Wenke Lee

Wenke Lee's AcademicInfluence.com Rankings

Wenke Lee

Computer Science

#4917

World Rank

#5192

Historical Rank

Database

#2093

World Rank

#2200

Historical Rank

computer-science Degrees

Download Badge

Computer Science

Wenke Lee's Degrees

PhD Computer Science Georgia Tech
Masters Computer Science Georgia Tech
Bachelors Computer Science Tsinghua University

Similar Degrees You Can Earn

Why Is Wenke Lee Influential?

(Suggest an Edit or Addition)

(See a Problem?)

Wenke Lee's Published Works

Number of citations in a given year to any of this author's works

Total number of citations to an author for the works they published in a given year. This highlights publication of the most important work(s) by the author

Published Works

Data Mining Approaches for Intrusion Detection (1998) (1500)
A data mining framework for building intrusion detection models (1999) (1395)
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection (2008) (1219)
A framework for constructing features and models for intrusion detection systems (2000) (1085)
BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic (2008) (917)
Intrusion Detection Techniques for Mobile Wireless Networks (2003) (876)
BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation (2007) (870)
Ether: malware analysis via hardware virtualization extensions (2008) (750)
Cost-based modeling for fraud and intrusion detection: results from the JAM project (2000) (646)
CHEX: statically vetting Android apps for component hijacking vulnerabilities (2012) (640)
Information-theoretic measures for anomaly detection (2001) (637)
A cooperative intrusion detection system for ad hoc networks (2003) (628)
From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware (2012) (507)
Lares: An Architecture for Secure Active Monitoring Using Virtualization (2008) (482)
Intrusion detection in wireless ad-hoc networks (2000) (474)
Building a Dynamic Reputation System for DNS (2010) (455)
Anomaly detection using call stack information (2003) (432)
Adaptive Intrusion Detection: A Data Mining Approach (2000) (427)
Modeling Botnet Propagation Using Time Zones (2006) (418)
Secure and Flexible Monitoring of Virtual Machines (2007) (414)
Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces (2010) (388)
JAM: Java Agents for Meta-Learning over Distributed Databases (1997) (374)
Learning Patterns from Unix Process Execution Traces for Intrusion Detection (1997) (338)
Mining Audit Data to Build Intrusion Detection Models (1998) (326)
A Taxonomy of Botnet Structures (2007) (315)
PolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware (2006) (312)
Toward Cost-Sensitive Modeling for Intrusion Detection and Response (2002) (312)
Detecting Malware Domains at the Upper DNS Hierarchy (2011) (307)
Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection (2011) (302)
Secure in-VM monitoring using hardware virtualization (2009) (297)
McPAD: A multiple classifier system for accurate payload-based anomaly detection (2009) (286)
Cross-feature analysis for detecting ad-hoc routing anomalies (2003) (282)
Polymorphic Blending Attacks (2006) (280)
Mining in a data-flow environment: experience in network intrusion detection (1999) (275)
Using artificial anomalies to detect unknown and known network intrusions (2001) (275)
Real time data mining-based intrusion detection (2001) (267)
Impeding Malware Analysis Using Conditional Code Obfuscation (2008) (262)
Statistical Causality Analysis of INFOSEC Alert Data (2003) (252)
The Creation and Detection of Deepfakes (2020) (247)
Using an Ensemble of One-Class SVM Classifiers to Harden Payload-based Anomaly Detection Systems (2006) (239)
HoneyStat: Local Worm Detection Using Honeypots (2004) (220)
Attack plan recognition and prediction using causal networks (2004) (214)
Automatic Reverse Engineering of Malware Emulators (2009) (213)
Proactive detection of distributed denial of service attacks using MIB traffic variables-a feasibility study (2001) (206)
Modeling system calls for intrusion detection with dynamic window sizes (2001) (202)
Attack Analysis and Detection for Ad Hoc Routing Protocols (2004) (193)
Misleading worm signature generators using deliberate noise injection (2006) (193)
Evading network anomaly detection systems: formal reasoning and practical techniques (2006) (187)
Formalizing sensitivity in static analysis for intrusion detection (2004) (184)
Measuring intrusion detection capability: an information-theoretic approach (2006) (179)
Mapping kernel objects to enable systematic integrity checking (2009) (173)
BLADE: an attack-agnostic approach for preventing drive-by malware infections (2010) (169)
A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems (1999) (167)
HTTPOS: Sealing Information Leaks with Browser-side Obfuscation of Encrypted Flows (2011) (164)
Detecting Malicious Flux Service Networks through Passive Analysis of Recursive DNS Traces (2009) (164)
Credit Card Fraud Detection Using Meta-Learning: Issues and Initial Results 1 (1997) (157)
Classification of packed executables for accurate computer virus detection (2008) (156)
Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic (2005) (147)
McBoost: Boosting Scalability in Malware Collection and Analysis Using Statistical Classification of Executables (2008) (145)
Eureka: A Framework for Enabling Static Malware Analysis (2008) (142)
ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks (2015) (142)
Jekyll on iOS: When Benign Apps Become Evil (2013) (140)
Worm detection, early warning and response based on local victim information (2004) (135)
Preventing Use-after-free with Dangling Pointers Nullification (2015) (127)
Detecting stealthy P2P botnets using statistical traffic fingerprints (2011) (124)
K-Tracer: A System for Extracting Kernel Malware Behavior (2009) (119)
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority (2008) (117)
xBook: Redesigning Privacy Control in Social Networking Platforms (2009) (116)
ARROW: GenerAting SignatuRes to Detect DRive-By DOWnloads (2011) (116)
Increased DNS forgery resistance through 0x20-bit encoding: security via leet queries (2008) (112)
A Data Mining and CIDF Based Approach for Detecting Novel and Distributed Intrusions (2000) (109)
Data mining-based intrusion detectors: an overview of the columbia IDS project (2001) (106)
HDFI: Hardware-Assisted Data-Flow Isolation (2016) (104)
Enforcing Kernel Security Invariants with Data Flow Integrity. (2016) (104)
SURF: detecting and measuring search poisoning (2011) (100)
Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop (2017) (99)
Cost-based Modeling and Evaluation for Data Mining With Application to Fraud and Intrusion Detection : Results from the JAM Project ∗ (2008) (97)
Building a Scalable System for Stealthy P2P-Botnet Detection (2014) (97)
RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking (2017) (92)
Evaluating Bluetooth as a Medium for Botnet Command and Control (2010) (92)
Enforcing Unique Code Target Property for Control-Flow Integrity (2018) (90)
A hardware platform for network intrusion detection and prevention (2005) (89)
Active Botnet Probing to Identify Obscure Command and Control Channels (2009) (88)
On the Incoherencies in Web Browser Access Control Policies (2010) (88)
Dynamic Trust Management (2009) (87)
Botnet Detection: Countering the Largest Security Threat (2010) (85)
Discovering Novel Attack Strategies from INFOSEC Alerts (2004) (85)
How to Make ASLR Win the Clone Wars: Runtime Re-Randomization (2016) (84)
Efficient Protection of Path-Sensitive Control Security (2017) (81)
A11y Attacks: Exploiting Accessibility in Operating Systems (2014) (81)
Understanding Malvertising Through Ad-Injecting Browser Extensions (2015) (80)
Performance Adaptation in Real-Time Intrusion Detection Systems (2002) (79)
Heterogeneous networking: a new survivability paradigm (2001) (78)
Beheading hydras: performing effective botnet takedowns (2013) (78)
Tappan Zee (north) bridge: mining memory accesses for introspection (2013) (77)
Checking More and Alerting Less: Detecting Privacy Leakages via Enhanced Data-flow Analysis and Peer Voting (2015) (77)
Anomalous path detection with hardware support (2005) (73)
Type Casting Verification: Stopping an Emerging Attack Vector (2015) (71)
Intrusion-Resilient Key Exchange in the Bounded Retrieval Model (2007) (70)
The Core of the Matter: Analyzing Malicious Traffic in Cellular Carriers (2013) (70)
On the statistical distribution of processing times in network intrusion detection (2004) (70)
Environment-Sensitive Intrusion Detection (2005) (69)
Leveraging Forensic Tools for Virtual Machine Introspection (2011) (67)
RAZOR: A Framework for Post-deployment Software Debloating (2019) (66)
A Multiple Model Cost-Sensitive Approach for Intrusion Detection (2000) (66)
Simulating Internet worms (2004) (65)
The Price of Free: Privacy Leakage in Personalized Mobile In-Apps Ads (2016) (65)
Secure and Robust Monitoring of Virtual Machines through Guest-Assisted Introspection (2012) (61)
Exploiting and Protecting Dynamic Code Generation (2015) (59)
UniSan: Proactive Kernel Memory Initialization to Eliminate Data Leakages (2016) (59)
An assessment of VoIP covert channel threats (2007) (59)
Mimesis Aegis: A Mimicry Privacy Shield-A System's Approach to Data Privacy on Public Cloud (2014) (59)
Boosting the scalability of botnet detection using adaptive traffic sampling (2011) (57)
Proactive Intrusion Detection and Distributed Denial of Service Attacks—A Case Study in Security Management (2002) (56)
Applying data mining to intrusion detection: the quest for automation, efficiency, and credibility (2002) (56)
WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks (2009) (55)
Security in Mobile Ad-Hoc Networks (2005) (54)
Identifying Open-Source License Violation and 1-day Security Risk at Large Scale (2017) (54)
From Zygote to Morula: Fortifying Weakened ASLR on Android (2014) (51)
Emerging Cyber Threats Report for 2009 (2008) (51)
Using Labeling to Prevent Cross-Service Attacks Against Smart Phones (2006) (50)
A Centralized Monitoring Infrastructure for Improving DNS Security (2010) (49)
Gyrus: A Framework for User-Intent Monitoring of Text-based Networked Applications (2014) (47)
Towards an Information-Theoretic Framework for Analyzing Intrusion Detection Systems (2006) (45)
Agent-based cooperative anomaly detection for wireless ad hoc networks (2006) (45)
DNS Noise: Measuring the Pervasiveness of Disposable Domains in Modern DNS Traffic (2014) (44)
Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying (2017) (43)
Take This Personally: Pollution Attacks on Personalized Services (2013) (43)
Recursive DNS Architectures and Vulnerability Implications (2009) (42)
Principled reasoning and practical applications of alert fusion in intrusion detection systems (2008) (42)
Taming Virtualization (2008) (41)
Exposing Inconsistent Web Search Results with Bobble (2014) (40)
A layered approach to simplified access control in virtualized systems (2007) (39)
Evaluating email’s feasibility for botnet command and control (2008) (38)
A Data Mining Framework for Adaptive Intrusion Detection ∗ (1998) (38)
Exposing invisible timing-based traffic watermarks with BACKLIT (2011) (37)
Enabling Refinable Cross-Host Attack Investigation with Efficient Data Flow Tagging and Tracking (2018) (36)
Algorithms for mining system audit data (2002) (35)
A Taxonomy of Botnets (2006) (34)
SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback (2020) (34)
Integrating intrusion detection and network management (2002) (34)
Grappa: A GRAPh PAckage in Java (1997) (33)
Hotspot-based traceback for mobile ad hoc networks (2005) (32)
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages (2020) (31)
Connected Colors: Unveiling the Structure of Criminal Networks (2013) (30)
Automating Patching of Vulnerable Open-Source Software Versions in Application Binaries (2019) (29)
Your Online Interests: Pwned! A Pollution Attack Against Targeted Advertising (2014) (28)
On the Secrecy of Spread-Spectrum Flow Watermarks (2010) (28)
Understanding Precision in Host Based Intrusion Detection (2007) (26)
Toward Cost-Sensitive Modeling for Intrusion Detection (2000) (26)
Automated Intrusion Detection Using NFR: Methods and Experiences (1999) (25)
ClickShield: Are You Hiding Something? Towards Eradicating Clickjacking on Android (2018) (24)
Broken Fingers: On the Usage of the Fingerprint API in Android (2018) (24)
Impeding Automated Malware Analysis with Environment-sensitive Malware (2012) (24)
TrackMeOrNot: Enabling Flexible Control on Web Tracking (2016) (23)
Combining Knowledge Discovery and Knowledge Engineering to Build IDSs (1999) (23)
Worm Detection Using Local Networks (2004) (23)
UCognito: Private Browsing without Tears (2015) (22)
Diagnosis and Emergency Patch Generation for Integer Overflow Exploits (2014) (22)
Bunshin: Compositing Security Mechanisms through Diversification (2017) (22)
Improving Accuracy of Android Malware Detection with Lightweight Contextual Awareness (2018) (22)
On the Feasibility of Large-Scale Infections of iOS Devices (2014) (21)
Notos: Building a Dynamic Reputation System for DNS (2010) (21)
Protecting Secret Data from Insider Attacks (2005) (20)
Slimium: Debloating the Chromium Browser with Feature Subsetting (2020) (20)
Practical end-to-end web content integrity (2012) (20)
Intention and Origination: An Inside Look at Large-Scale Bot Queries (2013) (20)
Mining system audit data: opportunities and challenges (2001) (19)
Rampart: Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks (2018) (19)
DIFT Games: Dynamic Information Flow Tracking Games for Advanced Persistent Threats (2018) (19)
A Game-Theoretic Approach for Dynamic Information Flow Tracking to Detect Multistage Advanced Persistent Threats (2018) (19)
Understanding the prevalence and use of alternative plans in malware with network games (2011) (18)
The Threat of Offensive AI to Organizations (2021) (18)
From Physical to Cyber: Escalating Protection for Personalized Auto Insurance (2016) (17)
Understanding precision in host based intrusion detection: formal analysis and practical models (2007) (16)
An Information-Theoretic Measure of Intrusion Detection Capability (2005) (16)
Stopping Memory Disclosures via Diversification and Replicated Execution (2021) (16)
A combinatorial approach to network covert communications with applications in Web Leaks (2011) (16)
Financial Lower Bounds of Online Advertising Abuse - A Four Year Case Study of the TDSS/TDL4 Botnet (2016) (15)
Towards the integration of diverse spam filtering techniques (2006) (15)
Botnet Detection: Countering the Largest Security Threat (Advances in Information Security) (2007) (15)
Comparative study between analytical models and packet-level worm simulations (2005) (15)
Rotalumè: A Tool for Automatic Reverse Engineering of Malware Emulators (2009) (14)
Hardware Supported Anomaly Detection: down to the Control Flow Level (2004) (14)
Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection (2001) (14)
Multi-stage Dynamic Information Flow Tracking Game (2018) (13)
Proactive intrusion detection and SNMP-based security management: new experiments and validation (2003) (13)
Misleading and defeating importance-scanning malware propagation (2007) (12)
RecProv: Towards Provenance-Aware User Space Record and Replay (2016) (12)
Measuring and Preventing Supply Chain Attacks on Package Managers (2020) (12)
An Extensible Environment for Evaluating Secure MANET (2005) (11)
Mimesis Aegis: A Mimicry Privacy Shield (2014) (10)
One Engine to Fuzz ’em All: Generic Language Processor Testing with Semantic Validation (2021) (10)
A Game Theoretic Approach for Dynamic Information Flow Tracking with Conditional Branching (2019) (10)
Guarding the next Internet frontier: countering denial of information attacks (2002) (10)
Global Internet Monitoring Using Passive DNS (2009) (9)
q-gram matching using tree models (2006) (9)
Barnum: Detecting Document Malware via Control Flow Anomalies in Hardware Traces (2019) (8)
AIR FORCE RESEARCH LABORATORY INFORMATION DIRECTORATE (2011) (8)
ARCUS: Symbolic Root Cause Analysis of Exploits in Production Systems (2021) (8)
DeepReflect: Discovering Malicious Functionality through Binary Reconstruction (2021) (8)
JITScope: Protecting web users from control-flow hijacking attacks (2015) (8)
Recent Advances in Intrusion Detection: 4th International Symposium, RAID 2001 Davis, CA, USA, October 10-12, 2001 Proceedings (2001) (8)
Intrusion Detection (2013) (8)
Mnemosyne: An Effective and Efficient Postmortem Watering Hole Attack Investigation System (2020) (7)
Abusing Hidden Properties to Attack the Node.js Ecosystem (2021) (7)
Fuzzy Labeled Private Set Intersection with Applications to Private Real-Time Biometric Search (2021) (7)
PEASOUP: preventing exploits against software of uncertain provenance (position paper) (2011) (6)
HTTPi for Practical End-to-End Web Content Integrity (2011) (6)
Automated Bug Hunting With Data-Driven Symbolic Root Cause Analysis (2021) (6)
Preventing SQL Code Injection by Combining Static and Runtime Analysis (2008) (6)
Validating the Integrity of Audit Logs Against Execution Repartitioning Attacks (2021) (5)
DSO: Dependable Signing Overlay (2006) (5)
On the Design of a Web Browser : Lessons learned from Operating Systems (2008) (5)
Agent-based fraud and intrusion detection in finan-cial information systems (1997) (5)
Using MIB II Variables for Network Intrusion Detection (2002) (5)
Cryptographic Key Derivation from Biometric Inferences for Remote Authentication (2021) (5)
Dynamic Information Flow Tracking for Detection of Advanced Persistent Threats: A Stochastic Game Approach (2020) (4)
A Multi-Agent Reinforcement Learning Approach for Dynamic Information Flow Tracking Games for Advanced Persistent Threats (2020) (4)
Solving the DNS Cache Poisoning Problem Without Changing the Protocol (2008) (4)
Optimization and control problems in Real-time Intrusion Detection (2002) (4)
Interfacing Oz with the PCTE OMS (1995) (4)
Cost-Sensitive Modeling for Intrusion Detection (2006) (4)
An Overview of Intrusion Detection Techniques (2004) (3)
Identifying Behavior Dispatchers for Malware Analysis (2021) (3)
On the Feasibility of Automating Stock Market Manipulation (2020) (3)
Detecting and Tracking the Rise of DGA-Based Malware (2012) (3)
Learning Equilibria in Stochastic Information Flow Tracking Games with Partial Knowledge (2019) (3)
Intrusion-Resilient Authentication in the Limited Communication Model (2005) (3)
Quickest Detection of Advanced Persistent Threats: A Semi-Markov Game Approach (2020) (3)
Proceedings of the Second ACM Conference on Wireless Network Security, WISEC 2009, Zurich, Switzerland, March 16-19, 2009 (2009) (3)
Stochastic Dynamic Information Flow Tracking Game with Reinforcement Learning (2019) (3)
Dynamic Information Flow Tracking Games for Simultaneous Detection of Multiple Attackers (2019) (3)
Stochastic Dynamic Information Flow Tracking Game using Supervised Learning for Detecting Advanced Persistent Threats (2020) (2)
I Own, I Provide, I Decide: Generalized User-Centric Access Control Framework for Web Applications (2010) (2)
VulChecker: Graph-based Vulnerability Localization in Source Code (2022) (2)
Malware and Attack Technologies Knowledge Area Issue 1.0 (2019) (2)
Automated Intrusion Detection Methods Using NFR (1999) (2)
SEPAL: Towards a Large-scale Analysis of SEAndroid Policy Customization (2021) (2)
Multi-Component Observations of 10 17 eV EAS with the CASA-MIA and HiRes Detectors (1995) (1)
On the Need for Packet – Level Details in Worm Simulations (1)
Interfacing Oz with the PCTE OMS: A Case Study of Integrating a Legacy System with a Standard Object Management System (1999) (1)
A Hybrid Technique for Credit Card Fraud Detection (2016) (1)
Exploiting Insurance Telematics for Fun and Profit (2016) (1)
Cloaker Catcher: A Client-based Cloaking Detection System (2017) (1)
Malware and Attack Technologies (1)
Countering Botnets: Anomaly-Based Detection, Comprehensive Analysis, and Efficient Mitigation (2011) (1)
Vulnerability Assessment Tools for Complex Information Networks (2006) (1)
A Reinforcement Learning Approach for Dynamic Information Flow Tracking Games for Detecting Advanced Persistent Threats (2020) (0)
SCAPHY: Detecting Modern ICS Attacks by Correlating Behaviors in SCADA and PHYsical (2022) (0)
Modeling Large-Scale Manipulation in Open Stock Markets (2021) (0)
Proactive Intrusion Detection (2002) (0)
Control of low-rate denial-of-service attacks on web servers and TCP flows (2010) (0)
Jadve : A Framework for Graph-Based Data Visualization Applications (2007) (0)
MALWARE KNOWLEDGE AREA ( DRAFT FOR COMMENT ) (0)
Bunshin: Compositing Security Mechanisms through Diversification (with Appendix) (2017) (0)
Securing Early Software Development (2012) (0)
Dynamic IP Reputation from DNS (2009) (0)
The 2008 GTISC Security Summit - Emerging Cyber Security Threats (2008) (0)
DRAGON: Deep Reinforcement Learning for Autonomous Grid Operation and Attack Detection (2022) (0)
BLADE: Slashing the Invisible Channel of Drive-by Download Malware (2009) (0)
5th International Workshop on Systematic Approaches to Digital Forensic Engineering, SADFE 2010 (2010) (0)
Understanding and Mitigating Remote Code Execution Vulnerabilities in Cross-platform Ecosystem (2022) (0)
An Empirical Study of Spam and Prevention Mechanisms in Online Video Chat Services (2012) (0)
Message from the Program Chairs: S&P 2012 (2012) (0)
Cybersecurity Demo Day 2018 Introduction (2018) (0)
2 Cost Factors , Models , and Metrics in IDSs (1999) (0)
The Use of White Holes to Mislead and Defeat Importance Scanning Worms (2006) (0)
Cloak and Dagger : From XXXXX Two Permissions to Complete Control of the UI Feedback Loop ( or , “ Why Boring UI Bugs Matter ” ) (2017) (0)
Efficient Data Flow Tagging and Tracking for Refinable Cross-host Attack Investigation (2018) (0)
Foundational and Systems Support for Quantitative Trust Management (QTM) (2009) (0)
1 ALGORITHMS FOR MINING SYSTEM AUDIT DATA ∗ Wenke (1999) (0)
An Information-Theoretic Framework for Evaluating and Optimizing Intrusion Detection Performance (2008) (0)
Next-Generation Botnet Detection and Response (2008) (0)
Session details: Mobile code (2002) (0)
Session details: System security 1 (2008) (0)
Guest Editorial Special Section on Statistical Methods for Network Security and Forensics (2008) (0)
Title Rampart : Protecting Web Applications from CPU-Exhaustion Denial-of-Service Attacks Permalink (2018) (0)
Machine Learning and Security: The Good, The Bad, and The Ugly (2020) (0)
DeView: Confining Progressive Web Applications by Debloating Web APIs (2022) (0)
CAREER: adaptive intrusion detection systems (2008) (0)
DISPOSABLE DOMAINS (2014) (0)
Interdiction Games for Advanced Persistent Threats using Dynamic Information Flow Tracking (2019) (0)
Dynamic Trust Management (DTM) (2009) (0)
Designing security policies and frameworks for web applications (2011) (0)
Trusted Passages : Managing Distributed Trust to Meet the Needs of Emerging Applications (2006) (0)