Person:
Goldstein, Mark

Profile Picture

Email Address

AA Acceptance Date

Birth Date

Research Projects

Organizational Units

Job Title

Last Name

Goldstein

First Name

Mark

Name

Goldstein, Mark

Filters

2017 - 20182

Settings

Author's Publications: search.filters.isAuthorOfPublication.79976aeb-3b9b-4ef9-ada1-fa6881fa0078

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Publication
    Practical whole-system provenance capture
    (ACM, 2018-04-09) Pasquier, Thomas; Han, Xueyuan Michael; Goldstein, Mark; Moyer, Thomas; Eyers, David; Seltzer, Margo; Bacon, Jean
    Data provenance describes how data came to be in its present form. It includes data sources and the transformations that have been applied to them. Data provenance has many uses, from forensics and security to aiding the reproducibility of scientific experiments. We present CamFlow, a whole-system provenance capture mechanism that integrates easily into a PaaS offering. While there have been several prior whole-system provenance systems that captured a comprehensive, systemic and ubiquitous record of a system’s behavior, none have been widely adopted. They either A) impose too much overhead, B) are designed for long-outdated kernel releases and are hard to port to current systems, C) generate too much data, or D) are designed for a single system. CamFlow addresses these shortcoming by: 1) leveraging the latest kernel design advances to achieve efficiency; 2) using a self-contained, easily maintainable implementation relying on a Linux Security Module, NetFilter, and other existing kernel facilities; 3) providing a mechanism to tailor the captured provenance data to the needs of the application; and 4) making it easy to integrate provenance across distributed systems. The provenance we capture is streamed and consumed by tenant-built auditor applications. We illustrate the usability of our implementation by describing three such applications: demonstrating compliance with data regulations; performing fault/intrusion detection; and implementing data loss prevention. We also show how CamFlow can be leveraged to capture meaningful provenance without modifying existing applications.
  • Thumbnail Image
    Publication
    FRAPpuccino: Fault-detection through Runtime Analysis of Provenance
    (2017) Han, Xueyuan Michael; Pasquier, Thomas; Ranjan, Tanvi; Goldstein, Mark; Seltzer, Margo
    We present FRAPpuccino (or FRAP), a provenance- based fault detection mechanism for Platform as a Ser- vice (PaaS) users, who run many instances of an appli- cation on a large cluster of machines. FRAP models, records, and analyzes the behavior of an application and its impact on the system as a directed acyclic provenance graph. It assumes that most instances behave normally and uses their behavior to construct a model of legitimate behavior. Given a model of legitimate behavior, FRAP uses a dynamic sliding window algorithm to compare a new instance’s execution to that of the model. Any in- stance that does not conform to the model is identified as an anomaly. We present the FRAP prototype and ex- perimental results showing that it can accurately detect application anomalies.