About
3
Publications
465
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
5
Citations
Citations since 2017
Publications
Publications (3)
For safety reasons, unprivileged users today have only lim-ited ways to customize the kernel through the extendedBerkeley Packet Filter (eBPF). This is unfortunate, especiallysince the eBPF framework itself has seen an increase in scopeover the years. We propose SandBPF, a software-based ker-nel isolation technique that dynamically sandboxes eBPFpr...
![Figure 2: LSM hook architecture [46]. The green blocks are specific to...](publication/355925448/figure/fig2/AS:1086625757036552@1636083177395/LSM-hook-architecture-46-The-green-blocks-are-specific-to-saBPF-which-is-described-in_Q320.jpg)
Despite the wide usage of container-based cloud computing, container auditing for security analysis relies mostly on built-in host audit systems, which often lack the ability to capture high-fidelity container logs. State-of-the-art reference-monitor-based audit techniques greatly improve the quality of audit logs, but their system-wide architectur...
![Figure 2: LSM hook architecture [46]. The green blocks are specific to...](profile/Thomas-Pasquier/publication/355682399/figure/fig2/AS:1086139502993410@1635967245729/LSM-hook-architecture-46-The-green-blocks-are-specific-to-saBPF-which-is-described-in_Q320.jpg)
Despite the wide usage of container-based cloud computing, container auditing for security analysis relies mostly on built-in host audit systems, which often lack the ability to capture high-fidelity container logs. State-of-the-art reference-monitor-based audit techniques greatly improve the quality of audit logs, but their system-wide architectur...
