Profile

Hyungjoon Koo (Kevin)

I am an assistant professor in Computer Science and Engineering at College of Computing in Sungkyunkwan University. I was a postdoctoral researcher at SSLab in Georgia Tech, working with Taesoo Kim. I earned my Ph.D. in Computer Science (CS) from Stony Brook University (adviser: Michalis Polychronakis). I received the M.Sc. degree in Information Security from Korea University, working at the Digital Forensics Lab (DFRC) with Sangjin Lee. I studied computer science in the University of Texas at Austin as an exchange student. I also had worked for Samsung SDS and Shinhan bank in a security team. I am fortunate to have a variety of interesting experiences from both industrial and academic sides in the security field, thanks to the great people who led me.

With the Internet of Things, security matters everywhere by getting more connected each other ever. So I wanted to make this space reserved for writing down stuff (security findings, knowledge I often forget, what I have done for fun and so on). I like dealing with practical security which impacts on human’s life, based upon theory.

Interests

Artificial Intelligence for Security
Binary Analysis and Protection
Software Security
Digital Forensics
Anonymity VS Censorship
Malware Analysis
Insider Threat and Profiling
Internet of Things Security
Visualization for Security

Selected Publications / Patents

A Look Back on a Function Identification Problem, Hyungjoon Koo, Soyeon Park, and Taesoo Kim
In the 37th Annual Computer Security Applications Conference (ACSAC ’21)
Software Watermarking via a Binary Function Relocation, Honggoo Kang, Yonghwi Kwon, Sangjin Lee and Hyungjoon Koo
In the 37th Annual Computer Security Applications Conference (ACSAC ’21)
Slimium: Debloating the Chromium Browser with Feature Subsetting, Chenxiong Qian, Hyungjoon Koo, Changseok Oh, Taesoo Kim, and Wenke Lee
In the 27th ACM Conference on Computer and Communications Security (CCS ’20)
[Dissertation] Practical Software Specialization against Code Reuse Attacks,
Department of Computer Science, Stony Brook University, May 2019
Configuration-Driven Software Debloating, Hyungjoon Koo, Seyedhamed Ghavamnia, and Michalis Polychronakis, In the 12th European Workshop on Systems Security, 2019 (EuroSec ’19)
Compiler-assisted Code Randomization, Hyungjoon Koo, Yaohui Chen, Long Lu, Vasileios P. Kemerlis, and Michalis Polychronakis.
In the 39th IEEE Symposium on Security & Privacy, 2018 (S&P ’18) [slide] [code]
CSAW ’18 Finalist [link]
Defeating Zombie Gadgets by Re-randomizing Code Upon Disclosure, Micah Morton, Hyungjoon Koo, Forrest Li, Kevin Z. Snow, Michalis Polychronakis, and Fabian Monrose.
In the 9th International Symposium on Engineering Secure Software and Systems, 2017 (ESSoS ’17)
The Politics of Routing: Investigating the Relationship between AS Connectivity and Internet Freedom, Rachee Singh, Hyungjoon Koo, Najmehalsadat Miramirkhani, Fahimeh Mirhaj, Leman Akoglu, and Phillipa Gill.
In the 6th USENIX Workshop on Free and Open Communications on the Internet, 2016 (FOCI ’16)
Return to the Zombie Gadgets: Undermining Destructive Code Reads via Code-Inference Attacks, Kevin Z. Snow, Roman Rogowski, Jan Werner, Hyungjoon Koo, Fabian Monrose, and Michalis Polychronakis.
In the 37th IEEE Symposium on Security and Privacy, 2016 (S&P ’16)
Juggling the Gadgets: Binary-level Code Randomization using Instruction Displacement, Hyungjoon Koo and Michalis Polychronakis.
In the 11th ACM Asia Conference on Computer and Communications Security, 2016 (ASIACCS ’16) [slide] [code]
Identifying Traffic Differentiation in Mobile Networks, Arash Molavi Kakhki, Abbas Razaghpanah, Anke Li, Hyungjoon Koo, Rajeshkumar Golani, David Choffnes, Phillipa Gill, and Alan Mislove.
In the 15th ACM Internet Measurement Conference, 2015 (IMC ’15)
Pre-detection Model for Trusted Insider’s Information Theft and Manipulation from a Forensic Perspective, Hyungjoon Koo and Sangjin Lee. (Master Thesis)
In the pre-proceedings of the 10th World Conference on Information Security Applications, 2009 (WISA ’09)
System and Method for Responding DDoS Offensive (DDos 공격의 대응시스템 및 방법), 허창열, 구본재, 박봉희, 구형준, 정규태.
Patent #10-2010-0065260 in Korea, 2011

Committee / (External) Review Service

- IEEE Transactions on Dependable and Secure Computing (TDSC) 2022
- Computers and Security (COSE) 2021
- International Journal of Information Security (IJIS) 2020, 2021
- Frontiers of Information Technology & Electronic Engineering (FITEE) 2020

- The Network and Distributed System Security Symposium (NDSS) 2020

NYU’s CSAW ’19 Program Committee 2019

IEEE Access 2019

- IEEE/ACM Transactions on Networking (TON) 2019

- IEEE Security & Privacy Magazine (S&P) 2019

Selected Projects / Presentations

- - [CSE592] Internet Censorship (Fall 2015)
    Politics of Routing: the relationship between ASes and censorship
    Man on the Side Attack (MoTS) – experimental packet injection and detection
  - [CSE509] System Security (Fall 2014)
    rootkit as a kernel module in Ubuntu 12.04 LTS kernel 3.2.0 with Yaohui Chen
  - [CSE506] Operating Systems (Fall 2014)
    Building JOS, a micro-kernel Operating System with Anke Li
    Presentation – Securing Linux with Anke Li
  - [CSE534] Fundamental of Networks (Spring 2014)
    Network Emulation with Click Modular Router with Jun Wang
    Future Networking Simulation with ndnSIM module with Jun Wang
  - [CSE537] Artificial Intelligence (Fall 2013)
    Pac-man Project (BFS, DFS, Classification, Inference) with Oleksii Starov

Work Experiences

- Instructor at 2020 ONR Software Security Summer School, SSSS20 (Aug 2020)
  Session for Adopting RAZOR for Post-deployment Software Debloating (with Chenxiong Qian)
- Research Assistant at Stony Brook University (May 2014 – May 2019)

System / Software Security (Michalis Polychronakis)
Traffic Differentiation / Internet Censorship (Philipa Gill)

- - Intern at Fujitsu Laboratories of America (Jun. – Aug. 2018)
    Fuzzing and concolic execution
  - Intern at Fujitsu Laboratories of America (Jun. – Aug. 2016)
    Automated binary hardening
  - Teaching Assistant at Stony Brook University
    [CSE102] Introduction to Web Design and Programming (Ahmad Esmaili), Fall 2013
    [CSE130] Introduction to Programming in C (Ahmad Esmaili), Fall 2013
    [CSE312] Legal, Social, and Ethical Issues in Information Systems (Robert Johnson), Spring 2014
    [CSE408] Network Security (Robert Johnson), Spring 2014
    [CSE508] Network Security for Graduates (Michalis Polychronakis), Fall 2017
  - Lecturer
    Security Essentials, Korea Productivity Center, July 2013
    Network Security for Rwanda government officials, KISA, Mar 2013
  - Security Researcher at Shinhan Bank (Jul. 2011 – Sep. 2012)
    Review, deployment, and operation on Advanced Persistent Threat (a.k.a APT) products
    Discovery and analysis on new breed of on-the-fly cyber attacks over company network
    Cryptographic module maintenance for critical customers’ information
    Up-to-date anti-virus engine deployment to protect 24/7 ATM banking
    Security review for brand-new banking services to comply related regulations
  - Assistant Manager at Samsung SDS and Samsung Networks (Jan. 2006 – Jun. 2011)
    Policy establishment and deployment to decrease botnet activities over company network
    Leading the project to design Security History Information Management System for web apps
    Writing guidelines and education about web application security for developers
    Penetration testing on Sri-Lanka’s Government Network project (2007)
    Incident response against web/network based attacks
    Review security COTS products including web app firewall, source code analysis tool, etc.
    Performing internal IT audit

Professional Activities

- - - - Invited Talks
        Software Protection via Code Randomization, University of Tennessee (Nov 2020)
        Practical Software Specialization against Code Reuse Attacks, Sungkyunkwan University (Feb 2019)
        Practical Software Specialization against Code Reuse Attacks, KAIST (Feb 2019)
        Practical Software Hardening against Code Reuse Attacks, Georgia Tech (Nov 2018)
        Software Hardening with Code Diversification, CS Colloquium at SUNY Korea (Jun 2018)
        Software Hardening with Code Diversification, Korea University (May 2018)
        Software Hardening with Code Diversification, Samsung Research (May 2018)
        Software Hardening, Cyber Symposium by the Stony Brook Computing Society (Apr 2018)
        Elaborate Attacks with Existing Tools, National Computing & Information Agency (May 2013)
        Anonymizing Yourself with Tor, Korea Internet & Security Agency (Apr 2013)
      - Translation of Technical Books/Projects into Korean
        Gray Hat C# (ISBN: 1593277598, 그레이햇 C#, 2018)
        Logging and Log Management (ISBN: 1597496359, 실전 LOG 분석과 체계적인 관리 가이드, 2014)
        Practical Malware Analysis (ISBN: 1593272901, 실전 악성코드와 멀웨어 분석 , 2013)
        Malware Analyst’s Cookbook and DVD (ISBN: 0470613033, 악성코드 분석가의 비법서, 2011)
        Cryptography Engineering (ISBN: 0470474246, 실용 암호학, 2010)
        OWASP Top10 (2007, 2010)
        SANS Top20 and ISM Top10 (2007)
      - Grants
        Student Grant from USENIX Security in Vancouver, Canada (Aug 2017)
      - Poster Presentation
        Young Faculty Award Meeting, DARPA Conference Center (Jul 2018)
      - Write-ups
        Keychain Analysis with Mac OS X Memory Forensics, Kyeongsik Lee and Hyungjoon Koo (2013)
        Hunting Mac OS X rootkit with Memory Forensics, Kyeongsik Lee, Jinkook Kim, and Hyungjoon Koo (2013)
        A guide book for building and operating CERT by KISA (2007)

Certifications

- - - - EnCE (EnCase® Certified Examiner) by Guidance Software (2010)
      - CHFI (Computer Hacking Forensic Investigator) by EC-Council (2010)
      - RHCT (Red Hat Certified Technician) by RedHat (2009)
      - CC (Common Criteria Evaluation) by NCSC (2009)
      - GCIH (Certified Incident Handler) by GIAC (2008)
      - CISA (Certified Information Systems Auditor ) by ISACA (2008)
      - CISSP (Certified Information Systems Security Professional) by (ISC)2 (2008)
      - SIS (Specialist for Information Security) by KISA (2007)
      - CCNA (Cisco Certified Network Associate) by Cisco (2006)

Last updated (June. 2022)