| Data mining approaches for intrusion detection W Lee, SJ Stolfo Proceedings of the 7th USENIX Security Symposium, 1998 | 2167 | 1998 |
| A data mining framework for building intrusion detection models W Lee, SJ Stolfo, KW Mok Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No …, 1999 | 2021 | 1999 |
| Intrusion detection in wireless ad-hoc networks Y Zhang, W Lee Proceedings of the 6th annual international conference on Mobile computing …, 2000 | 1775 | 2000 |
| BotMiner: clustering analysis of network traffic for protocol-and structure-independent botnet detection G Gu, R Perdisci, J Zhang, W Lee Proceedings of the 17th USENIX Security Symposium, 139-154, 2008 | 1627 | 2008 |
| A framework for constructing features and models for intrusion detection systems W Lee, SJ Stolfo ACM transactions on Information and system security (TiSSEC) 3 (4), 227-261, 2000 | 1294 | 2000 |
| BotSniffer: Detecting botnet command and control channels in network traffic G Gu, J Zhang, W Lee Proceedings of the 15th Network and Distributed System Security Symposium, 2008 | 1265 | 2008 |
| Bothunter: Detecting malware infection through ids-driven dialog correlation G Gu, P Porras, V Yegneswaran, M Fong, W Lee Proceedings of 16th USENIX Security Symposium, 12, 2007 | 1192 | 2007 |
| Intrusion detection techniques for mobile wireless networks Y Zhang, W Lee, YA Huang Wireless Networks 9, 545-556, 2003 | 1095 | 2003 |
| Ether: malware analysis via hardware virtualization extensions A Dinaburg, P Royal, M Sharif, W Lee Proceedings of the 15th ACM conference on Computer and communications …, 2008 | 1067 | 2008 |
| Information-theoretic measures for anomaly detection W Lee, D Xiang Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001, 130-143, 2000 | 923 | 2000 |
| Cost-based modeling for fraud and intrusion detection: Results from the JAM project SJ Stolfo, W Fan, W Lee, A Prodromidis, PK Chan Proceedings DARPA Information Survivability Conference and Exposition …, 2000 | 874 | 2000 |
| Chex: statically vetting android apps for component hijacking vulnerabilities L Lu, Z Li, Z Wu, W Lee, G Jiang Proceedings of the 2012 ACM conference on Computer and communications …, 2012 | 862 | 2012 |
| Method and system for using intelligent agents for financial transactions, services, accounting, and advice D Schutzer, WH Forster Jr, H Hu, W Lee, SJ Stolfo, W Fan US Patent 5,920,848, 1999 | 778 | 1999 |
| A cooperative intrusion detection system for ad hoc networks Y Huang, W Lee Proceedings of the 1st ACM workshop on Security of ad hoc and sensor …, 2003 | 774 | 2003 |
| From Throw-Away Traffic to Bots: Detecting the Rise of DGA-Based Malware. M Antonakakis, R Perdisci, Y Nadji, N Vasiloglou II, S Abu-Nimeh, W Lee, ... USENIX Security Symposium, 491-506, 2012 | 730 | 2012 |
| Lares: An architecture for secure active monitoring using virtualization BD Payne, M Carbone, M Sharif, W Lee 2008 IEEE Symposium on Security and Privacy (sp 2008), 233-247, 2008 | 684 | 2008 |
| Building a dynamic reputation system for DNS M Antonakakis, R Perdisci, D Dagon, W Lee, N Feamster 19th USENIX Security Symposium, 2010 | 678 | 2010 |
| Anomaly detection using call stack information HH Feng, OM Kolesnikov, P Fogla, W Lee, W Gong Security and Privacy, 2003. Proceedings. 2003 IEEE Symposium on, 62-75, 2003 | 649 | 2003 |
| Adaptive intrusion detection: A data mining approach W Lee, SJ Stolfo, KW Mok Artificial Intelligence Review 14, 533-567, 2000 | 589 | 2000 |
| The creation and detection of deepfakes: A survey Y Mirsky, W Lee ACM computing surveys (CSUR) 54 (1), 1-41, 2021 | 568 | 2021 |
| Modeling Botnet Propagation Using Time Zones. D Dagon, CC Zou, W Lee NDSS 6, 2-13, 2006 | 567 | 2006 |
| Secure and flexible monitoring of virtual machines BD Payne, DPA Martim, W Lee Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007 …, 2007 | 531 | 2007 |
| Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces. R Perdisci, W Lee, N Feamster NSDI, 391-404, 2010 | 530 | 2010 |
| Learning patterns from unix process execution traces for intrusion detection W Lee, SJ Stolfo, PK Chan AAAI Workshop on AI Approaches to Fraud Detection and Risk Management, 50-56, 1997 | 529 | 1997 |
| Method and system for detecting and responding to attacking networks D Dagon, N Feamster, W Lee, R Edmonds, R Lipton, A Ramachandran US Patent 8,566,928, 2013 | 505 | 2013 |
| JAM: Java Agents for Meta-Learning over Distributed Databases. SJ Stolfo, AL Prodromidis, S Tselepis, W Lee, DW Fan, PK Chan KDD 97, 74-81, 1997 | 504 | 1997 |
| Method and system for detecting malicious and/or botnet-related domain names R Perdisci, W Lee US Patent 10,027,688, 2018 | 481 | 2018 |
| Polyunpack: Automating the hidden-code extraction of unpack-executing malware P Royal, M Halpin, D Dagon, R Edmonds, W Lee Computer Security Applications Conference, 2006. ACSAC'06. 22nd Annual, 289-300, 2006 | 469 | 2006 |
| Toward cost-sensitive modeling for intrusion detection and response W Lee, W Fan, M Miller, SJ Stolfo, E Zadok Journal of computer security 10 (1-2), 5-22, 2002 | 467 | 2002 |
| Mining Audit Data to Build Intrusion Detection Models. W Lee, SJ Stolfo, KW Mok KDD, 66-72, 1998 | 453 | 1998 |
| Real time data mining-based intrusion detection W Lee, SJ Stolfo, PK Chan, E Eskin, W Fan, M Miller, S Hershkop, ... DARPA Information Survivability Conference & Exposition II, 2001. DISCEX'01 …, 2001 | 448 | 2001 |
| Virtuoso: Narrowing the semantic gap in virtual machine introspection B Dolan-Gavitt, T Leek, M Zhivich, J Giffin, W Lee 2011 IEEE symposium on security and privacy, 297-312, 2011 | 427 | 2011 |
| Secure in-vm monitoring using hardware virtualization MI Sharif, W Lee, W Cui, A Lanzi Proceedings of the 16th ACM conference on Computer and communications …, 2009 | 421 | 2009 |
| Detecting Malware Domains at the Upper DNS Hierarchy. M Antonakakis, R Perdisci, W Lee, N Vasiloglou II, D Dagon USENIX Security Symposium, 16, 2011 | 419 | 2011 |
| A taxonomy of botnet structures D Dagon, G Gu, CP Lee, W Lee Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third …, 2007 | 398 | 2007 |
| Mining in a data-flow environment: experience in network intrusion detection W Lee, SJ Stolfo, KW Mok Proceedings of the fifth ACM SIGKDD international conference on Knowledge …, 1999 | 382 | 1999 |
| Polymorphic Blending Attacks. P Fogla, MI Sharif, R Perdisci, OM Kolesnikov, W Lee USENIX security symposium, 241-256, 2006 | 369 | 2006 |
| McPAD: A multiple classifier system for accurate payload-based anomaly detection R Perdisci, D Ariu, P Fogla, G Giacinto, W Lee Computer networks 53 (6), 864-881, 2009 | 367 | 2009 |
| Statistical causality analysis of infosec alert data X Qin, W Lee International Workshop on Recent Advances in Intrusion Detection, 73-93, 2003 | 362* | 2003 |
| A data mining framework for constructing features and models for intrusion detection systems W Lee Columbia university, 1999 | 361 | 1999 |
Roberto PerdisciProfessor of Computer Science, University of GeorgiaVerified email at cs.uga.edu
