Kairos: Practical Intrusion Detection and Investigation using Whole-system Provenance.