{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,19]],"date-time":"2025-11-19T07:01:45Z","timestamp":1763535705257,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":68,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,12,3]],"date-time":"2018-12-03T00:00:00Z","timestamp":1543795200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,12,3]]},"DOI":"10.1145\/3274694.3274751","type":"proceedings-article","created":{"date-parts":[[2020,4,13]],"date-time":"2020-04-13T02:37:37Z","timestamp":1586745457000},"page":"605-617","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Lprov"],"prefix":"10.1145","author":[{"given":"Fei","family":"Wang","sequence":"first","affiliation":[{"name":"Purdue University"}]},{"given":"Yonghwi","family":"Kwon","sequence":"additional","affiliation":[{"name":"University of Virginia"}]},{"given":"Shiqing","family":"Ma","sequence":"additional","affiliation":[{"name":"Purdue University"}]},{"given":"Xiangyu","family":"Zhang","sequence":"additional","affiliation":[{"name":"Purdue University"}]},{"given":"Dongyan","family":"Xu","sequence":"additional","affiliation":[{"name":"Purdue University"}]}],"member":"320","published-online":{"date-parts":[[2018,12,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2018. Apache Benchmark. https:\/\/httpd.apache.org\/docs\/2.2\/programs\/ab.html.  2018. Apache Benchmark. https:\/\/httpd.apache.org\/docs\/2.2\/programs\/ab.html."},{"key":"e_1_3_2_1_2_1","unstructured":"2018. CVE-2015-7547. https:\/\/goo.gl\/MTpo3V.  2018. CVE-2015-7547. https:\/\/goo.gl\/MTpo3V."},{"key":"e_1_3_2_1_3_1","unstructured":"2018. CVE-2015-7547 Exploit-DB. https:\/\/www.exploit-db.com\/exploits\/39454\/.  2018. CVE-2015-7547 Exploit-DB. https:\/\/www.exploit-db.com\/exploits\/39454\/."},{"key":"e_1_3_2_1_4_1","unstructured":"2018. CVE-2015-7547 Google Security Blog. https:\/\/goo.gl\/rHw1C5.  2018. CVE-2015-7547 Google Security Blog. https:\/\/goo.gl\/rHw1C5."},{"key":"e_1_3_2_1_5_1","unstructured":"2018. CVE-2015-7547 Patch. https:\/\/goo.gl\/6ZhooX.  2018. CVE-2015-7547 Patch. https:\/\/goo.gl\/6ZhooX."},{"key":"e_1_3_2_1_6_1","unstructured":"2018. Darpa Transparent Computing. https:\/\/goo.gl\/EA77zv.  2018. Darpa Transparent Computing. https:\/\/goo.gl\/EA77zv."},{"key":"e_1_3_2_1_7_1","unstructured":"2018. ftpbench. https:\/\/github.com\/selectel\/ftpbench.  2018. ftpbench. https:\/\/github.com\/selectel\/ftpbench."},{"key":"e_1_3_2_1_8_1","unstructured":"2018. An Introduction to KProbes. https:\/\/lwn.net\/Articles\/132196\/.  2018. An Introduction to KProbes. https:\/\/lwn.net\/Articles\/132196\/."},{"key":"e_1_3_2_1_9_1","unstructured":"2018. KProbes. https:\/\/goo.gl\/SH2s4r.  2018. KProbes. https:\/\/goo.gl\/SH2s4r."},{"key":"e_1_3_2_1_10_1","unstructured":"2018. Linux Ebury. https:\/\/goo.gl\/T677bv.  2018. Linux Ebury. https:\/\/goo.gl\/T677bv."},{"key":"e_1_3_2_1_11_1","unstructured":"2018. Linux Security Module. https:\/\/goo.gl\/gW2ykd.  2018. Linux Security Module. https:\/\/goo.gl\/gW2ykd."},{"key":"e_1_3_2_1_12_1","unstructured":"2018. sunspider. https:\/\/webkit.org\/perf\/sunspider\/sunspider.html.  2018. sunspider. https:\/\/webkit.org\/perf\/sunspider\/sunspider.html."},{"key":"e_1_3_2_1_13_1","unstructured":"2018. Tracepoints. https:\/\/goo.gl\/TB6cas.  2018. Tracepoints. https:\/\/goo.gl\/TB6cas."},{"key":"e_1_3_2_1_14_1","unstructured":"2018. Updating Host Keys. https:\/\/goo.gl\/ztY8QT.  2018. Updating Host Keys. https:\/\/goo.gl\/ztY8QT."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2002.1033782"},{"key":"e_1_3_2_1_16_1","volume-title":"Using Magpie for Request Extraction and Workload Modelling. In OSDI'04","author":"Barham Paul","year":"2004","unstructured":"Paul Barham , Austin Donnelly , Rebecca Isaacs , and Richard Mortier . 2004 . Using Magpie for Request Extraction and Workload Modelling. In OSDI'04 . Paul Barham, Austin Donnelly, Rebecca Isaacs, and Richard Mortier. 2004. Using Magpie for Request Extraction and Workload Modelling. In OSDI'04."},{"key":"e_1_3_2_1_17_1","unstructured":"Adam Bates Dave (Jing) Tian Kevin R.B. Butler and Thomas Moyer. 2015. Trustworthy Whole-System Provenance for the Linux Kernel. In USENIX Security'15).   Adam Bates Dave (Jing) Tian Kevin R.B. Butler and Thomas Moyer. 2015. Trustworthy Whole-System Provenance for the Linux Kernel. In USENIX Security'15)."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813691"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-23644-0_1"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/11890850_18"},{"key":"e_1_3_2_1_21_1","volume-title":"SSYM'04","author":"Chow Jim","year":"2004","unstructured":"Jim Chow , Ben Pfaff , Tal Garfinkel , Kevin Christopher , and Mendel Rosenblum . 2004 . Understanding Data Lifetime via Whole System Simulation . In SSYM'04 . Jim Chow, Ben Pfaff, Tal Garfinkel, Kevin Christopher, and Mendel Rosenblum. 2004. Understanding Data Lifetime via Whole System Simulation. In SSYM'04."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273463.1273490"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2012.05.013"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095813"},{"key":"e_1_3_2_1_25_1","volume-title":"TaintDroid: An Information-Flow Tracking System for Real-time Privacy Monitoring on Smartphones. In OSDI'10","author":"Enck William","year":"2010","unstructured":"William Enck , Peter Gilbert , Byung-Gon Chun , Landon P. Cox , Jaeyeon Jung , Patrick D. McDaniel , and Anmol Sheth . 2010 . TaintDroid: An Information-Flow Tracking System for Real-time Privacy Monitoring on Smartphones. In OSDI'10 . William Enck, Peter Gilbert, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick D. McDaniel, and Anmol Sheth. 2010. TaintDroid: An Information-Flow Tracking System for Real-time Privacy Monitoring on Smartphones. In OSDI'10."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"Matt Fredrikson Mihai Christodorescu Jonathon T. Giffin and Somesh Jha. 2010. A Declarative Framework for Intrusion Analysis. In Cyber Situational Awareness - Issues and Research. 179--200.  Matt Fredrikson Mihai Christodorescu Jonathon T. Giffin and Somesh Jha. 2010. A Declarative Framework for Intrusion Analysis. In Cyber Situational Awareness - Issues and Research. 179--200.","DOI":"10.1007\/978-1-4419-0140-8_9"},{"key":"e_1_3_2_1_27_1","volume-title":"SPADE: Support for Provenance Auditing in Distributed Environments. In Middleware' 12.","author":"Gehani Ashish","year":"2012","unstructured":"Ashish Gehani and Dawood Tariq . 2012 . SPADE: Support for Provenance Auditing in Distributed Environments. In Middleware' 12. Ashish Gehani and Dawood Tariq. 2012. SPADE: Support for Provenance Auditing in Distributed Environments. In Middleware' 12."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095826"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3140549.3140551"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1719030.1719033"},{"key":"e_1_3_2_1_31_1","volume-title":"Keromytis","author":"Jee Kangkook","year":"2012","unstructured":"Kangkook Jee , Georgios Portokalidis , Vasileios P. Kemerlis , Soumyadeep Ghosh , David I. August , and Angelos D . Keromytis . 2012 . A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware. In NDSS ' 12. Kangkook Jee, Georgios Portokalidis, Vasileios P. Kemerlis, Soumyadeep Ghosh, David I. August, and Angelos D. Keromytis. 2012. A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware. In NDSS' 12."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134045"},{"key":"e_1_3_2_1_33_1","unstructured":"Yang Ji Sangho Lee and Wenke Lee. 2016. RecProv: Towards Provenance-Aware User Space Record and Replay. In IPAW' 16.  Yang Ji Sangho Lee and Wenke Lee. 2016. RecProv: Towards Provenance-Aware User Space Record and Replay. In IPAW' 16."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2006.69"},{"key":"e_1_3_2_1_35_1","unstructured":"Min Gyung Kang Stephen McCamant Pongsin Poosankam and Dawn Song. 2011. DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation. In NDSS' 11.  Min Gyung Kang Stephen McCamant Pongsin Poosankam and Dawn Song. 2011. DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation. In NDSS' 11."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053034"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2151024.2151042"},{"key":"e_1_3_2_1_38_1","unstructured":"Taesoo Kim Xi Wang Nickolai Zeldovich and M. Frans Kaashoek. 2010. Intrusion Recovery Using Selective Re-execution. In OSDI' 10.   Taesoo Kim Xi Wang Nickolai Zeldovich and M. Frans Kaashoek. 2010. Intrusion Recovery Using Selective Re-execution. In OSDI' 10."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945467"},{"volume-title":"Enriching Intrusion Alerts Through Multi-Host Causality. In NDSS'05","author":"King Samuel T.","key":"e_1_3_2_1_40_1","unstructured":"Samuel T. King , Zhuoqing Morley Mao , Dominic G. Lucchetti , and Peter M. Chen . 2005 . Enriching Intrusion Alerts Through Multi-Host Causality. In NDSS'05 . Samuel T. King, Zhuoqing Morley Mao, Dominic G. Lucchetti, and Peter M. Chen. 2005. Enriching Intrusion Alerts Through Multi-Host Causality. In NDSS'05."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064217"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866314"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872362.2872395"},{"key":"e_1_3_2_1_44_1","unstructured":"Kyu Hyung Lee Xiangyu Zhang and Dongyan Xu. 2013. High Accuracy Attack Provenance via Binary-based Execution Partition. In NDSS' 13.  Kyu Hyung Lee Xiangyu Zhang and Dongyan Xu. 2013. High Accuracy Attack Provenance via Binary-based Execution Partition. In NDSS' 13."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516731"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2818000.2818039"},{"key":"e_1_3_2_1_47_1","volume-title":"Xiangyu Zhang, and Dongyan Xu.","author":"Ma Shiqing","year":"2017","unstructured":"Shiqing Ma , Juan Zhai , Fei Wang , Kyu Hyung Lee , Xiangyu Zhang, and Dongyan Xu. 2017 . MPI : Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning. In USENIX Security ' 17. Shiqing Ma, Juan Zhai, Fei Wang, Kyu Hyung Lee, Xiangyu Zhang, and Dongyan Xu. 2017. MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning. In USENIX Security' 17."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23350"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1375581.1375606"},{"key":"e_1_3_2_1_50_1","volume-title":"Layering in Provenance Systems. In USENIX ATC'09","author":"Muniswamy-Reddy Kiran-Kumar","year":"2009","unstructured":"Kiran-Kumar Muniswamy-Reddy , Uri Braun , David A. Holland , Peter Macko , Diana Maclean , Daniel Margo , Margo Seltzer , and Robin Smogor . 2009 . Layering in Provenance Systems. In USENIX ATC'09 . Kiran-Kumar Muniswamy-Reddy, Uri Braun, David A. Holland, Peter Macko, Diana Maclean, Daniel Margo, Margo Seltzer, and Robin Smogor. 2009. Layering in Provenance Systems. In USENIX ATC'09."},{"key":"e_1_3_2_1_51_1","volume-title":"Provenance-aware Storage Systems. In USENIX ATC'06","author":"Muniswamy-Reddy Kiran-Kumar","year":"2006","unstructured":"Kiran-Kumar Muniswamy-Reddy , David A. Holland , Uri Braun , and Margo Seltzer . 2006 . Provenance-aware Storage Systems. In USENIX ATC'06 . Kiran-Kumar Muniswamy-Reddy, David A. Holland, Uri Braun, and Margo Seltzer. 2006. Provenance-aware Storage Systems. In USENIX ATC'06."},{"key":"e_1_3_2_1_52_1","volume-title":"NDSS'05","author":"Newsome James","year":"2005","unstructured":"James Newsome and Dawn Xiaodong Song . 2005 . Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software . In NDSS'05 . James Newsome and Dawn Xiaodong Song. 2005. Dynamic Taint Analysis for Automatic Detection, Analysis, and SignatureGeneration of Exploits on Commodity Software. In NDSS'05."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420989"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2006.29"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWIA.2005.9"},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89862-7_1"},{"volume-title":"USENIX ATC'09","author":"Tak Byung Chul","key":"e_1_3_2_1_57_1","unstructured":"Byung Chul Tak , Chunqiang Tang , Chun Zhang , Sriram Govindan , Bhuvan Ur-gaonkar, and Rong N. Chang . 2009. vPath: precise discovery of request processing paths from black-box observations of thread and network activities . In USENIX ATC'09 . Byung Chul Tak, Chunqiang Tang, Chun Zhang, Sriram Govindan, Bhuvan Ur-gaonkar, and Rong N. Chang. 2009. vPath: precise discovery of request processing paths from black-box observations of thread and network activities. In USENIX ATC'09."},{"key":"e_1_3_2_1_58_1","unstructured":"Dawood Tariq Maisem Ali and Ashish Gehani. 2012. Towards Automated Collection of Application-level Data Provenance. In TaPP' 12.   Dawood Tariq Maisem Ali and Ashish Gehani. 2012. Towards Automated Collection of Application-level Data Provenance. In TaPP' 12."},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2011.500"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653696"},{"key":"e_1_3_2_1_61_1","volume-title":"Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI'16)","author":"Williams-King David","year":"2016","unstructured":"David Williams-King , Graham Gobieski , Kent Williams-King , James P. Blake , Xinhao Yuan , Patrick Colp , Michelle Zheng , Vasileios P. Kemerlis , Junfeng Yang , and William Aiello . 2016 . Shuffler: Fast and Deployable Continuous Code Rerandomization . In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI'16) . USENIX Association, Berkeley, CA, USA, 367--382. http:\/\/dl.acm.org\/citation.cfm?id=3026877.3026906 David Williams-King, Graham Gobieski, Kent Williams-King, James P. Blake, Xinhao Yuan, Patrick Colp, Michelle Zheng, Vasileios P. Kemerlis, Junfeng Yang, and William Aiello. 2016. Shuffler: Fast and Deployable Continuous Code Rerandomization. In Proceedings of the 12th USENIX Conference on Operating Systems Design and Implementation (OSDI'16). USENIX Association, Berkeley, CA, USA, 367--382. http:\/\/dl.acm.org\/citation.cfm?id=3026877.3026906"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2011.50"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"crossref","unstructured":"Chao Yang Guangliang Yang Ashish Gehani Vinod Yegneswaran Dawood Tariq and Guofei Gu. 2015. Using Provenance Patterns to Vet Sensitive Behaviors in Android Apps. In Security and Privacy in Communication Networks'15 Bhavani Thuraisingham XiaoFeng Wang and Vinod Yegneswaran (Eds.).  Chao Yang Guangliang Yang Ashish Gehani Vinod Yegneswaran Dawood Tariq and Guofei Gu. 2015. Using Provenance Patterns to Vet Sensitive Behaviors in Android Apps. In Security and Privacy in Communication Networks'15 Bhavani Thuraisingham XiaoFeng Wang and Vinod Yegneswaran (Eds.).","DOI":"10.1007\/978-3-319-28865-9_4"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315261"},{"key":"e_1_3_2_1_65_1","volume-title":"Making Information Flow Explicit in HiStar. In OSDI'06","author":"Zeldovich Nickolai","year":"2006","unstructured":"Nickolai Zeldovich , Silas Boyd-Wickizer , Eddie Kohler , and David Mazi\u00e8res . 2006 . Making Information Flow Explicit in HiStar. In OSDI'06 . Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, and David Mazi\u00e8res. 2006. Making Information Flow Explicit in HiStar. In OSDI'06."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590309"},{"key":"e_1_3_2_1_67_1","volume-title":"Tracing Lineage Beyond Relational Operators. In VLDB'07","author":"Zhang Mingwu","year":"2007","unstructured":"Mingwu Zhang , Xiangyu Zhang , Xiang Zhang , and Sunil Prabhakar . 2007 . Tracing Lineage Beyond Relational Operators. In VLDB'07 . Mingwu Zhang, Xiangyu Zhang, Xiang Zhang, and Sunil Prabhakar. 2007. Tracing Lineage Beyond Relational Operators. In VLDB'07."},{"key":"e_1_3_2_1_68_1","volume-title":"DSN'13","author":"Zhu Ningning","year":"2013","unstructured":"Ningning Zhu and Tzi-Cker Chiueh . 2013 . Design, implementation, and evaluation of repairable file service . In DSN'13 . Ningning Zhu and Tzi-Cker Chiueh. 2013. Design, implementation, and evaluation of repairable file service. In DSN'13."}],"event":{"name":"ACSAC '18: 2018 Annual Computer Security Applications Conference","sponsor":["ACSA Applied Computing Security Assoc"],"location":"San Juan PR USA","acronym":"ACSAC '18"},"container-title":["Proceedings of the 34th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3274694.3274751","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3274694.3274751","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T00:57:56Z","timestamp":1750208276000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3274694.3274751"}},"subtitle":["Practical Library-aware Provenance Tracing"],"short-title":[],"issued":{"date-parts":[[2018,12,3]]},"references-count":68,"alternative-id":["10.1145\/3274694.3274751","10.1145\/3274694"],"URL":"https:\/\/doi.org\/10.1145\/3274694.3274751","relation":{},"subject":[],"published":{"date-parts":[[2018,12,3]]},"assertion":[{"value":"2018-12-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}