Profile at Google Scholar
Publications
- Jasmine: Scale up JavaScript Static Security Analysis with
Computation-based Semantic Explanation.
Feng Xiao, Zhongfu Su,
Guangliang Yang, and Wenke Lee
In Proceedings of the IEEE
Symposium on Security and Privacy. 2024.
- WEBRR: A Forensic System for Replaying and Investigating
Web-Based Attacks in The Modern Web.
Joey Allen, Zheng Yang, Feng
Xiao, Matthew Landen, Roberto Perdisci, and Wenke Lee.
In
Proceedings of the 33rd USENIX Security Symposium (USENIX).
2024.
- Towards Generic Database Management System Fuzzing.
Yupeng Yang, Yongheng Chen, Rui Zhong, Jizhou Chen, and Wenke
Lee.
In Proceedings of the 33rd USENIX Security Symposium
(USENIX). 2024.
- Geometric Implications of Classification on Reducing Open Space
Risk.
Matthew Lau, Leyan Pan, Stefan Davidov, Athanasios
P. Meliopoulos, and Wenke Lee.
Tiny Papers @ The Twelfth
International Conference on Learning Representations (ICLR).
2024.
- Physics-Assisted Explainable Anomaly Detection in Power
Systems.
Matthew Lau, Fahad Alsaeed, Kayla Thames, Nano
Suresettakul, Saman A. Zonouz, Wenke Lee, and Athanasios
P. Meliopoulos.
In Proceedings of the European Conference on
Artificial Intelligence. 2024.
- Revisiting Non-separable Binary Classification and its
Applications in Anomaly Detection.
Matthew Lau,
Ismaïla Seck, Athanasios P. Meliopoulos, Wenke Lee,
and Eugène Ndiaye.
Transactions on Machine
Learning Research. Vol 2024.
- RL-ARNE: A Reinforcement Learning Algorithm for Computing
Average Reward Nash Equilibrium of Nonzero-Sum Stochastic Games.
Dinuka Sahabandu, Shana Moothedath, Joey Allen, Linda Bushnell, Wenke
Lee, and Radha Poovendran.
IEEE Transactions on Automatic
Control. Vol 69(11), 2024.
- Dynamic Information Flow Tracking for Detection of Advanced
Persistent Threats: A Stochastic Game Approach.
Shana Moothedath,
Dinuka Sahabandu, Joey Allen, Andrew Clark, Linda Bushnell, Wenke Lee,
and Radha Poovendran.
IEEE Transactions on Automatic
Control. Vol 69(10), 2024.
- Stochastic Dynamic Information Flow Tracking game using
supervised learning for detecting advanced persistent threats.
Shana Moothedath, Dinuka Sahabandu, Joey Allen, Linda Bushnell, Wenke
Lee, and Radha Poovendran. Automatica. Vol 159, 2024.
- TRIDENT: Towards Detecting and Mitigating Web-based Social
Engineering Attacks.
Zheng Yang, Joey Allen, Matthew Landen,
Roberto Perdisci, and Wenke Lee.
In Proceedings of the
32nd USENIX Security Symposium (USENIX). Anaheim,
California. 2023.
- VulChecker: Graph-based Vulnerability Localization in Source
Code.
Yisroel Mirsky, George Macon, Michael Brown, Carter
Yagemann, Matthew Pruett, Evan Downing, Sukarno Mertoguno, and Wenke
Lee.
In Proceedings of the 32nd USENIX Security Symposium
(USENIX). Anaheim, California. 2023.
- PUMM: Preventing Use-After-Free Using Execution Unit
Partitioning.
Carter Yagemann, Simon Chung, Brendan
Saltaformaggio, and Wenke Lee.
In Proceedings of the 32nd
USENIX Security Symposium (USENIX). Anaheim, California. 2023.
- µFUZZ: Redesign of Parallel Fuzzing using
Microservice Architecture.
Yongheng Chen, Rui Zhong, Yupeng
Yang, Hong Hu, Dinghao Wu, and Wenke Lee.
In Proceedings
of the 32nd USENIX Security Symposium (USENIX). Anaheim,
California. 2023.
- SCAPHY: Detecting Modern ICS Attacks by Correlating Behaviors
in SCADA and PHYsical.
Moses Ike, Kandy Phan, Keaton Sadoski,
Romuald Valme, and Wenke Lee.
In Proceedings of the 2023
IEEE Symposium on Security and Privacy. San Francisco,
California. 2023.
- The Threat of Offensive AI to Organizations.
Yisroel
Mirsky, Ambra Demontis, Jaidip Kotak, Ram Shankar, Deng Gelei, Liu
Yang, Xiangyu Zhang, Maura Pintor, Wenke Lee, Yuval Elovici, and
Battista Biggio.
Computer Security. Vol 124, 2023.
- DRAGON: Deep Reinforcement Learning for Autonomous Grid
Operation and Attack Detection.
Matthew Landen, Keywhan Chung,
Moses Ike, Sarah Mackay, Jean-Paul Watson, and Wenke Lee.
In
Proceedings of the Annual Computer Security Applications Conference
(ACSAC) . 2022.
- DeView: Confining Progressive Web Applications by Debloating
Web APIs.
ChangSeok Oh, Sangho Lee, Chenxiong Qian, Hyungjoon
Koo, and Wenke Lee.
In Proceedings of the Annual Computer
Security Applications Conference (ACSAC) . 2022.
- Understanding and Mitigating Remote Code Execution
Vulnerabilities in Cross-platform Ecosystem.
Feng Xiao, Zheng
Yang, Joey Allen, Guangliang Yang, Grant Williams, and Wenke Lee.
In Proceedings of the ACM SIGSAC Conference on Computer and
Communications Security (CCS) . 2022.
- The Creation and Detection of Deepfakes: A Survey.
Yisroel Mirsky and Wenke Lee.
ACM Computing
Surveys. 54(1), 2022.
- Automated Bug Hunting With Data-Driven Symbolic Root Cause
Analysis.
Carter Yagemann, Simon Chung, Brendan Saltaformaggio,
and Wenke Lee.
In Proceedings of the ACM SIGSAC Conference
on Computer and Communications Security (CCS). 2021.
- Validating the Integrity of Audit Logs Against Execution
Repartitioning Attacks.
Carter Yagemann, Mohammad Noureddine,
Wajih Hassan, Simon Chung, Adam Bates, and Wenke Lee.
In
Proceedings of the ACM SIGSAC Conference on Computer and
Communications Security (CCS). 2021.
- Fuzzy Labeled Private Set Intersection with Applications
to Private Real-Time Biometric Search.
Erkam Uzun, Simon
P. Chung, Vladimir Kolesnikov, Alexandra Boldyreva, and Wenke
Lee.
In Proceedings of the 2021 USENIX Security
Symposium. 2021.
- DeepReflect: Discovering Malicious Functionality through
Binary Reconstruction.
Evan Downing, Kyuhong Park, Yisroel
Mirsky, and Wenke Lee.
In Proceedings of the 2021 USENIX
Security Symposium. 2021.
- ARCUS: Symbolic Root Cause Analysis of Exploits in Production
Systems.
Carter Yagemann, Matthew Pruett, Simon P. Chung,
Kennon Bittick, Brendan Saltaformaggio, and Wenke Lee.
In
Proceedings of the 2021 USENIX Security Symposium. 2021.
- Abusing Hidden Properties to Attack the Node.js
Ecosystem.
Feng Xiao, Jianwei Huang, Yichang Xiong, Guangliang
Yang, Hong Hu, Guofei Gu, and Wenke Lee.
In Proceedings of
the 2021 USENIX Security Symposium. 2021.
- Identifying Behavior Dispatchers for Malware Analysis.
Kyuhong Park, Burak Sahin, Yongheng Chen, Jisheng Zhao, Evan
Downing, Hong Hu, and Wenke Lee.
In
Proceedings of the 16th ACM ASIA Conference on Computer and
Communications Security (ACM AsiaCCS 2021).
- Cryptographic Key Derivation from Biometric Inferences for
Remote Authentication.
Erkam Uzun, Carter Yagemann, Simon
P. Chung, Vladimir Kolesnikov, and Wenke Lee.
In
Proceedings of the 16th ACM ASIA Conference on Computer and
Communications Security (ACM AsiaCCS 2021).
- SEPAL: Towards a Large-scale Analysis of SEAndroid Policy
Customization.
Dongsong Yu, Guangliang Yang, Guozhu Meng, Xiaorui
Gong, Xiu Zhang, Xiaobo Xiang, Xiaoyu Wang, Yue Jiang, Kai Chen, Wei
Zou, Wenke Lee, and Wenchang Shi.
In Proceedings of The Web
Conference 2021 (WWW 2021).
- The Creation and Detection of Deepfakes: A Survey.
Yisroel Mirsky and Wenke Lee.
ACM Computing
Surveys. 54(1), 2021.
- One Engine to Fuzz 'em All: Generic Language Processor
Testing with Semantic Validation.
Yongheng Chen, Rui Zhong,
Hong Hu, Hangfan Zhang, Yupeng Yang, Dinghao Wu, and Wenke Lee.
In Proceedings of the 41st IEEE Symposium on Security and
Privacy (Oakland). 2021.
- Towards Measuring Supply Chain Attacks on Package Managers for
Interpreted Languages.
Ruian Duan, Omar Alrawi, Ranjita Pai
Kasturi, Ryan Elder, Brendan Saltaformaggio, and Wenke Lee.
In
Proceedings of the Network and Distributed System Security
Symposium (NDSS). 2021.
- Stopping Memory Disclosures via Diversification and Replicated
Execution.
Kangjie Lu, Meng Xu, Chengyu Song, Taesoo Kim, and
Wenke Lee.
IEEE Transactions on Dependable and Secure
Computing (TDSC). 18(1), 2021.
- On the Feasibility of Automating Stock Market
Manipulation.
Carter Yagemann, Simon P. Chung, Erkam Uzun, Sai
Ragam, Brendan Saltaformaggio, and Wenke Lee.
In
Proceedings of the Annual Computer Security Applications Conference
(ACSAC). 2020.
- Slimium: Debloating the Chromium Browser with Feature
Subsetting.
Chenxiong Qian, Hyungjoon Koo, ChangSeok Oh,
Taesoo Kim, and Wenke Lee.
In Proceedings of the ACM
SIGSAC Conference on Computer and Communications Security
(CCS). 2020.
- Mnemosyne: An Effective and Efficient Postmortem Watering
Hole Attack Investigation System.
Joey Allen, Zheng Yang,
Matthew Landen, Raghav Bhat, Harsh Grover, Andrew Chang, Yang Ji,
Roberto Perdisci, and Wenke Lee.
In Proceedings of the
ACM SIGSAC Conference on Computer and Communications Security
(CCS). 2020.
- SQUIRREL: Testing Database Management Systems with Language
Validity and Coverage Feedback.
Rui Zhong, Yongheng Chen, Hong
Hu, Hangfan Zhang, Wenke Lee, and Dinghao Wu.
In
Proceedings of the ACM SIGSAC Conference on Computer and
Communications Security (CCS). 2020.
- Quickest Detection of Advanced Persistent Threats: A
Semi-Markov Game Approach.
Dinuka Sahabandu, Joey Allen, Shana
Moothedath, Linda Bushnell, Wenke Lee, and Radha Poovendran.
In Proceedings of the ACM/IEEE International Conference on
Cyber-Physical Systems (ICCPS). 2020.
- A Game-Theoretic Approach for Dynamic Information Flow
Tracking to Detect Multistage Advanced Persistent Threats.
Shana Moothedath, Dinuka Sahabandu, Joey Allen, Andrew Clark, Linda
Bushnell, Wenke Lee, and Radha Poovendran.
IEEE
Transactions on Automatic Control. 65(12): 5248-5263, 2020.
- Dynamic Information Flow Tracking Games for Simultaneous
Detection of Multiple Attackers.
D. Sahabandu, S. Moothedath,
J. Allen, A. Clark, L. Bushnell, Wenke Lee, and R. Poovendran.
In Proceedings of the IEEE Conference on Decision and Control
(CDC). Nice, France, December 2019.
- Learning Equilibria in Stochastic Information Flow Tracking
Games with Partial Knowledge.
S. Misra, S. Moothedath,
H. Hosseini, J. Allen, L. Bushnell, Wenke Lee, and
R. Poovendran.
In Proceedings of the IEEE Conference on
Decision and Control (CDC). Nice, France, December 2019.
- Stochastic Dynamic Information Flow Tracking Game with
Reinforcement Learning.
Dinuka Sahabandu, Shana Moothedath,
Joey Allen, Linda Bushnell, Wenke Lee, and Radha Poovendran.
In
Proceedings of the 2019 Conference on Decision and Game Theory
for Security. Stockholm, Sweden, October 2019.
- RAZOR: A Framework for Post-deployment Software
Debloating.
Chenxiong Qian, Hong Hu, Mansour Alharthi, Pak Ho
Chung, Taesoo Kim, and Wenke Lee.
In Proceedings of the
28th USENIX Security Symposium. Santa Clara, CA, August 2019.
- A Game Theoretic Approach for Dynamic Information Flow
Tracking with Conditional Branching.
Dinuka Sahabandu, Shana
Moothedath, Linda Bushnell, Radha Poovendran, Joey Aller, Wenke Lee,
and Andrew Clark.
In Proceedings of the 2019 American
Control Conference (ACC). Philadelphia, PA, July 2019.
- Barnum: Detecting Document Malware via Control Flow Anomalies
in Hardware Traces.
Carter Yagemann, Salmin Sultana, Li Chen,
and Wenke Lee.
In Proceedings of the International
Conference on Information Security (ISC). 2019.
- Automating Patching of Vulnerable Open-Source Software
Versions in Application Binaries.
Ruian Duan, Ashish Bijlani,
Yang Ji, Omar Alrawi, Yiyuan Xiong, Moses Ike, Brendan
Saltaformaggio, and Wenke Lee.
In Proceedings of the 2019
Network and Distributed System Security Symposium (NDSS). San
Diego, CA, February 2019.
- Improving Accuracy of Android Malware Detection with
Lightweight Contextual Awareness.
Joey Allen, Matthew Landen,
Sanya Chaba, Yang Ji, Simon Pak Ho Chung, and Wenke Lee.
In
Proceedings of the 34th Annual Computer Security Applications
Conference (ACSAC). December, 2018.
- DIFT Games: Dynamic Information Flow Tracking Games for
Advanced Persistent Threats.
Dinuka Sahabandu, Baicen Xiao,
Andrew Clark, Sangho Lee, Wenke Lee, and Radha Poovendran.
In
Proceedings of The 57th IEEE Conference on Decision and
Control (CDC). Miami Beach, FL, December 2018.
- Multi-Stage Dynamic Information Flow Tracking Game.
Shana
Moothedath, Dinuka Sahabandu, Andrew Clark, Sangho Lee, Wenke Lee,
and Radha Poovendran.
In Proceedings of The 9th
Conference on Decision and Game Theory for Security
(GameSec). Seattle, WA, October 2018.
- Enforcing Unique Code Target Property for Control-Flow
Integrity.
Hong Hu, Chenxiong Qian, Carter Yagemann, Simon Pak
Ho Chung, Bill Harris, Taesoo Kim, and Wenke Lee.
In
Proceedings of The 25th ACM Conference on Computer and
Communications Security (CCS 2018). Toronto, Canada,
October 2018.
- ClickShield: Are You Hiding Something? Towards Eradicating
Clickjacking on Android.
Andrea Possemato, Andrea Lanzi, Simon
Pak Ho Chung, Wenke Lee, and Yanick Fratantonio.
In
Proceedings of The 25th ACM Conference on Computer and
Communications Security (CCS 2018). Toronto, Canada,
October 2018.
- Enabling Refinable Cross-Host Attack Investigation with
Efficient Data Flow Tagging and Tracking.
Yang Ji, Sangho Lee,
Mattia Fazzini, Joey Allen, Evan Downing, Taesoo Kim, Alessandro
Orso, and Wenke Lee.
In Proceedings of The 27th
USENIX Security Symposium. Baltimore, MD, August 2018
- Rampart: Protecting Web Applications from CPU-Exhaustion
Denial-of-Service Attacks.
Wei Meng, Chenxiong Qian, Shuang Hao,
Kevin Borgolte, Giovanni Vigna, and Christopher Kruegel, and Wenke
Lee.
In Proceedings of The 27th USENIX Security
Symposium. Baltimore, MD, August 2018
- rtCaptcha: A Real-Time CAPTCHA Based Liveness Detection
System.
Erkam Uzun, Simon Pak Ho Chung, Irfan Essa, and Wenke
Lee.
In Proceedings of The 2018 Network and
Distributed System Security Symposium (NDSS). San
Diego, CA, February 2018.
- Broken Fingers: On the Usage of the Fingerprint API in
Android.
Antonio Bianchi, Yanick Fratantonio, Aravind Machiry,
Christopher Kruegel, Giovanni Vigna, Simon Pak Ho Chung, and Wenke
Lee.
In Proceedings of The 2018 Network and
Distributed System Security Symposium (NDSS). San
Diego, CA, February 2018.
- Identifying Open-Source License Violation and 1-day Security
Risk at Large Scale.
Ruian Duan, Ashish Bijlani, Meng Xu,
Taesoo Kim, and Wenke Lee.
In Proceedings of The
24th ACM Conference on Computer and Communications Security (CCS
2017). Dallas, Texas, October 2017.
- RAIN: Refinable Attack Investigation with On-demand
Inter-Process Information Flow Tracking.
Yang Ji, Sangho Lee,
Evan Downing, Weiren Wang, Mattia Fazzini, Taesoo Kim, Alessandro
Orso, and Wenke Lee.
In Proceedings of The 24th
ACM Conference on Computer and Communications Security (CCS
2017). Dallas, Texas, October 2017.
- Efficient Protection of Path-Sensitive Control Security.
Ren Ding, Chenxiong Qian, Chengyu Song, Bill Harris, Taesoo Kim, and
Wenke Lee.
In Proceedings of The 26th USENIX
Security Symposium. Vancouver, BC, Canada, August
2017.
- Bunshin: Compositing Security Mechanisms through
Diversification.
Meng Xu, Kangjie Lu, Taesoo Kim, and Wenke
Lee.
In Proceedings of The 2017 USENIX Annual
Technical Conference. Santa Clara, CA, July 2017.
- Cloak and Dagger: From Two Permissions to Complete Control of
the UI Feedback Loop.
Yanick Fratantonio, Chenxiong Qian, Pak
Chung, and Wenke Lee.
In Proceedings of The 2017
IEEE Symposium on Security and Privacy. San Jose, CA,
May 2017 (Distinguished Practical Paper Award).
- Unleashing Use-Before-Initialization Vulnerabilities in the
Linux Kernel Using Targeted Stack Spraying.
Kangjie Lu,
Marie-Therese Walter, David Pfaff, Stefan Nuernberger, Wenke Lee,
and Michael Backes.
In Proceedings of The 2017
Network and Distributed System Security Symposium
(NDSS). San Diego, CA, February 2017.
- From Physical to Cyber: Escalating Protection for
Personalized Auto Insurance.
Le Guan, Jun Xu, Shuai Wang, Xinyu
Xing, Lin Lin, Heqing Huang, Peng Liu, and Wenke Lee.
In
Proceedings of The 14th ACM Conference on Embedded
Networked Sensor Systems (SenSys 2016). Stanford, CA,
November 2016.
- UniSan: Proactive Kernel Memory Initialization to Eliminate
Data Leakages.
Kangjie Lu, Chengyu Song, Taesoo Kim, and Wenke
Lee.
In Proceedings of The 23rd ACM Conference on
Computer and Communications Security (CCS
2016). Vienna, Austria, October 2016.
- Financial Lower Bounds of Online Advertising Abuse - A Four
Year Case Study of the TDSS/TDL4 Botnet.
Yizheng Chen,
Panagiotis Kintis, Manos Antonakakis, Yacin Nadji, David Dagon,
Wenke Lee, and Michael Farrell.
In Proceedings of
The 13th Conference on Detection of Intrusions and Malware &
Vulnerability Assessment (DIMVA 2016). Sebastian,
Spain, July 2016.
- HDFI: Hardware-Assisted Data-flow Isolation.
Chengyu Song,
Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim,
Wenke Lee, and Yunheung Paek.
In Proceedings of
The 37th IEEE Symposium on Security and Privacy, San
Jose, CA, May 2016.
- TrackMeOrNot: Enable Flexible Control on Web Tracking.
Wei
Meng, Byoungyoung Lee, Xinyu Xing, and Wenke Lee.
In
Proceedings of The 25th International World Wide Web
Conference (WWW), Montreal, Canada, April 2016.
- The Price of Free: Privacy Leakage in Personalized Mobile
In-Apps Ads.
Wei Meng, Ren Ding, Simon P. Chung, Steven Han,
and Wenke Lee.
In Proceedings of The 2016 Network
and Distributed System Security Symposium (NDSS), San
Diego, CA, February, 2016.
- How to Make ASLR Win the Clone Wars: Runtime
Re-Randomization.
Kangjie Lu, Wenke Lee, Stefan Nurnberger, and
Michael Backes.
In Proceedings of The 2016
Network and Distributed System Security Symposium (NDSS)
, San Diego, CA, February, 2016.
-
Enforcing Kernel Security Invariants with Data Flow
Integrity.
Chengyu Song, Byoungyoung Lee, Kangjie Lu,
William Harris, Taesoo Kim and Wenke Lee.
In Proceedings
of The 2016 Network and Distributed System Security
Symposium (NDSS), San Diego, CA, February, 2016.
- UCognito: Private Browsing
without Tears.
Meng Xu, Yeongjin Jang, Xinyu Xing, Taesoo
Kim, and Wenke Lee.
In Proceedings of The 22nd ACM
Conference on Computer and Communications Security
(CCS), Denver, CO, October 2015.
- ASLR-Guard: Stopping Address
Space Leakage for Code Reuse Attacks.
Kangjie Lu, Chengyu
Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee.
In Proceedings of The 22nd ACM Conference on Computer and
Communications Security (CCS), Denver, CO, October 2015.
- Type Casting Verification: Stopping
an Emerging Attack Vector.
Byoungyoung Lee, Chengyu Song,
Taesoo Kim, and Wenke Lee.
In Proceedings of The
24th USENIX Security Symposium, Washington, D.C.,
August 2015.
(Awarded the Internet Defense Prize
by Facebook and USENIX)
- Unraveling the Relationship Between
Ad-Injecting Browser Extensions and Malvertising.
Xinyu
Xing, Wei Meng, Byoungyoung Lee, Udi Weinsberg, Anmol Sheth, Roberto
Perdisci, and Wenke Lee.
In Proceedings of The 24th
International World Wide Web Conference (WWW),
Florence, Italy, May 2015.
- Exploiting and Protecting Dynamic
Code Generation.
Chengyu Song, Chao Zhang, Tielei Wang,
Wenke Lee, and David Melski.
In Proceedings of The
2015 Network and Distributed System Security Symposium
(NDSS), San Diego, CA, February 2015.
- Preventing Use-after-free with
Dangling Pointers Nullification.
Byoungyoung Lee, Chengyu
Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke
Lee.
In Proceedings of The 2015 Network and
Distributed System Security Symposium (NDSS), San
Diego, CA, February 2015.
- Checking More and Alerting Less:
Detecting Privacy Leakages via Enhanced Data-flow
Analysis and Peer Voting.
Kangjie Lu, Zhichun
Li, Vasileios P. Kemerlis, Zhenyu Wu, Long Lu, Cong
Zheng, Zhiyun Qian, Wenke Lee, and Guofei Jiang.
In
Proceedings of The 2015 Network and
Distributed System Security Symposium
(NDSS), San Diego, CA, February 2015.
- A11y Attacks: Exploiting
Accessibility in Operating Systems.
Yeongjin Jang, Chengyu
Song, Simon P. Chung, Tielei Wang, and Wenke Lee.
In
Proceedings of The 21st ACM Conference on Computer and
Communications Security (CCS), Scottsdale, Arizona,
November 2014.
- Your Online Interests -
Pwned! A Pollution Attack Against Targeted Advertising.
Wei
Meng, Xinyu Xing, Anmol Sheth, Udi Weinsberg, and Wenke
Lee.
In Proceedings of The 21st ACM Conference on
Computer and Communications Security (CCS),
Scottsdale, Arizona, November 2014.
- Mimesis Aegis: A Mimicry
Privacy Shield - A System's Approach to Data Privacy on Public
Cloud.
Billy Lau, Pak Ho Chung, Chengyu Song, Yeongjin
Jang, Wenke Lee, and Alexandra Boldyreva.
In Proceedings
of The 23rd USENIX Security Symposium. San
Diego, CA. August 2014.
- On the Feasibility of Large-Scale
Infections of iOS Devices.
Tielei Wang, Yeongjin Jang,
Yizheng Chen, Pak Ho Chung, Billy Lau, and Wenke Lee.
In
Proceedings of The 23rd USENIX Security Symposium.
San Diego, CA. August 2014.
- Diagnosis and Emergency Patch Generation for Integer Overflow
Exploits.
Tielei Wang, Chengyu Song, and Wenke Lee.
In
Proceedings of The 11th Conference on Detection of Intrusions
and Malware & Vulnerability Assessment (DIMVA 2014),
Egham, UK, July 2014.
- DNS Noise: Measuring the Pervasiveness of Disposable Domains in
Modern DNS Traffic.
Yizheng Chen, Manos Antonakakis, Roberto
Perdisci, Yacin Nadji, David Dagon, and Wenke Lee.
In
Proceedings of The 44th Annual IEEE/IFIP International
Conference on Dependable Systems and Networks (DSN
2014), Atlanta, GA, June 2014.
- From Zygote to Morula: Fortifying
Weakened ASLR on Android.
Byoungyoung Lee, Long Lu, Tielei
Wang, Taesoo Kim, and Wenke Lee.
In Proceedings of
The 2014 IEEE Symposium on Security and
Privacy, San Jose, CA, May 2014.
- Exposing Inconsistent Web Search Results with Bobble
.
Xinyu Xing, Wei Meng, Dan Doozan, Nick Feamster, Wenke Lee, and Alex
C. Snoeren.
In Proceedings of The 2014 Passive and
Active Measurement (PAM) Conference, Los Angeles, CA,
March 2014.
- Gyrus: A Framework for User-Intent
Monitoring of Text-Based Networked Applications.
Yeongjin
Jang, Simon P. Chung, Bryan D. Payne, and Wenke Lee.
In
Proceedings of The 21st Annual Network and Distributed
System Security Symposium (NDSS), San Diego, CA,
February 2014.
- Building a Scalable System for Stealthy P2P-Botnet
Detection.
Junjie Zhang, Roberto Perdisci, Wenke Lee, Unum Sarfraz, and
Xiapu Luo.
IEEE Transactions on Information Forensics and
Security, 9(1), January 2014.
- Beheading Hydras: Performing
Effective Botnet Takedowns.
Yacin Nadji, Manos Antonakakis,
Roberto Perdisci, and Wenke Lee.
In Proceedings of
The 20th ACM Conference on Computer and Communications
Security (CCS), Berlin, Germany, November 2013.
- Tappan Zee (North) Bridge: Mining
Memory Accesses for Introspection.
Brendan Dolan-Gavitt,
Tim Leek, Josh Hodosh, and Wenke Lee.
In Proceedings of
The 20th ACM Conference on Computer and Communications
Security (CCS), Berlin, Germany, November 2013.
- Connected Colors: Unveiling the Structure of Criminal
Networks.
Yacin Nadji, Manos Antonakakis, Roberto Perdisci, and
Wenke Lee.
In Proceedings of The 16th International
Symposium on Research in Attacks, Intrusions and Defenses
(RAID), St. Lucia, October 2013.
- Take This Personally:
Pollution Attacks on Personalized Services.
Xinyu Xing, Wei
Meng, Dan Doozan, Alex Snoeren, Nick Feamster, and Wenke Lee.
In Proceedings of The 22nd USENIX Security Symposium.
Washington DC. August 2013.
- Jekyll
on iOS: When Benign Apps Become Evil.
Tielei Wang, Kangjie
Lu, Long Lu, Simon Chung, and Wenke Lee.
In Proceedings of
The 22nd USENIX Security Symposium.
Washington DC. August 2013.
- Intention and Origination: An
Inside Look at Large-Scale Bot Queries.
Junjie Zhang,
Yinglian Xie, Fang Yu, David Soukal, and Wenke Lee.
In
Proceedings of The 20th Annual Network and Distributed
System Security Symposium (NDSS), San Diego, CA,
February 2013.
- The Core of the Matter: Analyzing
Malicious Traffic in Cellular Carriers.
Charles Lever,
Manos Antonakakis, Bradley Reaves, Patrick Traynor and Wenke
Lee.
In Proceedings of The 20th Annual Network
and Distributed System Security Symposium (NDSS), San
Diego, CA, February 2013.
- CHEX: Statically Vetting Android
Apps for Component Hijacking Vulnerabilities.
Long Lu,
Zhichun Li, Zhenyu Wu, Wenke Lee, and Guofei Jiang.
In
Proceedings of The 19th ACM Conference on Computer and
Communications Security (CCS), Raleigh, NC. October
2012.
- Secure and Robust Monitoring of Virtual Machines through
Guest-Assisted Introspection.
Martim Carbone, Matthew Conover,
Bruce Montague, and Wenke Lee.
In Proceedings of
The 15th International Symposium on Research in Attacks, Intrusions,
and Defenses (RAID). Amsterdam, The
Netherlands. September, 2012.
- From Throw-Away Traffic to Bots: Detecting the Rise of
DGA-Based Malware.
Manos Antonakakis, Roberto Perdisci, Yacin
Nadji, Nikolaos Vasiloglou, Saeed Abu-Nimeh, Wenke Lee, and David
Dagon.
In Proceedings of The 21st USENIX Security Symposium. Bellevue, WA. August 2012.
- Practical End-to-End Web Content Integrity.
Kapil Singh,
Helen Wang, Alexander Moshchuk, Collin Jackson, and Wenke Lee.
In Proceedings of The 21st International World Wide
Web Conference (WWW), Lyon, France, April 2012.
- Exposing Invisible Timing-Based Traffic Watermarks with BACKLIT.
Xiapu Luo, Peng Zhou, Junjie Zhang, Roberto Perdisci, Wenke Lee, and Rocky K.C. Chang.
In Proceedings of The 27th Annual Computer Security Applications Conference (ACSAC 2011), Orlando, FL, December 2011.
- Understanding the Prevalence and Use of Alternative Plans in Malware with Network Games.
Yacin Nadji, Manos Antonakakis, Roberto Perdisci, and Wenke Lee.
In Proceedings of The 27th Annual Computer Security Applications Conference (ACSAC 2011), Orlando, FL, December 2011.
- SURF: Detecting and Measuring Search Poisoning.
Long Lu, Roberto Perdisci, and Wenke Lee.
In Proceedings of The 18th ACM Conference on Computer and Communications Security (CCS). Chicago, IL, October 2011.
- Detecting Malware Domains at the Upper DNS Hierarchy.
Manos Antonakakis, Roberto Perdisci, Wenke Lee, Nikolaos Vasiloglou II, and David Dagon.
In Proceedings of The 20th USENIX Security Symposium. San Francisco, August 2011.
- A Combinatorial Approach to Network Covert Communications with Applications in Web Leaks.
Xiapu Luo, Peng Zhou, Edmond W. W. Chan, Rocky K. C. Chang, and Wenke Lee.
In Proceedings of The 41st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Hong Kong, China, June 2011.
- Detecting Stealthy P2P Botnets Using Statistical Traffic Fingerprints.
Junjie Zhang, Roberto Perdisci, Wenke Lee, Unum Sarfraz, and Xiapu Luo.
In Proceedings of The 41st Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Hong Kong, China, June 2011.
- Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection.
Brendan Dolan-Gavitt, Tim Leek, Michael Zhivich, Jonathon Giffin, and Wenke Lee.
In Proceedings of The 2011 IEEE Symposium on Security and Privacy. Oakland, CA, May 2011.
- ARROW: Generating Signatures to Detect Drive-By Downloads.
Junjie Zhang, Jay Stokes, Christian Seifert, and Wenke Lee.
In Proceedings of The 20th International World Wide Web Conference (WWW), Hyderabad, India, March 2011.
- Boosting the Scalability of Botnet Detection Using Adaptive Traffic Sampling.
Junjie Zhang, Xiapu Luo, Roberto Perdisci, Guofei Gu, Wenke Lee, and Nick Feamster.
In Proceedings of The 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS), Hong Kong, March 2011.
- HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows.
Xiapu Luo, Peng Zhou, Edmond W.W. Chan, Wenke Lee, Rocky K. C. Chang, and Roberto Perdisci.
In Proceedings of The 18th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2011.
- Control of Low-Rate Denial-of-Service Attacks on Web Servers
and TCP Flows.
Qing Hui, Xiapu Luo, and Wenke Lee.
In
Proceedings of The 49th IEEE Conference on Decision and
Control (CDC), Atlanta, GA, December 2010.
- On the Secrecy of Spread-Spectrum Flow Watermarks.
Xiapu
Luo, Junjie Zhang, Roberto Perdisci, and Wenke Lee.
In
Proceedings of The 15th European Symposium on Research in
Computer Security (ESORICS), Athens, Greece, September
2010.
- A Centralized Monitoring Infrastructure for Improving DNS
Security.
Manos Antonakakis, David Dagon, Xiapu Luo, Roberto
Perdisci, and Wenke Lee.
In Proceedings of The 13th
International Symposium on Recent Advances in Intrusion Detection
(RAID), Ottawa, Ontario, Canada, September 2010.
- BLADE: An Attack-Agnostic Approach for Preventing Drive-By
Malware Infections.
Long Lu, Vinod Yegneswaran, Phil Porras, and
Wenke Lee.
In Proceedings of The 17th ACM
Conference on Computer and Communications Security
(CCS), Chicago, IL, October 2010.
- Building a Dynamic Reputation System for DNS.
Manos
Antonakakis, Roberto Perdisci, David Dagon, Wenke Lee, and Nick
Feamster.
In Proceedings of The 19th USENIX
Security Symposium, Washington, DC, August 2010.
- Evaluating Bluetooth as a Medium for Botnet Command and
Control.
Kapil Singh, Samrit Sangal, Nehil Jain, Patrick Traynor,
and Wenke Lee.
In Proceedings of The 7th Conference
on Detection of Intrusions and Malware Vulnerability Assessment
(DIMVA), Bonn, Germany, July 2010.
- On the Incoherencies in Web Browser Access Control
Policies.
Kapil Singh, Alexander Moshchuk, Helen J. Wang, and
Wenke Lee.
In Proceedings of The 2010 IEEE
Symposium on Security and Privacy, Oakland, CA, May
2010.
- Behavioral Clustering of HTTP-based Malware and Signature
Generation using Malicious Network Traces.
Roberto Perdisci,
Wenke Lee, and Nick Feamster.
In Proceedings of The
7th USENIX Symposium on Networked Systems Design and Implementation
(NSDI), San Jose, CA, April 2010.
- Detecting Malicious Flux Service Networks through Passive
Analysis of Recursive DNS Traces.
Roberto Perdisci, Igino Corona,
David Dagon, and Wenke Lee.
In Proceedings of The
25th Annual Computer Security Applications Conference (ACSAC
2009), Honolulu, HI, December 2009.
- Active Botnet Probing to Identify Obscure Command and Control
Channels.
Guofei Gu, Vinod Yegneswaran, Phillip Porras, Jennifer
Stoll, and Wenke Lee.
In Proceedings of The 25th
Annual Computer Security Applications Conference (ACSAC
2009), Honolulu, HI, December 2009.
- Secure In-VM Monitoring Using Hardware Virtualization.
Monirul Sharif, Wenke Lee, Weidong Cui, and Andrea Lanzi.
In
Proceedings of The 16th ACM Conference on Computer and
Communications Security (CCS 2009), Chicago, IL,
November, 2009.
- Mapping Kernel Objects to Enable Systematic Integrity
Checking.
Martim Carbone, Weidong Cui, Long Lu, Wenke Lee, Marcus
Peinado, and Xuxian Jiang.
In Proceedings of The
16th ACM Conference on Computer and Communications Security (CCS
2009), Chicago, IL, November, 2009.
- xBook: Redesigning Privacy Control in Social Networking
Platforms.
Kapil Singh, Sumeer Bhola, and Wenke Lee.
In
Proceedings of The 18th USENIX Security
Symposium, Montreal, Canada, August, 2009.
- WSEC DNS: Protecting Recursive DNS Resolvers from Poisoning
Attacks.
Roberto Perdisci, Manos Antonakakis, Xiapu Luo, and
Wenke Lee.
In Proceedings of The 39th Annual
IEEE/IFIP International Conference on Dependable Systems and Networks
(DSN 2009), Lisbon, Portugal, June 2009.
- Automatic Reverse Engineering of Malware Emulators.
Monirul Sharif, Andrea Lanzi, Jon Giffin, and Wenke
Lee.
In Proceedings of The 2009 IEEE
Symposium on Security and Privacy, Oakland, CA, May
2009. (Best Student Paper Award)
- McPAD: A Multiple Classifier System for Accurate Payload-Based
Anomaly Detection.
Roberto Perdisci, Davide Ariu, Prahlad
Fogla, Giorgio Giacinto, and Wenke Lee.
In
Computer Networks, 53(6), 2009.
- Dynamic Trust Management.
Matt Blaze, Sampath Kannan,
Insup Lee, Oleg Sokolsky, Jonathan Smith, Angelos Keromytis, and Wenke
Lee.
In IEEE Computer, February 2009.
- K-Tracer: A System for Extracting Kernel Malware Behavior.
Andrea Lanzi, Monirul Sharif, and Wenke Lee.
In
Proceedings of The 16th Annual Network and Distributed
System Security Symposium (NDSS 2009), San Diego, CA,
February 2009.
- Recursive DNS Architectures and Vulnerability
Implications.
David Dagon, Manos Antonakakis, Kevin Day, Xiapu
Luo, Christopher P. Lee, and Wenke Lee.
In Proceedings of
The 16th Annual Network and Distributed System Security
Symposium (NDSS 2009), San Diego, CA, February
2009.
- McBoost: Boosting Scalability in Malware Collection and
Analysis Using Statistical Classification of Executables.
Roberto
Perdisci, Andrea Lanzi, and Wenke Lee.
In Proceedings of
The 24th Annual Computer Security Applications Conference
(ACSAC 2008), Anaheim, CA, December 2008.
- Classification of Packed Executables for Accurate Computer
Virus Detection.
Roberto Perdisci, Andrea Lanzi, and Wenke
Lee.
In Pattern Recognition Letters,
29(14), October 2008.
- Ether: Malware Analysis via Hardware Virtualization
Extensions.
Artem Dinaburg, Paul Royal, Monirul Sharif, and Wenke
Lee.
In Proceedings of The 15th ACM Conference on
Computer and Communications Security (CCS 2008),
Alexandria, VA, October 2008.
- Increased DNS Forgery Resistance Through 0x20-Bit
Encoding.
David Dagon, Manos Antonakakis, Paul Vixie, Tatuya
Jinmei, and Wenke Lee.
In Proceedings of The 15th
ACM Conference on Computer and Communications Security (CCS
2008), Alexandria, VA, October 2008.
- Eureka: A Framework for Enabling Static Malware Analysis.
Monirul Sharif, Vinod Yegneswaran, Hassen Saidi, Phillip Porras, and
Wenke Lee.
In Proceedings of The 13th European
Symposium on Research in Computer Security (ESORICS),
Malaga, Spain, October 2008.
- BotMiner: Clustering Analysis of Network Traffic for Protocol-
and Structure-Independent Botnet Detection.
Guofei Gu, Roberto
Perdisci, Junjie Zhang, and Wenke Lee.
In Proceedings of
The 17th USENIX Security Symposium
(Security'08), San Jose, CA, July 2008.
- Evaluating Email's Feasibility for Botnet Command and
Control.
Kapil Singh, Abhinav Srivastava, Jon Giffin, and Wenke
Lee.
In Proceedings of The 38th Annual IEEE/IFIP
International Conference on Dependable Systems and Networks (DSN
2008), Anchorage, Alaska, June 2008.
- Lares: An Architecture for Secure Active Monitoring Using
Virtualization.
Bryan D. Payne, Martim Carbone, Monirul Sharif,
and Wenke Lee.
In Proceedings of The 2008 IEEE
Symposium on Security and Privacy, Oakland, CA, May
2008.
- Principled Reasoning and Practical Applications of Alert Fusion
in Intrusion Detection Systems.
Guofei Gu, Alvaro A. Cardenas,
and Wenke Lee.
In Proceedings of The ACM
Symposium on InformAction, Computer and Communications Security
(ASIACCS'08), Tokyo, Japan, March 2008.
- Taming Virtualization.
Martim Carbone, Diego Zamboni, and
Wenke Lee.
In IEEE Security &
Privacy, 6(1), January/February 2008.
- Corrupted DNS Resolution Paths: The Rise of a Malicious
Resolution Authority.
David Dagon, Niels Provos, Chris Lee, and
Wenke Lee.
In Proceedings of The 15th Annual
Network and Distributed System Security Symposium (NDSS
2008), San Diego, CA, February 2008.
- BotSniffer: Detecting Botnet Command and Control Channels in
Network Traffic.
Guofei Gu, Junjie Zhang, and Wenke Lee.
In Proceedings of The 15th Annual Network and
Distributed System Security Symposium (NDSS 2008), San
Diego, CA, February 2008.
- Impeding Malware Analysis using Conditional Code
Obfuscation.
Monirul Sharif, Andrea Lanzi, Jonathon Giffin, and
Wenke Lee.
In Proceedings of The 15th Annual
Network and Distributed System Security Symposium (NDSS
2008), San Diego, CA, February 2008.
- Secure and Flexible Monitoring of Virtual Machines.
Bryan
D. Payne and Martim Carbone and Wenke Lee.
In Proceedings
of The 23rd Annual Computer Security Applications Conference
(ACSAC 2007), Miami Beach, FL, December 2007.
- A Taxonomy of Botnet Structures.
David Dagon, Guofei Gu,
Chris Lee and Wenke Lee.
In Proceedings of The 23rd
Annual Computer Security Applications Conference (ACSAC
2007), Miami Beach, FL, December 2007.
- Misleading and Defeating Importance-Scanning Malware
Propagation.
Guofei Gu, Zesheng Chen, Phillip Porras and Wenke
Lee.
In Proceedings of The 3rd International
Conference on Security and Privacy in Communication Networks
(SecureComm'07), Nice, France, September 2007.
- An Assessment of VoIP Covert Channel Threats.
Takehiro
Takahashi and Wenke Lee.
In Proceedings of The 3rd
International Conference on Security and Privacy in Communication
Networks (SecureComm'07), Nice, France, September
2007.
- Understanding Precision in Host Based Intrusion Detection:
Formal Analysis and Practical Models.
Monirul Sharif, Kapil
Singh, Jonathon Giffin and Wenke Lee.
In Proceedings of
The 10th International Symposium on Recent Advances in
Intrusion Detection (RAID), Surfers Paradise, Australia,
September 2007.
- BotHunter: Detecting Malware Infection Through IDS-Driven
Dialog Correlation.
Guofei Gu, Phillip Porras, Vinod Yegneswaran,
Martin Fong, Wenke Lee.
In Proceedings of The 16th
USENIX Security Symposium (Security'07), Boston, MA,
August 2007.
- A Layered Approach to Simplified Access Control in Virtualized
Systems.
Bryan D. Payne, Reiner Sailer, Ramon Caceres, Ronald
Perez, and Wenke Lee
In ACM SIGOPS Operating Systems
Review, 4(2), July 2007.
- Intrusion-Resilient Key Exchange in the Bounded Retrieval
Model.
David Cash, Yan Zong Ding, Yevgeniy Dodis, Wenke Lee,
Richard Lipton, and Shabsi Walfish.
In Proceedings of
The Fourth IACR Theory of Cryptography Conference (TCC
2007), Amsterdam, The Netherlands, February
2007.
- Using an Ensemble of One-Class SVM Classifiers to Harden
Payload-based Anomaly Detection Systems.
Roberto
Perdisci, Guofei Gu, and Wenke Lee.
In Proceedings
of The 2006 IEEE International Conference on Data
Mining (ICDM '06) , Hong Kong, China,
December 2006.
- PolyUnpack: Automating the Hidden-Code Extraction of
Unpack-Executing Malware.
Paul Royal, Mitch Halpin,
David Dagon, Robert Edmonds, and Wenke Lee.
In Proceedings of The 22nd Annual Computer
Security Applications Conference (ACSAC
2006), Miami Beach, FL, December 2006.
- Evading Network Anomaly Detection Systems: Formal Reasoning and
Practical Techniques.
Prahlad Fogla and Wenke Lee.
In Proceedings of The 13th ACM Conference on
Computer and Communications Security (CCS
2006) , Alexandria, VA, October 2006.
- Towards an
Information-Theoretic Framework for Analyzing Intrusion
Detection Systems.
Guofei Gu, Prahlad Fogla, David
Dagon, Wenke Lee, and Boris Skoric.
In Proceedings
of The 11th European Symposium Research Computer
Security (ESORICS 2006) , Hamburg, Germany,
September 2006.
- Polymorphic Blending
Attacks.
Prahlad Fogla, Monirul Sharif, Roberto
Perdisci, Oleg Kolesnikov, and Wenke Lee.
In Proceedings of The 15th USENIX Security
Symposium (SECURITY '06) , Vancouver, B.C.,
Canada, August 2006.
- Using Labeling to Prevent Cross-Service Attacks Against Smart
Phones.
Collin Mulliner, Giovanni Vigna, David Dagon,
and Wenke Lee.
In Proceedings of The 3rd
Conference on Detection of Intrusions & Malware, and
Vulnerability Assessment (DIMVA 2006),
Berlin, Germany, July 2006.
- Agent-Based Cooperative Anomaly Detection for Wireless Ad Hoc
Networks.
Hongmei Deng, Roger Xu, Jason H. Li, Frank
Zhang, Renato Levy, and Wenke Lee.
In Proceedings
of The 12th International Conference on Parallel
and Distributed Systems (ICPADS 2006),
Minneapolis, Minnesota, July 2006.
- DSO: Dependable Signing Overlay.
Guofei Gu, Prahlad Fogla,
Wenke Lee, and Douglas Blough.
In Proceedings
of The 4th International Conference on Applied
Cryptography and Network Security (ACNS '06),
Singapore, June 2006.
- Misleading Worm Signature
Generators Using Deliberate Noise Injection (full
paper).
Roberto Perdisci, David Dagon, Wenke Lee,
Prahlad Fogla, and Monirul Sharif.
In Proceedings
of The 2006 IEEE Symposium on Security and
Privacy, Oakland, CA, May 2006.
- q-Gram Matching Using Tree Models
Prahlad Fogla and Wenke
Lee
IEEE Transactions on Knowledge and Data
Engineering, 18(4), April 2006.
- Measuring Intrusion Detection Capability: An
Information-Theoretic Approach.
Guofei Gu, Prahlad Fogla,
David Dagon, Wenke Lee, and Boris Skoric.
In Proceedings
of ACM Symposium on InformAction, Computer and
Communications Security (ASIACCS '06), Taipei,
Taiwan, March 2006.
- Modeling Botnet Propagation Using Time Zones.
David Dagon,
Cliff Zou, and Wenke Lee.
In Proceedings of The
13th Annual Network and Distributed System Security Symposium
(NDSS 2006), San Diego, CA, February 2006.
- Anomalous Path Detection with Hardware Support.
Tao Zhang,
Xiaotong Zhuang, Santosh Pande, and Wenke Lee.
In Proceedings of The 2005 International Conference on
Compilers, Architecture, and Synthesis for Embedded Systems (CASES
2005), San Francisco, CA, September 2005.
- An Extensible Environment for
Evaluating Secure MANET.
Yongguang Zhang, Yi-an Huang, and
Wenke Lee.
In Proceedings of The 1st International
Conference on Security and Privacy for Emerging Areas in Communication
Networks (SecureComm 2005), Athens, Greece, September
2005.
- Hotspot-Based Traceback for Mobile
Ad Hoc Networks.
Yi-an Huang and Wenke Lee.
In Proceedings of The ACM Workshop on Wireless Security
(WiSe 2005), Cologne, Germany, September 2005.
- Environment-Sensitive Intrusion
Detection.
Jonathon T. Giffin, David Dagon, Somesh Jha, Wenke
Lee, and Barton P. Miller.
In Proceedings of The 8th
International Symposium on Recent Advances in Intrusion Detection
(RAID 2005), Seattle, WA, September 2005.
- Comparative Study between Analytical Models and Packet-Level
Worm Simulations.
Monirul Sharif, George Riley, and Wenke
Lee.
In Proceedings of The 19th Workshop on
Parallel and Distributed Simulation (PADS 2005),
Monterey, CA, June 2005.
- Protecting Secret Data from Insider
Attacks.
David Dagon, Wenke Lee, and Richard Lipton.
In Proceedings of Ninth International Conference on
Financial Cryptography and Data Security, Roseau,
Dominica, Feb. 2005.
- Worm Detection, Early
Warning, and Response Based on Local Victim Information.
Guofei Gu, David Dagon, Xinzhou Qin, Monirul I. Sharif, Wenke Lee, and
George F. Riley.
In Proceedings of
The 20th Annual Computer Security Applications Conference
(ACSAC 2004), Tucson, Arizona, December 2004.
- Attack Plan Recognition and
Prediction Using Causal Networks.
Xinzhou Qin and Wenke
Lee.
In Proceedings of
The 20th Annual Computer Security Applications Conference
(ACSAC 2004), Tucson, Arizona, December 2004.
- On the Statistical Distribution of
Processing Times in Network Intrusion Detection.
Joao
B.D. Cabrera, Jaykumar Gosar, Wenke Lee, and Raman K. Mehra.
In
Proceedings of The 43rd IEEE Conference on Decision and
Control (CDC 2004), Bahamas, December 2004.
- Simulating Internet
Worms.
George F. Riley, Monirul I. Sharif, and Wenke
Lee.
In
Proceedings of The 12th Annual Meeting of the IEEE/ACM
International Symposium on Modeling, Analysis, and Simulation of
Computer and Telecommunication Systems (MASCOTS),
Volendam, The Netherlands, October 2004
- Attack Analysis and Detection for
Ad Hoc Routing Protocols.
Yian Huang and Wenke Lee.
In
Proceedings of The 7th International Symposium on Recent
Advances in Intrusion Detection (RAID 2004), Sophia
Antipolis, France, September 2004.
- Security in Mobile Ad-Hoc Networks
Yongguang Zhang and
Wenke Lee
Ad Hoc Networks: Technologies and
Protocols. P. Mohapatra and S. Krishnamurthy (eds),
Springer, 2004.
- HoneyStat: Local Worm Detection
Using Honeypots.
David Dagon, Xinzhou Qin, Guofei Gu, Wenke
Lee, Julian Grizzard, John Levin, and Henry Owen.
In
Proceedings of The 7th International Symposium on Recent
Advances in Intrusion Detection (RAID 2004), Sophia
Antipolis, France, September 2004.
- Using Artificial Anomalies to Detect Unknown and Known Network
Intrusions
Wei Fan, Matt Miller, Sal Stolfo, Wenke Lee, and Phil
Chan
Knowledge and Information Systems,
Springer, 6(5), September 2004.
- Discovering Novel
Attack Strategies from INFOSEC Alerts.
Xinzhou Qin and Wenke
Lee.
In Proceedings of The 9th European Symposium on
Research in Computer Security (ESORICS 2004) , Sophia
Antipolis, France, September 2004.
- Formalizing Sensitivity in Static
Analysis for Intrusion Detection.
Henry H. Feng, Jonathon
T. Giffin, Yong Huang, Somesh Jha, Wenke Lee, and Barton P. Miller
In Proceedings of The 2004 IEEE Symposium on Security and
Privacy, Oakland, CA, May 2004.
- A Hardware Platform for Network Intrusion
Detection and Prevention.
Chris Clark, Wenke Lee, David
Schimmel, Didier Contis, Mohamed Kone, and Ashley Thomas
In
Proceedings of The 3rd Workshop on Network Processors and
Applications (NP3), Madrid, Spain, February
2004.
- A Cooperative Intrusion Detection System
for Ad Hoc Networks.
Yian Huang and Wenke Lee
In
Proceedings of the ACM Workshop on Security of Ad Hoc and
Sensor Networks (SASN '03), Fairfax VA, October
2003.
- Intrusion Detection Techniques for
Mobile Wireless Networks
Yongguang Zhang, Wenke Lee, and Yian
Huang
ACM/Kluwer Wireless Networks Journal (ACM
WINET), 9(5), September 2003.
- Statistical Causality Analysis of
INFOSEC Alert Data.
Xinzhou Qin and Wenke Lee
In
Proceedings of The 6th International Symposium on Recent
Advances in Intrusion Detection (RAID 2003), Pittsburgh,
PA, September 2003.
- Anomaly Detection Using Call Stack
Information.
Henry H. Feng, Oleg Kolesnikov, Prahlad Fogla,
Wenke Lee, and Weibo Gong
In Proceedings of The 2003
IEEE Symposium on Security and Privacy, Oakland, CA, May
2003.
- Cross-Feature Analysis for Detecting
Ad-Hoc Routing Anomalies.
Yi-an Huang, Wei Fan, Wenke Lee, and
Philip S. Yu
In Proceedings of The 23rd International
Conference on Distributed Computing Systems (ICDCS),
Providence, RI, May 2003.
- Applying Data Mining to Intrusion Detection: The Quest for
Automation, Efficiency, and Credibility.
Wenke Lee
In
SIGKDD Explorations, 4(2), December
2002.
- Performance Adaptation in Real-Time
Intrusion Detection Systems.
Wenke Lee, Joao B. D. Cabrera,
Ashley Thomas, Niranjan Balwalli, Sunmeet Saluja, and Yi Zhang
In
Proceedings of The 5th International Symposium on Recent
Advances in Intrusion Detection (RAID 2002), Zurich,
Switzerland, October 2002.
- Proactive Intrusion Detection and Distributed Denial of Service
Attacks - A Case Study in Security Management
Joao B. D. Cabrera,
Lundy Lewis, Xinzhou Qin, Wenke Lee, and Raman K. Mehra
Journal of Network and Systems Management,
10(2), June 2002.
- Algorithms for Mining System
Audit Data
Wenke Lee, Sal Stolfo, and Kui Mok
Data Mining, Rough Sets, and Granular
Computing, T. Y. Lin, Y. Y. Yao, and L. A. Zadeh (eds),
Physica-Verlag, 2002
- Proactive Intrusion Detection - A Study on Temporal Data
Mining
Joao B.D. Cabrera, Lundy Lewis, Xinzhou Qin, Wenke Lee,
Raman K. Mehra
Applications of Data Mining in Computer
Security. D. Barbara and S. Jajodia (eds), Kluwer
Academic Publishers, May 2002
- Using MIB II Variables for Network Intrusion Detection
Xinzhou Qin, Wenke Lee, Lundy Lewis, Joao B. Cabrera
Applications of Data Mining in Computer
Security. D. Barbara and S. Jajodia (eds), Kluwer
Academic Publishers, May 2002.
- Integrating Intrusion Detection and Network Management.
Xinzhou Qin, Wenke Lee, Lundy Lewis, and Joao B. D. Cabrera
In
Proceedings of The IEEE/IFIP Network Operations and
Management Symposium (NOMS 2002), Florence, Italy, May
2002.
- Toward Cost-Sensitive Modeling for
Intrusion Detection and Response
Wenke Lee, Wei Fan, Matt
Miller, Sal Stolfo, and Erez Zadok
Journal of
Computer Security, 10(1,2), 2002.
- Mining System Audit Data: Opportunities and Challenges.
Wenke Lee and Wei Fan
In SIGMOD Record,
30(4), December 2001.
- Using Artificial
Anomalies to Detect Unknown and Known Network Intrusions.
Wei
Fan, Matt Miller, Sal Stolfo, Wenke Lee, and Phil Chan
In
Proceedings of The First IEEE International Conference on
Data Mining, San Jose, CA, November 2001.
- Using MIB II Variables for Network Anomaly Detection - A
Feasibility Study.
Xinzhou Qin, Wenke Lee, Lundy Lewis, and Joao
B. D. Cabrera.
ACM Workshop on Data Mining for
Security Applications, Philadelphia, PA, November 2001.
- Heterogeneous Networking: A New
Survivability Paradigm.
Yongguang Zhang, Harrick Vin, Lorenzo
Alvisi, Wenke Lee, and Son K. Dao
In Proceedings of
The 2001 New Security Paradigms Workshop (NSPW),
Cloudcroft, New Mexico, September 2001.
- Real Time Data Mining-based
Intrusion Detection.
Wenke Lee, Sal Stolfo, Phil Chan, Eleazar
Eskin, Wei Fan, Matt Miller, Shlomo Hershkop, and Junxin Zhang
In
Proceedings of The 2001 DARPA Information Survivability
Conference and Exposition (DISCEX II) (selected for
presentation), Anaheim, CA, June 2001.
- Information-Theoretic
Measures for Anomaly Detection
Wenke Lee and Dong Xiang
In Proceedings of The 2001 IEEE Symposium on Security and
Privacy, Oakland, CA, May 2001.
- Proactive Detection of Distributed Denial
of Service Attacks Using MIB Traffic Variables - A Feasibility
Study
J. B. D. Cabrera, L. Lewis, X. Qin, Wenke Lee, Ravi
Prasanth, B. Ravichandran, and Raman Mehra
In Proceedings of
The Seventh IFIP/IEEE International Symposium on Integrated
Network Management (IM 2001), Seattle, WA, May
2001.
- Adaptive Intrusion Detection: a
Data Mining Approach
Wenke Lee, Sal Stolfo, and Kui Mok
Artificial Intelligence Review, Kluwer
Academic Publishers, 14(6):533-567 (December 2000).
- A Framework for Constructing
Features and Models for Intrusion Detection Systems
Wenke Lee
and Sal Stolfo
ACM Transactions on Information and
System Security, 3(4), November 2000.
- Toward Cost-Sensitive
Modeling for Intrusion Detection and Response
Wenke Lee, Wei
Fan, Matt Miller, Sal Stolfo, and Erez Zadok
ACM
Workshop on Intrusion Detection Systems , Athens,
Greece, November 2000
- A Data Mining and CIDF Based
Approach for Detecting Novel and Distributed Intrusions
Wenke
Lee, Rahul Nimbalkar, Kam Yee, Sunil Patil, Pragnesh Desai, Thuan
Tran, and Sal Stolfo
In Proceedings of The Third
International Workshop on Recent Advances in Intrusion Detection (RAID
2000), Lecture Notes in Computer Science No. 1907,
Toulouse, France, October 2000
- Intrusion Detection in Wireless
Ad-Hoc Networks
Yongguang Zhang and Wenke Lee
In
Proceedings of The Sixth International Conference on
Mobile Computing and Networking (MobiCom 2000), Boston,
MA, August 2000
- A Multiple Model Cost-Sensitive
Approach for Intrusion Detection
Wei Fan, Wenke Lee, Sal
Stolfo, and Matt Miller
In Proceedings of The
Eleventh European Conference on Machine Learning (ECML 2000), Lecture
Notes in Artificial Intelligence No. 1810, Barcelona,
Spain, May 2000
- Cost-based Modeling for Fraud and
Intrusion Detection: Results from the JAM Project
Sal Stolfo,
Wei Fan, Wenke Lee, Andreas Prodromidis, and Phil Chan
In
Proceedings of the 2000 DARPA Information Survivability
Conference and Exposition (DISCEX '00) (selected for
presentation), Hilton Head, SC, January 2000
- Interfacing Oz with the PCTE OMS: A
Case Study of Integrating a Legacy System with a Standard Object
Management System
Wenke Lee and Gail Kaiser
Journal of Systems Integration,
9(4):329-358, Kluwer Academic Publishers, 1999.
- Jadve: An Extensible Data
Visualization Environment
Wenke Lee and Naser Barghouti
in Object-Oriented Applications Frameworks
, M. Fayad, D. Schmidt, and R. Johnson (eds), John Wiley
& Sons, 1999
- Mining in a Data-flow Environment:
Experience in Network Intrusion Detection
(Best Paper Award
in Applied Research Category)
Wenke Lee, Sal Stolfo, and Kui Mok
In Proceedings of the 5th ACM SIGKDD International
Conference on Knowledge Discovery & Data Mining (KDD
'99), San Diego, CA, August 1999
-
A Data Mining Framework for
Building Intrusion Detection Models
Wenke Lee, Sal Stolfo, and Kui Mok
In Proceedings of the 1999 IEEE Symposium on
Security and Privacy, Oakland, CA, May 1999
- Towards Automatic Intrusion Detection using NFR
Wenke Lee,
Chris Park, and Sal Stolfo
In Proceedings of the 1st
USENIX Workshop on Intrusion Detection and Network
Monitoring, April 1999
- Mining Audit Data to Build Intrusion
Detection Models
(Honorable mention (runner-up) for Best
Paper Award in Applied Research Category)
Wenke Lee, Sal Stolfo,
and Kui Mok
In Proceedings of the Fourth International
Conference on Knowledge Discovery and Data Mining (KDD
'98), New York, NY, August 1998
- Data Mining Approaches for
Intrusion Detection (Postscript)
Wenke Lee and Sal
Stolfo
In Proceedings of the Seventh USENIX Security
Symposium (SECURITY '98), San Antonio, TX, January 1998
- JAM:
Java Agents for Meta-learning over Distributed Databases
Sal
Stolfo, Andreas Prodromidis, Shelley Tselepis, Wenke Lee, Dave Fan,
and Phil Chan
(Honorable mention (runner-up) for Best Paper Award
in Applied Research Category)
In Proceedings of the
Third International Conference on Knowledge Discovery and Data
Mining (KDD '97), Newport Beach, CA, August 1997
- Grappa: A GRAPh PAckage in
Java
Naser S. Barghouti, John Mocenigo, and Wenke Lee
Fifth Annual Symposium on Graph Drawing (Graph Drawing
'97), Rome, Italy, September 1997
- Learning Patterns from Unix
Process Execution Traces for Intrusion Detection
Wenke Lee,
Sal Stolfo, and Phil Chan
AAAI Workshop: AI Approaches
to Fraud Detection and Risk Management, July 1997
- Credit
Card Fraud Detection Using Meta-Learning: Issues and Initial
Results
Sal Stolfo, Dave Fan, Wenke Lee, Andreas Prodromidis,
and Phil Chan
AAAI Workshop: AI Approaches to Fraud
Detection and Risk Management, July 1997
- OzCare: A Workflow Automation
System for Care Plans
Wenke Lee, Gail Kaiser, Paul Clayton,
and Eric Sherman
In Proceedings of the
American Medical Informatics Association Annual Fall
Symposium, Washington DC, October 1996
- Pay No
Attention to the Man Behind the Curtain
Gail Kaiser and Wenke
Lee
NSF Workshop on Workflow and Process
Automation, May 1996
- Data Modeling and Management for Large Spatial Databases
Wenke Lee
In Proceedings of the Third
International Workshop in GIS, Beijing, China, August
1993
Ph.D. Thesis
A Data Mining Framework for Constructing
Features and Models for Intrusion Detection Systems, Computer
Science Department, Columbia University, New York, NY. June 1999.