{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,25]],"date-time":"2025-03-25T14:50:11Z","timestamp":1742914211431,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031495847"},{"type":"electronic","value":"9783031495854"}],"license":[{"start":{"date-parts":[[2023,12,29]],"date-time":"2023-12-29T00:00:00Z","timestamp":1703808000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,12,29]],"date-time":"2023-12-29T00:00:00Z","timestamp":1703808000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-49585-4_5","type":"book-chapter","created":{"date-parts":[[2023,12,28]],"date-time":"2023-12-28T16:02:21Z","timestamp":1703779341000},"page":"93-114","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Analyzing Discrepancies in\u00a0Whole-Network Provenance"],"prefix":"10.1007","author":[{"given":"Raza","family":"Ahmad","sequence":"first","affiliation":[]},{"given":"Aniket","family":"Modi","sequence":"additional","affiliation":[]},{"given":"Eunjin","family":"Jung","sequence":"additional","affiliation":[]},{"given":"Carolina","family":"de Senne Garcia","sequence":"additional","affiliation":[]},{"given":"Hassaan","family":"Irshad","sequence":"additional","affiliation":[]},{"given":"Ashish","family":"Gehani","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,12,29]]},"reference":[{"key":"5_CR1","unstructured":"Ahmad, R., Jung, E., de Senne Garcia, C., Irshad, H., Gehani, A.: Discrepancy detection in whole-network provenance. In: Proceedings of the Twelfth USENIX Conference on Theory and Practice of Provenance, article no. 5 (2020)"},{"key":"5_CR2","doi-asserted-by":"publisher","first-page":"401","DOI":"10.1016\/j.future.2020.02.015","volume":"108","author":"G Berrada","year":"2020","unstructured":"Berrada, G., et al.: A baseline for unsupervised advanced persistent threat detection in system-level provenance. Futur. Gener. Comput. Syst. 108, 401\u2013413 (2020)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"5_CR3","unstructured":"Catlett, C.: The philosophy of TeraGrid: building an open, extensible, distributed terascale facility. In: Proceedings of the Second IEEE\/ACM International Symposium on Cluster Computing and the Grid (2002)"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Cheney, J.: A formal framework for provenance security. In: Proceedings of the Twenty-Fourth IEEE Computer Security Foundations Symposium, pp. 281\u2013293 (2011)","DOI":"10.1109\/CSF.2011.26"},{"key":"5_CR5","unstructured":"Defense Advanced Reseach Projects Agency, Transparent Computing (archived), Arlington, Virginia (darpa.mil\/program\/transparent-computing) (2023)"},{"key":"5_CR6","unstructured":"Dong, F., et al.: DISTDET: a cost-effective distributed cyber threat detection system. In: Proceedings of the Thirty-Second USENIX Security Symposium, pp. 6575\u20136592 (2023)"},{"key":"5_CR7","doi-asserted-by":"crossref","unstructured":"Frew, J., Bose, R.: Earth system science workbench: a data management infrastructure for earth science products. In: Proceedings of the Thirteenth International Conference on Scientific and Statistical Database Management, pp. 180\u2013189 (2001)","DOI":"10.1109\/SSDM.2001.938550"},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"Gehani, A., Kim, M.: Mendel: efficiently verifying the lineage of data modified in multiple trust domains. In: Proceedings of the Nineteenth ACM International Symposium on High Performance Distributed Computing, pp. 227\u2013239 (2010)","DOI":"10.1145\/1851476.1851503"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Gehani, A., Kim, M., Malik, T.: Efficient querying of distributed provenance stores. In: Proceedings of the Nineteenth ACM International Symposium on High Performance Distributed Computing, pp. 613\u2013621 (2010)","DOI":"10.1145\/1851476.1851567"},{"key":"5_CR10","unstructured":"Gehani, A., Kim, M., Zhang, J.: Steps toward managing lineage metadata in grid clusters. In: Proceedings of the First Workshop on the Theory and Practice of Provenance, article no. 7 (2009)"},{"key":"5_CR11","doi-asserted-by":"crossref","unstructured":"Gehani, A., Lindqvist, U.: Bonsai: balanced lineage authentication. In: Proceedings of the Twenty-Third Annual Computer Security Applications Conference, pp. 363\u2013373 (2007)","DOI":"10.1109\/ACSAC.2007.45"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Gehani, A., Tariq, D.: SPADE: support for provenance auditing in distributed environments. In: Proceedings of the ACM\/IFIP\/USENIX International Conference on Distributed Systems Platforms and Open Distributed Processing, pp. 101\u2013120 (2012)","DOI":"10.1007\/978-3-642-35170-9_6"},{"key":"5_CR13","doi-asserted-by":"publisher","first-page":"4363","DOI":"10.1109\/TIFS.2021.3098977","volume":"16","author":"H Irshad","year":"2021","unstructured":"Irshad, H., et al.: TRACE: enterprise-wide provenance tracking for real-time APT detection. IEEE Trans. Inf. Forensics Secur. 16, 4363\u20134376 (2021)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"5_CR14","doi-asserted-by":"crossref","unstructured":"Liao, C., Squicciarini, A.: Towards provenance-based anomaly detection in MapReduce. In: Proceedings of the Fifteenth IEEE\/ACM International Symposium on Cluster, Cloud and Grid Computing, pp. 647\u2013656 (2015)","DOI":"10.1109\/CCGrid.2015.16"},{"key":"5_CR15","series-title":"Lecture Notes in Mathematics","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/BFb0062536","volume-title":"Combinatorial Mathematics","author":"BD McKay","year":"1978","unstructured":"McKay, B.D.: Computing automorphisms and canonical labellings of graphs. In: Holton, D.A., Seberry, J. (eds.) Combinatorial Mathematics. LNM, vol. 686, pp. 223\u2013232. Springer, Heidelberg (1978). https:\/\/doi.org\/10.1007\/BFb0062536"},{"key":"5_CR16","unstructured":"Pancerella, C., et al.: Metadata in the collaboratory for multi-scale chemical sciences. In: Proceedings of the International Conference on Dublin Core and Metadata Applications, pp. 121\u2013129 (2003)"},{"key":"5_CR17","doi-asserted-by":"crossref","unstructured":"Pohly, D., McLaughlin, S., McDaniel, P., Butler, K.: Hi-Fi: collecting high-fidelity whole-system provenance. In: Proceedings of the Twenty-Eighth Annual Computer Security Applications Conference, pp. 259\u2013268 (2012)","DOI":"10.1145\/2420950.2420989"},{"issue":"3","key":"5_CR18","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1109\/TDSC.2013.44","volume":"12","author":"S Sultana","year":"2015","unstructured":"Sultana, S., Ghinita, G., Bertino, E., Shehab, M.: A lightweight secure scheme for detecting provenance forgery and packet drop attacks in wireless sensor networks. IEEE Trans. Dependable Secure Comput. 12(3), 256\u2013269 (2015)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"5_CR19","doi-asserted-by":"crossref","unstructured":"Tan, Y., Ko, R., Holmes, G.: Security and data accountability in distributed systems: a provenance survey. In: Proceedings of the Tenth IEEE International Conference on Embedded and Ubiquitous Computing, pp. 1571\u20131578 (2013)","DOI":"10.1109\/HPCC.and.EUC.2013.221"},{"issue":"5","key":"5_CR20","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1109\/MCSE.2014.80","volume":"16","author":"J Towns","year":"2014","unstructured":"Towns, J., et al.: XSEDE: accelerating scientific discovery. Comput. Sci. Eng. 16(5), 62\u201374 (2014)","journal-title":"Comput. Sci. Eng."},{"key":"5_CR21","doi-asserted-by":"crossref","unstructured":"Hassan, W.U., Aguse, L., Aguse, N., Bates, A., Moyer, T.: Towards scalable cluster auditing through grammatical inference over provenance graphs. In: Proceedings of the Twenty-Fifth Network and Distributed Systems Security Symposium (2018)","DOI":"10.14722\/ndss.2018.23141"},{"key":"5_CR22","unstructured":"Wang, X., Zeng, K., Govindan, K., Mohapatra, P.: Chaining for securing data provenance in distributed information networks. In: Proceedings of the IEEE Military Communications Conference (2012)"},{"key":"5_CR23","unstructured":"Widom, J.: Trio: a system for integrated management of data, accuracy and lineage. In: Proceedings of the Second Biennial Conference on Innovative Data Systems Research, pp. 262\u2013276 (2005)"},{"key":"5_CR24","doi-asserted-by":"crossref","unstructured":"Wolstencroft, K., et al.: The taverna workflow suite: designing and executing workflows of web services on the desktop, web or in the cloud. Nucleic Acids Res. 41(WS), W557\u2013W561 (2013)","DOI":"10.1093\/nar\/gkt328"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"Zhao, D., et al.: FusionFS: toward supporting data-intensive scientific applications on extreme-scale high-performance computing systems. In: Proceedings of the Second IEEE International Conference on Big Data, pp. 61\u201370 (2014)","DOI":"10.1109\/BigData.2014.7004214"},{"key":"5_CR26","unstructured":"Zhou, W., Ding, L., Haeberlen, A., Ives, Z., Loo, B.: TAP: time-aware provenance for distributed systems. In: Proceedings of the Third USENIX Workshop on the Theory and Practice of Provenance (2011)"},{"issue":"2","key":"5_CR27","doi-asserted-by":"publisher","first-page":"49","DOI":"10.14778\/2535568.2448939","volume":"6","author":"W Zhou","year":"2012","unstructured":"Zhou, W., et al.: Distributed time-aware provenance. Proc. VLDB Endow. 6(2), 49\u201360 (2012)","journal-title":"Proc. VLDB Endow."},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Zhou, W., Sherr, M., Tao, T., Li, X., Loo, B., Mao, Y.: Efficient querying and maintenance of network provenance at internet-scale. In: Proceedings of the Twenty-Ninth ACM SIGMOD International Conference on Management of Data, pp. 615\u2013626 (2010)","DOI":"10.1145\/1807167.1807234"}],"container-title":["IFIP Advances in Information and Communication Technology","Critical Infrastructure Protection XVII"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-49585-4_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,7]],"date-time":"2024-11-07T00:12:34Z","timestamp":1730938354000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-49585-4_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,12,29]]},"ISBN":["9783031495847","9783031495854"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-49585-4_5","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2023,12,29]]},"assertion":[{"value":"29 December 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICCIP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Critical Infrastructure Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Arlington, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 March 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 March 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iccip2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}