Runtime Analysis of Whole-System Provenance
- Submitting institution
-
University of Bristol
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 198000146
- Type
- E - Conference contribution
- DOI
-
10.1145/3243734.3243776
- Title of conference / published proceedings
- CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security : Toronto, Canada (2018)
- First page
- 1601
- Volume
- -
- Issue
- -
- ISSN
- -
- Open access status
- -
- Month of publication
- October
- Year of publication
- 2018
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
7
- Research group(s)
-
B - Cybersecurity and Cryptography
- Citation count
- 7
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This paper describes the first implementation of real-time analysis architecture for provenance graphs. The underlying technology is fully open-sourced (https://camflow.org/) and has been used by the authors in subsequent papers (e.g. Han et al. NDSS 2020) and by others (e.g. Ayoade et al. CNS 2020). The provenance capture and query software described in the paper has been downloaded more than 800 times (https://packagecloud.io/app/camflow/provenance/stats). The authors are regularly contacted by academics around the world to help them deploy the solution. Collaborative work between Bristol, Harvard, Cambridge, Otago, British Columbia and Les Mines ParisTech, and was funded by [EPSRC EP/K011510] and NSF.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -