Repository: eastmountyxz/APT-ProvenanceGraph Branch: main Commit: 2cbbe4d90cdd Files: 1 Total size: 7.0 KB Directory structure: gitextract_4kf7zp_y/ └── README.md ================================================ FILE CONTENTS ================================================ ================================================ FILE: README.md ================================================ # APT-ProvenanceGraph 该资源是各种溯源图相关的论文和资源总结,根目录为作者分享文章的PPT。涉及APT攻击检测、入侵检测、流量日志检测、系统安全等领域,希望对大家有所帮助~ `推荐作者博客` - [基于溯源图的APT攻击检测安全顶会总结](https://blog.csdn.net/Eastmount/article/details/120555733) `目录` - [学术界](#学术界) - [企业界](#企业界) ---- ## 学术界 - https://camflow.org/#about ### Provenance Graph **【2016-2018】** Shiqing Ma, et al. **ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and Tainting**. NDSS 2016 - Paper: https://friends.cs.purdue.edu/pubs/NDSS16.pdf - Contribution: - Institution:Purdue University Md Nahid Hossain, et al. **SLEUTH Real-time Attack Scenario Reconstruction from COTS Audit Data**. USENIX Sec 2017 - Paper: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-hossain.pdf - Contribution: - Institution:Stony Brook University, University of Illinois at Chicago Yushan Liu, et al. **Towards a Timely Causality Analysis for Enterprise Security**. PrioTracker, NDSS 2018 - Paper: https://www.princeton.edu/~pmittal/publications/priotracker-ndss18.pdf - Contribution: - Institution:Princeton University, Cornell University, NEC Labs America Wajih Ul Hassan, et al. **Towards Scalable Cluster Auditing through Grammatical Inference over Provenance Graphs**. NDSS 2018 - Paper: https://whassan3.web.engr.illinois.edu/papers/hassan-ndss18.pdf - Contribution: - Institution:University of Illinois at Urbana-Champaign, Boston University, UNC Charlotte Yang Ji, et al. **Enabling Refinable Cross-Host Attack Investigation with Efficient Data Flow Tagging and Tracking**. USENIX Sec 2018 - Paper: https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-ji.pdf - Contribution: - Institution:Georgia Institute of Technology Thomas F. J.-M. Pasquier, et al. **Runtime Analysis of Whole-System Provenance**. CCS 2018 - Paper: https://dl.acm.org/doi/pdf/10.1145/3243734.3243776 - Contribution: - Institution:University of Bristol, Harvard University, University of North Carolina at Charlotte, University of Illinois at Urbana-Champaign --- **【2019】** Sadegh M. Milajerdi, et al. **Poirot: Aligning Attack Behavior with Kernel Audit Records for Cyber Threat Hunting**. CCS 2019 - Paper: https://arxiv.org/pdf/1910.00056.pdf - Contribution: - Institution:University of Illinois at Chicago, University of Michigan-Dearborn Sadegh M. Milajerdi, et al. **HOLMES: Real-Time APT Detection through Correlation of Suspicious Information Flows**. IEEE S&P 2019 - Paper: https://arxiv.org/pdf/1810.01594.pdf - Contribution: - Institution:University of Illinois at Chicago, University of Michigan-Dearborn, Stony Brook University Wajih Ul Hassan, et al. **NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage**. NDSS 2019 - Paper: https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_03B-1-3_UlHassan_paper.pdf - Contribution: - Institution:University of Illinois at Urbana-Champaign, Virginia Tech, NEC Laboratories America --- **【2020】** Wajih Ul Hassan, et al. **Tactical Provenance Analysis for Endpoint Detection and Response Systems**. RapSheet. IEEE S&P 2020 - Paper: https://ieeexplore.ieee.org/document/9152771 - Contribution: - Institution:University of Illinois at Urbana-Champaign, NortonLifeLock Research Group Xueyuan Han, et al. **Unicorn: Runtime Provenance-Based Detector for Advanced Persistent Threats**. NDSS 2020 - Paper: https://arxiv.org/pdf/2001.01525.pdf - Contribution: - Institution:Harvard University, University of Bristol, University of Illinois at Urbana-Champaign, University of British Columbia Qi Wang, et al. **You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis**. NDSS 2020 - Paper: https://www.ndss-symposium.org/wp-content/uploads/2020/02/24167-paper.pdf - Contribution: - Institution:University of Illinois Urbana-Champaign, NEC Laboratories America, University of Texas at Dallas Riccardo Paccagnella, et al. **Logging to the Danger Zone: Race Condition Attacks and Defenses on System Audit Frameworks**. CCS 2020 - Paper: https://www.kevliao.com/publications/kennyloggings-ccs2020.pdf - Contribution: - Institution:University of Illinois at Urbana-Champaign, Purdue University Wajih Ul Hassan, et al. **OmegaLog: High-Fidelity Attack Investigation via Transparent Multi-layer Log Analysis**. NDSS 2020 - Paper: https://www.ndss-symposium.org/wp-content/uploads/2020/02/24270-paper.pdf - Contribution: - Institution:University of Illinois at Urbana-Champaign --- **【2021】** Abdulellah Alsaheel, et al. **ATLAS: A Sequence-based Learning Approach for Attack Investigation**. USENIX Sec 2021 - Paper: https://www.usenix.org/system/files/sec21-alsaheel.pdf - Contribution: - Institution:Purdue University Carter Yagemann, et al. **Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks**. CCS 2021 - Paper: https://dl.acm.org/doi/pdf/10.1145/3460120.3484551 - Contribution: - Institution:Georgia Institute of Technology, University of Illinois Urbana-Champaign Xutong Chen, et al. **CLARION: Sound and Clear Provenance Tracking for Microservice Deployments**. USENIX Sec 2021 - Paper: https://www.usenix.org/system/files/sec21-chen-xutong.pdf - Contribution: - Institution:Northwestern University, SRI International Le Yu, et al. **ALchemist: Fusing Application and Audit Logs for Precise Attack Provenance without Instrumentation**. NDSS 2021 - Paper: https://www.ndss-symposium.org/wp-content/uploads/ndss2021_7A-2_24445_paper.pdf - Contribution: - Institution:Purdue University, Rutgers University, Sandia National Laboratories, SRI Internationa Kiavash Satvat, et al. **EXTRACTOR: Extracting Attack Behavior from Threat Reports**. EuroS&P 2021 - Paper: https://arxiv.org/pdf/2104.08618.pdf - Contribution: - Institution:University of Illinois at Chicago Zhenyuan Li, et al. **Threat detection and investigation with system-level provenance graphs: A survey**. C&S 2021 - Paper: https://www.sciencedirect.com/science/article/pii/S0167404821001061 - Contribution: - Institution:Zhejiang University, University of California, Northwestern University <div align=center><img src="https://github.com/eastmountyxz/APT-ProvenanceGraph/blob/main/summary-01.png" width="60%" height="60%" /></div> <br /> <div align=center><img src="https://github.com/eastmountyxz/APT-ProvenanceGraph/blob/main/summary-02.png" width="60%" height="60%" /></div> --- ### Knowledge Graph Jun Zhao, et al. **Cyber Threat Intelligence Modeling Based on Heterogeneous Graph Convolutional Network**. RAID 2020 - Paper: https://www.usenix.org/system/files/raid20-zhao.pdf - Contribution: - Institution:Beihang University, Michigan State University Yali Gao, et al. **HinCTI: A Cyber Threat Intelligence Modeling and Identification System Based on Heterogeneous Information Network**. IEEE TKDE 2020 - Paper: https://ieeexplore.ieee.org/document/9072563 - Contribution: - Institution: Beijing University of Posts and Telecommunications, Beihang University, University of Illinois at Chicago --- 软工溯源图相关论文 --- ## 企业界 - FireEye - 卡巴斯基 - 绿盟:http://blog.nsfocus.net/tag/知识图谱/ - 作者博客 --- ## 安全知识图谱-Paper --- By:Eastmount 2022-04-02
gitextract_4kf7zp_y/ └── README.md
Condensed preview — 1 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (8K chars).
[
{
"path": "README.md",
"chars": 7156,
"preview": "# APT-ProvenanceGraph\n该资源是各种溯源图相关的论文和资源总结,根目录为作者分享文章的PPT。涉及APT攻击检测、入侵检测、流量日志检测、系统安全等领域,希望对大家有所帮助~\n\n\n`推荐作者博客`\n- [基于溯源图的AP"
}
]
About this extraction
This page contains the full source code of the eastmountyxz/APT-ProvenanceGraph GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 1 files (7.0 KB), approximately 2.0k tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.