Thomas PasquierJun 16

1/3 Along with our latest paper, accepted at USENIX Security, we have released an open-source framework to facilitate the evaluation of provenance-based intrusion detection systems.

Paper: https://tfjmp.org/publications/2025-usenixsec-2.pdf
Framework: https://github.com/ubc-provenance/PIDSMaker

Show threadThomas PasquierJun 16
2/3 The framework includes the reimplementation of seven systems from the literature (ThreaTrace, NodLink, Magic, Kairos, Flash, R-CAID, and Orthrus) in addition to the baseline introduced in the paper.
Show threadThomas Pasquier
3/3 We plan to support the inclusion of more systems in the framework. We welcome pull requests and GitHub issues!
Jun 16 at 6:56pmWeb