Conference publications
- (Poster) United We Stand, Divided We Fall: Networks to Graph (N2G) Abstraction for Robust Graph Classification under Graph Label Corruption
Zhen, Z., Chen, Y., Kantarcioglu, M., Gel, Y. & Jee, K.
In Learning on Graphs Conference (LOG), Dec 2023. - Evading Provenance-Based ML Detectors with Adversarial System Actions
K Mukherjee, J Wiedemeier, T Wang, J Wei, M Kim, M Kantarcioglu, K Jee
In Proceedings of Usenix Security Aug. 2023 - Reassembly is Hard: A Reflection on Challenges and Strategies
H Kim, S Kim, J Lee, K Jee, SK Cha
In Proceedings of Usenix Security Aug. 2023 - Back-Propagating System Dependency Impact for Attack Investigation
P Fang, P Gao, C Liu, E Ayday, K Jee, T Wang, Y Ye, Z Liu, X Xiao
In Proceedings of Usenix Security Aug. 2022 - SEAL: Storage-efficient Causality Analysis on Enterprise Logs with Query-friendly Compression
P Fei, Z Li, Z Wang, X Yu, D Li, K Jee
In Proceedings of Usenix Security Aug. 2021. - UTrack: Enterprise User Tracking Based on OS-Level Audit Logs
Y Li, Z Wu, H Wang, K Sun, Z Li, K Jee, J Rhee, H Chen
In Proceedings of DIMVA, May 2021. - This is Why We Can’t Cache Nice Things: Lightning-Fast Threat Hunting using Suspicion-Based Hierarchical Storage
WU Hassan, D Li, K Jee, X Yu, K Zou, D Wang, Z Chen, Z Li, J Rhee, J Gui, A Bates
In Proceedings of ACSAC, Dec. 2020. - Detecting Malware Injection with Program-DNS Behavior
Y Sun, K Jee, S Sivakorn, Z Li, C Lumezanu, L Korts-Parn, Z Wu, J Rhee, C Kim, M Chiang, P Mittal
In Proceedings of EuroSnP, Sep. 2020. - Evolving Advanced Persistent Threat Detection using Provenance Graph and Metric Learning
G Ayoade, K Akbar, P Sahoo, Y Gao, A Agarwal, K Jee, L Khan, A Singhal
IEEE Conference on Communications and Network Security (CNS) 2020 - APTrace: A Responsive System for Agile Enterprise Level Causality Analysis
J Gui, D Li, Z Chen, J Rhee, X Xiao, M Zhang, K Jee, Z Li, and H Chen
In Proceedings of ICDE, May 2020. - You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis
Q Wang, WU Hassan, D Li, K Jee, X Yu, K Zou, J Rhee, Z Chen, W Cheng, CA Gunter, H Chen
In Proceedings of NDSS, Feb. 2020. - Countering Malicious Processes with End-point DNS Monitoring
S Sivakorn, K. Jee, Y. Sun, L. Kort-Parn, Z. Li, C. Lumezanu, Z. Wu, L. Tang, D. Li
In Proceedings of NDSS, Feb. 2019. - NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
WU Hassan, S Guo, D Li, Z Chen, K Jee, Z Li, A Bates
In Proceedings of NDSS, Nov. 2019. - NodeMerge: Template-Based Efficient Data Reduction For Big-Data Causality Analysis
Y Tang, D Li, Z Li, M Zhang, K Jee, Z Wu, J Rhee, X Xiao, F Xu, Q Li
In Proceedings of CCS, Nov. 2018. - SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection
P Gao, X Xiao, D Li, Z Li, K Jee, Z Wu, CH Kim, SR Kulkarni, P Mittal
In Proceedings of Usenix Security Aug. 2018. - AIQL: Enabling Efficient Attack Investigation from System Monitoring Data
P Gao, X Xiao, Z Li, K Jee, F Xu, SR Kulkarni, P Mittal
In Proceedings of Usenix ATC, Jul. 2018. - Towards a timely causality analysis for enterprise security
Y Liu, M Zhang, D Li, K Jee, Z Li, Z Wu, J Rhee, P Mittal
In Proceedings of NDSS, Feb. 2018. - High fidelity data reduction for big data security dependency analyses
Z Xu, Z Wu, Z Li, K Jee, J Rhee, X Xiao, F Xu, H Wang, G Jiang
In Proceedings of CCS, Nov. 2016. - IntFlow: improving the accuracy of arithmetic error detection using information flow tracking
M Pomonis, T Petsios, K Jee, M Polychronakis, AD Keromytis
In Proceedings of ACSAC, Oct. 2014. - ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking
K. Jee, V. P. Kemerlis, A. D. Keromytis and G. Portokalidis
In Proceedings of ACM CCS, Nov. 2013. - libdft: Practical Dynamic Data Flow Tracking for Commodity Systems
V. P. Kemerlis, G. Portokalidis, K. Jee, and A. D. Keromytis
In Proceedings of VEE, Apr. 2012 - A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware
K. Jee, G. Portokalidis, V. P. Kemerlis, S. Ghosh, D. I. August, and A. D. Keromytis
In Proceedings of NDSS, Feb. 2012 - An Adversarial Evaluation of Network Signaling and Control Mechanisms
K. Jee, S. Sidiroglou-Douskos, A. Stavrou, and A. D. Keromytis
In Proceedings of ICISC, Dec. 2010
Journals
- Advanced Persistent Threat Detection Using Data Provenance and Metric Learning
K Akbar, Y Wang, G Ayoade, Y Gao, A. Singhal, L Khan, B Thuraisingham, K Jee
IEEE Transactions on Dependable and Secure Computing 2022
Archive preprints
- Interpreting GNN-based IDS Detections Using Provenance Graph Structural Features
K Mukherjee, J Wiedemeier, T Wang, M Kim, F Chen, M Kantarcioglu, K Jee
CoRR/abs/2306.00934 2023
Demo papers
- Querying Streaming System Monitoring Data for Enterprise System Anomaly Detection (Demo paper)
P. Gao, X. Xiao, D. Li, K. Jee, H. Chen, S. Kulkarni, and P. Mittal
In Proceedings of ICDE, May 2020. - A Query System for Efficiently Investigating Complex Attack Behaviors for Enterprise Security (Demo paper)
P.Gao, X.Xiao, Z.Li, K.Jee, F.Xu, S.R.Kulkarni, P.Mittal
In Proceedings of VLDB, Aug. 2019.
Books
- AIX Practical performance and tuning guide
K. Hayashi, K. Jee, O. Lascu, H. Pienaar, S. Schreitmueller, T. Tarquinio, J. Thompson.
Published by IBM Press books, ISBN-0738491799 March 2005
Thesis
- On Efficiency and Accuracy of Data Flow Tracking Systems
Computer Science Department, Columbia University in the City of New York. 2016
Patents
- Confidential machine learning with program compartmentalization
CH Kim, J Rhee, K Jee, LI Zhichun
US Patent 11,423,142 - Graphics processing unit accelerated trusted execution environment
CH Kim, J Rhee, K Jee, LI Zhichun, A Ahmad, H Chen
US Patent 11,295,008 - Real-time threat alert forensic analysis
D Li, K Jee, LI Zhichun, Z Chen, X Yu
US Patent 11,275,832 - User-added-value-based ransomware detection and prevention
Z Wu, Y Li, J Rhee, K Jee, Z Li, J Kamimura, LA Tang, Z Chen
US Patent 11,223,649 - Automated threat alert triage via data provenance
D Li, K Jee, Z Chen, LI Zhichun, WU Hassan
US Patent 11,194,906 - Inter-application dependency analysis for improving computer system threat detection
D Li, K Jee, Z Chen, LA Tang, LI Zhichun
US Patent 11,030,308 - Template based data reduction for commercial data mining
D Li, K Jee, LI Zhichun, M Zhang, Z Wu
US Patent 11,030,157 - Host behavior and network analytics based automotive secure gateway
J Rhee, H Li, HAO Shuai, CH Kim, Z Wu, LI Zhichun, K Jee, L Korts-Parn
US Patent 10,931,635 - Automated software safeness categorization with installation lineage and hybrid information sources
J Rhee, Z Wu, L Korts-Parn, K Jee, LI Zhichun, O Setayeshfar
US Patent 10,929,539 - Path-based program lineage inference analysis
J Rhee, Z Wu, L Korts-Parn, K Jee, LI Zhichun, O Setayeshfar
US Patent 10,853,487 - Template based data reduction for security related information flow data
D Li, K Jee, LI Zhichun, M Zhang, Z Wu
US Patent 10,733,149 - Automated blackbox inference of external origin user behavior
Z Wu, J Rhee, J Yuseok, LI Zhichun, K Jee, G Jiang
US Patent 10,572,661 - Host level detect mechanism for malicious DNS activities
K Jee, LI Zhichun, G Jiang, L Korts-Parn, Z Wu, Y Sun, J Rhee
US Patent 10,574,674 - Blackbox program privilege flow analysis with inferred program behavior context
J Rhee, J Yuseok, LI Zhichun, K Jee, Z Wu, G Jiang
US Patent 10,505,962 - Fine-grained analysis and prevention of invalid privilege transitions
J Rhee, J Yuseok, LI Zhichun, K Jee, Z Wu, G Jiang
US Patent 10,402,564 - Extraction and comparison of hybrid program binary features
J Rhee, LI Zhichun, Z Wu, K Jee, G Jiang
US Patent 10,289,843 - Timely causality analysis in homogeneous enterprise hosts
M Zhang, K Jee, LI Zhichun, D Li, Z Wu, J Rhee
US Patent App. 15/972,911 - Intrusion detection using efficient system dependency analysis
Z Wu, LI Zhichun, J Rhee, F Xu, G Jiang, K Jee, X Xiao, Z Xu
US Patent App. 15/416,462 - High Fidelity Data Reduction for System Dependency Analysis
Z Wu, LI Zhichun, J Rhee, F Xu, G Jiang, K Jee, X Xiao, Z Xu
US Patent App. 15/416,346