process_coloring
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
process_coloring [2008/07/24 13:00] ryan |
process_coloring [2009/12/17 16:01] dxu |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== Publications ===== | ===== Publications ===== | ||
| - | * "Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach." Xuxian Jiang, Florian Buchholz, AAron Walters, Dongyan Xu, Yi-Min Wang, and Eugene H. Spafford. To appear in //IEEE Transactions on Parallel and Distributed Systems//, 2007. | + | * [[http://friends.cs.purdue.edu/pubs/TPDS_process_coloring.pdf|"Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach."]] Xuxian Jiang, Florian Buchholz, AAron Walters, Dongyan Xu, Yi-Min Wang, and Eugene H. Spafford. IEEE Transactions on Parallel and Distributed Systems, 19(7), 2008. |
| - | * [[http://cairo.cs.purdue.edu/pubs/ICDCS06.pdf|"Provenance-Aware Tracing of Worm Break-in and Contaminations: A Process Coloring Approach]]." Xuxian Jiang, AAron Walters, Florian Buchholz, Dongyan Xu, Yi-Min Wang, Eugene H. Spafford. Proceedings of //IEEE International Conference on Distributed Computing Systems// ([[http://icdcs2006.di.fc.ul.pt/|ICDCS 2006]]), Lisboa, Portugal, July 2006. | + | * [[http://friends.cs.purdue.edu/pubs/ICDCS06.pdf|"Provenance-Aware Tracing of Worm Break-in and Contaminations: A Process Coloring Approach."]] Xuxian Jiang, AAron Walters, Florian Buchholz, Dongyan Xu, Yi-Min Wang, Eugene H. Spafford. Proceedings of //IEEE International Conference on Distributed Computing Systems// ([[http://icdcs2006.di.fc.ul.pt/|ICDCS 2006]]), Lisboa, Portugal, July 2006. |
| ===== Documentation ===== | ===== Documentation ===== | ||
| - | * [[http://cairo.cs.purdue.edu/projects/pc/files/DTO-handout.pdf|Handout]] -- A handout summarizing the process coloring technique. | + | * [[http://friends.cs.purdue.edu/projects/pc/files/DTO-handout.pdf|Handout]] -- A handout summarizing the process coloring technique. |
| ===== Presentations ===== | ===== Presentations ===== | ||
| - | * [[http://cairo.cs.purdue.edu/projects/pc/files/DTO_Kickoff_030707.ppt|DTO Kickoff Presentation]] -- The powerpoint slides corresponding to the 5 minutes introduction presention given at the DTO kickoff meeting. | + | * [[http://friends.cs.purdue.edu/projects/pc/files/DTO_Kickoff_030707.ppt|DTO Kickoff Presentation]] -- The powerpoint slides corresponding to the 5 minutes introduction presention given at the DTO kickoff meeting. |
| - | * [[http://cairo.cs.purdue.edu/projects/pc/files/DTO_Site_071907.ppt|Site Visit Presentation]] -- A longer presentation discussing the process coloring work and the administrative details of the project and its funding. | + | * [[http://friends.cs.purdue.edu/projects/pc/files/DTO_Site_071907.ppt|Site Visit Presentation]] -- A longer presentation discussing the process coloring work and the administrative details of the project and its funding. |
| - | * [[http://cairo.cs.purdue.edu/projects/pc/files/DTO_Site_071907_GMU.ppt|GMU Subcontract]] -- A brief presentation discussing the GMU subcontract as well as the evaluation facility of process coloring. | + | * [[http://friends.cs.purdue.edu/projects/pc/files/DTO_Site_071907_GMU.ppt|GMU Subcontract]] -- A brief presentation discussing the GMU subcontract as well as the evaluation facility of process coloring. |
| - | * [[http://cairo.cs.purdue.edu/projects/pc/files/DTO_Purdue_091907.ppt|September PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress. | + | * [[http://friends.cs.purdue.edu/projects/pc/files/DTO_Purdue_091907.ppt|September PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress. |
| * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_012508.ppt|January Reverse Site Visit Presentation]] -- An update of our progress over the last few quarters. Also contains the new client side problems we're approaching as of the presentation. | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_012508.ppt|January Reverse Site Visit Presentation]] -- An update of our progress over the last few quarters. Also contains the new client side problems we're approaching as of the presentation. | ||
| * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0409.ppt|April PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress. | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0409.ppt|April PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress. | ||
| - | * {{:niciar_purdue_0725.ppt|July Site Visit Presentation}} -- A report of current progress including an introduction to the initial design of integration with DDFA. | + | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0725.ppt|July Site Visit Presentation]] -- A report of current progress including an introduction to the initial design of integration with DDFA. |
| + | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0923.ppt|September PI Meeting Presentation - Purdue]] -- A report of current progress including initial performance results. | ||
| + | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Colab_0923.ppt|September PI Meeting Presentation - Collaboration]] -- A report of current progress on the collaborative effort with Southwest Research Institute and the University of Texas. | ||
| ===== Demos ===== | ===== Demos ===== | ||
| * [[http://cairo.cs.purdue.edu/projects/pc/pc-demo.html|A preliminary demo]] -- A demo of the process coloring prototype. While still under development, the current prototype (based on Xen) is able to perform the following: OS-level color diffusion, external (relative to the VM) logging and processing, and reconstruction of malware contamination steps. | * [[http://cairo.cs.purdue.edu/projects/pc/pc-demo.html|A preliminary demo]] -- A demo of the process coloring prototype. While still under development, the current prototype (based on Xen) is able to perform the following: OS-level color diffusion, external (relative to the VM) logging and processing, and reconstruction of malware contamination steps. | ||
| * [[http://friends.cs.purdue.edu/projects/pc/files/sinkfile.avi|Sinkfile demo]] -- A demo of the client side process coloring prototype. We show insulation as well as an attack. Requires the XVID codec to view. (Or, [[http://www.videolan.org/vlc/|VLC]].) This demo corresponds to the April PI meeting presentation. | * [[http://friends.cs.purdue.edu/projects/pc/files/sinkfile.avi|Sinkfile demo]] -- A demo of the client side process coloring prototype. We show insulation as well as an attack. Requires the XVID codec to view. (Or, [[http://www.videolan.org/vlc/|VLC]].) This demo corresponds to the April PI meeting presentation. | ||
| + | * [[http://friends.cs.purdue.edu/projects/pc/files/email.avi|Email file stealing demo]] -- A demo showing the alerts being generated when a sensitive file is about to emailed out of the system. Requires the XVID codec to view. (Or, [[http://www.videolan.org/vlc/|VLC]].) This demo corresponds to the September PI meeting presentation. | ||
| ===== Software ===== | ===== Software ===== | ||
| Line 31: | Line 34: | ||
| * [[http://spaf.cerias.purdue.edu/|Eugene Spafford]] | * [[http://spaf.cerias.purdue.edu/|Eugene Spafford]] | ||
| * [[http://www.cs.purdue.edu/homes/rileyrd/|Ryan Riley]] | * [[http://www.cs.purdue.edu/homes/rileyrd/|Ryan Riley]] | ||
| + | * [[http://www.cs.purdue.edu/homes/dmstanle/|Dannie Stanley]] | ||
| ===== Past People ===== | ===== Past People ===== | ||
process_coloring.txt · Last modified: 2009/12/17 16:02 by dxu
Page Tools
