Thomas Pasquier
Thomas Pasquier
Home
Experience
Joining my lab
Publications
Teaching
Service
Students
Contact
Light
Dark
Automatic
1
Sometimes Simpler is Better: A Comprehensive Analysis of State-of-the-Art Provenance-Based Intrusion Detection Systems
Provenance-based intrusion detection systems (PIDSs) have garnered significant attention from the research community over the past …
T Bilot
,
B Jiang
,
Z Li
,
N El Madhoun
,
K Al Agha
,
A Zouaoui
,
S Iqbal
,
X Han
,
T Pasquier
PDF
Cite
Project
ORTHRUS: Achieving High Quality of Attribution in Provenance-based Intrusion Detection Systems
Past success in applying machine learning to data provenance graphs – a structured representation of the history of operating …
B Jiang
,
T Bilot
,
N El Madhoun
,
K Al Agha
,
A Zouaoui
,
S Iqbal
,
X Han
,
T Pasquier
PDF
Cite
Project
SafeBPF: Hardware-assisted Defense-in-depth for eBPF Kernel Extensions
The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud …
SY Lim
,
T Prasad
,
X Han
,
T Pasquier
PDF
Cite
Project
FetchBPF: Customizable Prefetching Policies in Linux with eBPF
Monolithic operating systems are infamously complex. Linux in particular has a tendency to intermingle policy and mechanisms in a …
X Cao
,
S Patel
,
SY Lim
,
X Han
,
T Pasquier
PDF
Cite
Project
Computational Experiment Comprehension using Provenance Summarization
Scientists use complex multistep workflows to analyze data. However, reproducing computational experiments is often difficult as …
N Boufford
,
J Wonsil
,
A Pocock
,
J Sullivan
,
M Seltzer
,
T Pasquier
PDF
Cite
Kairos: Practical Intrusion Detection and Investigation using Whole-system Provenance
Provenance graphs are structured audit logs that describe the history of a system’s execution. Recent studies have explored a …
Z Cheng
,
Q Lv
,
J Liang
,
Y Wang
,
D Sun
,
T Pasquier
,
X Han
PDF
Cite
Project
Unleashing Unprivileged eBPF Potential with Dynamic Sandboxing
For safety reasons, unprivileged users today have only limited ways to customize the kernel through the extended Berkeley Packet Filter …
SY Lim
,
X Han
,
T Pasquier
PDF
Cite
Project
DOI
Secure Namespaced Kernel Audit for Containers
Despite the wide usage of container-based cloud computing, container auditing for security analysis relies mostly on built-in host …
SY Lim
,
B Stelea
,
X Han
,
T Pasquier
PDF
Cite
SIGL: Securing Software Installations Through Deep Graph Learning
Many users implicitly assume that software can only be exploited after it is installed. However, recent supply-chain attacks …
X Han
,
X Yu
,
T Pasquier
,
D Li
,
J Rhee
,
J Mickens
,
M Seltzer
,
C Haifeng
PDF
Cite
Accelerating the Configuration Tuning of Big Data Analytics with Similarity-aware Multitask Bayesian Optimization
One of the key challenges for data analytics deployment is configuration tuning. The existing approaches for configuration tuning are …
A Fekry
,
L Carata
,
T Pasquier
,
A Rice
PDF
Cite
Slides
»
Cite
×