| Dr. Thomas Pasquier (University of Cambridge) |
| Mon 08 Jan 2018, 13:00 - 14:00 |
| Informatics Forum (IF-4.31/4.33) |
If you have a question about this talk, please contact: Allison Kruk (v1atayl6)
Speaker
Dr. Thomas Pasquier (University of Cambridge)
Title
Towards practical whole-system provenance
Abstract
There is a consensus that understanding data provenance, the origin and history of digital artefacts, is important. Whole-system provenance systems are capture mechanisms aimed at recording all information flows in an operating system. Such systems have been the subject of recent attention from the research security community. However, whole-system provenanceas yet to make a significant impact outside of academic circles. In this talk, I will present our work on Cam Flow an open-source whole-system provenance implementation for Linux, and briefly introduce ongoing work on provenance-based intrusion detection as an application example. I will discuss the technical barriers to practical whole-system provenance we aimed to overcome, and those left to address.
Biography
Thomas Pasquier is a Research Associate at the University of Cambridge Department of Computer Science and Technology, and an affiliate of Harvard School of Engineering and Applied Sciences Centre for Research on Computation and Society. Dr. Pasquier received a PhD in Computer Science from the University of Cambridge in 2016.