1

SafeBPF: Hardware-assisted Defense-in-depth for eBPF Kernel Extensions
The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud …
SY Lim, T Prasad, X Han, T Pasquier
PDF Cite
SafeBPF: Hardware-assisted Defense-in-depth for eBPF Kernel Extensions
FetchBPF: Customizable Prefetching Policies in Linux with eBPF
Monolithic operating systems are infamously complex. Linux in particular has a tendency to intermingle policy and mechanisms in a …
X Cao, S Patel , SY Lim, X Han, T Pasquier
PDF Cite
FetchBPF: Customizable Prefetching Policies in Linux with eBPF
Computational Experiment Comprehension using Provenance Summarization
Scientists use complex multistep workflows to analyze data. However, reproducing computational experiments is often difficult as …
N Boufford, J Wonsil, A Pocock, J Sullivan, M Seltzer, T Pasquier
PDF Cite
Computational Experiment Comprehension using Provenance Summarization
Kairos: Practical Intrusion Detection and Investigation using Whole-system Provenance
Provenance graphs are structured audit logs that describe the history of a system’s execution. Recent studies have explored a …
Z Cheng, Q Lv, J Liang, Y Wang, D Sun, T Pasquier, X Han
PDF Cite
Kairos: Practical Intrusion Detection and Investigation using Whole-system Provenance
Unleashing Unprivileged eBPF Potential with Dynamic Sandboxing
For safety reasons, unprivileged users today have only limited ways to customize the kernel through the extended Berkeley Packet Filter …
SY Lim, X Han, T Pasquier
PDF Cite DOI
Unleashing Unprivileged eBPF Potential with Dynamic Sandboxing
Secure Namespaced Kernel Audit for Containers
Despite the wide usage of container-based cloud computing, container auditing for security analysis relies mostly on built-in host …
SY Lim, B Stelea, X Han, T Pasquier
PDF Cite
Secure Namespaced Kernel Audit for Containers
SIGL: Securing Software Installations Through Deep Graph Learning
Many users implicitly assume that software can only be exploited after it is installed. However, recent supply-chain attacks …
X Han, X Yu, T Pasquier, D Li, J Rhee, J Mickens, M Seltzer, C Haifeng
PDF Cite
SIGL: Securing Software Installations Through Deep Graph Learning
Accelerating the Configuration Tuning of Big Data Analytics with Similarity-aware Multitask Bayesian Optimization
One of the key challenges for data analytics deployment is configuration tuning. The existing approaches for configuration tuning are …
A Fekry, L Carata, T Pasquier, A Rice
PDF Cite Slides
Accelerating the Configuration Tuning of Big Data Analytics with Similarity-aware Multitask Bayesian Optimization
To Tune or Not to Tune? In Search of Optimal Configurations for Data Analytics
This experimental study presents a number of issues that pose a challenge for practical configuration tuning and its deployment in data …
A Fekry, L Carata, T Pasquier, A Rice, A Hopper
PDF Cite
To Tune or Not to Tune? In Search of Optimal Configurations for Data Analytics
Xanthus: Push-button Orchestration of Host Provenance Data Collection
Host-based anomaly detectors generate alarms by inspecting audit logs for suspicious behavior. Unfortunately, evaluating these anomaly …
X Han, J Mickens, A Gehani, M Seltzer, T Pasquier
PDF Cite
Xanthus: Push-button Orchestration of Host Provenance Data Collection