MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning

Abstract

Traditional auditing techniques generate large and inaccurate causal graphs. To overcome such limitations, researchers proposed to leverage execution partitioning to improve analysis granularity and hence precision. However, these techniques rely on a low level programming paradigm (i.e., event handling loops) to partition execution, which often results in… (More)

Topics

21 Figures and Tables

Cite this paper

@inproceedings{Ma2017MPIMP, title={MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning}, author={Shiqing Ma and Juan Zhai and Fei Wang and Kyu Hyung Lee and Xiangyu Zhang and Dongyan Xu}, booktitle={USENIX Security Symposium}, year={2017} }