Profile

At Evergrades Park
At Evergrades Park

 

I  am currently a Ph.D candidate studying Computer Science in Stony Brook University. Before I join here, I worked for Samsung SDS and Shinhan bank for about 7 years in a security team. I always feel lucky that I have chances to go through a variety of interesting experiences from both industrial and academic side in security, thanks to the great people who led me. I am also a member of Forensic Insight, the biggest Digital Forensic Community in Korea. I made a presentation several times. My slides are available here. Special thanks to n0fate and proneer who have motivated me at all times. 🙂

Not long time ago, I made this space reserved for doing stuff. I like dealing with networking and practical security which impacts on human’s life, based upon theory. Having emerged the Internet of Things, getting more connected each other ever, security matters everywhere.  

 


Contact: Email
Githubhttps://github.com/kevinkoo001
LinkedInhttps://www.linkedin.com/in/kevinkoo001


 

A. Interests (but not limited to)

  • Binary analysis, hardening and protection
  • Digital forensics from investigative perspective
  • Anonymity VS Censorship (like hide-and-seek game)
  • Cyber warfare (National-wide targeting attack in particular)
  • Malware analysis
  • Insider threat and profiling
  • IoT (Internet of Things) Security
  • Handling massive data with machine learning and visualization
  • Decentralized technologies, P2P protocols and Security


B. Publications / Patent


C. Selected Projects / Presentations


D. Academic Experiences


E. Work Experiences

  • Fujitsu Laboratories of America (Jun. – Aug. 2016)
    Internship
  • Lecturer (Oct. 2012 – Jul. 2013)
    Network Security for Rwanda government officials
    Anonymizing Yourself with Tor in KISA, Korea Internet & Security Agency
    Security Essentials in KPC, Korea Productivity Center
    Elaborate Attacks with Existing Tools NCIA, National Computing & Information Agency 
  • Shinhan Bank (Jul. 2011 – Sept. 2012)
    Performed benchmark, deployment, operation on APT products
    Discovered and analyzed numerous new breed of cyber attacks over the network on the fly
    Developed a partial cryptographic module to encrypt critical customers’ information 
    Ensured AV engines in banking infrastructure to keep updated
    Provided security review to see if brand-new banking services comply related regulations 
  • Samsung SDS, Samsung Networks (Jan. 2006 – Jun. 2011)
    Established policies and implemented countermeasures to decrease botnet activities
    Led a project to design Security History Information Management System for web apps
    Wrote guidelines about web application security for developers 
    Performed a penetration testing on LGN (Sri-Lanka’s Government Network) project
    Carried out incident response against web/network based attacks
    Benchmark-ed diverse security COTS products including WAF, SCA, bot detection, etc.
    Supported information security audit for the internal purpose


F.
 (Co-)Translated Books / Co-authored Technical Documents


G.
 Certifications 

  • EnCE (EnCase® Certified Examiner) by Guidance Software (2010)
  • CHFI (Computer Hacking Forensic Investigator) by EC-Council (2010)
  • RHCT (Red Hat Certified Technician) by RedHat (2009)
  • CC (Common Criteria Evaluation) by NCSC (2009)
  • GCIH (Certified Incident Handler) by GIAC (2008, expired)
  • CISA (Certified Information Systems Auditor ) by ISACA (2008)
  • CISSP (Certified Information Systems Security Professional) by (ISC)2 (2008)
  • SIS (Specialist for Information Security) by KISA (2007)
  • CCNA (Cisco Certified Network Associate) by Cisco (2006, expired)

Last updated (June 2017)