Past Projects

As a Manager

▶ Research on Security Supports and Vulnerability Analysis for Smart Contracts (Apr.2018~Dec. 2020)

Block chain based distributed systems, recently getting enormous attentions, are now being evolved to Smart contract based systems. The major purpose of smart contracts running on block chain environments is to manage critical financial assets in better ways. In this projects, our team concentrates on software vulnerability analysis for attack prevention in distributed smart contract applications running on an Ethereum virtual machine, especially focusing on Soldity programs and go-ethereum VM. We collaborated with KAIST, PiLab and Internet Security laboratory of Chungnam National Univ. (supported by IITP, Institute for Information & communications Technology Promotion, Korea).

▶ Application Level Analysis for Accelerating Efficiency and Energy-saving for Computing Systems (Nov.2015~Oct. 2018)

As device/network-centric IoT systems earn increasing attentions recently, there appear new paradigms of programming, like reactive programs and stream programs, handling distributed massive data like sensed values and controls. Our research is about tools to make it easy for programmers to develop such applications efficiently, with performance and energy-saving concerns. We are currently focus on development tools (including languages and APIs) for efficient sensor stream processing, which will help to give prompt response, especially useful for the case that exceptional (unsafe) situations are detected. (supported by National Research Foundation of Korea)

▶ Research on Safety Enhencement Methods for Android Media Frameworks (Apr.2018~Oct. 2018)

Android Open Source Project (AOSP) monthly announces source code level vulnerabilities and patches for Android. Among the numerous issues reported, we focus on Android Media Framework, which provides efficient media data handling but at the cost of considerable cases of memory corrupts . Our goal is to analyze the reported vulnerabilities in Media Framework and suggests methods to improve the situation, including automated vulnerability analysis tools. (supported by NSR, Korea)

▶ Research on Packer Identification for Malware (Apr.2017~Nov. 2017)

Packer identication for malware is an essential prepocessing step for analysis on packed malware. We develop a SVM (support vector machine) based packer identification method, which shows better performance than previous works in accuracy of identification from the experiments. (supported by NSR, Korea)

▶ Research on Building DB of white list for malware detection (Apr.2016~Nov. 2016)

This project aims to build DB of well-known benign codes, called “white list DB.” We envision the result would be helpful to enhance efficiency in malware detection. (supported by NSR, Korea)

▶ Analysis on executable paths distorted by malicious codes and vulnerable inputs in Android platform (May.2013~Feb.2016)

Vulnerability of mobile software platforms are able to be prevented by pre-test and analysis. Together with KAIST, Ajou Univ. and Security laboratory of Chungnam National Univ., we aim to find out executable paths distorted by malicious codes and vulnerable inputs in Android platform by looking into binary codes. (supported by : Ministry of Science, ICT and Future Planning)

▶ Research on bitlevel taint analysis for deobfuscation (Apr. 2015~Nov.2015)

To implement bitlevel taint analysis for x86 executables and to show feasibility of its usage for deobfuscation of virtual machine based obfuscated codes (supported by National Security Research Institute)

▶ Research on data and behavior models for robustness of context reading (Sep.2014~May. 2015)

Sensors for context awareness may generate erroneous data due to their inherent imprecision, faults, mis-placements and malfunctions by external factors. To resolve problems on erroneous context data from sensors, this project proposes behavior model for robustness of context reading. (supported by Chungnam National University.)

▶ Application-aware optimization for energy efficiency, (May. 2010~Apr.2015)

This research aims at cooperating among different energy saving approaches from various modules and layers. Above all, we focus on adjusting and optimizing application programs so as to yield an integrated energy saving method. This includes static/dynamic analysis, and program rewriting on application programs to work better with energy-saving methods of execution environments like middleware, operating systems and hardware. Our first goal is to achieve improvement on efficiency of flash memory software and the second goal is to save energy for smart spaces (supported by National Research Foundation of Korea)

▶ An analytic study on Web exploit toolkits and current defense technologies (Apr. 2014~Nov.2014)

To analyze the structures and techniques of the Web attack toolkits and corresponding defense technologies currently available against Web exploit toolkits (supported by National Security Research Institute)

▶ Research on recent trends of malicious codes on embedded systems, (Apr. 2011~Oct. 2011) Supported by National Security Research Institute

▶ A safety-aware programming model for ubiquitous environments (Feb. 2010~Feb.2011)

Ubiquitous computing applications are likely to be unsafe situations during dynamic and reactive processing with various physical devices. We are focusing on safety-aware programming model for ubiquitous environments, together with University of Florida (supported by Chungnam National University.)

▶ Policy description languages for privacy in ubiquitous environments, (Jan. 2005~Feb.2011)

For privacy-respecting ubiquitous computing environments, we are developing a policy description language to describe user-preferences. Currently, one of our subgoal includes blurring users’ sensitive data, a number of which are networked together. This research is supported by the Ubiquitous Computing and Network (UCN) Project, Knowledge and Economy Frontier R&D Program of the Ministry of Knowledge Economy (MKE) in Korea.

▶ A programming language for ubiquitous environments (May. 2004~July.2009)

Programming for ubiquitous applications can be both tricky and tedious because they involve dynamic, reactive and massive data processing. We have developed a scenario-based domain specific language for Java Virtual Machine, named ‘PLUE (a Programming Language for Ubiquitous Environment)’, together with ETRI (Korean Electronic Technical Research Institute), partially supported by National Research Foundation of Korea. We also concentrated on RDF data management facilities in the context-aware programming languages.

▶ Research on languages for ECEs (Electricity Curtailing Elements) and their profiling methods, (Sept. 2007~Dec.2007), supported by ETRI (Korean Electronic Technical Research Institute).

▶ Secure software infrastructure for ubiquitous environments, (Nov. 2004~Aug. 2006), supported by KTOA (Korea Telecommunications Operators Association)

▶ Malicious behavior detection via static analysis, (Sept. 2003~Aug. 2004), supported by KRF (Korea Research Foundation)

▶ Research on multi-service computation models for execution elements in active networks, (Sept. 2003~Aug. 2004), supported by KOSEF (Korea Science and Engineering Foundation)

▶ Research on Mobile code technology, (Apr. 2001.~Nov. 2001), supported by NSRI(National Security Research Institute)

As a Researcher

▶ Research on Techniques for Analyzing Trojan horses, (Sept. 2000 ~ Mar. 2001) Supported by NSRI(National Security Research Institute)

▶ Smart Mobile Code Project, ROPAS Oct.1999~Apr. 2000, (Korea Advanced Institute for Science and Technology, Korea)

▶ SNU Object-oriented DBMS Platform (SOP), Dec 1993~Nov.1995 Partially supported by the companies HyunDai Information Technology, DongYang Information System, and Ministry of Commerce, Industry & Energy. (Seoul National University, Korea)

▶ SNU Relational DBMS Platform (SRP), (Oct. 1992 ~ Sept. 1996), Supported by Ministry of Commerce, Industry & Energy (Seoul National University, Korea)

▶ Tandem emulator on MS DOS systems, (Oct. 1991~Apr. 1992), Supported by National Information & Credit Evaluation, Inc. (Seoul National University, Korea)