Dr. Jee’s research interests span the overall security and safety of various computer systems, ranging from microcontroller unit (MCU) devices to general-purpose systems. His main research areas include traditional system topics such as operating systems, virtualization, and programming languages. Dr. Jee has explored both offensive and defensive aspects of computer systems (Google Scholar, DBLP).
Recently, his research has extended to behavioral system modeling to counter highly evasive and stealthy attack vectors created by high-profile attackers. Much of his current research leverages system provenance to gain fine-grained, low-level system events within and across multiple systems.
Selected publications (full list)
Papers are listed in chronicle order.
- Evading Provenance-Based ML Detectors with Adversarial System Actions
K Mukherjee, J Wiedemeier, T Wang, J Wei, M Kim, M Kantarcioglu, K Jee
In Proceedings of Usenix Security Aug. 2023 - Reassembly is Hard: A Reflection on Challenges and Strategies
H Kim, S Kim, J Lee, K Jee, SK Cha
In Proceedings of Usenix Security Aug. 2023 - Back-Propagating System Dependency Impact for Attack Investigation
P Fang, P Gao, C Liu, E Ayday, K Jee, T Wang, Y Ye, Z Liu, X Xiao
In Proceedings of Usenix Security Aug. 2022 - SEAL: Storage-efficient Causality Analysis on Enterprise Logs with Query-friendly Compression
P Fei, Z Li, Z Wang, X Yu, D Li, K Jee
In Proceedings of Usenix Security Aug. 2021 - APTrace: A Responsive System for Agile Enterprise Level Causality Analysis
J Gui, D Li, Z Chen, J Rhee, X Xiao, M Zhang, K Jee, Z Li, and H Chen
In Proceedings of ICDE, May 2020. - You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis
Q. Wang, W. U. Hassan, D. Li, K. Jee, X. Yu, K. Zou, J. Rhee, Z. Chen, W. Cheng, C. A. Gunter, H. Chen
In Proceedings of NDSS, Feb. 2020 - Countering Malicious Processes with End-point DNS Monitoring
S. Sivakorn, K. Jee, Y. Sun, L. Kort-Parn, Z. Li, C. Lumezanu, Z. Wu, L. Tang, D. Li
In Proceedings of NDSS, Feb. 2019 - NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
W. U. Hassan, S. Guo, D. Li, Z. Chen, K. Jee, Z. Li, A. Bates
In Proceedings of NDSS, Nov. 2019 - NodeMerge: Template-Based Efficient Data Reduction For Big-Data Causality Analysis
Y. Tang, D. Li, Z. Li, M. Zhang, K. Jee, Z. Wu, J. Rhee, X. Xiao, F. Xu, Q. Li
In Proceedings of CCS, Nov. 2018 - SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection
P. Gao, X. Xiao, D. Li, Z. Li, K. Jee, Z. Wu, C. H. Kim, S. R. Kulkarni, P. Mittal
In Proceedings of Usenix Security Aug. 2018 - AIQL: Enabling Efficient Attack Investigation from System Monitoring Data
P. Gao, X. Xiao, Z. Li, K. Jee, F. Xu, S. R. Kulkarni, P. Mittal
In Proceedings of Usenix ATC, Jul. 2018 - Towards a timely causality analysis for enterprise security
Y. Liu, M. Zhang, D. Li, K. Jee, Z. Li, Z Wu, J Rhee, P Mittal
In Proceedings of NDSS, Feb. 2018 - High fidelity data reduction for big data security dependency analyses
Z Xu, Z Wu, Z Li, K Jee, J Rhee, X Xiao, F Xu, H Wang, G Jiang
In Proceedings of CCS, Nov. 2016 - ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking
K. Jee, V. P. Kemerlis, A. D. Keromytis and G. Portokalidis
In Proceedings of ACM CCS, Nov. 2013 - A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware
K. Jee, G. Portokalidis, V. P. Kemerlis, S. Ghosh, D. I. August, and A. D. Keromytis
In Proceedings of NDSS, Feb. 2012