ignore the question '''which language to use to design experiments''' because I think that pretty much any language can be used once we know '''what we want to say'''. To figure this out I'll try to use a mix of FSA (finite state automata) and protocol diagrams, and Arun's adaptation of TLA (temporal logic algebra) to describe example experiments from above. If the level of detail is right we can decide on appropriate language in the next step.
+I'll now ignore the question '''which language to use to design experiments''' because I think that pretty much any language can be used once we know '''what we want to say'''. To figure this out I'll try to use some variation of UML that can express both protocol diagrams and state transitions. If the level of detail is right we can decide on appropriate language in the next step.
 
 == Example 1: Botnet ==
@@ -43 +43 @@
    [[Image(wormobj.jpg)]]
 
-   (in English: There must be two sets of hosts, at least one infected host in infected set and at least one vulnerable host in vulnerable set. There can be a third set of hosts that are not vulnerable or infected. These sets are disjoint. All objects here are of type Nodes.)
+   (in English: There must be two sets of hosts, at least one infected host in infected set and at least one vulnerable host in vulnerable set. These sets are disjoint. All objects here are of type Nodes.)
 
  * '''Timeline of events: '''
@@ -49 +49 @@
    [[Image(wormwf.jpg, 30%)]]
 
-   (in English: Each infected host generates scan events that target a vulnerable host - double line means one object acts upon another. There is at least one such event for a vulnerable host and at least one pair of scan+vulnerable host in the experiment. Once an infection event occurs on vulnerable host it transitions to an infected state. An infected host may scan other, non-vulnerable hosts).
+   (in English: Each infected host generates scan events that target a vulnerable host, scanning for vulnerability x. Once scan hits a vulnerable host with vulnerability x, an infection event occurs and vulnerable host becomes infected. 
 
-   Note that I haven't yet defined what scan and infection events mean. I have to do this somewhere but I think the right place for this would be a common repository of domain knowledge rather than attaching these per experiment class since many classes of experiments may need same definitions. Ultimately what I'd like to say in these definitions in plain English is:
-     * scan event generates traffic from A to B that exploits a vulnerability at B
-     * infection event at B executes some code that places a copy of malware at B with ability to auto-start
- Also note that I haven't said if each infected hosts scans ALL or SOME vulnerable hosts and how many. We should have a mechanism to specify this. Same comment goes for any "acts upon" relationship.
+   Note that I haven't yet defined very well what scan event means. I have to do this somewhere but I think the right place for this would be a common repository of domain knowledge.
 
  * '''Invariants:''' There are some in definition of topology and timeline above. No additional ones are needed here.
@@ -64 +61 @@
    [[Image(peerobj.jpg)]]
 
-   (in English: There must be two sets of hosts, at least two eligible peers and at least one leader. Nothing is said about relationship between sets so it's possible that there's an intersection between those that is non-empty. All objects here are of type Nodes.)
+   (in English: There must be two sets of hosts, at least two  peers and at least one leader. Nothing is said about relationship between sets so it's possible that there's an intersection between those that is non-empty. All objects here are of type Nodes.)
  * '''Timeline of events: '''
 
    [[Image(peerwf.jpg, 60%)]]
 
-   (in English: Each eligible peer contacts some other eligible peers asking them to peer with it. If they agree both go into "peer" state, otherwise they both revert to eligible peer state. In each of peer states (elpeer, maypeer, peer) this object may somehow learn about a leader and go into lpeer state in which it knows leader identity. In lpeer state it may learn about other leaders as well. An object in lpeer state receives some commands from the leader and may report back to the leader.).
+   (in English: Each  peer contacts some other peer asking them to peer with it - the contacted peer may reply with a "yes". In parallel with this a peer somehow learns about a leader. If a leader object is known to a given peer, the peer will send it a "hello" message. The leader will then send commands to the peers it knows and may get reports from them back.).
 
-   Note that I haven't defined what wannapeer, yespeer, leaderis, cmd and report events are and I should define it in the common domain knowledge base. 
+   Note that I haven't defined what wannapeer, yespeer, leader, hello, cmd and report events are and I should define it in the common domain knowledge base. 
 
  * '''Invariants:''' There are some in definition of topology and timeline above. No additional ones are needed here.
@@ -77 +74 @@
 === Experiment design ===
 
-Now I'm a user who wants to design my experiment. I need to combine two metadescriptions and somehow tie them down to generator choices. To combine I need to specify how outputs of worm metadescription match inputs of P2P metadescription. This is simple and I'll just do something like:
+Now I'm a user who wants to design my experiment. I need to combine two metadescriptions and somehow tie them down to generator choices. To combine I need to specify how outputs of worm metadescription match inputs of P2P metadescription. I'll do this visually here:
 
    [[Image(wp2pcomb.jpg)]]