This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
process_coloring [2008/07/24 13:36] ryan |
process_coloring [2009/12/17 16:01] dxu |
||
---|---|---|---|
Line 3: | Line 3: | ||
===== Publications ===== | ===== Publications ===== | ||
- | * "Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach." Xuxian Jiang, Florian Buchholz, AAron Walters, Dongyan Xu, Yi-Min Wang, and Eugene H. Spafford. To appear in //IEEE Transactions on Parallel and Distributed Systems//, 2007. | + | * [[http://friends.cs.purdue.edu/pubs/TPDS_process_coloring.pdf|"Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach."]] Xuxian Jiang, Florian Buchholz, AAron Walters, Dongyan Xu, Yi-Min Wang, and Eugene H. Spafford. IEEE Transactions on Parallel and Distributed Systems, 19(7), 2008. |
- | * [[http://cairo.cs.purdue.edu/pubs/ICDCS06.pdf|"Provenance-Aware Tracing of Worm Break-in and Contaminations: A Process Coloring Approach]]." Xuxian Jiang, AAron Walters, Florian Buchholz, Dongyan Xu, Yi-Min Wang, Eugene H. Spafford. Proceedings of //IEEE International Conference on Distributed Computing Systems// ([[http://icdcs2006.di.fc.ul.pt/|ICDCS 2006]]), Lisboa, Portugal, July 2006. | + | * [[http://friends.cs.purdue.edu/pubs/ICDCS06.pdf|"Provenance-Aware Tracing of Worm Break-in and Contaminations: A Process Coloring Approach."]] Xuxian Jiang, AAron Walters, Florian Buchholz, Dongyan Xu, Yi-Min Wang, Eugene H. Spafford. Proceedings of //IEEE International Conference on Distributed Computing Systems// ([[http://icdcs2006.di.fc.ul.pt/|ICDCS 2006]]), Lisboa, Portugal, July 2006. |
===== Documentation ===== | ===== Documentation ===== | ||
- | * [[http://cairo.cs.purdue.edu/projects/pc/files/DTO-handout.pdf|Handout]] -- A handout summarizing the process coloring technique. | + | * [[http://friends.cs.purdue.edu/projects/pc/files/DTO-handout.pdf|Handout]] -- A handout summarizing the process coloring technique. |
===== Presentations ===== | ===== Presentations ===== | ||
Line 18: | Line 18: | ||
* [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0409.ppt|April PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress. | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0409.ppt|April PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress. | ||
* [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0725.ppt|July Site Visit Presentation]] -- A report of current progress including an introduction to the initial design of integration with DDFA. | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0725.ppt|July Site Visit Presentation]] -- A report of current progress including an introduction to the initial design of integration with DDFA. | ||
+ | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Purdue_0923.ppt|September PI Meeting Presentation - Purdue]] -- A report of current progress including initial performance results. | ||
+ | * [[http://friends.cs.purdue.edu/projects/pc/files/NICIAR_Colab_0923.ppt|September PI Meeting Presentation - Collaboration]] -- A report of current progress on the collaborative effort with Southwest Research Institute and the University of Texas. | ||
===== Demos ===== | ===== Demos ===== | ||
* [[http://cairo.cs.purdue.edu/projects/pc/pc-demo.html|A preliminary demo]] -- A demo of the process coloring prototype. While still under development, the current prototype (based on Xen) is able to perform the following: OS-level color diffusion, external (relative to the VM) logging and processing, and reconstruction of malware contamination steps. | * [[http://cairo.cs.purdue.edu/projects/pc/pc-demo.html|A preliminary demo]] -- A demo of the process coloring prototype. While still under development, the current prototype (based on Xen) is able to perform the following: OS-level color diffusion, external (relative to the VM) logging and processing, and reconstruction of malware contamination steps. | ||
* [[http://friends.cs.purdue.edu/projects/pc/files/sinkfile.avi|Sinkfile demo]] -- A demo of the client side process coloring prototype. We show insulation as well as an attack. Requires the XVID codec to view. (Or, [[http://www.videolan.org/vlc/|VLC]].) This demo corresponds to the April PI meeting presentation. | * [[http://friends.cs.purdue.edu/projects/pc/files/sinkfile.avi|Sinkfile demo]] -- A demo of the client side process coloring prototype. We show insulation as well as an attack. Requires the XVID codec to view. (Or, [[http://www.videolan.org/vlc/|VLC]].) This demo corresponds to the April PI meeting presentation. | ||
+ | * [[http://friends.cs.purdue.edu/projects/pc/files/email.avi|Email file stealing demo]] -- A demo showing the alerts being generated when a sensitive file is about to emailed out of the system. Requires the XVID codec to view. (Or, [[http://www.videolan.org/vlc/|VLC]].) This demo corresponds to the September PI meeting presentation. | ||
===== Software ===== | ===== Software ===== | ||
Line 31: | Line 34: | ||
* [[http://spaf.cerias.purdue.edu/|Eugene Spafford]] | * [[http://spaf.cerias.purdue.edu/|Eugene Spafford]] | ||
* [[http://www.cs.purdue.edu/homes/rileyrd/|Ryan Riley]] | * [[http://www.cs.purdue.edu/homes/rileyrd/|Ryan Riley]] | ||
+ | * [[http://www.cs.purdue.edu/homes/dmstanle/|Dannie Stanley]] | ||
===== Past People ===== | ===== Past People ===== |