Provenance graph generation for intrusion detection
Provenance is defined as the origin or the earliest known history of a thing. In the aspect of data provenance, it defines the origin of a data and how it was created, and actions performed on the data. These data could be used for forensics and security. This project aims to capture whole syst...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2022
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/162932 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-162932 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1629322022-11-14T05:19:47Z Provenance graph generation for intrusion detection Jabir Shah Halith Ke Yiping, Kelly School of Computer Science and Engineering ypke@ntu.edu.sg Engineering::Computer science and engineering Provenance is defined as the origin or the earliest known history of a thing. In the aspect of data provenance, it defines the origin of a data and how it was created, and actions performed on the data. These data could be used for forensics and security. This project aims to capture whole system provenance to detect any intrusion. There are multiple systems to capture the provenance such as Provenance Aware Storage System(PASS), Hi-Fi, Linux Provenance Module (LPM), CamFlow. This project focuses on setting up CamFlow, a whole-system provenance capture mechanism. The data captured from various intrusion scenarios using the CamFlow system would be streamed to Flurry. Flurry is a web server based; end-to-end data pipeline connected to CamFlow to generate provenance graphs. This project shows how CamFlow, and Flurry can be integrated to analyse for any intrusion in systems. Bachelor of Engineering (Computer Science) 2022-11-14T05:19:46Z 2022-11-14T05:19:46Z 2022 Final Year Project (FYP) Jabir Shah Halith (2022). Provenance graph generation for intrusion detection. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/162932 https://hdl.handle.net/10356/162932 en application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering |
| spellingShingle |
Engineering::Computer science and engineering Jabir Shah Halith Provenance graph generation for intrusion detection |
| description |
Provenance is defined as the origin or the earliest known history of a thing. In the
aspect of data provenance, it defines the origin of a data and how it was created,
and actions performed on the data. These data could be used for forensics and
security. This project aims to capture whole system provenance to detect any
intrusion. There are multiple systems to capture the provenance such as Provenance
Aware Storage System(PASS), Hi-Fi, Linux Provenance Module (LPM), CamFlow.
This project focuses on setting up CamFlow, a whole-system provenance capture
mechanism. The data captured from various intrusion scenarios using the CamFlow
system would be streamed to Flurry. Flurry is a web server based; end-to-end data
pipeline connected to CamFlow to generate provenance graphs. This project shows
how CamFlow, and Flurry can be integrated to analyse for any intrusion in systems. |
| author2 |
Ke Yiping, Kelly |
| author_facet |
Ke Yiping, Kelly Jabir Shah Halith |
| format |
Final Year Project |
| author |
Jabir Shah Halith |
| author_sort |
Jabir Shah Halith |
| title |
Provenance graph generation for intrusion detection |
| title_short |
Provenance graph generation for intrusion detection |
| title_full |
Provenance graph generation for intrusion detection |
| title_fullStr |
Provenance graph generation for intrusion detection |
| title_full_unstemmed |
Provenance graph generation for intrusion detection |
| title_sort |
provenance graph generation for intrusion detection |
| publisher |
Nanyang Technological University |
| publishDate |
2022 |
| url |
https://hdl.handle.net/10356/162932 |
| _version_ |
1751548489732456448 |