Towards provenance-based intrusion detection

Towards provenance-based intrusion detection

Abstract

In this talk, provenance-based intrusion detection will be discussed. We are building a full stack solution to perform host-based intrusion detection using information flow graph to represent a system execution. The talk will cover topics ranging from the kernel instrumentation to capture the relevant data, to the ML techniques used to perform the analysis. Published material and source code relating to this project can be found online at http://camflow.org.

Date
Location
Loughborough University, UK
Avatar
Thomas Pasquier
Lecturer (Assistant Professor)

My research interests include Digital Provenance, Operating Systems, Distributed Systems, Data Protection and Privacy, Internet of Things and Intrusion Detection.