Systems Security Lab (SSLab)


시스템 보안 연구실 (SSLab)은 해킹에 열정 있는 학생들을 기다리고 있습니다. 저희 연구실은 뭔가를 만들고, 고장내고, 고치는 걸 좋아하는 해커 기질을 가진 여러분들을 찾고 있습니다. SSLab은 소프트웨어 및 시스템 보안 분야 연구를 중점적으로 연구하고 있고, 무엇보다 학생 한명 한명이 재미를 느끼는 주제를 찾고 또 깊게 파고들 수 있도록 적극 지원합니다. OS, Computer Architecture, Reverse engineering, Software Exploit Writing등에 대한 배경지식이 있으면 좋지만, 체계적인 신입생 교육 프로그램을 통해 배워나갈 수도 있습니다. SSLab의 철학은 구성원 개개인이 연구를 하는 가장 큰 동기부여가 재미가 되도록 하는 것입니다. 현재 저희 연구실은 아래와 같은 포지션을 모집하고 있습니다:

We are looking for passionate students interested in doing research at SSLab. The most important qualification we want from you is that you inherently enjoy hacking stuff. We student research topic is that you have fun exploring the topic. So, do not hesitate to talk to us if you are interested:) Currently, I have the following positions open :

Open Positions(Last updated: Jan. 2024):

Please contact me at hojoon.lee [ at ] skku.edu, if you are interested!

News


Dec. 2023  🎉 (In)visible Privacy Indicator (a joint work with seclab@SKKU) has been accepted to ASIACCS ‘24!

Dec. 2023  🎉 Our work RustSan has been accepted to USENIX Security ‘24!

Dec. 2023  🏆 Our work Capacity was awarded Distinguished Paper Award at ACM CCS ‘23!

Nov. 2023  🎉 GENESIS (a joint work with CySecLab@KAIST) has been accepted to ACM/SIGAPP SAC ‘24!

Sep. 2023  🏆 SSLab’s CTF Team (Jaeyoon, Sungsoo, Jangyup) won 1st place in the SKKU CTF 2023!

Sep. 2023  👤 Hajeong and Kyuwon finished their master’s, and started Ph.D.

Sep. 2023  👤 Sungsoo joins SSLab as a Master’s student

Jul. 2023  🎉 Our work Capacity has been accepted to ACM CCS ‘23.

Mar. 2023  👤 Jaeyoon joins SSLab as an integrated Ph.D student.

Research


At Systems Security Lab, we focus on retrofitting security architecture in today’s computing systems against constantly evolving threats. We look at systems with attacker’s perspectives, to discover new attacks and build secure systems.

swsec

Software and Operating Systems Security

Software Attacks and Defenses

Operating Systems Security

hwsec

Hardware-assisted Security

Trusted Execution Environments

HW-accelerated security monitoring

aisec

Secure Computation for AI

Trusted AI Computation in Cloud

Privacy-preserving AI

People


Leader


Hojoon Lee

Assistant Professor


Personal Page  CV

Prof. Hojoon Lee is currently an assistant professor at Dept. of Computer Science and Engineering at Sungkyunkwan University since September 2019. Prior to his current position, he spent one year as a postdoctoral researcher at CISPA (Saarbruecken, Germany) under the supervision of Prof. Michael Backes. He received his Ph.D. from KAIST in 2018, advised by Prof. Brent Byunghoon Kang, and his B.S. from The University of Texas at Austin. His main research interests lie in retrofitting security in computing systems against today’s advanced threats. His research interests include but are not limited to Operating System Security, Trusted Execution Environments, Program Analysis, Software Security, and Secure AI Computation in Cloud.

PhD/Master-PhD Integrated Students


Duy Kha Dinh  (khadinh[AT]skku.edu)

PhD Student (Integrated Program)
B.S. in CS, Hochiminh University of Technology (2018)
Research Interests: Trusted Execution Environments, Hardware-Assisted Software Security, Oblivious Computing.

Kyuwon Cho  (kyuwon.cho[AT]skku.edu)

PhD Student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in CSE, Sungkyunkwan University (2021)
Research Interests: Software Compartmentalization, Fuzzing and Sanitizer Designs, Safe Programming Languages

Hajeong Lim  (hajeong.lim[AT]skku.edu)

PhD Student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in CSE, Sungkyunkwan University (2022)
Research Interests: Software Compartmentalization, Oblivious Computing, Compiler-assisted Software Security

Jaeyoon Kim  (jena9925[AT]skku.edu)

PhD Student (Integrated Program)
B.S. in CSE, Sungkyunkwan University (2022)
Research Interests: Cloud Security, Virtualization

Jongyoon Kim  (jongyoon.kim[AT]skku.edu)

PhD Student (Integrated Program)
B.S. in CSE, Sungkyunkwan University (2023)
Research Interests: Software Compartmentalization, Fuzzing and Sanitizer Designs

Master’s Students


Sungsoo Kim  (noodles0701[AT]naver.com)

Master’s Student
B.S. in CSE, Sungkyunkwan University (2023)
Research Interests: Software Attacks and Defenses

Alumni

Siwon Huh  (c4lvin[AT]theori.io)

Web3 SecurityResearcher at ChainLight, Theori
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in Math/CSE, Sungkyunkwan University (2021)

Personal Page  CV

Thesis: Towards Privacy-Preserving W3C DID Resolving Architecture

Taehyun Noh  (dove0255[AT]g.skku.edu)

Master’s Student
M.S. in CSE, Sungkyunkwan University (2024)
B.S. in CSE, Sungkyunkwan University (2021)
Research Interests: Software Compartmentalization, Safe Programming Languages

Soohwan Shin  (kkobugi114[AT]gmail.com)

Master’s student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in EE, Sungkyunkwan University (2021)
Research Interests: Privacy in Machine Learning

Myungkyu Sim  (audrb30[AT]g.skku.edu)

Master Student
M.S. in CSE, Sungkyunkwan University (2023)
B.S. in CSE, Sungkyunkwan University (2021)
Research Interests: Hardware-assisted Software Security

Undergraduate Interns

이장엽 (소프트웨어학과, 4학년), 최호준 (소프트웨어학과, 4학년), 이재균 (소프트웨어학과, 2학년), 김형진 (소프트웨어학과, 2학년), 신민규 (소프트웨어학과, 2학년)

Publications


(In)visible Privacy Indicator: Security Analysis of Privacy Indicator on Android Devices (To Appear)
Yurak Choe, Hyungseok Yu, Taeho Kim, Shinjae Lee, *Hojoon Lee, *Hyoungshick Kim ( *Co-corresponding authors)
ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS) 2024   

RustSan: Retrofitting AddressSanitizer for Efficient Sanitization of Rust
Kyuwon Cho, Jongyoon Kim, Kha Dinh Duy, Hajeong Lim, Hojoon Lee
USENIX Security Symposium 2024   

GENESIS: A Generalizable, Efficient, and Secure Intra-kernel Privilege Separation
Seongman Lee, Seoye Kim, Chihyun Song, Byeongsu Woo, Eunyeong Ahn, Junsu Lee, Yeongjin Jang, Jinsoo Jang, *Hojoon Lee, *Brent Byunghoon Kang ( *Co-corresponding Authors)
ACM/SIGAPP Symposium on Applied Computing (SAC) 2024   

Capacity: Cryptographically-Enforced In-process Capabilities for Modern ARM Architectures
Kha Dinh Duy, Kyuwon Cho, Taehyun Noh, Hojoon Lee
ACM Conference on Computer and Communications Security (CCS) 2023 (Distinguished Paper Award)  

Towards Scalable and Configurable Simulation for Disaggregated Architecture
Daegyeong Kim, Wonwoo Choi, Chang-il Lim, Eunjin Kim, Geonwoo Kim, Yongho Song, Junsu Lee, Youngkwang Han, Hojoon Lee, Brent Byunghoon Kang
Elsevier Simulation Modelling Practice and Theory (2023)   

DID We Miss Anything?: Towards Privacy-Preserving Decentralized ID Architecture
Siwon Huh, Myungkyu Shim, Jihwan Lee, Simon Woo, Hyoungshick Kim, Hojoon Lee
IEEE Transactions on Dependable and Secure Computing (TDSC) (2023)   

SE-PIM: In-Memory Acceleration of Data-Intensive Confidential Computing
Kha Dinh Duy, Hojoon Lee
IEEE Transactions on Cloud Computing (2022)   

Harnessing the x86 Intermediate Rings for Intra-Process Isolation
Hojoon Lee, Chihyun Song, Brent Byunghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC) (2022)   

Confidential Machine Learning Computation in Untrusted Environments: A Systems Security Perspective
Kha Dinh Duy, Taehyun Noh, Siwon Huh, Hojoon Lee
IEEE Access (2021)   

A Comprehensive Analysis of Today’s Malware and Its Distribution Network: Common Adversary Strategies and Implications
Siwon Huh, Seonghwan Cho, Jinho Choi, Seungwon Shin, Hojoon Lee
IEEE Access (2021)   

EmuID: Detecting Presence of Emulation through Microarchitectural Characteristic on ARM
Yeseul Choi, Yunjong Jeong, Dahee Jang, Brent Byunghoon Kang, Hojoon Lee
Elsevier Computers & Security (2021)   

On the Analysis of Byte-Granularity Heap Randomization.
DaeHee Jang, Jonghwan Kim, Hojoon Lee, Minjoon Park, Yunjong Jung, Minsu Kim, Brent ByungHoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC) (2021)   

Lord of the x86 Rings: A Portable User Mode Privilege Separation Architecture on x86
Hojoon Lee, Chihyun Song, and Brent Byunghoon Kang
ACM CCS 2018    

ATRA: Address Translation Redirection Attack Against Hardware-based External Monitors
Dahee Jang, Hojoon Lee, Hyungon Moon, Minsu Kim, Daehyeok Kim, Daegyeong Kim, Brent Byunghoon Kang
ACM CCS 2014   

KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object
Hojoon Lee, Hyungon Moon, Daehee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, Brent Byunghoon Kang
USENIX Security Symposium 2013   

Vigilare: Toward Snoop-based Kernel Integrity Monitor
Hyungon Moon, Hojoon Lee, Jihoon Lee, Kihwan Kim, Yunheung Paek, Brent Bynghoon Kang
ACM CCS 2012   

A Dynamic Per-context Verification of Kernel Address Integrity from External Monitors
Hojoon Lee, Minsu Kim, Yunheung Paek, Brent Byunghoon Kang
Elsevier Computers & Security, 77:824 – 837, 2018   

KI-Mon ARM: A Hardware- assisted Event-triggered Monitoring Platform for Mutable Kernel Object
Hojoon Lee, Hyungon Moon, Daehee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, Brent Byunghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC), pages 1–1, 2018   

Detecting and Preventing Kernel Rootkit Attacks with Bus Snooping
Hyungon Moon, Hojoon Lee, Ingoo Heo, Kihwan Kim, Yunheung Paek, Brent Bynghoon Kang
IEEE Transactions on Dependable and Secure Computing (TDSC), 14(2):145–157, March 2017   

Courses


SWE2001: System Program (시스템 프로그램)

SWE3025: Computer Security (정보보호개론)

SWE3009: Internet Services and Information Security (인터넷 서비스와 정보보호)

ESW4010: Special Topics on Systems Security (시스템보안 특론)

SSLab-CTF


CTF는 Capture-The-Flag의 약자로, 주어진 프로그램/웹사이트등의 취약점을 찾아내 Flag를 찾는 해킹대회 형식의 워게임을 말합니다.

SSLab 운영 CTF는 성균관대학교 융합보안대학원 해커톤, 보안 관련 수업, 학부연구생 프로그램을 통해 체험해보실수 있습니다.

Capture The Flag (CTF) platform