Wenke Lee

According to our database1, Wenke Lee
  • authored at least 158 papers between 1997 and 2017.
  • has a "Dijkstra number"2 of three.

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

Homepages:

On csauthors.net:

Bibliography

2017
Cloaker Catcher: A Client-based Cloaking Detection System.
CoRR, 2017

Bunshin: Compositing Security Mechanisms through Diversification (with Appendix).
CoRR, 2017

Efficient Protection of Path-Sensitive Control Security.
Proceedings of the 26th USENIX Security Symposium, 2017

Bunshin: Compositing Security Mechanisms through Diversification.
Proceedings of the 2017 USENIX Annual Technical Conference, 2017

Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop.
Proceedings of the 2017 IEEE Symposium on Security and Privacy, 2017

Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying.
Proceedings of the 24th Annual Network and Distributed System Security Symposium, 2017

RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

Identifying Open-Source License Violation and 1-day Security Risk at Large Scale.
Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017

2016
Exploiting Insurance Telematics for Fun and Profit.
CoRR, 2016

TrackMeOrNot: Enabling Flexible Control on Web Tracking.
Proceedings of the 25th International Conference on World Wide Web, 2016

HDFI: Hardware-Assisted Data-Flow Isolation.
Proceedings of the IEEE Symposium on Security and Privacy, 2016

From Physical to Cyber: Escalating Protection for Personalized Auto Insurance.
Proceedings of the 14th ACM Conference on Embedded Network Sensor Systems, SenSys 2016, 2016

Enforcing Kernel Security Invariants with Data Flow Integrity.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

How to Make ASLR Win the Clone Wars: Runtime Re-Randomization.
Proceedings of the 23rd Annual Network and Distributed System Security Symposium, 2016

RecProv: Towards Provenance-Aware User Space Record and Replay.
Proceedings of the Provenance and Annotation of Data and Processes, 2016

Financial Lower Bounds of Online Advertising Abuse - A Four Year Case Study of the TDSS/TDL4 Botnet.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2016

UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages.
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016

2015
Understanding Malvertising Through Ad-Injecting Browser Extensions.
Proceedings of the 24th International Conference on World Wide Web, 2015

Type Casting Verification: Stopping an Emerging Attack Vector.
Proceedings of the 24th USENIX Security Symposium, 2015

Exploiting and Protecting Dynamic Code Generation.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

Preventing Use-after-free with Dangling Pointers Nullification.
Proceedings of the 22nd Annual Network and Distributed System Security Symposium, 2015

UCognito: Private Browsing without Tears.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks.
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015

2014
Building a Scalable System for Stealthy P2P-Botnet Detection.
IEEE Trans. Information Forensics and Security, 2014

On the Feasibility of Large-Scale Infections of iOS Devices.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

Mimesis Aegis: A Mimicry Privacy Shield-A System's Approach to Data Privacy on Public Cloud.
Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, August 20-22, 2014., 2014

From Zygote to Morula: Fortifying Weakened ASLR on Android.
Proceedings of the 2014 IEEE Symposium on Security and Privacy, 2014

Exposing Inconsistent Web Search Results with Bobble.
Proceedings of the Passive and Active Measurement - 15th International Conference, 2014

Gyrus: A Framework for User-Intent Monitoring of Text-based Networked Applications.
Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014

DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic.
Proceedings of the 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2014

Diagnosis and Emergency Patch Generation for Integer Overflow Exploits.
Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2014

Your Online Interests: Pwned! A Pollution Attack Against Targeted Advertising.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

A11y Attacks: Exploiting Accessibility in Operating Systems.
Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, 2014

2013
Take This Personally: Pollution Attacks on Personalized Services.
Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, 2013

Jekyll on iOS: When Benign Apps Become Evil.
Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14-16, 2013, 2013

Connected Colors: Unveiling the Structure of Criminal Networks.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2013

Intention and Origination: An Inside Look at Large-Scale Bot Queries.
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013

The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers.
Proceedings of the 20th Annual Network and Distributed System Security Symposium, 2013

Beheading hydras: performing effective botnet takedowns.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

Tappan Zee (north) bridge: mining memory accesses for introspection.
Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, 2013

2012
An Empirical Study of Spam and Prevention Mechanisms in Online Video Chat Services
CoRR, 2012

Practical end-to-end web content integrity.
Proceedings of the 21st World Wide Web Conference 2012, 2012

Impeding Automated Malware Analysis with Environment-sensitive Malware.
Proceedings of the 7th USENIX Workshop on Hot Topics in Security, 2012

From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware.
Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, August 8-10, 2012, 2012

Secure and Robust Monitoring of Virtual Machines through Guest-Assisted Introspection.
Proceedings of the Research in Attacks, Intrusions, and Defenses, 2012

CHEX: statically vetting Android apps for component hijacking vulnerabilities.
Proceedings of the ACM Conference on Computer and Communications Security, 2012

2011
ARROW: GenerAting SignatuRes to Detect DRive-By DOWnloads.
Proceedings of the 20th International Conference on World Wide Web, 2011

Detecting Malware Domains at the Upper DNS Hierarchy.
Proceedings of the 20th USENIX Security Symposium, 2011

Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection.
Proceedings of the 32nd IEEE Symposium on Security and Privacy, 2011

HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows.
Proceedings of the Network and Distributed System Security Symposium, 2011

PEASOUP: preventing exploits against software of uncertain provenance (position paper).
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems, 2011

Detecting stealthy P2P botnets using statistical traffic fingerprints.
Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, 2011

A combinatorial approach to network covert communications with applications in Web Leaks.
Proceedings of the 2011 IEEE/IFIP International Conference on Dependable Systems and Networks, 2011

Boosting the scalability of botnet detection using adaptive traffic sampling.
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, 2011

SURF: detecting and measuring search poisoning.
Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011

Understanding the prevalence and use of alternative plans in malware with network games.
Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

Exposing invisible timing-based traffic watermarks with BACKLIT.
Proceedings of the Twenty-Seventh Annual Computer Security Applications Conference, 2011

2010
Building a Dynamic Reputation System for DNS.
Proceedings of the 19th USENIX Security Symposium, 2010

On the Incoherencies in Web Browser Access Control Policies.
Proceedings of the 31st IEEE Symposium on Security and Privacy, 2010

A Centralized Monitoring Infrastructure for Improving DNS Security.
Proceedings of the Recent Advances in Intrusion Detection, 13th International Symposium, 2010

Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces.
Proceedings of the 7th USENIX Symposium on Networked Systems Design and Implementation, 2010

On the Secrecy of Spread-Spectrum Flow Watermarks.
Proceedings of the Computer Security, 2010

Evaluating Bluetooth as a Medium for Botnet Command and Control.
Proceedings of the Detection of Intrusions and Malware, 2010

Control of low-rate denial-of-service attacks on web servers and TCP flows.
Proceedings of the 49th IEEE Conference on Decision and Control, 2010

BLADE: an attack-agnostic approach for preventing drive-by malware infections.
Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010

2009
Dynamic Trust Management.
IEEE Computer, 2009

McPAD: A multiple classifier system for accurate payload-based anomaly detection.
Computer Networks, 2009

xBook: Redesigning Privacy Control in Social Networking Platforms.
Proceedings of the 18th USENIX Security Symposium, 2009

Automatic Reverse Engineering of Malware Emulators.
Proceedings of the 30th IEEE Symposium on Security and Privacy (S&P 2009), 2009

BLADE: Slashing the Invisible Channel of Drive-by Download Malware.
Proceedings of the Recent Advances in Intrusion Detection, 12th International Symposium, 2009

K-Tracer: A System for Extracting Kernel Malware Behavior.
Proceedings of the Network and Distributed System Security Symposium, 2009

Recursive DNS Architectures and Vulnerability Implications.
Proceedings of the Network and Distributed System Security Symposium, 2009

WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks.
Proceedings of the 2009 IEEE/IFIP International Conference on Dependable Systems and Networks, 2009

Secure in-VM monitoring using hardware virtualization.
Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

Mapping kernel objects to enable systematic integrity checking.
Proceedings of the 2009 ACM Conference on Computer and Communications Security, 2009

Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces.
Proceedings of the Twenty-Fifth Annual Computer Security Applications Conference, 2009

Active Botnet Probing to Identify Obscure Command and Control Channels.
Proceedings of the Twenty-Fifth Annual Computer Security Applications Conference, 2009

2008
Classification of packed executables for accurate computer virus detection.
Pattern Recognition Letters, 2008

Taming Virtualization.
IEEE Security & Privacy, 2008

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection.
Proceedings of the 17th USENIX Security Symposium, 2008

Lares: An Architecture for Secure Active Monitoring Using Virtualization.
Proceedings of the 2008 IEEE Symposium on Security and Privacy (S&P 2008), 2008

Impeding Malware Analysis Using Conditional Code Obfuscation.
Proceedings of the Network and Distributed System Security Symposium, 2008

BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic.
Proceedings of the Network and Distributed System Security Symposium, 2008

Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority.
Proceedings of the Network and Distributed System Security Symposium, 2008

Eureka: A Framework for Enabling Static Malware Analysis.
Proceedings of the Computer Security, 2008

Evaluating email's feasibility for botnet command and control.
Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2008

Principled reasoning and practical applications of alert fusion in intrusion detection systems.
Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, 2008

Ether: malware analysis via hardware virtualization extensions.
Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008

Increased DNS forgery resistance through 0x20-bit encoding: security via leet queries.
Proceedings of the 2008 ACM Conference on Computer and Communications Security, 2008

McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables.
Proceedings of the Twenty-Fourth Annual Computer Security Applications Conference, 2008

2007
A layered approach to simplified access control in virtualized systems.
Operating Systems Review, 2007

Intrusion-Resilient Key Exchange in the Bounded Retrieval Model.
Proceedings of the Theory of Cryptography, 4th Theory of Cryptography Conference, 2007

An assessment of VoIP covert channel threats.
Proceedings of the Third International Conference on Security and Privacy in Communication Networks and the Workshops, 2007

Misleading and defeating importance-scanning malware propagation.
Proceedings of the Third International Conference on Security and Privacy in Communication Networks and the Workshops, 2007

Understanding Precision in Host Based Intrusion Detection.
Proceedings of the Recent Advances in Intrusion Detection, 10th International Symposium, 2007

Secure and Flexible Monitoring of Virtual Machines.
Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), 2007

A Taxonomy of Botnet Structures.
Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC 2007), 2007

2006
q-Gram Matching Using Tree Models.
IEEE Trans. Knowl. Data Eng., 2006

Polymorphic Blending Attacks.
Proceedings of the 15th USENIX Security Symposium, Vancouver, BC, Canada, July 31, 2006

MisleadingWorm Signature Generators Using Deliberate Noise Injection.
Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P 2006), 2006

Modeling Botnet Propagation Using Time Zones.
Proceedings of the Network and Distributed System Security Symposium, 2006

Agent-Based Cooperative Anomaly Detection for Wireless Ad Hoc Networks.
Proceedings of the 12th International Conference on Parallel and Distributed Systems, 2006

Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems.
Proceedings of the 6th IEEE International Conference on Data Mining (ICDM 2006), 2006

Towards the integration of diverse spam filtering techniques.
Proceedings of the 2006 IEEE International Conference on Granular Computing, 2006

Towards an Information-Theoretic Framework for Analyzing Intrusion Detection Systems.
Proceedings of the Computer Security, 2006

Using Labeling to Prevent Cross-Service Attacks Against Smart Phones.
Proceedings of the Detection of Intrusions and Malware & Vulnerability Assessment, 2006

Measuring intrusion detection capability: an information-theoretic approach.
Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, 2006

Evading network anomaly detection systems: formal reasoning and practical techniques.
Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, Ioctober 30, 2006

PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware.
Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC 2006), 2006

DSO: Dependable Signing Overlay.
Proceedings of the Applied Cryptography and Network Security, 4th International Conference, 2006

2005
Hotspot-based traceback for mobile ad hoc networks.
Proceedings of the 2005 ACM Workshop on Wireless Security, 2005

An Extensible Environment for Evaluating Secure MANET.
Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, 2005

Environment-Sensitive Intrusion Detection.
Proceedings of the Recent Advances in Intrusion Detection, 8th International Symposium, 2005

Comparative Study between Analytical Models and Packet-Level Worm Simulations.
Proceedings of the 19th Workshop on Parallel and Distributed Simulation, 2005

Protecting Secret Data from Insider Attacks.
Proceedings of the Financial Cryptography and Data Security, 2005

Anomalous path detection with hardware support.
Proceedings of the 2005 International Conference on Compilers, 2005

2004
An Overview of Intrusion Detection Techniques.
Proceedings of the Practical Handbook of Internet Computing., 2004

Using artificial anomalies to detect unknown and known network intrusions.
Knowl. Inf. Syst., 2004

Formalizing Sensitivity in Static Analysis for Intrusion Detection.
Proceedings of the 2004 IEEE Symposium on Security and Privacy (S&P 2004), 2004

Attack Analysis and Detection for Ad Hoc Routing Protocols.
Proceedings of the Recent Advances in Intrusion Detection: 7th International Symposium, 2004

HoneyStat: Local Worm Detection Using Honeypots.
Proceedings of the Recent Advances in Intrusion Detection: 7th International Symposium, 2004

Simulating Internet Worms.
Proceedings of the 12th International Workshop on Modeling, 2004

Discovering Novel Attack Strategies from INFOSEC Alerts.
Proceedings of the Computer Security, 2004

Attack Plan Recognition and Prediction Using Causal Networks.
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

Worm Detection, Early Warning and Response Based on Local Victim Information.
Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), 2004

2003
Anomaly Detection Using Call Stack Information.
Proceedings of the 2003 IEEE Symposium on Security and Privacy (S&P 2003), 2003

A cooperative intrusion detection system for ad hoc networks.
Proceedings of the 1st ACM Workshop on Security of ad hoc and Sensor Networks, 2003

Statistical Causality Analysis of INFOSEC Alert Data.
Proceedings of the Recent Advances in Intrusion Detection, 6th International Symposium, 2003

Proactive Intrusion Detection and SNMP-based Security Management: New Experiments and Validation.
Proceedings of the Integrated Network Management VII, Managing It All, 2003

Cross-Feature Analysis for Detecting Ad-Hoc Routing Anomalies.
Proceedings of the 23rd International Conference on Distributed Computing Systems (ICDCS 2003), 2003

2002
Applying Data Mining to Intrusion Detection: The Quest for Automation, Efficiency, and Credibility.
SIGKDD Explorations, 2002

Proactive Intrusion Detection and Distributed Denial of Service Attacks - A Case Study in Security Management.
J. Network Syst. Manage., 2002

Toward Cost-Sensitive Modeling for Intrusion Detection and Response.
Journal of Computer Security, 2002

Performance Adaptation in Real-Time Intrusion Detection Systems.
RAID, 2002

Guarding the next Internet frontier: countering denial of information attacks.
Proceedings of the 2002 Workshop on New Security Paradigms, 2002

Integrating intrusion detection and network management.
Proceedings of the Management Solutions for the New Communications World, 2002

2001
Data Mining-based Intrusion Detectors: An Overview of the Columbia IDS Project.
SIGMOD Record, 2001

Mining System Audit Data: Opportunities and Challenges.
SIGMOD Record, 2001

Information-Theoretic Measures for Anomaly Detection.
Proceedings of the 2001 IEEE Symposium on Security and Privacy, 2001

Heterogeneous networking: a new survivability paradigm.
Proceedings of the New Security Paradigms Workshop 2001, 2001

Proactive Detection of Distributed Denial of Service Attacks using MIB Traffic Variables - A Feasibility Study.
Proceedings of the 2001 IEEE/IFIP International Symposium on Integrated Network Management, 2001

Using Artificial Anomalies to Detect Unknown and Known Network Intrusions.
Proceedings of the 2001 IEEE International Conference on Data Mining, 29 November, 2001

2000
A framework for constructing features and models for intrusion detection systems.
ACM Trans. Inf. Syst. Secur., 2000

Adaptive Intrusion Detection: A Data Mining Approach.
Artif. Intell. Rev., 2000

A Data Mining and CIDF Based Approach for Detecting Novel and Distributed Intrusions.
Proceedings of the Recent Advances in Intrusion Detection, Third International Workshop, 2000

Intrusion detection in wireless ad-hoc networks.
Proceedings of the MOBICOM 2000, 2000

A Multiple Model Cost-Sensitive Approach for Intrusion Detection.
Proceedings of the Machine Learning: ECML 2000, 11th European Conference on Machine Learning, Barcelona, Catalonia, Spain, May 31, 2000

1999
Interfacing Oz with the PCTE OMS: A Case Study of Integrating a Legacy System with a Standard Object Management System.
Journal of Systems Integration, 1999

A Data Mining Framework for Building Intrusion Detection Models.
Proceedings of the 1999 IEEE Symposium on Security and Privacy, 1999

Combining Knowledge Discovery and Knowledge Engineering to Build IDSs.
Recent Advances in Intrusion Detection, 1999

Mining in a Data-Flow Environment: Experience in Network Intrusion Detection.
Proceedings of the Fifth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 1999

Automated Intrusion Detection Using NFR: Methods and Experiences.
Proceedings of the Workshop on Intrusion Detection and Network Monitoring, 1999

1998
Data Mining Approaches for Intrusion Detection.
Proceedings of the 7th USENIX Security Symposium, 1998

Mining Audit Data to Build Intrusion Detection Models.
Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining (KDD-98), 1998

1997
JAM: Java Agents for Meta-Learning over Distributed Databases.
Proceedings of the Third International Conference on Knowledge Discovery and Data Mining (KDD-97), 1997

Grappa: A GRAPh PAckage in Java.
Proceedings of the Graph Drawing, 5th International Symposium, 1997


  Loading...