Enabling Efficient Attack Investigation via Human-in-the-Loop Security Analysis
Summary: Provexa enables human-in-the-loop, scalable provenance-based attack investigation via ProvQL, a DSL with primitives for pattern search and dependency tracking plus user constraints to focus analyses. An optimized engine lets analysts iteratively and efficiently sift massive system-call provenance to reveal long multi-step APTs. (summarized by gpt-5-mini on Feb 09 2026)
Incoming Non-self Citations Over Time
No non-self incoming citations found for this paper in this database.
Authors
- 1. Saimon Amanuel Tsegai
- 2. Xinyu Yang
- 3. Haoyuan Liu
- 4. Peng Gao
Incoming Citations (Sorted by Pagerank)
Showing 0 of 0 citing papers.
| Rank | Citing Paper | Year | Venue | Pagerank |
|---|
Previous
Page 1 / 1
Next
Outgoing Citations (Sorted by Pagerank)
Showing 1 of 1 cited papers.
Citations counted here include only citations to other VLDB/SIGMOD/CIDR/PODS papers in this database.
| Rank | Cited Paper | Year | Venue | Pagerank |
|---|---|---|---|---|
| 778 | Declarative Networking: Language, Execution and Optimization | 2006 | SIGMOD | 0.00016791276 |
Previous
Page 1 / 1
Next
Semantically Similar Papers
| Overall Rank | Paper | Year | Venue | Pagerank |
|---|---|---|---|---|
| 12,014 | A Provenance Framework for Data-Dependent Process Analysis | 2014 | VLDB | 4.1945683e-05 |
| 4,851 | Provenance for Natural Language Queries | 2017 | VLDB | 5.8768322e-05 |
| 9,622 | NLProv: Natural Language Provenance | 2016 | VLDB | 4.3163112e-05 |
| 4,118 | Context-Sensitive Program Analysis as Database Queries | 2005 | PODS | 6.4368597e-05 |
| 2,892 | Data Provenance at Internet Scale: Architecture, Experiences, and the Road Ahead | 2017 | CIDR | 7.9480559e-05 |
| 7,417 | DProvDB: Differentially Private Query Processing with Multi-Analyst Provenance | 2023 | SIGMOD | 4.7355114e-05 |
| 8,729 | OneProvenance: Efficient Extraction of Dynamic Coarse-Grained Provenance From Database Query Event Logs | 2023 | VLDB | 4.4582221e-05 |
| 11,457 | A System for Automated Open-Source Threat Intelligence Gathering and Management | 2021 | SIGMOD | 4.1945683e-05 |
| 7,482 | Provenance-Enabled Explainable AI | 2024 | SIGMOD | 4.7180617e-05 |
| 13,307 | A Query System for Efficiently Investigating Complex Attack Behaviors for Enterprise Security | 2019 | VLDB | - |