Filters








8 Hits in 0.94 sec

Facilitating Trust on Data through Provenance [chapter]

Manolis Stamatogiannakis, Paul Groth, Herbert Bos
2014 Lecture Notes in Computer Science  
Research on trusted computing focuses mainly on the security and integrity of the execution environment, from hardware components to software services. However, this is only one facet of the computation, the other being the data. If our goal is to produce trusted results, a trustworthy execution environment is not enough: we also need trustworthy data. Provenance of data plays a pivotal role in ascertaining trustworthiness of data. In our work, we explore how to use state-ofthe-art systems
more » ... iques to capture and reconstruct provenance, thus enabling us to build trust on both newly generated and existing data.
doi:10.1007/978-3-319-08593-7_21 fatcat:z7gnvim3grdcjfocpzdmomangm

Trade-Offs in Automatic Provenance Capture [chapter]

Manolis Stamatogiannakis, Hasanat Kazmi, Hashim Sharif, Remco Vermeulen, Ashish Gehani, Herbert Bos, Paul Groth
2016 Lecture Notes in Computer Science  
Automatic provenance capture from arbitrary applications is a challenging problem. Different approaches to tackle this problem have evolved, most notably a. system-event trace analysis, b. compiletime static instrumentation, and c. taint flow analysis using dynamic binary instrumentation. Each of these approaches offers different trade-offs in terms of the granularity of captured provenance, integration requirements, and runtime overhead. While these aspects have been discussed separately, a
more » ... tematic and detailed study, quantifying and elucidating them, is still lacking. To fill this gap, we begin to explore these trade-offs for representative examples of these approaches for automatic provenance capture by means of evaluation and measurement. We base our evaluation on UnixBench-a widely used benchmark suite within systems research. We believe this approach will make our results easier to compare with future studies.
doi:10.1007/978-3-319-40593-3_3 fatcat:xto2tmxgt5ftxa7yr5imkoikeu

PANDAcap

Manolis Stamatogiannakis, Herbert Bos, Paul Groth
2020 Proceedings of the 13th European workshop on Systems Security  
Full-system, deterministic record and replay has proven to be an invaluable tool for reverse engineering and systems analysis. However, acquiring a full-system recording typically involves signifcant planning and manual effort. This represents a distraction from the actual goal of recording a trace, i.e. analyzing it. We present PANDAcap, a framework based on PANDA full-system record and replay tool. PANDAcap combines off-the-shelf and custom-built components in order to streamline the process
more » ... f recording PANDA traces. More importantly, in addition to making the setup of oneoff experiments easier, PANDAcap also caters to the streamlining of systematic repeatable experiments in order to create PANDA trace datasets. As a demonstration, we have used PANDAcap to deploy an ssh honeypot aiming to study the actions of brute-force ssh attacks.
doi:10.1145/3380786.3391396 dblp:conf/eurosec/Stamatogiannakis20 fatcat:ff4xtyohgndoxosfiy5msu6c5u

Decoupling Provenance Capture and Analysis from Execution

Manolis Stamatogiannakis, Paul Groth, Herbert Bos
2015 Workshop on the Theory and Practice of Provenance  
Capturing provenance usually involves the direct observation and instrumentation of the execution of a program or workflow. However, this approach restricts provenance analysis to pre-determined programs and methods. This may not pose a problem when one is interested in the provenance of a well-defined workflow, but may limit the analysis of unstructured processes such as interactive desktop computing. In this paper, we present a new approach to capturing provenance based on full execution
more » ... d and replay. Our approach leverages full-system execution trace logging and replay, which allows the complete decoupling of analysis from the original execution. This enables the selective analysis of the execution using progressively heavier instrumentation.
dblp:conf/tapp/Stamatogiannakis15 fatcat:irqckmozmnhj5gxbkztwvp2rj4

Looking Inside the Black-Box: Capturing Data Provenance Using Dynamic Instrumentation [chapter]

Manolis Stamatogiannakis, Paul Groth, Herbert Bos
2015 Lecture Notes in Computer Science  
Knowing the provenance of a data item helps in ascertaining its trustworthiness. Various approaches have been proposed to track or infer data provenance. However, these approaches either treat an executing program as a black-box, limiting the fidelity of the captured provenance, or require developers to modify the program to make it provenance-aware. In this paper, we introduce DataTracker, a new approach to capturing data provenance based on taint tracking, a technique widely used in the
more » ... ty and reverse engineering fields. Our system is able to identify data provenance relations through dynamic instrumentation of unmodified binaries, without requiring access to, or knowledge of, their source code. Hence, we can track provenance for a variety of well-known applications. Because DataTracker looks inside the executing program, it captures high-fidelity and accurate data provenance.
doi:10.1007/978-3-319-16462-5_12 fatcat:76wikrp72zc3djh2kwagsf2qse

Network-Based Scientific Computing [chapter]

Elias N. Houstis, Ann Christine Catlin, Ganesh Balakrishnan, Nitesh Dhanjani, GaHyun Park, John R. Rice, Spyros Lalis, Manolis Stamatogiannakis, Catherine Houstis
2001 IFIP Advances in Information and Communication Technology  
Rapid advances in modern networking technologies and commodity high performance computing systems are leading the field of computing in a new paradigm referred to as network-based computing (NC). This paradigm views a large number of geographically distributed computer resources such as PCs, workstations, Symmetric Multi-processors (SMP) and Massively Parallel Processing (MPP) systems connected through a high speed network as a single meta-computer or computational grid [2] . In this paper, we
more » ... ocus on the Internet (WAN) and Intranet (LAN) based computational grids and their ability to support scalable and robust "deep" computing. We present various implementations of the NC paradigm using commodity and customized software in the context of the existing PELLPACK problem solving environment [8], the ITPACK library as it has been implemented in the PELLPACK system, and a muti-physics application for the design of gas turbine engines [11] . Through this study we attempt to assess the feasibility and efficiency of several NC paradigms for scientific applications utilizing existing middleware.
doi:10.1007/978-0-387-35407-1_1 fatcat:iys7g66vezbtdpj25v24vpmxbu

A Relational Approach to Complex Dataflows

Yannis Chronis, Yannis Foufoulas, Vaggelis Nikolopoulos, Alexandros Papadopoulos, Lefteris Stamatogiannakis, Christoforos Svingos, Yannis E. Ioannidis
2016 International Conference on Extending Database Technology  
ACKNOWLEDGEMENTS The authors would like to thank Herald Kllapi and Manolis Tsangaris.  ... 
dblp:conf/edbt/ChronisFNPSSI16 fatcat:ff4fk4kfmrf6zaiiblqr3vdwfy

OFFDTAN: A New Approach of Offline Dynamic Taint Analysis for Binaries

Xiajing Wang, Rui Ma, Bowen Dou, Zefeng Jian, Hongzhou Chen
2018 Security and Communication Networks  
Manolis Stamatogiannakis et al. [18] leverage full-system execution trace logging and replaying to decouple analysis from the original execution. Shi et al.  ... 
doi:10.1155/2018/7693861 fatcat:mjbufz73afcsdmkkxxe5ozzaki