Twitter
Facebook
LinkedIn
Google+
YouTubeusenix conference policies
Towards Secure User-space Provenance Capture
Nikilesh Balakrishnan, Thomas Bytheway, Lucian Carata, Ripduman Sohan, and Andy Hopper, University of Cambridge
System and library call interception performed entirely in user-space is a viable technique for provenance capture. The primary advantages of such an approach are that it is lightweight, has a low barrier to adoption and does not require root privileges to install and configure. However, since both the user’s application and the provenance capture mechanism execute at the same privilege level and as part of the same address there is ample opportunity for an untrustworthy user or application to either circumvent or falsify provenance during capture.
We describe a security threat model for such provenance capture mechanisms, discuss various attack vectors to circumvent or falsify provenance collection and finally argue that hardening against such attacks is possible if the application is sandboxed using contemporary techniques in the area of user-space software-based fault isolation.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
title = {Towards Secure User-space Provenance Capture},
booktitle = {8th USENIX Workshop on the Theory and Practice of Provenance (TaPP 16)},
year = {2016},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/tapp16/workshop-program/presentation/balakrishnan},
publisher = {USENIX Association},
month = jun
}
connect with us