Search Icon
Register

Workshop on Attack Provenance, Reasoning, and Investigation for Security in the Monitored Environment (PRISM) 2026 Accepted Papers

View the detailed program page to learn when each paper will be presented during the upcoming event. The workshop proceedings will be added shortly.

Defending Job Platforms from Non-Genuine Applications Using Layered Detection and Anomaly Modeling

Rama Rohit Reddy Gangula, Vijay Vardhan Alluri, Saif Jawaid, Dhwaj Raj, Udit Jindal (Indeed.com)

How to Effectively Trace Provenance on Windows Endpoint Detection & Response Telemetry

Jason Liu, Muhammad Adil Inam, Akul Goyal, Dylen Greenenwald (University of Illinois at Urbana-Champaign), Saurav Chittal (Purdue University), Adam Bates (University of Illinois at Urbana-Champaign)

Kick Bad Guys Out! Conditionally Activated Anomaly Detection in Federated Learning with Zero-Knowledge Proof Verification

Shanshan Han (University of California, Irvine), Wenxuan Wu (Texas A&M University), Baturalp Buyukates (University of Birmingham), Weizhao Jin (University of Southern California), Qifan Zhang (Palo Alto Networks), Yuhang Yao (Carnegie Mellon University), Salman Avestimehr (University of Southern California)

Minding the Gap: Bridging Causal Disconnects in System Provenance

Hanke Kimm, Sagar Mishra, R. Sekar (Stony Brook University)

NOD: Uncovering intense attackers’ behavior through Nested Outlier Detection from SSH logs

Ghazal Abdollahi, Hamid Asadi, Robert Ricci (The University of Utah)

Private Yet Accurate: A Decentralized Approach to System Intrusion Detection

Jinghan Zhang, Sharon Biju, Saleha Muzammil, Wajih Ul Hassan (University of Virginia)

SocialStego: A Steganography Tool for the Modern Era of Social Media

Branden Palacio, Keyang Yu (Marquette University)

SysArmor: The Practice of Integrating Provenance Analysis into Endpoint Detection and Response Systems

Shaofei Li, Jiandong Jin, Hanlin Jiang, Yi Huang (Peking University), Yifei Bao (Jilin University), Yuhan Meng, Fengwei Hong, Zheng Huang (Peking University), Peng Jiang (Southeast University), Ding Li (Peking University)

Tutorial: Accelerating Provenance-based Intrusion Detection Research with PIDSMaker

Tristan Bilot (University of British Columbia)

Tutorial: CTINexus: Automatic Cyber Threat Intelligence Knowledge Graph Construction Using Large Language Models

Saimon Amanuel Tsegai (Virginia Tech)

Tutorial: Introducing the Carbanak Attack Engagement, Version 2

Akul Goyal (University of Illinois at Urbana-Champaign), Saurav Chittal (Purdue University), Dylen Greenenwald, and Adam Bates (University of Illinois at Urbana-Champaign)

Tutorial: Using Aurora, an automated attack emulation system, to create benchmark datasets for intrusion detection

Lingzhi Wang (Northwestern University)

Wall-PROV: Revisiting Firewall Rule Misconfigurations with Data Provenance and Verifying the Provenance Graph Properties

Abdullah Al Farooq (Wentworth Institute of Technology), Tanvir Rahman Akash (Trine University), Manash Sarker (Patuakhali Science and Technology University)

Work-in-progress: Building Next-Generation Datasets for Provenance-Based Intrusion Detection

Qizhi Cai (Zhejiang University), Lingzhi Wang (Northwestern University), Yao Zhu, Zhipeng Chen (Zhejiang University), Xiangmin Shen (Hofstra University), Zhenyuan LI (Zhejiang University)

Work-in-progress: G-Prove: Gossip-Based Provenance for Scalable Detection of Cross-Domain Flow Attacks in SDN

Moustapha Awwalou DIOUF, Maimouna Tamah DIAO, El-Hacen DIALLO (SnT, University of Luxembourg), Samuel Ouya (Cheikh Hamidou KANE Digital University), Jacques Klein, Tegawendé F. Bissyandé (University of Luxembourg)

Work-in-progress: Lessons Learned through Customer Discovery in a Provenance-based Security Start-Up

Akul Goyal, Adam Bates (Provenance Security, Inc.)

Work-in-progress: The Case for LLM-Enhanced Backward Tracking

Jiahui Wang (Zhejiang University), Xiangmin Shen (Hofstra University), Zhengkai Wang, Zhenyuan LI (Zhejiang University)