CySec Lab @ Yonsei University
Current Research Topics
OS Kernel Vulnerability Scanning Systems
This research agenda is centered around enhancing the security of software systems by identifying and fixing vulnerabilities. We aim to achieve this goal by developing novel system-level techniques that can automatically detect latent vulnerabilities in low-level software. Our focus lies in improving the effectiveness, efficiency, or both, of vulnerability discovery. Our efforts have resulted in several notable contributions, including ReUSB [USENIX Security '23], Agamotto [USENIX Security '20], and PeriScope [NDSS '19]. These advancements have significantly improved the efficiency and effectiveness of OS kernel vulnerability scanning. Additionally, our survey paper [IEEE S&P '19] examines code sanitization techniques for low-level programming languages such as C/C++, showcasing our comprehensive efforts in this domain.
Trustworthy & Confidential Machine Learning Systems
As software systems (including machine learning systems) handle increasingly sensitive data, such as personal and copyrighted information, it becomes crucial to ensure their protection within a trusted execution environment that is well-isolated from potential attackers. To address this challenge, this research agenda focuses on the design and implementation of systems that leverage hardware security features like ARM TrustZone as well as software techniques including compiler-based approaches to achieve trustworthy and confidential computing. An example of our work in this area is GuardiaNN [Middleware '22], which showcases our efforts in realizing these objectives.
Learning-based Binary Reverse Engineering
Reverse engineering is a labor-intensive task that heavily relies on human effort. While several automated solutions have been proposed, many of them rely on heuristics. Although heuristics serve as practical approximations of the decision-making process of skilled reverse engineers, they are not without limitations. In our ongoing project, we are actively investigating this research area with the goal of exploring novel approaches that leverage state-of-the-art machine learning techniques to address various challenges in reverse engineering. As a result of our research efforts, we developed XBA [ISSTA '22], which demonstrates our contribution in this direction.
Run-Time Exploit Mitigation Techniques
It is practically impossible to build perfectly secure software systems, even with all the pre-release testing (or sanitization) or even verification efforts. Therefore, we need a defense mechanism that can protect software systems at run time in order to minimize the consequence of inevitable exploitation of vulnerabilities. This research topic is concerned with developing new, effective software (and often hardware-assisted) mechanisms that can mitigate the consequences of exploits at run time. DMon [DIMVA '20] and dMVX [EuroSec '21] are systems that use software techniques to defend against memory corruption exploits.