ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and Tainting

@inproceedings{Ma2016ProTracerTP,
  title={ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and Tainting},
  author={Shiqing Ma and Xiangyu Zhang and Dongyan Xu},
  booktitle={NDSS},
  year={2016}
}
Provenance tracing is a very important approach to Advanced Persistent Threat (APT) attack detection and investigation. Existing techniques either suffer from the dependence explosion problem or have non-trivial space and runtime overhead, which hinder their application in practice. We propose ProTracer, a lightweight provenance tracing system that alternates between system event logging and unit level taint propagation. The technique is built on an on-the-fly system event processing… CONTINUE READING
Highly Cited
This paper has 54 citations. REVIEW CITATIONS
38 Citations
32 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 38 extracted citations

54 Citations

02040201620172018
Citations per Year
Semantic Scholar estimates that this publication has 54 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 32 references

an information - flow tracking system for realtime privacy monitoring on smartphones

  • W. E NCK, P. G ILBERT, +5 authors P. M C D ANIEL
  • ACM Transactions on Computer Systems ( TOCS )
  • 2014

Similar Papers

Loading similar papers…