2024
HADES: Detecting Active Directory Attacks via Whole Network Provenance Analytics.
CoRR, 2024
Accurate and Scalable Detection and Investigation of Cyber Persistence Threats.
CoRR, 2024
Flash: A Comprehensive Approach to Intrusion Detection via Provenance Graph Representation Learning.
Proceedings of the IEEE Symposium on Security and Privacy, 2024
2023
SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions.
Proceedings of the 44th IEEE Symposium on Security and Privacy, 2023
2022
Forensic Analysis of Configuration-based Attacks.
Proceedings of the 29th Annual Network and Distributed System Security Symposium, 2022
FAuST: Striking a Bargain between Forensic Auditing's Security and Throughput.
Proceedings of the Annual Computer Security Applications Conference, 2022
2021
Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks.
Proceedings of the CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, Republic of Korea, November 15, 2021
2020
A Higher-Order Propagator Method for 2D-DOA Estimation in Massive MIMO Systems.
IEEE Commun. Lett., 2020
Tactical Provenance Analysis for Endpoint Detection and Response Systems.
Proceedings of the 2020 IEEE Symposium on Security and Privacy, 2020
You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis.
,
,
,
,
,
,
,
,
,
,
Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020
Custos: Practical Tamper-Evident Auditing of Operating Systems Using Trusted Execution.
Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020
OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis.
Proceedings of the 27th Annual Network and Distributed System Security Symposium, 2020
On the Forensic Validity of Approximated Audit Logs.
Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020
This is Why We Can't Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage.
,
,
,
,
,
,
,
,
,
,
Proceedings of the ACSAC '20: Annual Computer Security Applications Conference, 2020
2019
Can Data Provenance Put an End to the Data Breach?
IEEE Secur. Priv., 2019
How effective are existing Java API specifications for finding bugs during runtime verification?
Autom. Softw. Eng., 2019
NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage.
Proceedings of the 26th Annual Network and Distributed System Security Symposium, 2019
2018
Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?
Proceedings of the 27th USENIX Security Symposium, 2018
Fear and Logging in the Internet of Things.
Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018
Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs.
Proceedings of the 25th Annual Network and Distributed System Security Symposium, 2018
2017
HiFrames: High Performance Data Frames in a Scripting Language.
CoRR, 2017
Transparent Web Service Auditing via Network Provenance Functions.
Proceedings of the 26th International Conference on World Wide Web, 2017
Don't cry over spilled records: Memory elasticity of data-parallel applications and its application to cluster scheduling.
Proceedings of the 2017 USENIX Annual Technical Conference, 2017
Automated Provenance Analytics: A Regular Grammar Based Approach with Applications in Security.
Proceedings of the 9th USENIX Workshop on the Theory and Practice of Provenance, 2017
2016
How good are the specs? a study of the bug-finding effectiveness of existing Java API specifications.
Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, 2016