Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/162932
Title: Provenance graph generation for intrusion detection
Authors: Jabir Shah Halith
Keywords: Engineering::Computer science and engineering
Issue Date: 2022
Publisher: Nanyang Technological University
Source: Jabir Shah Halith (2022). Provenance graph generation for intrusion detection. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/162932
Abstract: Provenance is defined as the origin or the earliest known history of a thing. In the aspect of data provenance, it defines the origin of a data and how it was created, and actions performed on the data. These data could be used for forensics and security. This project aims to capture whole system provenance to detect any intrusion. There are multiple systems to capture the provenance such as Provenance Aware Storage System(PASS), Hi-Fi, Linux Provenance Module (LPM), CamFlow. This project focuses on setting up CamFlow, a whole-system provenance capture mechanism. The data captured from various intrusion scenarios using the CamFlow system would be streamed to Flurry. Flurry is a web server based; end-to-end data pipeline connected to CamFlow to generate provenance graphs. This project shows how CamFlow, and Flurry can be integrated to analyse for any intrusion in systems.
URI: https://hdl.handle.net/10356/162932
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
FYP Final Report.pdf
  Restricted Access
1.84 MBAdobe PDFView/Open

Page view(s)

19
Updated on Nov 25, 2022

Download(s)

3
Updated on Nov 25, 2022

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.