Kangkook Jee

Research

Dr. Jee’s research interests span the overall security and safety of various computer systems, ranging from microcontroller unit (MCU) devices to general-purpose systems. His main research areas include traditional system topics such as operating systems, virtualization, and programming languages. Dr. Jee has explored both offensive and defensive aspects of computer systems (Google Scholar, DBLP).

Recently, his research has extended to behavioral system modeling to counter highly evasive and stealthy attack vectors created by high-profile attackers. Much of his current research leverages system provenance to gain fine-grained, low-level system events within and across multiple systems.

Selected publications (full list)

Papers are listed in chronicle order.

  1. Evading Provenance-Based ML Detectors with Adversarial System Actions
    K Mukherjee, J Wiedemeier, T Wang, J Wei, M Kim, M Kantarcioglu, K Jee
    In Proceedings of Usenix Security Aug. 2023
  2. Reassembly is Hard: A Reflection on Challenges and Strategies
    H Kim, S Kim, J Lee, K Jee, SK Cha
    In Proceedings of Usenix Security Aug. 2023
  3. Back-Propagating System Dependency Impact for Attack Investigation
    P Fang, P Gao, C Liu, E Ayday, K Jee, T Wang, Y Ye, Z Liu, X Xiao
    In Proceedings of Usenix Security Aug. 2022
  4. SEAL: Storage-efficient Causality Analysis on Enterprise Logs with Query-friendly Compression
    P Fei, Z Li, Z Wang, X Yu, D Li, K Jee
    In Proceedings of Usenix Security Aug. 2021
  5. APTrace: A Responsive System for Agile Enterprise Level Causality Analysis
    J Gui, D Li, Z Chen, J Rhee, X Xiao, M Zhang, K Jee, Z Li, and H Chen
    In Proceedings of ICDE, May 2020.
  6. You Are What You Do: Hunting Stealthy Malware via Data Provenance Analysis
    Q. Wang, W. U. Hassan, D. Li, K. Jee, X. Yu, K. Zou, J. Rhee, Z. Chen, W. Cheng, C. A. Gunter, H. Chen
    In Proceedings of NDSS, Feb. 2020
  7. Countering Malicious Processes with End-point DNS Monitoring
    S. Sivakorn, K. Jee, Y. Sun, L. Kort-Parn, Z. Li, C. Lumezanu, Z. Wu, L. Tang, D. Li
    In Proceedings of NDSS, Feb. 2019
  8. NoDoze: Combatting Threat Alert Fatigue with Automated Provenance Triage
    W. U. Hassan, S. Guo, D. Li, Z. Chen, K. Jee, Z. Li, A. Bates
    In Proceedings of NDSS, Nov. 2019
  9. NodeMerge: Template-Based Efficient Data Reduction For Big-Data Causality Analysis
    Y. Tang, D. Li, Z. Li, M. Zhang, K. Jee, Z. Wu, J. Rhee, X. Xiao, F. Xu, Q. Li
    In Proceedings of CCS, Nov. 2018
  10. SAQL: A Stream-based Query System for Real-Time Abnormal System Behavior Detection
    P. Gao, X. Xiao, D. Li, Z. Li, K. Jee, Z. Wu, C. H. Kim, S. R. Kulkarni, P. Mittal
    In Proceedings of Usenix Security Aug. 2018
  11. AIQL: Enabling Efficient Attack Investigation from System Monitoring Data
    P. Gao, X. Xiao, Z. Li, K. Jee, F. Xu, S. R. Kulkarni, P. Mittal
    In Proceedings of Usenix ATC, Jul. 2018
  12. Towards a timely causality analysis for enterprise security
    Y. Liu, M. Zhang, D. Li, K. Jee, Z. Li, Z Wu, J Rhee, P Mittal
    In Proceedings of NDSS, Feb. 2018
  13. High fidelity data reduction for big data security dependency analyses
    Z Xu, Z Wu, Z Li, K Jee, J Rhee, X Xiao, F Xu, H Wang, G Jiang
    In Proceedings of CCS, Nov. 2016
  14. ShadowReplica: Efficient Parallelization of Dynamic Data Flow Tracking
    K. Jee, V. P. Kemerlis, A. D. Keromytis and G. Portokalidis
    In Proceedings of ACM CCS, Nov. 2013
  15. A General Approach for Efficiently Accelerating Software-based Dynamic Data Flow Tracking on Commodity Hardware
    K. Jee, G. Portokalidis, V. P. Kemerlis, S. Ghosh, D. I. August, and A. D. Keromytis
    In Proceedings of NDSS, Feb. 2012