Moustapha Awwalou Diouf (SnT, University of Luxembourg), Maimouna Tamah Diao (SnT, University of Luxembourg), El-hacen Diallo (SnT, University of Luxembourg), Samuel Ouya (Cheikh Hamidou KANE Digital University), Jacques Klein (SnT, University of Luxembourg), Tegawendé F. Bissyandé (SnT, University of Luxembourg)

Software-defined networking (SDN) is widely adopted in enterprise networks, data centers, and wide-area networks. These infrastructures are often federated into multiple administrative domains managed by distinct organizations. In this context, forensic analysis of cross-domain attacks remains a major challenge: fragmented causal visibility across domains and privacy constraints prevent effective tracing of threat propagation. Although prior work has focused on centralized provenance systems offering causal traceability, these approaches do not scale
in multi-domain contexts with heterogeneous policies. We propose G-Prove, a decentralized forensic framework for multi-domain SDN environments. G-Prove builds local provenance graphs and anchors cross-domain events via a cryptographically signed DAG, enabling causal analysis without exposing each domain’s internal data. Our results on a cross-domain attack scenario demonstrate the feasibility and effectiveness of G-Prove, and allow us to identify areas for improvement for more complex deployments.

View More Papers

Know Me by My Pulse: Toward Practical Continuous Authentication...

Wei Shao (University of California, Davis), Zequan Liang (University of California Davis), Ruoyu Zhang (University of California, Davis), Ruijie Fang (University of California, Davis), Ning Miao (University of California, Davis), Ehsan Kourkchi (University of California - Davis), Setareh Rafatirad (University of California, Davis), Houman Homayoun (University of California Davis), Chongzhou Fang (Rochester Institute of Technology)

Read More

PIRANHAS: PrIvacy-Preserving Remote Attestation in Non-Hierarchical Asynchronous Swarms

Jonas Hofmann (Technical University of Darmstadt), Philipp-Florens Lehwalder (Technical University of Darmstadt), Shahriar Ebrahimi (Alan Turing Institute), Parisa Hassanizadeh (IPPT PAN / University of Warwick), Sebastian Faust (Technical University of Darmstadt)

Read More

Anota: Identifying Business Logic Vulnerabilities via Annotation-Based Sanitization

Meng Wang (CISPA Helmholtz Center for Information Security), Philipp Görz (CISPA Helmholtz Center for Information Security), Joschua Schilling (CISPA Helmholtz Center for Information Security), Keno Hassler (CISPA Helmholtz Center for Information Security), Liwei Guo (University of Electronic Science and Technology), Thorsten Holz (Max Planck Institute for Security and Privacy), Ali Abbasi (CISPA Helmholtz Center for…

Read More