Mar. 2025
🎉 Our work IncognitOS has been accepted at IEEE S&P ‘25!
Oct. 2024
🏆 Our work uMMU was awarded Distinguished Paper Award at ACM CCS ‘24!
Sep. 2024
👤 Jihoon joins SSLab as Master’s student
Jul. 2024
🎉 Our work uMMU has been accepted at ACM CCS ‘24!
Jun. 2024
🏆 Kha, Kyuwon, Hajeong (PhD) and Jongyoon, Jaeyoon (Master’s) receive BK21 scholarship!
Mar. 2024
👤 Jooyoung joins SSLab as Master’s student
Dec. 2023
🎉 Our work RustSan has been accepted at USENIX Security ‘24!
Dec. 2023
🎉 (In)visible Privacy Indicator (a joint work with seclab@SKKU) has been accepted at ASIACCS ‘24!
Dec. 2023
🏆 Our work Capacity was awarded Distinguished Paper Award at ACM CCS ‘23!
Nov. 2023
🎉 GENESIS (a joint work with CySecLab@KAIST) has been accepted at ACM/SIGAPP SAC ‘24!
Sep. 2023
🏆 SSLab’s CTF Team (Jaeyoon, Sungsoo, Jangyup) won 1st place in the SKKU CTF 2023!
Sep. 2023
👤 Hajeong and Kyuwon finished their master’s, and started Ph.D.
Sep. 2023
👤 Sungsoo joins SSLab as a Master’s student
Jul. 2023
🎉 Our work Capacity has been accepted at ACM CCS ‘23.
Mar. 2023
👤 Jaeyoon joins SSLab as an integrated Ph.D student.
Systems Security Lab’s mission is to retrofit the security architecture of modern computing systems against the constantly evolving threats and broadening attack surface. Today’s computing systems are increasingly more complex while the attackers and their strategy constantly evolve. SSLab’s research focuses on discovering weaknesses in existing defenses and proposing novel principles for defense to stay ahead of the curve.
Software and Operating Systems Security
Software Attacks and Defenses
Operating Systems Security
Hardware-assisted Security
Trusted Execution Environments
HW-accelerated security monitoring
Secure Computation for AI
Trusted AI Computation in Cloud
Privacy-preserving AI
Prof. Hojoon Lee is currently an associate professor in the Department of Computer Science and Engineering at Sungkyunkwan University since September 2019. Prior to his current position, he spent one year as a postdoctoral researcher at CISPA under the supervision of Prof. Michael Backes. He received my Ph.D. from KAIST in 2018, advised by Prof. Brent Byunghoon Kang, and his B.S. from The University of Texas at Austin. His main research interests lie in retrofitting security in computing systems against today’s advanced threats. My research interests include but are not limited to Operating System Security, Trusted Execution Environments, Program Analysis, Software Security, and Secure Computation in the Cloud.
이장엽 (소프트웨어학과, 4학년), 최호준 (소프트웨어학과, 4학년), 이재균 (소프트웨어학과, 2학년), 김형진 (소프트웨어학과, 2학년), 신민규 (소프트웨어학과, 2학년)
시스템 보안 연구실 (SSLab)은 해킹에 열정 있는 학생들을 기다리고 있습니다. 저희 연구실은 뭔가를 만들고, 고장내고, 고치는 걸 좋아하는 해커 기질을 가진 여러분들을 찾고 있습니다. SSLab은 소프트웨어 및 시스템 보안 분야 연구를 중점적으로 연구하고 있고, 무엇보다 학생 한명 한명이 재미를 느끼는 주제를 찾고 또 깊게 파고들 수 있도록 적극 지원합니다. OS, Computer Architecture, Reverse engineering, Software Exploit Writing등에 대한 배경지식이 있으면 좋지만, 체계적인 신입생 교육 프로그램을 통해 배워나갈 수도 있습니다. SSLab의 철학은 구성원 개개인이 연구를 하는 가장 큰 동기부여가 재미가 되도록 하는 것입니다. 현재 저희 연구실은 아래와 같은 포지션을 모집하고 있습니다:
We are looking for passionate students interested in doing research at SSLab. The most important qualification we want from you is that you inherently enjoy hacking stuff. We student research topic is that you have fun exploring the topic. So, do not hesitate to talk to us if you are interested:) Currently, I have the following positions open :
Please contact me at hojoon.lee [ at ] skku.edu, if you are interested!
IncognitOS: A Practical Unikernel Design for Full-System Obfuscation in Confidential Virtual Machines (To Appear)
Kha Dinh Duy, Jaeyoon Kim, Hajeong Lim, Hojoon Lee
IEEE Symposium on Security and Privacy (IEEE S&P) 2025
uMMU: Securing Data Confidentiality with Unobservable Memory Subsystem
Hajeong Lim, Jaeyoon Kim, Hojoon Lee
ACM Conference on Computer and Communications Security (CCS) 2024 (Distinguished Paper Award)
(In)visible Privacy Indicator: Security Analysis of Privacy Indicator on Android Devices
Yurak Choe, Hyungseok Yu, Taeho Kim, Shinjae Lee, *Hojoon Lee, *Hyoungshick Kim ( *Co-corresponding authors)
ACM ASIA Conference on Computer and Communications Security (ASIACCS) 2024
RustSan: Retrofitting AddressSanitizer for Efficient Sanitization of Rust
Kyuwon Cho, Jongyoon Kim, Kha Dinh Duy, Hajeong Lim, Hojoon Lee
USENIX Security Symposium 2024
GENESIS: A Generalizable, Efficient, and Secure Intra-kernel Privilege Separation
Seongman Lee, Seoye Kim, Chihyun Song, Byeongsu Woo, Eunyeong Ahn, Junsu Lee, Yeongjin Jang, Jinsoo Jang, *Hojoon Lee, *Brent Byunghoon Kang ( *Co-corresponding Authors)
ACM/SIGAPP Symposium on Applied Computing (SAC) 2024
Capacity: Cryptographically-Enforced In-process Capabilities for Modern ARM Architectures
Kha Dinh Duy, Kyuwon Cho, Taehyun Noh, Hojoon Lee
ACM Conference on Computer and Communications Security (CCS) 2023 (Distinguished Paper Award)
Towards Scalable and Configurable Simulation for Disaggregated Architecture
Daegyeong Kim, Wonwoo Choi, Chang-il Lim, Eunjin Kim, Geonwoo Kim, Yongho Song, Junsu Lee, Youngkwang Han, Hojoon Lee, Brent Byunghoon Kang
Elsevier Simulation Modelling Practice and Theory (2023)
DID We Miss Anything?: Towards Privacy-Preserving Decentralized ID Architecture
Siwon Huh, Myungkyu Shim, Jihwan Lee, Simon Woo, Hyoungshick Kim, Hojoon Lee
IEEE Transactions on Dependable and Secure Computing (TDSC) (2023)
SE-PIM: In-Memory Acceleration of Data-Intensive Confidential Computing
Kha Dinh Duy, Hojoon Lee
IEEE Transactions on Cloud Computing (2022)
Harnessing the x86 Intermediate Rings for Intra-Process Isolation
Hojoon Lee, Chihyun Song, Brent Byunghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC) (2022)
Confidential Machine Learning Computation in Untrusted Environments: A Systems Security Perspective
Kha Dinh Duy, Taehyun Noh, Siwon Huh, Hojoon Lee
IEEE Access (2021)
A Comprehensive Analysis of Today’s Malware and Its Distribution Network: Common Adversary Strategies and Implications
Siwon Huh, Seonghwan Cho, Jinho Choi, Seungwon Shin, Hojoon Lee
IEEE Access (2021)
EmuID: Detecting Presence of Emulation through Microarchitectural Characteristic on ARM
Yeseul Choi, Yunjong Jeong, Dahee Jang, Brent Byunghoon Kang, Hojoon Lee
Elsevier Computers & Security (2021)
On the Analysis of Byte-Granularity Heap Randomization.
DaeHee Jang, Jonghwan Kim, Hojoon Lee, Minjoon Park, Yunjong Jung, Minsu Kim, Brent ByungHoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC) (2021)
Lord of the x86 Rings: A Portable User Mode Privilege Separation Architecture on x86
Hojoon Lee, Chihyun Song, and Brent Byunghoon Kang
ACM Conference on Computer and Communications Security (ACM CCS) 2018
ATRA: Address Translation Redirection Attack Against Hardware-based External Monitors
Dahee Jang, Hojoon Lee, Hyungon Moon, Minsu Kim, Daehyeok Kim, Daegyeong Kim, Brent Byunghoon Kang
ACM Conference on Computer and Communications Security (ACM CCS) 2014
KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object
Hojoon Lee, Hyungon Moon, Daehee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, Brent Byunghoon Kang
USENIX Security Symposium 2013
Vigilare: Toward Snoop-based Kernel Integrity Monitor
Hyungon Moon, Hojoon Lee, Jihoon Lee, Kihwan Kim, Yunheung Paek, Brent Bynghoon Kang
ACM Conference on Computer and Communications Security (ACM CCS) 2012
A Dynamic Per-context Verification of Kernel Address Integrity from External Monitors
Hojoon Lee, Minsu Kim, Yunheung Paek, Brent Byunghoon Kang
Elsevier Computers & Security, 77:824 – 837, 2018
KI-Mon ARM: A Hardware- assisted Event-triggered Monitoring Platform for Mutable Kernel Object
Hojoon Lee, Hyungon Moon, Daehee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, Brent Byunghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC), pages 1–1, 2018
Detecting and Preventing Kernel Rootkit Attacks with Bus Snooping
Hyungon Moon, Hojoon Lee, Ingoo Heo, Kihwan Kim, Yunheung Paek, Brent Bynghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC), 14(2):145–157, March 2017
SWE2001: System Program (시스템 프로그램)
SWE3025: Computer Security (정보보호개론)
SWE3009: Internet Services and Information Security (인터넷 서비스와 정보보호)
ESW4010: Special Topics on Systems Security (시스템보안 특론)
CTF는 Capture-The-Flag의 약자로, 주어진 프로그램/웹사이트등의 취약점을 찾아내 Flag를 찾는 해킹대회 형식의 워게임을 말합니다.
SSLab 운영 CTF는 성균관대학교 융합보안대학원 해커톤, 보안 관련 수업, 학부연구생 프로그램을 통해 체험해보실수 있습니다.
