1

UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats
Advanced Persistent Threats (APTs) are difficult to detect due to their low-and-slow attack patterns and frequent use of zero-day …
X Han, T Pasquier, A Bates, J Mickens, M Seltzer
PDF Cite
UNICORN: Runtime Provenance-Based Detector for Advanced Persistent Threats
Facilitating plausible deniability for cloud providers regarding tenants' activities using trusted execution
A cloud provider that can technically determine tenants’ operations may be compelled to disclose such activities by law …
D O'Keeffe, A Vranaki, T Pasquier, D Eyers
PDF Cite
Demonstrating the Practicality of Unikernels to Build a Serverless Platform at the Edge
The rise of IoT has led to large volumes of personal data being produced at the network’s edge. Most IoT applications process data in …
C Mistry, B Stelea, V Kumar, T Pasquier
PDF Cite Code DOI
ProvMark: A Provenance Expressiveness Benchmarking System
System level provenance is of widespread interest for applications such as security enforcement and information protection. However, …
S C Chan, J Cheney, P Bhatotia, A Gehani, H Irshad, T Pasquier, L Carata, M Seltzer
PDF Cite
ProvMark: A Provenance Expressiveness Benchmarking System
From Here to Provtopia
Valuable, sensitive, and regulated data flow freely through distributed governing the collection, use, and management of such data? We …
T Pasquier, D Eyers, M Seltzer
PDF Cite
Towards Seamless Configuration Tuning of Big Data Analytics
The execution of distributed data processing workloads (such as those running on top of Hadoop or Spark) in cloud environments presents …
A Fekry, L Carata, T Pasquier, Andrew Rice, Andy Hopper
PDF Cite DOI
Runtime Analysis of Whole-System Provenance
Identifying the root cause and impact of a system intrusion remains a foundational challenge in computer security. Digital provenance …
T Pasquier, X Han, T Moyer, A Bates, O Hermant, D Eyers, J Bacon, M Seltzer
PDF Cite Code DOI
Runtime Analysis of Whole-System Provenance
Provenance-based Intrusion Detection: Opportunities and Challenges
Intrusion detection is an arms race; attackers evade intrusion detection systems by developing new attack vectors to sidestep known …
X Han, T Pasquier, M Seltzer
PDF Cite
Practical Whole-System Provenance Capture
Data provenance describes how data came to be in its present form. It includes data sources and the transformations that have been …
T Pasquier, X Han, M Goldstein, T Moyer, D Eyers, M Seltzer, J Bacon
PDF Cite Code DOI
Practical Whole-System Provenance Capture
FRAPpuccino: Fault-detection through Runtime Analysis of Provenance
We present FRAPpuccino (or FRAP), a provenance-based fault detection mechanism for Platform as a Service (PaaS) users, who run many …
X Han, T Pasquier, T Ranjan, M Goldstein, M Seltzer
PDF Cite
FRAPpuccino: Fault-detection through Runtime Analysis of Provenance