Research

CoinDef: A Comprehensive Code Injection Defense for the Electron Framework

Z Yang, SP Chung, J Chen, R Zhang, B Saltaformaggio, W Lee

2025 IEEE Symposium on Security and Privacy (SP), 3127-3144, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:Xt3t5HrhCpYC

System and method for detecting and preventing social engineering attacks and advertisements

Z Yang, W Lee, R PERDISCI

US Patent App. 18/951,037, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:seU1ZbiIO-YC

3D Gaussian Splat Vulnerabilities

M Hull, H Yang, P Mehta, M Phute, A Cho, H Wang, M Lau, W Lee, ...

arXiv preprint arXiv:2506.00280, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:P6jpBLdrFncC

SoundBoost: Effective RCA and Attack Detection for UAV via Acoustic Side-Channel

H Wang, Z Yang, S Park, Y Yang, S Kim, W Lunardi, M Andreoni, T Kim, ...

2025 55th Annual IEEE/IFIP International Conference on Dependable Systems …, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:3A6oGT7R4jcC

Your Control Host Intrusion Left Some Physical Breadcrumbs: Physical Evidence-Guided Post-Mortem Triage of SCADA Attacks

M Ike, K Sadoski, R Valme, B Sahin, S Zonouz, W Lee

Proceedings of the 20th ACM Asia Conference on Computer and Communications …, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:KrOX6H5u0oYC

Bridging Unsupervised and Semi-Supervised Anomaly Detection: A Theoretically-Grounded and Practical Framework with Synthetic Anomalies

M Lau, TY Zhou, X Yuan, J Chen, W Lee, X Huo

arXiv preprint arXiv:2506.13955, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:fhMX52Pd6iQC

Privacy-preserving fuzzy query system and method

E Uzun, A Boldyreva, PH Chung, V Kolesnikov, W Lee

US Patent 12,361,164, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:aAWV-AKBBEQC

Superficial self-improved reasoners benefit from model merging

X Yuan, C Zhang, Z Liu, D Shi, S Vosoughi, W Lee

arXiv preprint arXiv:2503.02103, 2025 · 01 Jan 2025 · nfkH5V4AAAAJ:1zNUifcpCKoC

Privacy preserving face-based authentication

PH Chung, W Lee, E Uzun, C Yagemann

US Patent 11,874,911, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:OYHP0ARJxK0C

Jasmine: Scale up JavaScript Static Security Analysis with Computation-based Semantic Explanation

F Xiao, Z Su, G Yang, W Lee

2024 IEEE Symposium on Security and Privacy (SP), 296-311, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:22N0J9dj6kwC

RenderBender: A Survey on Adversarial Attacks Using Differentiable Rendering

M Hull, H Wang, M Lau, A Helbling, M Phute, C Zhang, Z Kira, W Lunardi, ...

arXiv preprint arXiv:2411.09749, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:-1RNHcZo4Y8C

{WEBRR}: A Forensic System for Replaying and Investigating {Web-Based} Attacks in The Modern Web

J Allen, Z Yang, F Xiao, M Landen, R Perdisci, W Lee

33rd USENIX Security Symposium (USENIX Security 24), 1669-1686, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:8baWPQ8fTxwC

Physics-Assisted Explainable Anomaly Detection in Power Systems.

M Lau, F Alsaeed, K Thames, N Suresettakul, SA Zonouz, W Lee, ...

ECAI, 4748-4755, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:6tHXJaRVc1QC

Non-Robust Features are Not Always Useful in One-Class Classification

M Lau, H Wang, A Helbling, M Hul, SY Peng, M Andreoni, WT Lunardi, ...

arXiv preprint arXiv:2407.06372, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:D2lc7i8A8ooC

Can transformers reason logically? a study in sat solving

L Pan, V Ganesh, J Abernethy, C Esposo, W Lee

arXiv preprint arXiv:2410.07432, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:6jbE1kO3aKAC

RL-ARNE: A reinforcement learning algorithm for computing average reward nash equilibrium of nonzero-sum stochastic games

D Sahabandu, S Moothedath, J Allen, L Bushnell, W Lee, R Poovendran

IEEE Transactions on Automatic Control 69 (11), 7824-7831, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:lM7bPffmjyEC

Towards generic database management system fuzzing

Y Yang, Y Chen, R Zhong, J Chen, W Lee

33rd USENIX Security Symposium (USENIX Security 24), 901-918, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:g-FVFPYC6a8C

Optimal classification-based anomaly detection with neural networks: Theory and practice

TY Zhou, M Lau, J Chen, W Lee, X Huo

arXiv preprint arXiv:2409.08521, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:DQQjGlBKAuwC

Stochastic dynamic information flow tracking game using supervised learning for detecting advanced persistent threats

S Moothedath, D Sahabandu, J Allen, L Bushnell, W Lee, R Poovendran

Automatica 159, 111353, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:JZsVLox4iN8C

Geometric implications of classification on reducing open space risk

M Lau, L Pan, S Davidov, AP Meliopoulos, W Lee

The Second Tiny Papers Track at ICLR 2024, 2024 · 01 Jan 2024 · nfkH5V4AAAAJ:TAWzVH7WYHIC

TRIDENT: Towards Detecting and Mitigating Web-based Social Engineering Attacks

Zheng Yang, Joey Allen, Matthew Landen, Roberto Perdisci, Wenke Lee

32st USENIX Security Symposium · 09 Aug 2023 · isbn-13:978-1-939133-37-3

The Threat of Offensive AI to Organizations

Yisroel Mirsky, Ambra Demontis, Jaidip Kotak, Ram Shankar, Deng Gelei, ..., Xiangyu Zhang, Maura Pintor, Wenke Lee, Yuval Elovici, Battista Biggio

Computers & Security · 01 Jan 2023 · doi:10.1016/j.cose.2022.103006

Bridging Both Worlds in Semantics and Time: Domain Knowledge Based Analysis and Correlation of Industrial Process Attacks

M Ike, K Phan, A Badapanda, M Landen, K Sadoski, W Guo, A Shah, ...

arXiv preprint arXiv:2311.18539, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:-jghkW3WqMUC

Revisiting non-separable binary classification and its applications in anomaly detection

M Lau, I Seck, AP Meliopoulos, W Lee, E Ndiaye

arXiv preprint arXiv:2312.01541, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:7LPp1NROPxwC

KDD Cup 1999 dataset. 1999

SJ Stolfo, W Fan, W Lee, A Prodromidis, P Chan

Avaible online: https://kdd. ics. uci. edu/databases/kddcup99/kddcup99. html …, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:sCWLdL-sCz8C

{µFUZZ}: Redesign of Parallel Fuzzing using Microservice Architecture

Y Chen, R Zhong, Y Yang, H Hu, D Wu, W Lee

32nd USENIX Security Symposium (USENIX Security 23), 1325-1342, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:rn9M3PrGu7MC

Internet Service Providers' and Individuals' Attitudes, Barriers, and Incentives to Secure {IoT}

N Sombatruang, T Caulfield, I Becker, A Fujita, T Kasama, K Nakao, ...

32nd USENIX Security Symposium (USENIX Security 23), 1541-1558, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:rPDWb_FAO-YC

{TRIDENT}: Towards Detecting and Mitigating Web-based Social Engineering Attacks

Z Yang, J Allen, M Landen, R Perdisci, W Lee

32nd USENIX Security Symposium (USENIX Security 23), 6701-6718, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:yWe6nybXSkwC

{PUMM}: Preventing {Use-After-Free} Using Execution Unit Partitioning

C Yagemann, SP Chung, B Saltaformaggio, W Lee

32nd USENIX Security Symposium (USENIX Security 23), 823-840, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:EKd_EOGQzkMC

Scaphy: Detecting modern ics attacks by correlating behaviors in scada and physical

M Ike, K Phan, K Sadoski, R Valme, W Lee

2023 IEEE Symposium on Security and Privacy (SP), 20-37, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:yuCoZvLJRl8C

{VulChecker}: Graph-based vulnerability localization in source code

Y Mirsky, G Macon, M Brown, C Yagemann, M Pruett, E Downing, ...

32nd USENIX Security Symposium (USENIX Security 23), 6557-6574, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:JTutsjMeBaAC

The threat of offensive ai to organizations

Y Mirsky, A Demontis, J Kotak, R Shankar, D Gelei, L Yang, X Zhang, ...

Computers & Security 124, 103006, 2023 · 01 Jan 2023 · nfkH5V4AAAAJ:vq7B84E5p90C

Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-platform Ecosystem

Feng Xiao, Zheng Yang, Joey Allen, Guangliang Yang, Grant Williams, Wenke Lee

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security · 07 Nov 2022 · doi:10.1145/3548606.3559340

Privacy preserving face-based authentication

PH Chung, W Lee, E Uzun, C Yagemann

US Patent 11,494,476, 2022 · 01 Jan 2022 · nfkH5V4AAAAJ:sEK1m4D7fbcC

Deview: Confining progressive web applications by debloating web apis

CS Oh, S Lee, C Qian, H Koo, W Lee

Proceedings of the 38th Annual Computer Security Applications Conference …, 2022 · 01 Jan 2022 · nfkH5V4AAAAJ:2POsdo3tyOAC

DRAGON: Deep reinforcement learning for autonomous grid operation and attack detection

M Landen, K Chung, M Ike, S Mackay, JP Watson, W Lee

Proceedings of the 38th Annual Computer Security Applications Conference, 13-27, 2022 · 01 Jan 2022 · nfkH5V4AAAAJ:_9EdYq_GCQ0C

Understanding and mitigating remote code execution vulnerabilities in cross-platform ecosystem

F Xiao, Z Yang, J Allen, G Yang, G Williams, W Lee

Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications …, 2022 · 01 Jan 2022 · nfkH5V4AAAAJ:cvMPO0XfNn8C

Cryptographic Key Derivation from Biometric Inferences for Remote Authentication

Erkam Uzun, Carter Yagemann, Simon Chung, Vladimir Kolesnikov, Wenke Lee

Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security · 24 May 2021 · doi:10.1145/3433210.3437512

One Engine to Fuzz ’em All: Generic Language Processor Testing with Semantic Validation

Yongheng Chen, Rui Zhong, Hong Hu, Hangfan Zhang, Yupeng Yang, Dinghao Wu, Wenke Lee

2021 IEEE Symposium on Security and Privacy (SP) · 01 May 2021 · doi:10.1109/SP40001.2021.00071

SEPAL: Towards a Large-scale Analysis of SEAndroid Policy Customization

Dongsong Yu, Guangliang Yang, Guozhu Meng, Xiaorui Gong, Xiu Zhang, ..., Yue Jiang, Kai Chen, Wei Zou, Wenke Lee, Wenchang Shi

Proceedings of the Web Conference 2021 · 19 Apr 2021 · doi:10.1145/3442381.3450007

The creation and detection of deepfakes

Y Mirsky, W Lee

ACM Computing Surveys 54 (1), 7, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:KxNY-X0OflYC

Devices, systems, and methods of program identification, isolation, and profile attachment

R Duan, A Bijlani, T Kim, W Lee

US Patent 11,036,479, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:1cQOl6Zi554C

Modeling large-scale manipulation in open stock markets

C Yagemann, PH Chung, E Uzun, S Ragam, B Saltaformaggio, W Lee

IEEE Security & Privacy 19 (6), 58-65, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:QjNCP7ux8QYC

Malware and Attack Technologies Knowledge Area Issue

W Lee

CyBOK: Bristol, UK, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:JzGFD3-rS6kC

Identifying behavior dispatchers for malware analysis

K Park, B Sahin, Y Chen, J Zhao, E Downing, H Hu, W Lee

Proceedings of the 2021 ACM Asia Conference on Computer and Communications …, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:54MofcL-yxcC

Sepal: Towards a large-scale analysis of seandroid policy customization

D Yu, G Yang, G Meng, X Gong, X Zhang, X Xiang, X Wang, Y Jiang, ...

Proceedings of the Web Conference 2021, 2733-2744, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:QXXbHxWZe5oC

Cryptographic key derivation from biometric inferences for remote authentication

E Uzun, C Yagemann, S Chung, V Kolesnikov, W Lee

Proceedings of the 2021 ACM Asia Conference on Computer and Communications …, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:d9ydBXnamCkC

Validating the integrity of audit logs against execution repartitioning attacks

C Yagemann, MA Noureddine, WU Hassan, S Chung, A Bates, W Lee

Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications …, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:9KdEqzwCTsEC

Automated bug hunting with data-driven symbolic root cause analysis

C Yagemann, SP Chung, B Saltaformaggio, W Lee

Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications …, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:R3JqVFXIqpYC

{DeepReflect}: Discovering malicious functionality through binary reconstruction

E Downing, Y Mirsky, K Park, W Lee

30th USENIX Security Symposium (USENIX Security 21), 3469-3486, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:7bRg-L-9LFcC

Abusing hidden properties to attack the node. js ecosystem

F Xiao, J Huang, Y Xiong, G Yang, H Hu, G Gu, W Lee

30th USENIX Security Symposium (USENIX Security 21), 2951-2968, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:c3iu29LiD84C

{ARCUS}: symbolic root cause analysis of exploits in production systems

C Yagemann, M Pruett, SP Chung, K Bittick, B Saltaformaggio, W Lee

30th USENIX Security Symposium (USENIX Security 21), 1989-2006, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:OmZH4w0uHW8C

Fuzzy labeled private set intersection with applications to private {Real-Time} biometric search

E Uzun, SP Chung, V Kolesnikov, A Boldyreva, W Lee

30th USENIX Security Symposium (USENIX Security 21), 911-928, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:sIDMtVbdO0QC

One engine to fuzz’em all: Generic language processor testing with semantic validation

Y Chen, R Zhong, H Hu, H Zhang, Y Yang, D Wu, W Lee

2021 IEEE Symposium on Security and Privacy (SP), 642-658, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:he8YCnfqqkoC

The creation and detection of deepfakes: A survey

Y Mirsky, W Lee

ACM computing surveys (CSUR) 54 (1), 1-41, 2021 · 01 Jan 2021 · nfkH5V4AAAAJ:oXpGQvThPk8C

A Game-Theoretic Approach for Dynamic Information Flow Tracking to Detect Multistage Advanced Persistent Threats

Shana Moothedath, Dinuka Sahabandu, Joey Allen, Andrew Clark, Linda Bushnell, Wenke Lee, Radha Poovendran

IEEE Transactions on Automatic Control · 01 Dec 2020 · doi:10.1109/TAC.2020.2976040

Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System

Joey Allen, Zheng Yang, Matthew Landen, Raghav Bhat, Harsh Grover, Andrew Chang, Yang Ji, Roberto Perdisci, Wenke Lee

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security · 30 Oct 2020 · doi:10.1145/3372297.3423355

SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback

Rui Zhong, Yongheng Chen, Hong Hu, Hangfan Zhang, Wenke Lee, Dinghao Wu

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security · 30 Oct 2020 · doi:10.1145/3372297.3417260

Slimium: Debloating the Chromium Browser with Feature Subsetting

Chenxiong Qian, Hyungjoon Koo, ChangSeok Oh, Taesoo Kim, Wenke Lee

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security · 30 Oct 2020 · doi:10.1145/3372297.3417866

A reinforcement learning approach for dynamic information flow tracking games for detecting advanced persistent threats

D Sahabandu, S Moothedath, J Allen, L Bushnell, W Lee, R Poovendran

arXiv preprint arXiv:2007.00076, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:RtDPZMhf-s8C

Machine learning and security: The good, the bad, and the ugly

W Lee

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications …, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:KmkpU35IWjAC

A multi-agent reinforcement learning approach for dynamic information flow tracking games for advanced persistent threats

D Sahabandu, S Moothedath, J Allen, L Bushnell, W Lee, R Poovendran

arXiv preprint arXiv:2007.00076, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:CoqsOaBEKcQC

Quickest detection of advanced persistent threats: A semi-markov game approach

D Sahabandu, J Allen, S Moothedath, L Bushnell, W Lee, R Poovendran

2020 ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS …, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:b15ltGHXyxQC

On the feasibility of automating stock market manipulation

C Yagemann, SP Chung, E Uzun, S Ragam, B Saltaformaggio, W Lee

Proceedings of the 36th Annual Computer Security Applications Conference …, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:eb1hsBXB1ukC

Measuring and preventing supply chain attacks on package managers

R Duan, O Alrawi, RP Kasturi, R Elder, B Saltaformaggio, W Lee

CoRR, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:fLJJVVwU7EQC

Dynamic information flow tracking for detection of advanced persistent threats: A stochastic game approach

S Moothedath, D Sahabandu, J Allen, A Clark, L Bushnell, W Lee, ...

arXiv preprint arXiv:2006.12327, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:VxjqAHCqNGUC

Mnemosyne: An effective and efficient postmortem watering hole attack investigation system

J Allen, Z Yang, M Landen, R Bhat, H Grover, A Chang, Y Ji, R Perdisci, ...

Proceedings of the 2020 ACM SIGSAC conference on computer and communications …, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:5CmvP2Up3ZUC

A game-theoretic approach for dynamic information flow tracking to detect multistage advanced persistent threats

S Moothedath, D Sahabandu, J Allen, A Clark, L Bushnell, W Lee, ...

IEEE Transactions on Automatic Control 65 (12), 5248-5263, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:9Gmr9OE0IYAC

Slimium: debloating the chromium browser with feature subsetting

C Qian, H Koo, CS Oh, T Kim, W Lee

Proceedings of the 2020 ACM SIGSAC conference on computer and communications …, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:OcT3jDimY5MC

Squirrel: Testing database management systems with language validity and coverage feedback

R Zhong, Y Chen, H Hu, H Zhang, W Lee, D Wu

Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications …, 2020 · 01 Jan 2020 · nfkH5V4AAAAJ:aar0OkpPRdAC

EDITOR: Howard Chivers–University of York

W Lee

[no publisher info] · 01 Jan 2019 · nfkH5V4AAAAJ:NKe3Q23MlFgC

Stochastic Dynamic Information Flow Tracking Game with Reinforcement Learning

W Lee, R Poovendran

Decision and Game Theory for Security: 10th International Conference …, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:bPZF39XCNPMC

Learning equilibria in stochastic information flow tracking games with partial knowledge

S Misra, S Moothedath, H Hosseini, J Allen, L Bushnell, W Lee, ...

2019 IEEE 58th Conference on Decision and Control (CDC), 4053-4060, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:HFi42EZPDb4C

Stochastic dynamic information flow tracking game with reinforcement learning

D Sahabandu, S Moothedath, J Allen, L Bushnell, W Lee, R Poovendran

International conference on decision and game theory for security, 417-438, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:J1AsQIbV7j8C

MLsploit: a framework for interactive experimentation with adversarial machine learning research

N Das, S Li, C Jeon, J Jung, ST Chen, C Yagemann, E Downing, H Park, ...

Proc. of the 25th ACM SIGKDD Int. Conf. on Knowledge Discovery and Data Mining, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:4LC-jEhLaRQC

Dynamic information flow tracking games for simultaneous detection of multiple attackers

D Sahabandu, S Moothedath, J Allen, A Clark, L Bushnell, W Lee, ...

2019 IEEE 58th Conference on Decision and Control (CDC), 567-574, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:UamA9ItEL6YC

A game theoretic approach for dynamic information flow tracking with conditional branching

D Sahabandu, S Moothedath, L Bushnell, R Poovendran, J Aller, W Lee, ...

2019 American Control Conference (ACC), 2289-2296, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:GYFkgKAhzLcC

Barnum: Detecting Document Malware via Control Flow Anomalies in Hardware Traces

C Yagemann, S Sultana, L Chen, W Lee

International Conference on Information Security, 341-359, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:AOeXN74AWYwC

Systems and methods for using video for user and message authentication

SPH Chung, W Lee, YJ Jang

US Patent 10,476,888, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:iUf_yyxph5wC

Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries.

R Duan, A Bijlani, Y Ji, O Alrawi, Y Xiong, M Ike, B Saltaformaggio, W Lee

NDSS, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:4PzMk9GH2tkC

Method and system for detecting malware

E ANTONAKAKIS, R PERDISCI, W Lee, G Ollmann

US Patent 10,257,212, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:jM2XaDTMsSgC

{RAZOR}: A framework for post-deployment software debloating

C Qian, H Hu, M Alharthi, PH Chung, T Kim, W Lee

28th USENIX security symposium (USENIX Security 19), 1733-1750, 2019 · 01 Jan 2019 · nfkH5V4AAAAJ:T-SPRlcIgBMC

Enforcing Unique Code Target Property for Control-Flow Integrity

Hong Hu, Chenxiong Qian, Carter Yagemann, Simon Pak Ho Chung, William R. Harris, Taesoo Kim, Wenke Lee

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security · 15 Oct 2018 · doi:10.1145/3243734.3243797

2017 Emerging Cyber Threats, Trends & Technologies Report

W Lee, B Rotoloni

Georgia Institute of Technology, 28, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:uK1dVpBkok0C

Multi-stage dynamic information flow tracking game

S Moothedath, D Sahabandu, A Clark, S Lee, W Lee, R Poovendran

International Conference on Decision and Game Theory for Security, 80-101, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:Zo6E4E6iJKMC

DIFT games: Dynamic information flow tracking games for advanced persistent threats

D Sahabandu, B Xiao, A Clark, S Lee, W Lee, R Poovendran

2018 IEEE Conference on Decision and Control (CDC), 1136-1143, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:2pCWc5Tf3J4C

Stopping memory disclosures via diversification and replicated execution

K Lu, M Xu, C Song, T Kim, W Lee

IEEE Transactions on Dependable and Secure Computing 18 (1), 160-173, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:9jvjDF91bz4C

Method and system for network-based detecting of malware from behavioral clustering

R PERDISCI, W Lee, G Ollmann

US Patent 9,948,671, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:3utUx_xxzcoC

Improving accuracy of android malware detection with lightweight contextual awareness

J Allen, M Landen, S Chaba, Y Ji, SPH Chung, W Lee

Proceedings of the 34th annual computer security applications conference …, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:UZk6qv0A6XIC

Rampart: Protecting Web Applications from {CPU-Exhaustion}{Denial-of-Service} Attacks

W Meng, C Qian, S Hao, K Borgolte, G Vigna, C Kruegel, W Lee

27th USENIX Security Symposium (USENIX Security 18), 393-410, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:Rh7tE70epTYC

Clickshield: Are you hiding something? towards eradicating clickjacking on android

A Possemato, A Lanzi, SPH Chung, W Lee, Y Fratantonio

Proceedings of the 2018 acm sigsac conference on computer and communications …, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:dJuzUO4sCEAC

Methods and systems for detecting compromised computers

D Dagon, N Feamster, W Lee, R Edmonds, R Lipton, A Ramachandran

US Patent 10,044,748, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:0SnApaDgcCoC

Broken fingers: On the usage of the fingerprint API in android

A Bianchi, Y Fratantonio, A Machiry, C Kruegel, G Vigna, SPH Chung, ...

Network and Distributed System Security Symposium (NDSS), 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:kFIFcbgrf0oC

Enabling refinable {Cross-Host} attack investigation with efficient data flow tagging and tracking

Y Ji, S Lee, M Fazzini, J Allen, E Downing, T Kim, A Orso, W Lee

27th USENIX Security Symposium (USENIX Security 18), 1705-1722, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:Yo42cslQ7-cC

rtCaptcha: A Real-Time CAPTCHA Based Liveness Detection System.

E Uzun, SPH Chung, I Essa, W Lee

NDSS, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:YifW7xAlWS4C

Enforcing unique code target property for control-flow integrity

H Hu, C Qian, C Yagemann, SPH Chung, WR Harris, T Kim, W Lee

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications …, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:-Ex_6Thn4vsC

Method and system for detecting DGA-based malware

M Antonakakis, R PERDISCI, W Lee, IN Vasiloglou

US Patent 9,922,190, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:w-fwKiQwpQAC

Method and system for detecting malicious and/or botnet-related domain names

R PERDISCI, W Lee

US Patent 10,027,688, 2018 · 01 Jan 2018 · nfkH5V4AAAAJ:yptliwwhi3IC

RAIN

Y Ji, S Lee, E Downing, W Wang, M Fazzini, T Kim, A Orso, W Lee

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications …, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:h0mLeC6b6wcC

Systems and methods of safeguarding user information while interacting with online service providers

W Lee, A Boldyreva, CP Ho, B Lau, C Song

US Patent 9,659,189, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:lrH_6YXCPtsC

Bunshin: compositing security mechanisms through diversification

M Xu, K Lu, T Kim, W Lee

2017 USENIX Annual Technical Conference (USENIX ATC 17), 271-283, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:pa8xeX_DvI4C

Unleashing use-before-initialization vulnerabilities in the linux kernel using targeted stack spraying

K Lu, MT Walter, D Pfaff, S Nürnberger, W Lee, M Backes

CISPA, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:HPvNdXBGwkEC

Rain: Refinable attack investigation with on-demand inter-process information flow tracking

Y Ji, S Lee, E Downing, W Wang, M Fazzini, T Kim, A Orso, W Lee

Proceedings of the 2017 ACM SIGSAC conference on computer and communications …, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:84dCbUURXyIC

Efficient protection of {Path-Sensitive} control security

R Ding, C Qian, C Song, B Harris, T Kim, W Lee

26th USENIX Security Symposium (USENIX Security 17), 131-148, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:LvS0yHEg1QsC

Identifying open-source license violation and 1-day security risk at large scale

R Duan, A Bijlani, M Xu, T Kim, W Lee

Proceedings of the 2017 ACM SIGSAC Conference on computer and communications …, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:3z7foVzkq2cC

Cloak and dagger: from two permissions to complete control of the UI feedback loop

Y Fratantonio, C Qian, SP Chung, W Lee

2017 IEEE Symposium on Security and Privacy (SP), 1041-1057, 2017 · 01 Jan 2017 · nfkH5V4AAAAJ:Kr09a2QcR50C

Exploiting insurance telematics for fun and profit

L Guan, J Xu, S Wang, X Xing, L Lin, H Huang, P Liu, W Lee

arXiv preprint arXiv: 1609.02234, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:ZgPQhQxLujAC

The price of free: Privacy leakage in personalized mobile in-app ads

M Wei, D Ren, SP Chung, S Han, W Lee

Proc. 23rd Annu. Netw. Distrib. Syst. Secur. Symp, 1-15, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:-1WLWRmjvKAC

Financial Lower Bounds of Online Advertising Abuse: A Four Year Case Study of the TDSS/TDL4 Botnet

Y Chen, P Kintis, M Antonakakis, Y Nadji, D Dagon, W Lee, M Farrell

International conference on Detection of Intrusions and Malware, and …, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:RMVrO4bo-SsC

Recprov: Towards provenance-aware user space record and replay

Y Ji, S Lee, W Lee

International Provenance and Annotation Workshop, 3-15, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:vMcOFpnEpxoC

From physical to cyber: Escalating protection for personalized auto insurance

L Guan, J Xu, S Wang, X Xing, L Lin, H Huang, P Liu, W Lee

Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems CD …, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:XOE35tnTnDYC

Method and system for detecting malware

E ANTONAKAKIS, R PERDISCI, W Lee, G Ollmann

US Patent 9,525,699, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:ZxXHo_Hcam8C

Trackmeornot: Enabling flexible control on web tracking

W Meng, B Lee, X Xing, W Lee

Proceedings of the 25th International Conference on World Wide Web, 99-109, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:MappHbsApxQC

Method and systems for detecting compromised networks and/or computers

D Dagon, N Feamster, W Lee, R Edmonds, R Lipton, A Ramachandran

US Patent 9,306,969, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:clk6yq2jaZ8C

Unisan: Proactive kernel memory initialization to eliminate data leakages

K Lu, C Song, T Kim, W Lee

Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications …, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:eEnCcB-k6EAC

The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads.

W Meng, R Ding, SP Chung, S Han, W Lee

NDSS, 1-15, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:MwdXMY9cq6YC

How to Make ASLR Win the Clone Wars: Runtime Re-Randomization.

K Lu, W Lee, S Nürnberger, M Backes

NDSS, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:qKtbcrzMvwAC

Method and system for determining whether domain names are legitimate or malicious

M Antonakakis, R PERDISCI, D Dagon, W Lee

US Patent 9,516,058, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:tuHXwOkdijsC

Enforcing Kernel Security Invariants with Data Flow Integrity.

C Song, B Lee, K Lu, W Harris, T Kim, W Lee

NDSS, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:5FkVrPDuTQgC

HDFI: Hardware-assisted data-flow isolation

C Song, H Moon, M Alam, I Yun, B Lee, T Kim, W Lee, Y Paek

2016 IEEE Symposium on Security and Privacy (SP), 1-17, 2016 · 01 Jan 2016 · nfkH5V4AAAAJ:gQbQcM3rmFsC

Unraveling the relationship between ad-injecting browser extensions and malvertising

X Xing, W Meng, U Weinsberg, A Sheth, B Lee, R Perdisci, W Lee

International World Wide Web Conference (WWW), 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:pqufTfZDgs0C

Ucognito: Private browsing without tears

M Xu, Y Jang, X Xing, T Kim, W Lee

Proceedings of the 22nd acm sigsac conference on computer and communications …, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:vxVQT5kDUaMC

Exploiting and Protecting Dynamic Code Generation

C Song, C Zhang, T Wang, W Lee, D Melski

Proceedings of the 2015 Network and Distributed System Security (NDSS) Symposium, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:41b8sTJFDYwC

Systems and methods for secure in-VM monitoring

MI Sharif, W Lee

US Patent 9,129,106, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:_5tno0g5mFcC

Type casting verification: Stopping an emerging attack vector

B Lee, C Song, T Kim, W Lee

24th USENIX Security Symposium (USENIX Security 15), 81-96, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:QBSR9U3j2CEC

Checking more and alerting less: detecting privacy leakages via enhanced data-flow analysis and peer voting.

K Lu, Z Li, VP Kemerlis, Z Wu, L Lu, C Zheng, Z Qian, W Lee, G Jiang

NDSS, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:n84Jz4DGfQYC

Understanding malvertising through ad-injecting browser extensions

X Xing, W Meng, B Lee, U Weinsberg, A Sheth, R Perdisci, W Lee

Proceedings of the 24th international conference on world wide web, 1286-1295, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:lxZgYf9FOvoC

ASLR-Guard: Stopping address space leakage for code reuse attacks

K Lu, C Song, B Lee, SP Chung, T Kim, W Lee

Proceedings of the 22nd ACM SIGSAC conference on computer and communications …, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:FIkAGs9z2eEC

Preventing Use-after-free with Dangling Pointers Nullification.

B Lee, C Song, Y Jang, T Wang, T Kim, L Lu, W Lee

NDSS, 2015 · 01 Jan 2015 · nfkH5V4AAAAJ:K6kyChav4UkC

Abusing performance optimization weaknesses to bypass ASLR

B Lee, Y Jang, T Wang, C Song, L Lu, T Kim, W Lee

Black Hat, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:zGnLiCkldm4C

Mimesis aegis: a mimicry privacy shield

B Lau, S Chung, C Song, Y Jang, W Lee, A Boldyreva

USENIX Security Symposium, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:_Xy5tTOxz_oC

On the feasibility of {Large-Scale} infections of {iOS} devices

T Wang, Y Jang, Y Chen, S Chung, B Lau, W Lee

23rd USENIX Security Symposium (USENIX Security 14), 79-93, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:VaBbNeojGYwC

Diagnosis and emergency patch generation for integer overflow exploits

T Wang, C Song, W Lee

International Conference on Detection of Intrusions and Malware, and …, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:QBXC_7Xd1GUC

Your online interests: Pwned! a pollution attack against targeted advertising

W Meng, X Xing, A Sheth, U Weinsberg, W Lee

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications …, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:IK5eWejHrvwC

Gyrus: A Framework for User-Intent Monitoring of Text-based Networked Applications.

Y Jang, SP Chung, BD Payne, W Lee

NDSS, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:Q5bjhRmoBfUC

Exposing inconsistent web search results with bobble

X Xing, W Meng, D Doozan, N Feamster, W Lee, AC Snoeren

International Conference on Passive and Active Network Measurement, 131-140, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:ypg3kOuG8gIC

DNS noise: Measuring the pervasiveness of disposable domains in modern DNS traffic

Y Chen, M Antonakakis, R Perdisci, Y Nadji, D Dagon, W Lee

2014 44th Annual IEEE/IFIP International Conference on Dependable Systems …, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:5jwsdJSnGWIC

From zygote to morula: Fortifying weakened aslr on android

B Lee, L Lu, T Wang, T Kim, W Lee

2014 IEEE Symposium on Security and Privacy, 424-439, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:8v7czoltWYsC

Mimesis Aegis: A Mimicry Privacy {Shield–A}{System’s} Approach to Data Privacy on Public Cloud

B Lau, S Chung, C Song, Y Jang, W Lee, A Boldyreva

23rd usenix security symposium (USENIX Security 14), 33-48, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:Lyl8M50Wyb0C

Method and system for network-based detecting of malware from behavioral clustering

R PERDISCI, W Lee, G Ollmann

US Patent 8,826,438, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:yB1At4FlUx8C

A11y attacks: Exploiting accessibility in operating systems

Y Jang, C Song, SP Chung, T Wang, W Lee

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications …, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:Kmip3zU-C7YC

Method and system for detecting malicious domain names at an upper DNS hierarchy

M Antonakakis, R PERDISCI, W Lee, N Vasiloglou

US Patent 8,631,489, 2014 · 01 Jan 2014 · nfkH5V4AAAAJ:yxmsSjX2EkcC

Emerging cyber threats report

W Lee, B Rotoloni

Georgia Tech Cyber Secure Summit, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:srBcWmd28BQC

DNS Changer remediation study

W Meng, R Duan, W Lee

Talk at M3AAWG 27th, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:qS3OQCqhxh0C

Intention and Origination: An Inside Look at Large-Scale Bot Queries.

J Zhang, Y Xie, F Yu, D Soukal, W Lee

Ndss, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:htyGaKyDgHMC

Connected colors: Unveiling the structure of criminal networks

Y Nadji, M Antonakakis, R Perdisci, W Lee

International Workshop on Recent Advances in Intrusion Detection, 390-410, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:_n8fIOMweQoC

Take This Personally: Pollution Attacks on Personalized Services.

X Xing, W Meng, D Doozan, AC Snoeren, N Feamster, W Lee

USENIX Security, 671-686, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:-fu4zM_6qcIC

The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers.

C Lever, M Antonakakis, B Reaves, P Traynor, W Lee

NDSS, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:wGzT3bKASkAC

Tappan zee (north) bridge: mining memory accesses for introspection

B Dolan-Gavitt, T Leek, J Hodosh, W Lee

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications …, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:GO2DTSf4MZMC

Beheading hydras: performing effective botnet takedowns

Y Nadji, M Antonakakis, R Perdisci, D Dagon, W Lee

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications …, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:auQHJw8QJBgC

Method and system for detecting malware

E ANTONAKAKIS, R PERDISCI, W Lee, G Ollmann

US Patent 8,578,497, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:WZBGuue-350C

Building a scalable system for stealthy P2P-botnet detection

J Zhang, R Perdisci, W Lee, X Luo, U Sarfraz

IEEE transactions on information forensics and security 9 (1), 27-38, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:K_uVUG1YJAoC

Jekyll on iOS: when benign apps become evil

T Wang, K Lu, L Lu, S Chung, W Lee

Proceedings of the 22nd USENIX Security Symposium, 9, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:HevVnK7dagcC

Method and system for detecting and responding to attacking networks

D Dagon, N Feamster, W Lee, R Edmonds, R Lipton, A Ramachandran

US Patent 8,566,928, 2013 · 01 Jan 2013 · nfkH5V4AAAAJ:UHK10RUVsp4C

An Empirical Study of Spam and Prevention Mechanisms in Online Video Chat Services

X Xing, J Ahn, W Lee, R Han, S Mishra

arXiv preprint arXiv:1204.2774, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:bKqednn6t2AC

Message from the General Chair: S&P 2012

R Cunningham

2012 IEEE Symposium on Security and Privacy, ix-x, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:WHdLCjDvYFkC

Detecting and tracking the rise of DGA-based malware

M Antonakakis, R Perdisci, N Vasiloglou, W Lee

; login:: the magazine of USENIX & SAGE 37 (6), 15-24, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:RRCMsQZi3KMC

Impeding Automated Malware Analysis with Environment-sensitive Malware.

C Song, P Royal, W Lee

HotSec, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:q-HalDI95KYC

Security systems and methods for distinguishing user-intended traffic from malicious traffic

BD Payne, B Dolan-Gavitt, W Lee

US Patent App. 13/232,830, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:zGdJYJv2LkUC

Secure and robust monitoring of virtual machines through guest-assisted introspection

M Carbone, M Conover, B Montague, W Lee

International workshop on recent advances in intrusion detection, 22-41, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:3bvyWxjaHKcC

From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware.

M Antonakakis, R Perdisci, Y Nadji, N Vasiloglou II, S Abu-Nimeh, W Lee, ...

USENIX Security Symposium, 491-506, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:Bg7qf7VwUHIC

Chex: statically vetting android apps for component hijacking vulnerabilities

L Lu, Z Li, Z Wu, W Lee, G Jiang

Proceedings of the 2012 ACM conference on Computer and communications …, 2012 · 01 Jan 2012 · nfkH5V4AAAAJ:YlPif8NxrbYC

Countering Botnets: Anomaly-Based Detection, Comprehensive Analysis, and Efficient Mitigation

W Lee, D Dagon, J Giffin, N Feamster, G Ollman, J Westby, R Wesson, ...

[no publisher info] · 01 Jan 2011 · nfkH5V4AAAAJ:PR6Y55bgFSsC

N. and Dagon

M Antonakakis, R Perdisci, W Lee, II Vasiloglou

D.,“Detecting Malware Domains at the Upper DNS Hierarchy,” in USENIX …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:vuU-T12QLgwC

PEASOUP: Preventing exploits against software of uncertain provenance (position paper)

M Co, JW Davidson, JD Hiser, JC Knight, A Nguyen-Tuong, D Cok, ...

Proceedings of the 7th International Workshop on Software Engineering for …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:L7CI7m0gUJcC

Httpi for practical end-to-end web content integrity

K Singh, H Wang, A Moshchuk, C Jackson, W Lee

Microsoft technical report, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:geHnlv5EZngC

II, and D

M Antonakakis, R Perdisci, W Lee, N Vasiloglou

Dagon,“Detecting malware domains at the upper DNS hierarchy,” in Proceedings …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:4Q5OFK1iulkC

A combinatorial approach to network covert communications with applications in web leaks

X Luo, P Zhou, EWW Chan, RKC Chang, W Lee

2011 IEEE/IFIP 41st International Conference on Dependable Systems …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:N5tVd3kTz84C

Understanding the prevalence and use of alternative plans in malware with network games

Y Nadji, M Antonakakis, R Perdisci, W Lee

Proceedings of the 27th Annual Computer Security Applications Conference, 1-10, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:9Nmd_mFXekcC

Exposing invisible timing-based traffic watermarks with backlit

X Luo, P Zhou, J Zhang, R Perdisci, W Lee, RKC Chang

Proceedings of the 27th Annual Computer Security Applications Conference …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:tzM49s52ZIMC

Boosting the scalability of botnet detection using adaptive traffic sampling

J Zhang, X Luo, R Perdisci, G Gu, W Lee, N Feamster

Proceedings of the 6th ACM Symposium on Information, Computer and …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:OU6Ihb5iCvQC

Leveraging forensic tools for virtual machine introspection

B Dolan-Gavitt, B Payne, W Lee

Gt-cs-11-05, Georgia Institute of Technology, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:4fKUyHm3Qg0C

Arrow: Generating signatures to detect drive-by downloads

J Zhang, C Seifert, JW Stokes, W Lee

Proceedings of the 20th international conference on World wide web, 187-196, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:VOx2b1Wkg3QC

Surf: detecting and measuring search poisoning

L Lu, R Perdisci, W Lee

Proceedings of the 18th ACM conference on Computer and communications …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:dQ2og3OwTAUC

Detecting stealthy P2P botnets using statistical traffic fingerprints

J Zhang, R Perdisci, W Lee, U Sarfraz, X Luo

2011 IEEE/IFIP 41st International Conference on Dependable Systems …, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:WqliGbK-hY8C

HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows.

X Luo, P Zhou, EWW Chan, W Lee, RKC Chang, R Perdisci

NDSS, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:WbkHhVStYXYC

Virtuoso: Narrowing the semantic gap in virtual machine introspection

B Dolan-Gavitt, T Leek, M Zhivich, J Giffin, W Lee

2011 IEEE symposium on security and privacy, 297-312, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:SP6oXDckpogC

Detecting Malware Domains at the Upper DNS Hierarchy.

M Antonakakis, R Perdisci, W Lee, N Vasiloglou II, D Dagon

USENIX Security Symposium, 16, 2011 · 01 Jan 2011 · nfkH5V4AAAAJ:08ZZubdj9fEC

Notos: Building a Dynamic Reputation System for DNS

W Lee, D Dagon, N Feamster, M Antonakakis, R Perdisci

GEORGIA INST OF TECH ATLANTA COLL OF COMPUTING, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:BCdnXsLIVDwC

BLADE

L Lu, V Yegneswaran, P Porras, W Lee

Proceedings of the 17th ACM conference on Computer and communications security, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:ui-gComCE0IC

Control of low-rate denial-of-service attacks on web servers and TCP flows

Q Hui, X Luo, W Lee

49th IEEE Conference on Decision and Control (CDC), 4186-4191, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:Mojj43d5GZwC

I Own, I Provide, I Decide: Generalized User-Centric Access Control Framework for Web Applications

K Singh, I Erete, W Lee

Georgia Institute of Technology, Tech. Rep. GT-CS-10-22, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:D_sINldO8mEC

On the secrecy of spread-spectrum flow watermarks

X Luo, J Zhang, R Perdisci, W Lee

European Symposium on Research in Computer Security, 232-248, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:l7t_Zn2s7bgC

A centralized monitoring infrastructure for improving DNS security

M Antonakakis, D Dagon, X Luo, R Perdisci, W Lee, J Bellmor

International Workshop on Recent Advances in Intrusion Detection, 18-37, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:8AbLer7MMksC

Methods for cost-sensitive modeling for intrusion detection and response

W Fan, W Lee, M Miller, SJ Stolfo

US Patent 7,818,797, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:fQNAKQ3IYiAC

Evaluating bluetooth as a medium for botnet command and control

K Singh, S Sangal, N Jain, P Traynor, W Lee

International Conference on Detection of Intrusions and Malware, and …, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:dfsIfKJdRG4C

On the incoherencies in web browser access control policies

K Singh, A Moshchuk, HJ Wang, W Lee

2010 IEEE Symposium on Security and Privacy, 463-478, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:SeFeTyx0c_EC

Blade: an attack-agnostic approach for preventing drive-by malware infections

L Lu, V Yegneswaran, P Porras, W Lee

Proceedings of the 17th ACM conference on Computer and communications …, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:HoB7MX3m0LUC

Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces.

R Perdisci, W Lee, N Feamster

NSDI, 391-404, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:NMxIlDl6LWMC

Building a dynamic reputation system for DNS

M Antonakakis, R Perdisci, D Dagon, W Lee, N Feamster

19th USENIX Security Symposium, 2010 · 01 Jan 2010 · nfkH5V4AAAAJ:2P1L_qKh6hAC

Rotalumè: A tool for automatic reverse engineering of malware emulators

MI Sharif, A Lanzi, J Giffin, W Lee

Georgia Institute of Technology, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:vRqMK49ujn8C

Proceedings of the Second ACM Conference on Wireless Network Security: Zurich, Switzerland, March 16-18, 2009

D Basin, S Capkun, W Lee

Second ACM Conference on Wireless Network Security 2009 (WiSec'09), 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:as11RrW_MxEC

Foundational and Systems Support for Quantitative Trust Management (QTM)

I Lee, S Kannan, M Blaze, O Sokolsky, A Keromytis, W Lee, J Smith

PENNSYLVANIA UNIV PHILADELPHIA DEPT OF COMPUTER AND INFORMATION SCIENCE, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:aKo_o5XvxeMC

Dynamic Trust Management (DTM)

JM Smith, M Blaze, S Kannan, I Lee, O Sokolsky, AD Keromytis, W Lee

[no publisher info] · 01 Jan 2009 · nfkH5V4AAAAJ:JpYjwmnXVqYC

Dynamic IP Reputation from DNS

M Antonakakis, R Perdisci, W Lee

[no publisher info] · 01 Jan 2009 · nfkH5V4AAAAJ:MwHAKEtqQGUC

BLADE: Slashing the Invisible Channel of Drive-by Download Malware

L Lu, V Yegneswaran, P Porras, W Lee

International Workshop on Recent Advances in Intrusion Detection, 350-352, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:7T2F9Uy0os0C

Rotalumé: A tool for automatically reverse engineering malware emulators

M Sharif, A Lanzi, J Giffin, W Lee

Technical Report GT-CS-09-05, School of Computer Science, Georgia Institute …, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:KbBQZpvPDL4C

Global internet monitoring using passive dns

D Dagon, W Lee

2009 Cybersecurity Applications & Technology Conference for Homeland …, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:1yQoGdGgb4wC

Data for cybersecurity research: Process and ‘wish list’

J Camp, L Cranor, N Feamster, J Feigenbaum, S Forrest, D Kotz, W Lee, ...

[no publisher info] · 01 Jan 2009 · nfkH5V4AAAAJ:dshw04ExmUIC

Recursive DNS Architectures and Vulnerability Implications.

D Dagon, M Antonakakis, K Day, X Luo, CP Lee, W Lee

NDSS, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:b0M2c_1WBrUC

WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks

R Perdisci, M Antonakakis, X Luo, W Lee

2009 IEEE/IFIP International Conference on Dependable Systems & Networks, 3-12, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:a0OBvERweLwC

Dynamic trust management

M Blaze, S Kannan, I Lee, O Sokolsky, JM Smith, AD Keromytis, W Lee

Computer 42 (2), 44-52, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:NaGl4SEjCO4C

xBook: Redesigning Privacy Control in Social Networking Platforms.

K Singh, S Bhola, W Lee

USENIX Security Symposium, 249-266, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:lSLTfruPkqcC

Active botnet probing to identify obscure command and control channels

G Gu, V Yegneswaran, P Porras, J Stoll, W Lee

2009 annual computer security applications conference, 241-253, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:EUQCXRtRnyEC

K-Tracer: A System for Extracting Kernel Malware Behavior.

A Lanzi, MI Sharif, W Lee

NDSS, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:bEWYMUwI8FkC

Mapping kernel objects to enable systematic integrity checking

M Carbone, W Cui, L Lu, W Lee, M Peinado, X Jiang

Proceedings of the 16th ACM conference on Computer and communications …, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:M3NEmzRMIkIC

Detecting malicious flux service networks through passive analysis of recursive DNS traces

R Perdisci, I Corona, D Dagon, W Lee

2009 Annual Computer Security Applications Conference, 311-320, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:M05iB0D1s5AC

Automatic reverse engineering of malware emulators

M Sharif, A Lanzi, J Giffin, W Lee

2009 30th IEEE Symposium on Security and Privacy, 94-109, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:isC4tDSrTZIC

McPAD: A multiple classifier system for accurate payload-based anomaly detection

R Perdisci, D Ariu, P Fogla, G Giacinto, W Lee

Computer networks 53 (6), 864-881, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:iH-uZ7U-co4C

Secure in-vm monitoring using hardware virtualization

MI Sharif, W Lee, W Cui, A Lanzi

Proceedings of the 16th ACM conference on Computer and communications …, 2009 · 01 Jan 2009 · nfkH5V4AAAAJ:mB3voiENLucC

A Security Study of the Processes and Procedures Surrounding Electronic Voting in Georgia

M Ahamad, J Giffin, MM Hayslett, W Lee, RJ Lipton

[no publisher info] · 01 Jan 2008 · nfkH5V4AAAAJ:jenZ_en7QtoC

Next-Generation Botnet Detection and Response

W Lee

[no publisher info] · 01 Jan 2008 · nfkH5V4AAAAJ:WA5NYHcadZ8C

Special section on Statistical Methods for Network Security and Forensics

M Medard, C Fragouli, W Lee, RA Maxion, S Stolfo, L Tong

Ieee Transactions On Information Forensics And Security 3 (3), 345-346, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:oNZyr7d5Mn4C

The 2008 GTISC Security Summit-Emerging Cyber Security Threats

M Ahamad, SE Goodman, CJ Rouland, RJ Elder Jr, M Kwon, W Lee, ...

Georgia Institute of Technology, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:mvPsJ3kp5DgC

Solving the DNS Cache Poisoning Problem Without Changing the Protocol

R Perdisci, M Antonakakis, W Lee

Technical report, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:-_dYPAW6P2MC

An Information-Theoretic Framework for Evaluating and Optimizing Intrusion Detection Performance

W Lee

[no publisher info] · 01 Jan 2008 · nfkH5V4AAAAJ:XD-gHx7UXLsC

CAREER: Adaptive intrusion detection systems

W Lee

Georgia Institute of Technology, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:738O_yMBCRsC

Preventing sql code injection by combining static and runtime analysis

A Orso, W Lee, A Shostack

[no publisher info] · 01 Jan 2008 · nfkH5V4AAAAJ:foquWX3nUaYC

On the design of a web browser: Lessons learned from operating systems

K Singh, W Lee

Web2. 0 Security & Privacy2008, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:LPZeul_q3PIC

Botminer: Clustering analysis of network traffic for protocol-and structure-independent botnet detection.(2008)

G Gu, R Perdisci, J Zhang, W Lee

Cited on, 12, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:4_XrlajHzhgC

BotSniffer: Detecting botnet command and control channels in network traffic.(2008)

G Gu, J Zhang, W Lee

URL http://www. isoc. org/isoc/conferences/ndss/08/papers/17 …, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:goOyc-W9OFwC

Emerging cyber threats report for 2009

M Ahamad, D Amster, M Barrett, T Cross, G Heron, D Jackson, J King, ...

Georgia Institute of Technology, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:4OULZ7Gr8RgC

A taxonomy of botnet structures

D Dagon, G Gu, CP Lee

Botnet Detection: Countering the Largest Security Threat, 143-164, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:uDl620nrkPcC

Evaluating email’s feasibility for botnet command and control

K Singh, A Srivastava, J Giffin, W Lee

2008 IEEE International Conference on Dependable Systems and Networks With …, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:D03iK_w7-QYC

Taming virtualization

M Carbone, D Zamboni, W Lee

IEEE Security & Privacy 6 (1), 65-67, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:f2IySw72cVMC

Principled reasoning and practical applications of alert fusion in intrusion detection systems

G Gu, AA Cárdenas, W Lee

Proceedings of the 2008 ACM symposium on Information, computer and …, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:ZHo1McVdvXMC

Botnet detection: countering the largest security threat

W Lee, C Wang, D Dagon

Springer, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:e5wmG9Sq2KIC

Increased DNS forgery resistance through 0x20-bit encoding: security via leet queries

D Dagon, M Antonakakis, P Vixie, T Jinmei, W Lee

Proceedings of the 15th ACM conference on Computer and communications …, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:YFjsv_pBGBYC

Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority.

D Dagon, N Provos, CP Lee, W Lee

NDSS, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:ns9cj8rnVeAC

Eureka: A framework for enabling static malware analysis

M Sharif, V Yegneswaran, H Saidi, P Porras, W Lee

European Symposium on Research in Computer Security, 481-500, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:zA6iFVUQeVQC

Mcboost: Boosting scalability in malware collection and analysis using statistical classification of executables

R Perdisci, A Lanzi, W Lee

2008 Annual Computer Security Applications Conference (ACSAC), 301-310, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:J_g5lzvAfSwC

Classification of packed executables for accurate computer virus detection

R Perdisci, A Lanzi, W Lee

Pattern recognition letters 29 (14), 1941-1946, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:k_IJM867U9cC

Impeding Malware Analysis Using Conditional Code Obfuscation.

MI Sharif, A Lanzi, JT Giffin, W Lee

NDSS, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:R3hNpaxXUhUC

Lares: An architecture for secure active monitoring using virtualization

BD Payne, M Carbone, M Sharif, W Lee

2008 IEEE Symposium on Security and Privacy (sp 2008), 233-247, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:_kc_bZDykSQC

Ether: malware analysis via hardware virtualization extensions

A Dinaburg, P Royal, M Sharif, W Lee

Proceedings of the 15th ACM conference on Computer and communications …, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:Zph67rFs4hoC

BotSniffer: Detecting botnet command and control channels in network traffic

G Gu, J Zhang, W Lee

Proceedings of the 15th Network and Distributed System Security Symposium, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:WF5omc3nYNoC

BotMiner: clustering analysis of network traffic for protocol-and structure-independent botnet detection

G Gu, R Perdisci, J Zhang, W Lee

Proceedings of the 17th USENIX Security Symposium, 139-154, 2008 · 01 Jan 2008 · nfkH5V4AAAAJ:YsMSGLbcyi4C

A Taxonomy of botnet structures–lecture: Computer Security Applications Conference, 2007

D Dagon, G Gu, C Zou, J Grizzard, S Dwivedi, W Lee, R Lipton

ACSAC, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:hUq98zRk74IC

Discovering novel attack strategies from INFOSEC alerts

X Qin, W Lee

Data Warehousing and Data Mining Techniques for Cyber Security, 109-157, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:hC7cP41nSMkC

Misleading and defeating importance-scanning malware propagation

G Gu, Z Chen, P Porras, W Lee

2007 Third International Conference on Security and Privacy in …, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:CHSYGLWDkRkC

Intrusion Detection Systems

G Gu, AA Cárdenas, W Lee, JS Baras, KS Seamon, S Radosavac, ...

Journal of Computer Security 15 (1), 103-128, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:BN2gBF5gczIC

Understanding precision in host based intrusion detection: Formal analysis and practical models

M Sharif, K Singh, J Giffin, W Lee

International Workshop on Recent Advances in Intrusion Detection, 21-41, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:u_35RYKgDlwC

A layered approach to simplified access control in virtualized systems

BD Payne, R Sailer, R Cáceres, R Perez, W Lee

ACM SIGOPS Operating Systems Review 41 (4), 12-19, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:70eg2SAEIzsC

An assessment of VoIP covert channel threats

T Takahashi, W Lee

2007 Third International Conference on Security and Privacy in …, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:vV6vV6tmYwMC

Intrusion-resilient key exchange in the bounded retrieval model

D Cash, YZ Ding, Y Dodis, W Lee, R Lipton, S Walfish

Theory of Cryptography Conference, 479-498, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:r0BpntZqJG4C

A taxonomy of botnet structures

D Dagon, G Gu, CP Lee, W Lee

Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third …, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:5nxA0vEk-isC

Secure and flexible monitoring of virtual machines

BD Payne, DPA Martim, W Lee

Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007 …, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:4TOpqqG69KYC

Bothunter: Detecting malware infection through ids-driven dialog correlation

G Gu, P Porras, V Yegneswaran, M Fong, W Lee

Proceedings of 16th USENIX Security Symposium, 12, 2007 · 01 Jan 2007 · nfkH5V4AAAAJ:W7OEmFMy1HYC

Vulnerability Assessment Tools for Complex Information Networks

CG Cassandras, W Gong, DL Pepyne, W Lee, H Liu, YC Ho, A Pfeffer

[no publisher info] · 01 Jan 2006 · nfkH5V4AAAAJ:3htObqc8RwsC

The use of white holes to mislead and defeat importance scanning worms

G Gu, Z Chen, P Porras, W Lee

[no publisher info] · 01 Jan 2006 · nfkH5V4AAAAJ:Y5dfb0dijaUC

Cost-sensitive modeling for intrusion detection

W Lee, W Fan, SJ Stolfo, M Miller

Machine Learning and Data Mining for Computer Security: Methods and …, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:B3FOqHPlNUQC

Dso: Dependable signing overlay

G Gu, P Fogla, W Lee, D Blough

International Conference on Applied Cryptography and Network Security, 33-49, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:Tiz5es2fbqcC

q-Gram matching using tree models

P Fogla, W Lee

IEEE transactions on knowledge and data engineering 18 (4), 433-447, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:nb7KW1ujOQ8C

Polymorphic blending attacks

R Perdisci, O Kolesnikov, P Fogla, M Sharif, W Lee

Proceedings of the 15-th USENIX Security Symposium (SECURITY), Vancouver, BC, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:pyW8ca7W8N0C

Towards the integration of diverse spam filtering techniques

C Pu, S Webb, O Kolesnikov, W Lee, R Lipton

2006 IEEE International Conference on Granular Computing, 17-20, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:_xSYboBqXhAC

Agent-based cooperative anomaly detection for wireless ad hoc networks

H Deng, R Xu, J Li, F Zhang, R Levy, W Lee

12th International Conference on Parallel and Distributed Systems-(ICPADS'06 …, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:JV2RwH3_ST0C

Towards an information-theoretic framework for analyzing intrusion detection systems

G Gu, P Fogla, D Dagon, W Lee, B Skoric

European symposium on research in computer security, 527-546, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:ldfaerwXgEUC

Using labeling to prevent cross-service attacks against smart phones

C Mulliner, G Vigna, D Dagon, W Lee

International Conference on Detection of Intrusions and Malware, and …, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:RGFaLdJalmkC

Evading network anomaly detection systems: formal reasoning and practical techniques

P Fogla, W Lee

Proceedings of the 13th ACM conference on Computer and communications …, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:L8Ckcad2t8MC

Measuring intrusion detection capability: An information-theoretic approach

G Gu, P Fogla, D Dagon, W Lee, B Skorić

Proceedings of the 2006 ACM Symposium on Information, computer and …, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:-f6ydRqryjwC

Misleading worm signature generators using deliberate noise injection

R Perdisci, D Dagon, W Lee, P Fogla, M Sharif

2006 IEEE Symposium on Security and Privacy (S&P'06), 15 pp.-31, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:aqlVkmm33-oC

Using an ensemble of one-class svm classifiers to harden payload-based anomaly detection systems

R Perdisci, G Gu, W Lee

Data Mining, 2006. ICDM'06. Sixth International Conference on, 488-498, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:IWHjjKOFINEC

Polymorphic Blending Attacks.

P Fogla, MI Sharif, R Perdisci, OM Kolesnikov, W Lee

USENIX security symposium, 241-256, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:mVmsd5A6BfQC

Polyunpack: Automating the hidden-code extraction of unpack-executing malware

P Royal, M Halpin, D Dagon, R Edmonds, W Lee

Computer Security Applications Conference, 2006. ACSAC'06. 22nd Annual, 289-300, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:YOwf2qJgpHMC

Modeling Botnet Propagation Using Time Zones.

D Dagon, CC Zou, W Lee

NDSS 6, 2-13, 2006 · 01 Jan 2006 · nfkH5V4AAAAJ:roLk4NBRz8UC

Intrusionresilient authentication in the Limited Communication Model

D Cash, YZ Ding, Y Dodis, W Lee, R Lipton, S Walfish

Cryptology ePrint Archive, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:bz8QjSJIRt4C

An extensible environment for evaluating secure MANET

Y Zhang, Y Huang, W Lee

First International Conference on Security and Privacy for Emerging Areas in …, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:xtRiw3GOFMkC

Comparative study between analytical models and packet-level worm simulations

MI Sharif, GF Riley, W Lee

Workshop on Principles of Advanced and Distributed Simulation (PADS'05), 88-98, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:fPk4N6BV_jEC

Protecting secret data from insider attacks

D Dagon, W Lee, R Lipton

International Conference on Financial Cryptography and Data Security, 16-30, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:cFHS6HbyZ2cC

An information-theoretic measure of intrusion detection capability

G Gu, P Fogla, D Dagon, W Lee, B Skoric

College of Computing, Georgia Tech, Tech. Rep. GIT-CC-05-10, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:P5F9QuxV20EC

Hotspot-based traceback for mobile ad hoc networks

Y Huang, W Lee

Proceedings of the 4th ACM workshop on Wireless security, 43-54, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:GnPB-g6toBAC

A taxonomy of botnets

D Dagon, G Gu, C Zou, J Grizzard, S Dwivedi, W Lee, R Lipton

Unpublished paper, c, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:UwEomQ3UdWgC

Environment-sensitive intrusion detection

JT Giffin, D Dagon, S Jha, W Lee, BP Miller

International Workshop on Recent Advances in Intrusion Detection, 185-206, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:HDshCWvjkbEC

Anomalous path detection with hardware support

T Zhang, X Zhuang, S Pande, W Lee

Proceedings of the 2005 international conference on Compilers, architectures …, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:RHpTSmoSYBkC

Security in Mobile Ad-hoc networks

Y Zhang, W Lee

Ad Hoc Networks, 249-268, 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:bFI3QPDXJZMC

A hardware platform for network intrusion detection and prevention

CR Clark, W Lee, DE Schimmel, D Contis, M Koné, A Thomas

Proceedings of the 3rd Workshop on Network Processors and Applications (NP3), 2005 · 01 Jan 2005 · nfkH5V4AAAAJ:dhFuZR0502QC

Simulating Internet Worms

GF Riley¹, MI Sharif

The IEEE Computer Society's 12th Annual International Symposium on Modeling …, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:1tvASLRm6poC

Attack Analysis and Detection

Y Huang, W Lee

Recent Advances in Intrusion Detection:... International Workshop, RAID …, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:yGgOC45Jz5YC

Towards discovering and containing privacy violations in software

L Kruger, H Wang, S Jha, P McDaniel, W Lee

Technical Report, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:UxriW0iASnsC

Simulating Internet Worms, In the proceedings of the 12th IEEE

G Riley, M Sharif, W Lee

ACM International Symposium on Modeling, Analysis, and Simulation of …, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:7EeV9ZTah7MC

Hardware supported anomaly detection: down to the control flow level

T Zhang, X Zhuang, S Pande, W Lee

Georgia Institute of Technology, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:abG-DnoFyZgC

Worm population control through periodic response

D Dagon, A Takar, G Gu, X Qin, W Lee

Technical report, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:afceBpUbn5YC

Worm detection using local networks

X Qin, D Dagon, G Gu, W Lee, M Warfield, P Allor

Proceedings of the Recent Advances of Intrusion Detection RAID 4, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:blknAaTinKkC

Simulating internet worms

GE Riley, ML Sharif, W Lee

The IEEE Computer Society's 12th Annual International Symposium on Modeling …, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:_Qo2XoVZTnwC

On the statistical distribution of processing times in network intrusion detection

JBD Cabrera, J Gosar, W Lee, RK Mehra

2004 43rd IEEE Conference on Decision and Control (CDC)(IEEE Cat. No …, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:O3NaXMp0MMsC

Discovering novel attack strategies from INFOSEC alerts

X Qin, W Lee

European Symposium on Research in Computer Security, 439-456, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:iHNVki4A1WcC

Worm detection, early warning and response based on local victim information

G Gu, M Sharif, X Qin, D Dagon, W Lee, G Riley

20th Annual Computer Security Applications Conference, 136-145, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:M3ejUd6NZC8C

Advanced polymorphic worms: Evading ids by blending in with normal traffic

O Kolesnikov, W Lee

College of Computing, Georgia Institute of Technology, Atlanta, GA 30332, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:Wp0gIr-vW9MC

Attack analysis and detection for ad hoc routing protocols

Y Huang, W Lee

International Workshop on Recent Advances in Intrusion Detection, 125-145, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:7PzlFSSx8tAC

Formalizing sensitivity in static analysis for intrusion detection

HH Feng, JT Giffin, Y Huang, S Jha, W Lee, BP Miller

IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004, 194-208, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:KlAtU1dfN6UC

Honeystat: Local worm detection using honeypots

D Dagon, X Qin, G Gu, W Lee, J Grizzard, J Levine, H Owen

International Workshop on Recent Advances in Intrusion Detection, 39-58, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:MXK_kJrjxJIC

Attack plan recognition and prediction using causal networks

X Qin, W Lee

20th Annual Computer Security Applications Conference, 370-379, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:4DMP91E08xMC

Using artificial anomalies to detect unknown and known network intrusions

W Fan, M Miller, S Stolfo, W Lee, P Chan

Knowledge and Information Systems 6 (5), 507-527, 2004 · 01 Jan 2004 · nfkH5V4AAAAJ:kNdYIx-mwKoC

Cross-feature analysis for detecting ad-hoc routing anomalie

W Fan, W Lee, PS Yu

In Proceedings of the 23rd International Conference on Distributed Computing …, 2003 · 01 Jan 2003 · nfkH5V4AAAAJ:lms347EBdh4C

Filtering spam using search engines

O Kolesnikov, W Lee, R Lipton

Technical Report GITCC-04-15, Georgia Tech, College of Computing, Georgia …, 2003 · 01 Jan 2003 · nfkH5V4AAAAJ:u9iWguZQMMsC

Statistical causality analysis of infosec alert data

X Qin, W Lee

International Workshop on Recent Advances in Intrusion Detection, 73-93, 2003 · 01 Jan 2003 · nfkH5V4AAAAJ:j5aT6aphRxQC

Cross-feature analysis for detecting ad-hoc routing anomalies

Y Huang, W Fan, W Lee, PS Yu

23rd International Conference on Distributed Computing Systems, 2003 …, 2003 · 01 Jan 2003 · nfkH5V4AAAAJ:8k81kl-MbHgC

Anomaly detection using call stack information

HH Feng, OM Kolesnikov, P Fogla, W Lee, W Gong

Security and Privacy, 2003. Proceedings. 2003 IEEE Symposium on, 62-75, 2003 · 01 Jan 2003 · nfkH5V4AAAAJ:zYLM7Y9cAGgC

A cooperative intrusion detection system for ad hoc networks

Y Huang, W Lee

Proceedings of the 1st ACM workshop on Security of ad hoc and sensor …, 2003 · 01 Jan 2003 · nfkH5V4AAAAJ:IjCSPb-OGe4C

Intrusion detection techniques for mobile wireless networks

Y Zhang, W Lee, YA Huang

Wireless Networks 9 (5), 545-556, 2003 · 01 Jan 2003 · nfkH5V4AAAAJ:2osOgNQ5qMEC

Guarding the Next Internet Frontier: Countering Denial of Information Attacks. New Security Paradigms Workshop

M Ahamad, W Lee, L Liu, L Mark, E Omicienski, C Pu, A Dos Santos

[no publisher info] · 01 Jan 2002 · nfkH5V4AAAAJ:5Ul4iDaHHb8C

Recent Advances in Intrusion Detection: Proceedings. Zurich, Switzerland, October 16-18, 2002

H Debar, W Lee, A Wespi

Springer, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:eMMeJKvmdy0C

Mobile code

W Lee

New Security Paradigms Workshop: Proceedings of the 2002 workshop on New …, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:ILKRHgRFtOwC

Proactive Intrusion Detection: A Study on Temporal Data Mining

JBD Cabrera, L Lewis, X Qin, W Lee, RK Mehra

Applications of Data Mining in Computer Security, 195-227, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:E7VqQtBCVmcC

Using MIB II variables for network intrusion detection

X Qin, W Lee, L Lewis, JBD Cabrera

Applications of Data Mining in Computer Security, 123-151, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:g_UdREhPGEoC

Optimization and control problems in Real-time Intrusion Detection

JBD Cabrera, W Lee, RK Prasanth, L Lewis, RK Mehra

Proceedings of the 41st IEEE Conference on Decision and Control, 2002. 2 …, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:p2g8aNsByqUC

Guarding the next Internet frontier: countering denial of information attacks

M Ahamad, L Mark, W Lee, E Omicienski, A Santos, L Liu, C Pu

Proceedings of the 2002 workshop on New security paradigms, 136-143, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:KxtntwgDAa4C

Integrating intrusion detection and network management

X Qin, W Lee, L Lewis, JBD Cabrera

NOMS 2002. IEEE/IFIP Network Operations and Management Symposium.'Management …, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:hMod-77fHWUC

Algorithms for mining system audit data

W Lee, SJ Stolfo, KW Mok

STUDIES IN FUZZINESS AND SOFT COMPUTING 95, 166-189, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:j3f4tGmQtD8C

Applying data mining to intrusion detection: the quest for automation, efficiency, and credibility

W Lee

ACM SIGKDD Explorations Newsletter 4 (2), 35-42, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:TFP_iSt0sucC

Proactive intrusion detection and distributed denial of service attacks—a case study in security management

JBD Cabrera, L Lewis, X Qin, W Lee, RK Mehra

Journal of Network and Systems Management 10 (2), 225-254, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:4JMBOYKVnBMC

Performance adaptation in real-time intrusion detection systems

W Lee, JBD Cabrera, A Thomas, N Balwalli, S Saluja, Y Zhang

International Workshop on Recent Advances in Intrusion Detection, 252-273, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:qUcmZB5y_30C

Toward cost-sensitive modeling for intrusion detection and response

W Lee, W Fan, M Miller, SJ Stolfo, E Zadok

Journal of computer security 10 (1-2), 5-22, 2002 · 01 Jan 2002 · nfkH5V4AAAAJ:ufrVoPGSRksC

Recent Advances in Intrusion Detection: Proceedings. Davis, CA, USA, October 10-12, 2001

H Debar, W Lee, A Wespi

Springer, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:j8SEvjWlNXcC

Recent Advances in Intrusion Detection: 4th International Symposium, RAID 2001 Davis, CA, USA, October 10-12, 2001 Proceedings

W Lee, L Mé, A Wespi

Springer, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:-nhnvRiOwuoC

Using artificial anomalies to detect known and unknown network intrusions

W Fan, M Miller, S Stolfo, W Lee, P Chan

Proceedings of the First International Conference on Data Mining 180, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:OfCb3DkOstsC

Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection

W Lee, L Mé, A Wespi

Springer-Verlag, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:TlpoogIpr_IC

Modeling system calls for ID with Dynamic Window Sizes

S Stolfo, W Lee, E Eskin

Proceedings of the DISCEX II, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:QsKbpXNoaWkC

Proactive Detection of Distributed Denial of Service Attacks using MIB Traffic Variables-A Feasibility Study, 7th IFIP

JBD Cabrera, L Lewis, X Qin, W Lee, RK Prasanth, B Ravichandran, ...

IEEE International Symposium on Integrated Network Management, Seattle, WA …, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:Lc9Ei6r3docC

Mining system audit data: Opportunities and challenges

W Lee, W Fan

ACM SIGMOD Record 30 (4), 35-44, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:rO6llkc54NcC

Heterogeneous networking: a new survivability paradigm

Y Zhang, H Vin, L Alvisi, W Lee, SK Dao

Proceedings of the 2001 workshop on New security paradigms, 33-39, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:TQgYirikUcIC

Data mining-based intrusion detectors: an overview of the columbia IDS project

SJ Stolfo, W Lee, PK Chan, W Fan, E Eskin

ACM SIGMOD Record 30 (4), 5-14, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:ZeXyd9-uunAC

Modeling system calls for intrusion detection with dynamic window sizes

E Eskin, W Lee, SJ Stolfo

DARPA Information Survivability Conference & Exposition II, 2001. DISCEX'01 …, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:ULOm3_A8WrAC

Proactive detection of distributed denial of service attacks using mib traffic variables-a feasibility study

JBD Cabrera, L Lewis, X Qin, W Lee, RK Prasanth, B Ravichandran, ...

2001 IEEE/IFIP International Symposium on Integrated Network Management …, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:3fE2CSJIrl8C

Real time data mining-based intrusion detection

W Lee, SJ Stolfo, PK Chan, E Eskin, W Fan, M Miller, S Hershkop, ...

DARPA Information Survivability Conference & Exposition II, 2001. DISCEX'01 …, 2001 · 01 Jan 2001 · nfkH5V4AAAAJ:UebtZRa9Y70C

Cost based modeling for fraud and intrusion detection: Results from the jam project, discex, vol. 02

SJ Stolfo, W Fan, W Lee, A Prodromidis, PK Chan

[no publisher info] · 01 Jan 2000 · nfkH5V4AAAAJ:IyMil-iDmu0C

Philip k

W Lee, SJ Stolfo

Chan,'Real Time Data Mining-based Intrusion Detection'. In proceedings of …, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:jjenCjXDw2QC

A multiple model cost-sensitive approach for intrusion detection

W Fan, W Lee, SJ Stolfo, M Miller

European conference on machine learning, 142-154, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:hFOr9nPyWt4C

A data mining and CIDF based approach for detecting novel and distributed intrusions

W Lee, RA Nimbalkar, KK Yee, SB Patil, PH Desai, TT Tran, SJ Stolfo

International Workshop on Recent Advances in Intrusion Detection, 49-65, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:9ZlFYXVOiuMC

Adaptive intrusion detection: A data mining approach

W Lee, SJ Stolfo, KW Mok

Artificial Intelligence Review 14 (6), 533-567, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:LkGwnXOMwfcC

Cost-based modeling for fraud and intrusion detection: Results from the JAM project

SJ Stolfo, W Fan, W Lee, A Prodromidis, PK Chan

Proceedings DARPA Information Survivability Conference and Exposition …, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:hqOjcs7Dif8C

Information-theoretic measures for anomaly detection

W Lee, D Xiang

Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001, 130-143, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:qjMakFHDy7sC

A framework for constructing features and models for intrusion detection systems

W Lee, SJ Stolfo

ACM transactions on Information and system security (TiSSEC) 3 (4), 227-261, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:9yKSN-GCB0IC

Intrusion detection in wireless ad-hoc networks

Y Zhang, W Lee

Proceedings of the 6th annual international conference on Mobile computing …, 2000 · 01 Jan 2000 · nfkH5V4AAAAJ:d1gkVwhDpl0C

Mining in a data-flow environment

W Lee, SJ Stolfo, KW Mok

Proceedings of the fifth ACM SIGKDD international conference on Knowledge …, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:OVe_t5h5bhEC

Interfacing Oz with the PCTE OMS: A case study of integrating a legacy System with a standard Object Management System

W Lee, GE Kaiser

Journal of systems integration 9 (4), 329-358, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:tS2w5q8j5-wC

``A Data Mining Framework for Building Intrusion Detection Models''In Proceedings of the 1999 IEEE Symposium on Security and Privacy

W Lee, S Stolfo, K Mok

Oakland, CA, May, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:m_tu6TPmoiMC

Kdd cup knowledge discovery and data mining competition

SJ Stolfo, F Wei, W Lee, A Prodromidis, PK Chan

[no publisher info] · 01 Jan 1999 · nfkH5V4AAAAJ:_aaHSq4heJsC

Automated Intrusion Detection Methods Using {NFR}

W Lee, C Park, SJ Stolfo

1st Workshop on Intrusion Detection and Network Monitoring (ID 99), 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:1sJd4Hv_s6UC

Kdd cup 1999 data [dataset]

S Stolfo, W Fan, W Lee, A Prodromidis, P Chan

UCI Machine Learning Repository, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:zBYNw3HCx4kC

Towards automatic intrusion detection using NFR

W Lee, C Park, SJ Stolfo

Proceeding of 1st USENIX Workshop on Intrusion Detection and Network Monitoring, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:_tF6a-HnqWAC

KDD-CUP-99 Task Description

S Stolfo, W Fan, W Lee

1999-10-28)[2009-05-08]. http://KDD. ics. uci. edu/databases/kddcup99/task, html, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:I2jIoRS3jIgC

Automated Intrusion Detection Using NFR: Methods and Experiences.

W Lee, CT Park, SJ Stolfo

Workshop on Intrusion Detection and Network Monitoring, 63-72, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:35N4QoGY0k4C

Combining Knowledge Discovery and Knowledge Engineering to Build IDSs.

W Lee, SJ Stolfo

Recent Advances in Intrusion Detection, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:RYcK_YlVTxYC

KDD cup 1999 dataset

SJ Stolfo, W Fan, W Lee, A Prodromidis, P Chan

UCI KDD repository. http://kdd. ics. uci. edu, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:oea97a5D_h0C

KDD cup 1999 data

S Stolfo, W Fan, W Lee, A Prodromidis, P Chan

UCI Machine Learning Repository 10, C51C7N, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:q7hqJx8pYzEC

Data mining in work flow environments: Experiences in intrusion detection

W Lee, SJ Stolfo, K Mok

Proceedings of the 1999 Conference on Knowledge Discovery and Data mining …, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:QIV2ME_5wuYC

A data mining framework for constructing features and models for intrusion detection systems

W Lee

Columbia university, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:_FxGoFyzp5QC

Mining in a data-flow environment: experience in network intrusion detection

W Lee, SJ Stolfo, KW Mok

Proceedings of the fifth ACM SIGKDD international conference on Knowledge …, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:Se3iqnhoufwC

Method and system for using intelligent agents for financial transactions, services, accounting, and advice

D Schutzer, WH Forster Jr, H Hu, W Lee, SJ Stolfo, W Fan

US Patent 5,920,848, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:eQOLeE2rZwMC

A data mining framework for building intrusion detection models

W Lee, SJ Stolfo, KW Mok

Proceedings of the 1999 IEEE symposium on security and privacy (Cat. No …, 1999 · 01 Jan 1999 · nfkH5V4AAAAJ:u-x6o8ySG0sC

A data mining framework for adaptive intrusion detection

W Lee, SJ Stolfo, KW Mok

Proceedings of the 7th USENIX Security Symposium, 1998 · 01 Jan 1998 · nfkH5V4AAAAJ:qyhmnyLat1gC

Mining Audit Data to Build Intrusion Detection Models.

W Lee, SJ Stolfo, KW Mok

KDD, 66-72, 1998 · 01 Jan 1998 · nfkH5V4AAAAJ:Y0pCki6q_DkC

Data mining approaches for intrusion detection

W Lee, SJ Stolfo

Proceedings of the 7th USENIX Security Symposium, 1998 · 01 Jan 1998 · nfkH5V4AAAAJ:u5HHmVD_uO8C

Grappa: A graph package in java

NS Barghouti, JM Mocenigo, W Lee

International Symposium on Graph Drawing, 336-343, 1997 · 01 Jan 1997 · nfkH5V4AAAAJ:maZDTaKrznsC

Credit card fraud detection using meta-learning: Issues and initial results

S Stolfo, DW Fan, W Lee, A Prodromidis, P Chan

AAAI-97 Workshop on Fraud Detection and Risk Management 83, 1997 · 01 Jan 1997 · nfkH5V4AAAAJ:qxL8FJ1GzNcC

JAM: Java Agents for Meta-Learning over Distributed Databases.

SJ Stolfo, AL Prodromidis, S Tselepis, W Lee, DW Fan, PK Chan

KDD 97, 74-81, 1997 · 01 Jan 1997 · nfkH5V4AAAAJ:UeHWp8X0CEIC

Learning patterns from unix process execution traces for intrusion detection

W Lee, SJ Stolfo, PK Chan

AAAI Workshop on AI Approaches to Fraud Detection and Risk Management, 50-56, 1997 · 01 Jan 1997 · nfkH5V4AAAAJ:Tyk-4Ss8FVUC

Meta-Learning Agents for Fraud and Intrusion Detection in Financial Information Systems

SJ Stolfo, PK Chan, D Fan, W Lee, A Prodromidis

[no publisher info] · 01 Jan 1996 · nfkH5V4AAAAJ:eJXPG6dFmWUC

Pay No Attention to Man Behind the Curtain

G Kaiser, W Lee

NSF Workshop on Workflow and Process Automation in Information Systems …, 1996 · 01 Jan 1996 · nfkH5V4AAAAJ:yFnVuubrUp4C

Java Agents for Meta learning over Distributed Databases'

S Stolfo, A Prodromidis, S Tselepis, W Lee, DW Fan, PK Chan

Proc. of the 3rd Int. Conf. on Knowledge Discovery and Data Mining. Newport …, 1996 · 01 Jan 1996 · nfkH5V4AAAAJ:9sMhslCZ7ZMC

OzCare: A workflow automation system for care plans

W Lee, GE Kaiser, PD Clayton, EH Sherman

Proceedings of the AMIA Annual Fall Symposium, 577, 1996 · 01 Jan 1996 · nfkH5V4AAAAJ:yD5IFk8b50cC

Interfacing Oz with the PCTE OMS

W Lee, GE Kaiser

Department of Computer Science, Columbia University, 1995 · 01 Jan 1995 · nfkH5V4AAAAJ:rmuvC79q63oC

Naser S. Barghouti Bear, Stearns & Co., Inc. New York, NY, USA naser@ bear. com

JM Mocenigo, W Lee

[no publisher info] · [no date info] · nfkH5V4AAAAJ:q3oQSFYPqjQC

Information-Theoretic Measures for Anomaly Detection (Draft)

W Lee, D Xiang

[no publisher info] · [no date info] · nfkH5V4AAAAJ:kRWSkSYxWN8C

Jadve: A Framework for Graph-Based Data Visualization Applications

W Lee, NS Barghouti

[no publisher info] · [no date info] · nfkH5V4AAAAJ:1qzjygNMrQYC

JAM: Java Agents for Meta-Learning over Distributed Databases* Salvatore Stolfo, Andreas L. Prodromidis¢

S Tselepis, W Lee, DW Fan

[no publisher info] · [no date info] · nfkH5V4AAAAJ:J-pR_7NvFogC

Trusted Passages: Managing Distributed Trust to Meet the Needs of Emerging Applications

M Ahamad, W Lee, K Schwan

[no publisher info] · [no date info] · nfkH5V4AAAAJ:bnK-pcrLprsC

PDS 2010 Program Committee

J Cao, Y Chen, B Cukic, M Dacier, F Symantec, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:HE397vMXCloC

S&P 2007

T Aura, D Balfanz, S Bellovin, E Bertino, M Blaze, P Bonatti, C Cachin, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:JoZmwDi-zQgC

Extracting Statistical Scenario Signatures for Multi-Stage Cyber Attacks: A Framework and Results

JBD Cabrera, X Qin, C Gutierrez, W Lee, RK Mehra

[no publisher info] · [no date info] · nfkH5V4AAAAJ:dTyEYWd-f8wC

Anonymizing Botnet Data

KK Singh, W Lee

[no publisher info] · [no date info] · nfkH5V4AAAAJ:SdhP9T11ey4C

RAID 2001: recent advances in intrusion detection (Davis CA, 10-12 October 2001)

W Lee, L Mé, A Wespi

Lecture notes in computer science, 0 · [no date info] · nfkH5V4AAAAJ:5awf1xo2G04C

PDS 2011 reviewers

R Bloomfield, P Buchholz, J Cao, G Casale, L Cherkasova, G Ciardo, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:JQOojiI6XY0C

ICDCS-SPCC 2010 Program Committee

V Bala, G Cao, H Chen, S Chen, B Crispo, W Cui, R Di Pietro, Y Guan, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:_Ybze24A_UAC

Program Committee Co-Chairs

G Vigna, S Jha, G Ateniese, M Backes, M Bailey, L Bauer, D Brumley, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:kzcrU_BdoSEC

Gregory Piatetsky-Shapiro, KDnuggets, USA

J Gosh, A Grama, S Guha, D Gunopulos, Y Guo, HJ Hamilton, J Han, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:ZfRJV9d4-WMC

SecureComm 2005 Technical Program Committee

N Asokan, G Ateniese, T Aura, F Bao, B Bhargava, L Buttyan, R Deng, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:VLnqNzywnoUC

2003 IEEE Man Systems and Cybernetics Information Assurance Works hop

R Dodge, J James, W Lee, B Michael, D Welch, A Yasinsac, D Ragsdale, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:EYYDruWGBe4C

IEEE SADFE 2011

M Losavio, A Yasinsac, RF Erbacher, W Lee, B Endicott-Popovsky, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:HtEfBTGE9r8C

Program Committee Chairs

W Lee, A Perrig, M Backes, M Abadi, M Bailey, H Bos, L Bauer, D Brumley, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:uPCvBZYD9qUC

Innovative research can help illuminate the security problems facing people, businesses, and governments online as well as propose and evaluate new defenses.

W Lee, B Rotoloni

[no publisher info] · [no date info] · nfkH5V4AAAAJ:_q7R20eJROoC

DISPOSABLE DOMAINS

Y Chen, M Antonakakis, W Lee

[no publisher info] · [no date info] · nfkH5V4AAAAJ:RPps9qLA3-kC

Recent Advances in Intrusion Detection [electronic resource]: 4th International Symposium, RAID 2001 Davis, CA, USA, October 10–12, 2001 Proceedings

W Lee, L Mé, A Wespi

Berlin, Heidelberg: Springer Berlin Heidelberg,, 0 · [no date info] · nfkH5V4AAAAJ:gXFvZ3BI3UoC

Mirrored By: www. siliconinvestigations. com For more information, call us-920-955-3693

P Royal, M Halpin, D Dagon, R Edmonds, W Lee

[no publisher info] · [no date info] · nfkH5V4AAAAJ:HWVPSj4JXeEC

Spam Filtering Beyond Tokens

O Kolesnikov, W Lee, R Lipton, SR Webb, C Pu

[no publisher info] · [no date info] · nfkH5V4AAAAJ:H7WDvlwkmv8C

Malware and Attack Technologies Knowledge Area Version..

W Lee

[no publisher info] · [no date info] · nfkH5V4AAAAJ:VofzgsFG4o0C

Augmenting Cyber Assessment through Dynamic Malware Analyzer

A Kam, M Nance, W Lee, K Park, B Sahin, C Yagemann

[no publisher info] · [no date info] · nfkH5V4AAAAJ:OYCXtYc4maoC

1st Deep Learning and Security Workshop

N Vasiloglou, R Perdisci, B Rahbarinia, A Gardner, D Song, I Goodfellow, ...

[no publisher info] · [no date info] · nfkH5V4AAAAJ:9wUeeRLfbNYC

Exploiting Online Targeted Advertising

W Meng, X Xing, A Sheth, U Weinsberg, W Lee

[no publisher info] · [no date info] · nfkH5V4AAAAJ:lo0OIn9KAZgC

Erkam Uzun, Pak Ho “Simon” Chung, Irfan Essa

W Lee

[no publisher info] · [no date info] · nfkH5V4AAAAJ:ObAD8Md4PD8C

On the Need for Packet–Level Details in Worm Simulations

MI Sharif, GF Riley, W Lee

Article (CrossRef Link), 1-9, 0 · [no date info] · nfkH5V4AAAAJ:BrmTIyaxlBUC

N., and Dagon, D.(2011). Detecting malware domains at the upper dns hierarchy

M Antonakakis, R Perdisci, W Lee, II Vasiloglou

USENIX Security Symposium, 16-32, 0 · [no date info] · nfkH5V4AAAAJ:nYc7v9NCwtsC

Cost-based modeling and evaluation for data mining with application to fraud and intrusion detection: Results from the jam project.-1999

SJ Stolfo, W Fan, W Lee, A Prodromidis, PK Chan

Интернет ресурс http://kdd. ics. uci. edu, 0 · [no date info] · nfkH5V4AAAAJ:3yMDF_cvnR8C

KDD Cup 1999 Data (1998)

S Stolfo, W Fan, W Lee, A Prodromidis, P Chan

Dataset available at UCI Machine Learning Repository: https://doi. org/10 …, 0 · [no date info] · nfkH5V4AAAAJ:SSsxPzPPytkC

II, and David Dagon. 2011. Detecting malware domains at the upper DNS hierarchy

M Antonakakis, R Perdisci, W Lee, N Vasiloglou

Proceedings of the 20th USENIX Conference on Security, 27-42, 0 · [no date info] · nfkH5V4AAAAJ:viYOxJONeN0C

Advanced polymorphic worms: Evading IDS by blending in with normal traffic, 2004

O Kolesnikov, D Dagon, W Lee

CC Technical Report, 0 · [no date info] · nfkH5V4AAAAJ:UBSsHvkqiq4C

Research

Highlighted

All

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

1995