Hyungjoon Koo (Kevin)

About | Interests | Publications | Work Experiences | Projects | Activities 

   I am currently a Ph.D candidate under the direction of Michalis Polychronakis, studying Computer Science (CS) in Stony Brook University. Before I join the CS department, I had worked for Samsung SDS and Shinhan bank for about 7 years in a security team. I have been fortunate to have opportunities to go through a variety of interesting experiences from both industrial and academic side in security, thanks to the great people who led me. I received the M.Sc. degree (’10) in Information Security from Korea University, working at Digital Forensics Lab (DFRC) with Professor Sang-jin Lee. I studied computer science in the University of Texas at Austin (’04 Fall – ’05 Spring) as an exchange student. 

   Having emerged the Internet of Things, security matters everywhere by getting more connected each other ever. So I wanted to make this space reserved for writing down stuff (security findings, knowledge I often forget, what I have done for fun and so on). I like dealing with practical security which impacts on human’s life, based upon theory.  

Contact | Google Scholar | Github | LinkedIn | Facebook | Tweet | CV 


  • Binary analysis, hardening and protection
  • Digital forensics
  • Anonymity VS Censorship
  • Cyber warfare
  • Malware analysis
  • Insider threat and profiling
  • Internet of Things Security
  • Applying machine learning and visualization to security practices

Publications / Patent

Selected Projects / Presentations

Work Experiences

  • Research Assistant at Stony Brook University (May 2014 – Present)
    System Security with Michalis Polychronakis (2015 – Present)
    Traffic Differentiation with Philipa Gill (2014)
  • Intern at Fujitsu Laboratories of America (Jun. – Aug. 2016)
    Internship on automated binary hardening
  • Teaching Assistant at Stony Brook University (Sep. 2013 – May 2014, 2017)
    [CSE102] Introduction to Web Design and Programming (Ahmad Esmaili)
    [CSE130] Introduction to Programming in C (Ahmad Esmaili)
    [CSE312] Legal, Social, and Ethical Issues in Information Systems (Robert Johnson)
    [CSE408] Network Security (Robert Johnson)
    [CSE508] Network Security for Graduates (Michalis Polychronakis
  • Lecturer/Presenter (Oct. 2012 – Jul. 2013)
    Lecture on Network Security (two days) for Rwanda government officials

    Presentation on Anonymizing Yourself with Tor, Korea Internet & Security Agency (KISA)
    Lecture on Security Essentials (three days), Korea Productivity Center (KPC)
    Presentation on Elaborate Attacks w/ Existing Tools, National Computing & Information Agency
  • Security Researcher at Shinhan Bank (Jul. 2011 – Sept. 2012)
    Review, deployment, and operation on Advanced Persistent Threat (APT) products

    Discovery and analysis on new breed of on-the-fly cyber attacks over company network
    Cryptographic module maintenance for critical customers’ information 
    Up-to-date anti-virus engine deployment to protect 24/7 ATM banking
    Security review for brand-new banking services to comply related regulations
  • Assistant Manager at Samsung SDS and Samsung Networks (Jan. 2006 – Jun. 2011)
    Policy establishment and deployment to decrease botnet activities over company network

    Leading the project to design Security History Information Management System for web apps
    Writing guidelines and education about web application security for developers 
    Penetration testing on LGN (Sri-Lanka’s Government Network) project (2007) 
    ncident response against web/network based attacks
    Review security COTS products including web app firewall, source code analysis tool, etc.
    Internal IT audit

Professional Activities


  • EnCE (EnCase® Certified Examiner) by Guidance Software (2010)
  • CHFI (Computer Hacking Forensic Investigator) by EC-Council (2010)
  • RHCT (Red Hat Certified Technician) by RedHat (2009)
  • CC (Common Criteria Evaluation) by NCSC (2009)
  • GCIH (Certified Incident Handler) by GIAC (2008)
  • CISA (Certified Information Systems Auditor ) by ISACA (2008)
  • CISSP (Certified Information Systems Security Professional) by (ISC)2 (2008)
  • SIS (Specialist for Information Security) by KISA (2007)
  • CCNA (Cisco Certified Network Associate) by Cisco (2006)

Last updated (Mar. 2018)