Remco Vermeulen scite author profile

Remco Vermeulen

4Publications

17Citation Statements Received

45Citation Statements Given

How they've been cited

How they cite others

Affiliations

Vrije Universiteit Amsterdam, Amsterdam UMC Location VUmc

Publications

Order By: Most citations

Trade-Offs in Automatic Provenance Capture

Stamatogiannakis

Kazmi

Sharif

et al. 2016

View full text Add to dashboard Cite

Abstract-Automatic provenance capture from arbitrary applications is a challenging problem. Different approaches to tackle this problem have evolved, most notably a. system-event trace analysis, b. compile-time static instrumentation, and c. taint flow analysis using dynamic binary instrumentation. Each of these approaches offers different trade-offs in terms of the granularity of captured provenance, integration requirements, and runtime overhead. While these aspects have been discussed separately, a systematic and detailed study, quantifying and elucidating them, is still lacking. To fill this gap, we begin to explore these trade-offs for representative examples of these approaches for automatic provenance capture by means of evaluation and measurement. We base our evaluation on UnixBench-a widely used benchmark suite within systems research. We believe this approach will make our results easier to compare with future studies.

show abstract

System-Level Support for Intrusion Recovery

Bacs

Vermeulen

Slowinska

et al. 2013

View full text Add to dashboard Cite

Abstract.Recovering from attacks is hard and gets harder as the time between the initial infection and its detection increases. Which files did the attackers modify? Did any of user data depend on malicious inputs? Can I still trust my own documents or binaries? When malcode has been active for some time and its actions are mixed with those of benign applications, these questions are impossible to answer on current systems. In this paper, we describe DiskDuster, an attack analysis and recovery system capable of recovering from complicated attacks in a semi-automated manner. DiskDuster traces malcode at byte-level granularity both in memory and on disk in a modified version of QEMU. Using taint analysis, DiskDuster also tracks all bytes written by the malcode, to provide a detailed view on what (bytes in) files derive from malicious data. Next, it uses this information to remove malicious actions at recovery time.

show abstract

On the Effectiveness of Code Normalization for Function Identification

Oikonomopoulos¹,

Vermeulen

Giuffrida³

et al. 2018

View full text Add to dashboard Cite

Erratum to: Trade-Offs in Automatic Provenance Capture

Stamatogiannakis

Kazmi

Sharif

et al. 2016

View full text Add to dashboard Cite

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Remco Vermeulen

Trade-Offs in Automatic Provenance Capture

System-Level Support for Intrusion Recovery

On the Effectiveness of Code Normalization for Function Identification

Erratum to: Trade-Offs in Automatic Provenance Capture

Contact Info

Product

Resources

About