News


Sep. 2024ย  ๐Ÿ‘คย Jihoon joins SSLab as Masterโ€™s student

Jul. 2024ย  ๐ŸŽ‰ย Our work uMMU has been accepted to ACM CCS โ€˜24!

Jun. 2024ย  ๐Ÿ†ย Kha, Kyuwon, Hajeong (PhD) and Jongyoon, Jaeyoon (Masterโ€™s) receive BK21 scholarship!

Mar. 2024ย  ๐Ÿ‘คย Jooyoung joins SSLab as Masterโ€™s student

Dec. 2023ย  ๐ŸŽ‰ย Our work RustSan has been accepted to USENIX Security โ€˜24!

Dec. 2023ย  ๐ŸŽ‰ย (In)visible Privacy Indicator (a joint work with seclab@SKKU) has been accepted to ASIACCS โ€˜24!

Dec. 2023ย  ๐Ÿ†ย Our work Capacity was awarded Distinguished Paper Award at ACM CCS โ€˜23!

Nov. 2023ย  ๐ŸŽ‰ย GENESIS (a joint work with CySecLab@KAIST) has been accepted to ACM/SIGAPP SAC โ€˜24!

Sep. 2023ย  ๐Ÿ†ย SSLabโ€™s CTF Team (Jaeyoon, Sungsoo, Jangyup) won 1st place in the SKKU CTF 2023!

Sep. 2023ย  ๐Ÿ‘คย Hajeong and Kyuwon finished their masterโ€™s, and started Ph.D.

Sep. 2023ย  ๐Ÿ‘คย Sungsoo joins SSLab as a Masterโ€™s student

Jul. 2023ย  ๐ŸŽ‰ย Our work Capacity has been accepted to ACM CCS โ€˜23.

Mar. 2023ย  ๐Ÿ‘คย Jaeyoon joins SSLab as an integrated Ph.D student.

Research


Systems Security Labโ€™s mission is to retrofit the security architecture of modern computing systems against the constantly evolving threats and broadening attack surface. Todayโ€™s computing systems are increasingly more complex while the attackers and their strategy constantly evolve. SSLabโ€™s research focuses on discovering weaknesses in existing defenses and proposing novel principles for defense to stay ahead of the curve.

swsec

Software and Operating Systems Security

Software Attacks and Defenses

Operating Systems Security

hwsec

Hardware-assisted Security

Trusted Execution Environments

HW-accelerated security monitoring

aisec

Secure Computation for AI

Trusted AI Computation in Cloud

Privacy-preserving AI

People


Leader


Hojoon Lee

Associate Professor


Personal Pageย  CV

Prof. Hojoon Lee is currently an associate professor in the Department of Computer Science and Engineering at Sungkyunkwan University since September 2019. Prior to his current position, he spent one year as a postdoctoral researcher at CISPA under the supervision of Prof. Michael Backes. He received my Ph.D. from KAIST in 2018, advised by Prof. Brent Byunghoon Kang, and his B.S. from The University of Texas at Austin. His main research interests lie in retrofitting security in computing systems against todayโ€™s advanced threats. My research interests include but are not limited to Operating System Security, Trusted Execution Environments, Program Analysis, Software Security, and Secure Computation in the Cloud.

PhD/Master-PhD Integrated Students


Duy Kha Dinh ย (khadinh[AT]skku.edu)

PhD-MS Integrated Student
B.S. in CS, Hochiminh University of Technology (2018)
Research Interests:
- Trusted Execution Environments
- Hardware-Assisted Software Security
- Oblivious Computing.

Kyuwon Cho ย (kyuwon.cho[AT]skku.edu)

PhD Student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in CSE, Sungkyunkwan University (2021)
Research Interests:
- Software Compartmentalization
- Fuzzing and Sanitizer Designs
- Safe Programming Languages

Hajeong Lim ย (hajeong.lim[AT]skku.edu)

PhD Student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in CSE, Sungkyunkwan University (2022)
Research Interests:
- Software Compartmentalization
- Oblivious Computing
- Compiler-assisted Software Security

Jaeyoon Kim ย (jena9925[AT]skku.edu)

PhD-MS Integrated Student
B.S. in CSE, Sungkyunkwan University (2022)
Research Interests:
- Cloud Security
- Virtualization

Jongyoon Kim ย (jongyoon.kim[AT]skku.edu)

PhD-MS Integrated Student
B.S. in CSE, Sungkyunkwan University (2023)
Research Interests:
- Software Compartmentalization
- Fuzzing and Sanitizer Designs

Masterโ€™s Students


Sungsoo Kim ย (sskim71[AT]skku.edu)

Masterโ€™s Student
B.S. in CSE, Sungkyunkwan University (2023)
Research Interests:
- Security in Embedded Systems
- Software Attacks and Defenses

Jihoon Kim ย (rhgus862[AT]g.skku.edu)

Masterโ€™s Student
B.S. in CSE, Sungkyunkwan University (2024)
Research Interests:
- Software Attacks and Defenses

Juyoung Kim ย (juyoungkim87[AT]g.skku.edu)

Masterโ€™s Student
B.S. in CSE, Soongsil University (2012)
Research Interests:
- Trusted Execution Environments
- Security in Mobile Computing

Alumni

Siwon Huh ย (c4lvin[AT]theori.io)

Web3 SecurityResearcher at ChainLight, Theori
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in Math/CSE, Sungkyunkwan University (2021)

Personal Pageย  CV

Thesis: Towards Privacy-Preserving W3C DID Resolving Architecture

Taehyun Noh ย (dove0255[AT]g.skku.edu)

Ph.D student at The University of Texas at Austin
M.S. in CSE, Sungkyunkwan University (2024)
B.S. in CSE, Sungkyunkwan University (2021)
Research Interests: Software Compartmentalization, Safe Programming Languages

Soohwan Shin ย (kkobugi114[AT]gmail.com)

Masterโ€™s student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in EE, Sungkyunkwan University (2021)
Research Interests: Privacy in Machine Learning

Myungkyu Sim ย (audrb30[AT]g.skku.edu)

Master Student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in CSE, Sungkyunkwan University (2021)
Research Interests: Hardware-assisted Software Security

Undergraduate Interns

์ด์žฅ์—ฝ (์†Œํ”„ํŠธ์›จ์–ดํ•™๊ณผ, 4ํ•™๋…„), ์ตœํ˜ธ์ค€ (์†Œํ”„ํŠธ์›จ์–ดํ•™๊ณผ, 4ํ•™๋…„), ์ด์žฌ๊ท  (์†Œํ”„ํŠธ์›จ์–ดํ•™๊ณผ, 2ํ•™๋…„), ๊น€ํ˜•์ง„ (์†Œํ”„ํŠธ์›จ์–ดํ•™๊ณผ, 2ํ•™๋…„), ์‹ ๋ฏผ๊ทœ (์†Œํ”„ํŠธ์›จ์–ดํ•™๊ณผ, 2ํ•™๋…„)

We are looking for you!

์‹œ์Šคํ…œ ๋ณด์•ˆ ์—ฐ๊ตฌ์‹ค (SSLab)์€ ํ•ดํ‚น์— ์—ด์ • ์žˆ๋Š” ํ•™์ƒ๋“ค์„ ๊ธฐ๋‹ค๋ฆฌ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. ์ €ํฌ ์—ฐ๊ตฌ์‹ค์€ ๋ญ”๊ฐ€๋ฅผ ๋งŒ๋“ค๊ณ , ๊ณ ์žฅ๋‚ด๊ณ , ๊ณ ์น˜๋Š” ๊ฑธ ์ข‹์•„ํ•˜๋Š” ํ•ด์ปค ๊ธฐ์งˆ์„ ๊ฐ€์ง„ ์—ฌ๋Ÿฌ๋ถ„๋“ค์„ ์ฐพ๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค. SSLab์€ ์†Œํ”„ํŠธ์›จ์–ด ๋ฐ ์‹œ์Šคํ…œ ๋ณด์•ˆ ๋ถ„์•ผ ์—ฐ๊ตฌ๋ฅผ ์ค‘์ ์ ์œผ๋กœ ์—ฐ๊ตฌํ•˜๊ณ  ์žˆ๊ณ , ๋ฌด์—‡๋ณด๋‹ค ํ•™์ƒ ํ•œ๋ช… ํ•œ๋ช…์ด ์žฌ๋ฏธ๋ฅผ ๋Š๋ผ๋Š” ์ฃผ์ œ๋ฅผ ์ฐพ๊ณ  ๋˜ ๊นŠ๊ฒŒ ํŒŒ๊ณ ๋“ค ์ˆ˜ ์žˆ๋„๋ก ์ ๊ทน ์ง€์›ํ•ฉ๋‹ˆ๋‹ค. OS, Computer Architecture, Reverse engineering, Software Exploit Writing๋“ฑ์— ๋Œ€ํ•œ ๋ฐฐ๊ฒฝ์ง€์‹์ด ์žˆ์œผ๋ฉด ์ข‹์ง€๋งŒ, ์ฒด๊ณ„์ ์ธ ์‹ ์ž…์ƒ ๊ต์œก ํ”„๋กœ๊ทธ๋žจ์„ ํ†ตํ•ด ๋ฐฐ์›Œ๋‚˜๊ฐˆ ์ˆ˜๋„ ์žˆ์Šต๋‹ˆ๋‹ค. SSLab์˜ ์ฒ ํ•™์€ ๊ตฌ์„ฑ์› ๊ฐœ๊ฐœ์ธ์ด ์—ฐ๊ตฌ๋ฅผ ํ•˜๋Š” ๊ฐ€์žฅ ํฐ ๋™๊ธฐ๋ถ€์—ฌ๊ฐ€ ์žฌ๋ฏธ๊ฐ€ ๋˜๋„๋ก ํ•˜๋Š” ๊ฒƒ์ž…๋‹ˆ๋‹ค. ํ˜„์žฌ ์ €ํฌ ์—ฐ๊ตฌ์‹ค์€ ์•„๋ž˜์™€ ๊ฐ™์€ ํฌ์ง€์…˜์„ ๋ชจ์ง‘ํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค:

We are looking for passionate students interested in doing research at SSLab. The most important qualification we want from you is that you inherently enjoy hacking stuff. We student research topic is that you have fun exploring the topic. So, do not hesitate to talk to us if you are interested:) Currently, I have the following positions open :

Open Positions (Last updated: Sep. 2024):

Please contact me at hojoon.lee [ at ] skku.edu, if you are interested!

Publications


uMMU: Securing Data Confidentiality with Unobservable Memory Subsystem (To Appear)
Hajeong Lim, Jaeyoon Kim, Hojoon Lee
ACM Conference on Computer and Communications Security (ACM CCS) 2024ย ย ย 

(In)visible Privacy Indicator: Security Analysis of Privacy Indicator on Android Devices
Yurak Choe, Hyungseok Yu, Taeho Kim, Shinjae Lee, *Hojoon Lee, *Hyoungshick Kim ( *Co-corresponding authors)
ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS) 2024ย ย ย 

RustSan: Retrofitting AddressSanitizer for Efficient Sanitization of Rust
Kyuwon Cho, Jongyoon Kim, Kha Dinh Duy, Hajeong Lim, Hojoon Lee
USENIX Security Symposium 2024ย ย ย 

GENESIS: A Generalizable, Efficient, and Secure Intra-kernel Privilege Separation
Seongman Lee, Seoye Kim, Chihyun Song, Byeongsu Woo, Eunyeong Ahn, Junsu Lee, Yeongjin Jang, Jinsoo Jang, *Hojoon Lee, *Brent Byunghoon Kang ( *Co-corresponding Authors)
ACM/SIGAPP Symposium on Applied Computing (SAC) 2024ย ย ย 

Capacity: Cryptographically-Enforced In-process Capabilities for Modern ARM Architectures
Kha Dinh Duy, Kyuwon Cho, Taehyun Noh, Hojoon Lee
ACM Conference on Computer and Communications Security (CCS) 2023ย (Distinguished Paper Award)ย ย 

Towards Scalable and Configurable Simulation for Disaggregated Architecture
Daegyeong Kim, Wonwoo Choi, Chang-il Lim, Eunjin Kim, Geonwoo Kim, Yongho Song, Junsu Lee, Youngkwang Han, Hojoon Lee, Brent Byunghoon Kang
Elsevier Simulation Modelling Practice and Theory (2023)ย ย ย 

DID We Miss Anything?: Towards Privacy-Preserving Decentralized ID Architecture
Siwon Huh, Myungkyu Shim, Jihwan Lee, Simon Woo, Hyoungshick Kim, Hojoon Lee
IEEE Transactions on Dependable and Secure Computing (TDSC) (2023)ย ย ย 

SE-PIM: In-Memory Acceleration of Data-Intensive Confidential Computing
Kha Dinh Duy, Hojoon Lee
IEEE Transactions on Cloud Computing (2022)ย ย ย 

Harnessing the x86 Intermediate Rings for Intra-Process Isolation
Hojoon Lee, Chihyun Song, Brent Byunghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC) (2022)ย ย ย 

Confidential Machine Learning Computation in Untrusted Environments: A Systems Security Perspective
Kha Dinh Duy, Taehyun Noh, Siwon Huh, Hojoon Lee
IEEE Access (2021)ย ย ย 

A Comprehensive Analysis of Todayโ€™s Malware and Its Distribution Network: Common Adversary Strategies and Implications
Siwon Huh, Seonghwan Cho, Jinho Choi, Seungwon Shin, Hojoon Lee
IEEE Access (2021)ย ย ย 

EmuID: Detecting Presence of Emulation through Microarchitectural Characteristic on ARM
Yeseul Choi, Yunjong Jeong, Dahee Jang, Brent Byunghoon Kang, Hojoon Lee
Elsevier Computers & Security (2021)ย ย ย 

On the Analysis of Byte-Granularity Heap Randomization.
DaeHee Jang, Jonghwan Kim, Hojoon Lee, Minjoon Park, Yunjong Jung, Minsu Kim, Brent ByungHoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC) (2021)ย ย ย 

Lord of the x86 Rings: A Portable User Mode Privilege Separation Architecture on x86
Hojoon Lee, Chihyun Song, and Brent Byunghoon Kang
ACM Conference on Computer and Communications Security (ACM CCS) 2018ย ย ย ย 

ATRA: Address Translation Redirection Attack Against Hardware-based External Monitors
Dahee Jang, Hojoon Lee, Hyungon Moon, Minsu Kim, Daehyeok Kim, Daegyeong Kim, Brent Byunghoon Kang
ACM Conference on Computer and Communications Security (ACM CCS) 2014ย ย ย 

KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object
Hojoon Lee, Hyungon Moon, Daehee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, Brent Byunghoon Kang
USENIX Security Symposium 2013ย ย ย 

Vigilare: Toward Snoop-based Kernel Integrity Monitor
Hyungon Moon, Hojoon Lee, Jihoon Lee, Kihwan Kim, Yunheung Paek, Brent Bynghoon Kang
ACM Conference on Computer and Communications Security (ACM CCS) 2012ย ย ย 

A Dynamic Per-context Verification of Kernel Address Integrity from External Monitors
Hojoon Lee, Minsu Kim, Yunheung Paek, Brent Byunghoon Kang
Elsevier Computers & Security, 77:824 โ€“ 837, 2018ย ย ย 

KI-Mon ARM: A Hardware- assisted Event-triggered Monitoring Platform for Mutable Kernel Object
Hojoon Lee, Hyungon Moon, Daehee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, Brent Byunghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC), pages 1โ€“1, 2018ย ย ย 

Detecting and Preventing Kernel Rootkit Attacks with Bus Snooping
Hyungon Moon, Hojoon Lee, Ingoo Heo, Kihwan Kim, Yunheung Paek, Brent Bynghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC), 14(2):145โ€“157, March 2017ย ย ย 

Courses


SWE2001: System Program (์‹œ์Šคํ…œ ํ”„๋กœ๊ทธ๋žจ)

SWE3025: Computer Security (์ •๋ณด๋ณดํ˜ธ๊ฐœ๋ก )

SWE3009: Internet Services and Information Security (์ธํ„ฐ๋„ท ์„œ๋น„์Šค์™€ ์ •๋ณด๋ณดํ˜ธ)

ESW4010: Special Topics on Systems Security (์‹œ์Šคํ…œ๋ณด์•ˆ ํŠน๋ก )

SSLab-CTF


CTF๋Š” Capture-The-Flag์˜ ์•ฝ์ž๋กœ, ์ฃผ์–ด์ง„ ํ”„๋กœ๊ทธ๋žจ/์›น์‚ฌ์ดํŠธ๋“ฑ์˜ ์ทจ์•ฝ์ ์„ ์ฐพ์•„๋‚ด Flag๋ฅผ ์ฐพ๋Š” ํ•ดํ‚น๋Œ€ํšŒ ํ˜•์‹์˜ ์›Œ๊ฒŒ์ž„์„ ๋งํ•ฉ๋‹ˆ๋‹ค.

SSLab ์šด์˜ CTF๋Š” ์„ฑ๊ท ๊ด€๋Œ€ํ•™๊ต ์œตํ•ฉ๋ณด์•ˆ๋Œ€ํ•™์› ํ•ด์ปคํ†ค, ๋ณด์•ˆ ๊ด€๋ จ ์ˆ˜์—…, ํ•™๋ถ€์—ฐ๊ตฌ์ƒ ํ”„๋กœ๊ทธ๋žจ์„ ํ†ตํ•ด ์ฒดํ—˜ํ•ด๋ณด์‹ค์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

Capture The Flag (CTF) platform