User Tools

Site Tools


process_coloring

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
process_coloring [2007/10/30 12:59]
ryan created
process_coloring [2009/12/17 16:02] (current)
dxu
Line 3: Line 3:
  
 ===== Publications ===== ===== Publications =====
-  * "​Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach." ​ Xuxian Jiang, Florian Buchholz, AAron Walters, Dongyan Xu, Yi-Min Wang, and Eugene H. Spafford.  ​To appear in //IEEE Transactions on Parallel and Distributed Systems//2007.+  * [[http://​friends.cs.purdue.edu/​pubs/​TPDS_process_coloring.pdf|"​Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach."​]]  ​Xuxian Jiang, Florian Buchholz, AAron Walters, Dongyan Xu, Yi-Min Wang, and Eugene H. Spafford. ​ IEEE Transactions on Parallel and Distributed Systems, ​19(7), 2008.
  
-  * "​Provenance-Aware Tracing of Worm Break-in and Contaminations:​ A Process Coloring Approach." ​ Xuxian Jiang, AAron Walters, Florian Buchholz, Dongyan Xu, Yi-Min Wang, Eugene H. Spafford. ​ Proceedings of //IEEE International Conference on Distributed Computing Systems// ([[http://​icdcs2006.di.fc.ul.pt/​|ICDCS 2006]]), Lisboa, Portugal, July 2006. +  * [[http://​friends.cs.purdue.edu/​pubs/​ICDCS06.pdf|"​Provenance-Aware Tracing of Worm Break-in and Contaminations:​ A Process Coloring Approach."​]]  ​Xuxian Jiang, AAron Walters, Florian Buchholz, Dongyan Xu, Yi-Min Wang, Eugene H. Spafford. ​ Proceedings of //IEEE International Conference on Distributed Computing Systems// ([[http://​icdcs2006.di.fc.ul.pt/​|ICDCS 2006]]), Lisboa, Portugal, July 2006.
-    * [[http://​cairo.cs.purdue.edu/​pubs/​ICDCS06.pdf|PDF]]+
  
-===== Demo ===== +===== Documentation ​===== 
-[[http://cairo.cs.purdue.edu/​projects/​pc/​pc-demo.html|A preliminary demo]] -- A demo of the process coloring ​prototype. While still under development,​ the current prototype (based on Xen) is able to perform the following: OS-level color diffusion, external (relative to the VM) logging and processing, and reconstruction of malware contamination steps.+  ​* ​[[http://friends.cs.purdue.edu/​projects/​pc/​files/DTO-handout.pdf|Handout]] -- A handout summarizing ​the process coloring ​technique.
  
-===== Software ​=====+===== Presentations ​===== 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​DTO_Kickoff_030707.ppt|DTO Kickoff Presentation]] -- The powerpoint slides corresponding to the 5 minutes introduction presention given at the DTO kickoff meeting. 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​DTO_Site_071907.ppt|Site Visit Presentation]] -- A longer presentation discussing the process coloring work and the administrative details of the project and its funding. 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​DTO_Site_071907_GMU.ppt|GMU Subcontract]] -- A brief presentation discussing the GMU subcontract as well as the evaluation facility of process coloring. 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​DTO_Purdue_091907.ppt|September PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress.  
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​NICIAR_Purdue_012508.ppt|January Reverse Site Visit Presentation]] -- An update of our progress over the last few quarters. Also contains the new client side problems we're approaching as of the presentation. 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​NICIAR_Purdue_0409.ppt|April PI Meeting Presentation]] -- A technical overview of the process coloring system and report of current progress. 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​NICIAR_Purdue_0725.ppt|July Site Visit Presentation]] -- A report of current progress including an introduction to the initial design of integration with DDFA. 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​NICIAR_Purdue_0923.ppt|September PI Meeting Presentation - Purdue]] -- A report of current progress including initial performance results. 
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​NICIAR_Colab_0923.ppt|September PI Meeting Presentation - Collaboration]] -- A report of current progress on the collaborative effort with Southwest Research Institute and the University of Texas.
  
 +===== Demos =====
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​pc-demo.html|A preliminary demo]] -- A demo of the process coloring prototype. While still under development,​ the current prototype (based on Xen) is able to perform the following: OS-level color diffusion, external (relative to the VM) logging and processing, and reconstruction of malware contamination steps.
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​sinkfile.avi|Sinkfile demo]] -- A demo of the client side process coloring prototype. We show insulation as well as an attack. Requires the XVID codec to view. (Or, [[http://​www.videolan.org/​vlc/​|VLC]].) ​ This demo corresponds to the April PI meeting presentation.
 +  * [[http://​friends.cs.purdue.edu/​projects/​pc/​files/​email.avi|Email file stealing demo]] -- A demo showing the alerts being generated when a sensitive file is about to emailed out of the system. Requires the XVID codec to view. (Or, [[http://​www.videolan.org/​vlc/​|VLC]].) ​ This demo corresponds to the September PI meeting presentation.
  
-===== People ​===== +===== Software ​===== 
-  * [[http://​www.cs.purdue.edu/​homes/​rileyrd/​|Ryan Riley]] +A preliminary release of the server side process coloring code is available upon request.  ​Email us! 
-  * [[http://​www.ise.gmu.edu/​~xjiang/​|Xuxian Jiang]]+ 
 +===== Current People =====
   * [[http://​www.cs.purdue.edu/​homes/​dxu/​|Dongyan Xu]]   * [[http://​www.cs.purdue.edu/​homes/​dxu/​|Dongyan Xu]]
 +  * [[http://​www.ise.gmu.edu/​~xjiang/​|Xuxian Jiang]]
 +  * [[http://​spaf.cerias.purdue.edu/​|Eugene Spafford]]
 +  * [[http://​www.cs.purdue.edu/​homes/​rileyrd/​|Ryan Riley]]
 +  * [[http://​www.cs.purdue.edu/​homes/​dmstanle/​|Dannie Stanley]]
  
 +===== Past People =====
 +  * [[http://​users.cs.jmu.edu/​buchhofp/​|Florian Buchholz]]
 +  * [[http://​www.4tphi.net/​~awalters/​|AAron Walters]]
 +  * [[http://​research.microsoft.com/​~ymwang/​|Yi-Min Wang]]
  
process_coloring.1193763563.txt.gz · Last modified: 2007/10/30 12:59 (external edit)