Sort by:

• Highly Influential Citations
• Citations
• Acceleration
• Velocity
• Recency

Learn More

BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection

• Guofei Gu, Roberto Perdisci, Junjie Zhang, Wenke Lee
• USENIX Security Symposium
• 2008

Botnets are now the key platform for many Internet attacks, such as spam, distributed denial-of-service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only… (More)

BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic

• Guofei Gu, Junjie Zhang, Wenke Lee
• NDSS
• 2008

Botnets are now recognized as one of the most serious security threats. In contrast to previous malware, botnets have the characteristic of a command and control (C&C) channel. Botnets also often use… (More)

Ether: malware analysis via hardware virtualization extensions

• Artem Dinaburg, Paul Royal, Monirul I. Sharif, Wenke Lee
• ACM Conference on Computer and Communications…
• 2008

Malware has become the centerpiece of most security threats on the Internet. Malware analysis is an essential technology that extracts the runtime behavior of malware, and supplies signatures to… (More)

CHEX: statically vetting Android apps for component hijacking vulnerabilities

• Long Lu, Zhichun Li, Zhenyu Wu, Wenke Lee, Guofei Jiang
• ACM Conference on Computer and Communications…
• 2012

An enormous number of apps have been developed for Android in recent years, making it one of the most popular mobile operating systems. However, the quality of the booming apps can be a concern [4].… (More)

Data Mining Approaches for Intrusion Detection

• Wenke Lee, Salvatore J. Stolfo
• USENIX Security Symposium
• 1998

In this paper we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns… (More)

A Data Mining Framework for Building Intrusion Detection Models

• Wenke Lee, Salvatore J. Stolfo, Kui W. Mok
• IEEE Symposium on Security and Privacy
• 1999

There is often the need to update an installed Intrusion Detection System (IDS) due to new attack methods or upgraded computing environments. Since many current IDSs are constructed by manual… (More)

A framework for constructing features and models for intrusion detection systems

• Wenke Lee, Salvatore J. Stolfo
• ACM Trans. Inf. Syst. Secur.
• 2000

Intrusion detection (ID) is an important component of infrastructure protection mechanisms. Intrusion detection systems (IDSs) need to be accurate, adaptive, and extensible. Given these requirements… (More)

A cooperative intrusion detection system for ad hoc networks

• Yi-an Huang, Wenke Lee
• SASN
• 2003

Mobile ad hoc networking (MANET) has become an exciting and important technology in recent years because of the rapid proliferation of wireless devices. MANETs are highly vulnerable to attacks due to… (More)

Secure and Flexible Monitoring of Virtual Machines

• Bryan D. Payne, Wenke Lee
• Twenty-Third Annual Computer Security…
• 2007

The monitoring of virtual machines has many applications in areas such as security and systems management. A monitoring technique known as introspection has received significant discussion in the… (More)

Anomaly Detection Using Call Stack Information

• Henry Hanping Feng, Oleg M. Kolesnikov, Prahlad Fogla, Wenke Lee, Weibo Gong
• IEEE Symposium on Security and Privacy
• 2003

The call stack of a program execution can be a very good information source for intrusion detection. There is no prior work on dynamically extracting information from call stack and effectively using… (More)

• ‹
• 1
• 2
• 3
• 4
• 5
• ›