Recent & Upcoming Talks

Efficient Large-Scale Data Provenance Tracking and Analyzing: Intrusion Detection

Provenance is the representation of a system execution as a directed acyclic graph. Those graphs, representing the execution of an entire system from initialization to shut down, can be comprised of millions of graph elements. After a general …

Building a provenance-based intrusion detection system

Provenance is the representation of a system execution as a directed acyclic graph. Those graphs, representing the execution of an entire system from initialization to shut down, can be comprised of millions of graph elements. In this talk, I will …

Building a provenance-based intrusion detection system

Provenance is the representation of a system execution as a directed acyclic graph. Those graphs, representing the execution of an entire system from initialization to shut down, can be comprised of millions of graph elements. In this talk, I will …

Provenance-based intrusion detection

Provenance is the representation of a system execution as a directed acyclic graph. Those graphs, representing the execution of an entire system from initialization to shut down, can be comprised of millions of graph elements. In this talk, I will …

To Tune or not To Tune

Thomas Pasquier is currently an Assistant Professor at the University of Bristol (UK). Thomas has been working on how to make systems more transparent and how to use the insights gained. During today session, Thomas will discuss his work with …

Provenance-based Intrusion Detection

Whole-system provenance is the record of flows of information between kernel objects (e.g., files, task, sockets etc.). This information is represented as a directed acyclic graph that can be analysed to extract information about the execution of the …

Building a provenance-based IDS and the questions we ask ourselves

Provenance is the representation of a system execution as a directed acyclic graph. Whole-system provenance graph, representing the execution of an entire system from initialization to shut down, can be comprised of millions of graph elements. It is …

Towards provenance-based intrusion detection

Provenance is the representation of a system execution as a directed acyclic graph. Whole-system provenance graph, representing the execution of an entire system from initialization to shut down, can be comprised of millions of graph elements. In …

Towards provenance-based intrusion detection

In this talk, provenance-based intrusion detection will be discussed. We are building a full stack solution to perform host-based intrusion detection using information flow graph to represent a system execution. The talk will cover topics ranging …

Building a provenance-based intrusion detection system

Provenance is the representation of a system execution as a directed acyclic graph. Whole-system provenance graph, representing the execution of an entire system from initialization to shut down, can be comprised of millions of graph elements. In …