In a provenance-aware system, mechanisms gather and report metadata that
describes the history of each data object being processed, allowing users
to understand how objects came to exist in their present state.
Excitingly, we can also use provenance to trace the actions of system
intruders, enabling smarter and faster incident response. In this talk, I
will detail our efforts to achieve trustworthy data provenance in
malicious distributed environments. These efforts have led to the design
and implementation of a provenance-aware operating systems anchored in
trusted hardware, a mechanism that leverages the confinement properties
provided by Mandatory Access Controls to perform efficient policy-based
provenance collection, and most recently an efficient distributed
provenance management framework. Using these architectures, I will
demonstrate that provenance is an invaluable tool for combating critical
security threats including data exfiltration, SQL injection, and even
binary exploitation. By addressing key security and performance
challenges, this work is paving the way for the further proliferation of
provenance capabilities.
Adam Bates is an Assistant Professor in the Computer Science Department at
the University of Illinois at Urbana-Champaign. He is also an Affiliate
Assistant Professor in the Electrical & Computing Engineering Department.
He received his PhD from the University of Florida, where he was advised
by Professor Kevin Butler in the study of computer systems and cyber
security, and completed multiple internships at MIT Lincoln Laboratory.
Adam has conducted research on a variety of security topics, including
SSL/TLS, cloud computing, USB attack vectors, financial services, and
telephony infrastructure. He is best known for his work in the area of
data provenance, particularly the construction of secure provenance-aware
systems. He received the NSF CISE Research Initiation Initiative award in
2017, and served as Program Chair for the 2017 Workshop on the Theory and
Practice of Provenance (TaPP).