(Security Assessment aNd Engineering LABoratory │ www.KimLab.net)
What our SANE Lab. is working on is not just "let's find the vulnerability," but rather a methodology and an automation tool that enables the following: "Securing the system by both ⑴ 'designing-in' the necessary countermeasures and ⑵ 'engineering-out' vulnerabilities, throughout the 'lifecycle' of the program." Those who want to do this kind of research are very welcome.
In more detail, our research interests lie primarily in ⑴ Secure Software Engineering (i.e., Software Development Security) : Ensuring that security requirements are adequately addressed through all phases of the software development life-cycle including planning, defining, designing, building, testing, deploying as well as disposal. ⑵ Security Assessment : Evaluating the implementation and effectiveness of security controls, reporting on the achievement of control objectives, and recommending corrective action to address deficiencies identified in performance measurement and evaluations. ⑶ Blockchain & Cryptocurrency.
For this, especially we focus on : ⑴ Automated threat modeling and risk assessment, ⑵ Formal methods for analyzing and assuring safety and security of software systems, ⑶ Composable and scalable secure systems, ⑷ SOTA (Secure software updates over the air), ⑸ Security assessment & authorization such as Common Criteria, CMVP, SSE-CMM, RMF A&A, etc, ⑹ Blockchain & Crypto engineering.
Lab (SANE Lab) : www.KimLab.net | Lab (Army RMF Research Center) : www.HackProof.systems | Lab TV : www.YouTube.com | Blog : www.Crypto.kr | GitHub : HackProof
What we've done
Our lab's R&Ds mainly focus on "Security Assessment", "Secure Software Engineering", and "Blockchain". Till now we have gotten some notable achievements such as :
Smart TV : In 2017, LG electronics, which had been working with us, received 'world-first' Common Criteria EAL2 certification for home appliances (smart TV). CC EAL2 is the same security level as Samsung KNOX! (Prior to this, in 2015, we got TTA-verified security certification from TTA(Telecommunications Technology Association), which was well-known security testing and certification laboratory in Korea! (For detailed information refer to this article: "How to Obtain Common Criteria Certification of Smart TV for Home IoT Security and Reliability", Symmetry 2017, 9(10), 233 (IF: 1.457))
Network-enabled Weapon Systems : From 2016 to 2017, we jointly developed the Korean RMF(Risk Management Framework) with the ROK Joint Chiefs of Staff. Through this, we had established the national strategy for securing the army's weapon systems and supply chain against cyber attack for the first time in Korea. (For detailed information refer to this article: "Security Evaluation Framework for Military IoT Devices", Security and Communication Networks 2018 (IF: 1.067))
soFrida : In 2019, we developed 'soFrida', which was an automatic vulnerability analysis tool against the mobile cloud app and, among the 4 million android apps, we had identified 2,700+ potentially vulnerable android apps. Our tool was shown for the first time at DEFCON 2019. (For detailed information refer to this site: github.com/HackProof/soFrida)
Secure SDLC : From 2019 to 2020, we had conducted R&D project for diagnosing and improving the current level of Samsung Research's Secure SDLC(Software Development Life Cycle). Through this project, we quantitatively analyzed the difference in Secure SDLC level between Samsung and its competitors, and suggested improvement plans for Secure SDLC optimized for Samsung.
CHAOS(ChibiOS-based High-Assurance Operating System) : Since 2018, we have been developing Korea's first secure micro kernel for drones with a security level above Common Criteria EAL6. (For detailed information refer to this site: github.com/HackProof/CHAOS)
TMoC(Threat Modelers on Chain) : Since 2021, we have been developing a threat modeling tool in the form of a decentralized web. For this, we combined threat modeling with a blockchain-based collective intelligence system. Our tool was presented at DEFCON 2021 and Black Hat Asia 2022. (For detailed information refer to this site: github.com/HackProof/TMoC)
HASUMS(High-Assurance Software Update Management System) : In 2023, we developed a 'HASUMS', an acronym for "High-Assurance Software Update Management System", that meets the requirements of the "UN Regulation No. 156 - Software update and software update management system". To further specify the unclear requirements of UN R156, we used the STRIDE Threat Modeling technique. We also designed, implemented, and formally verified our HASUMS using Event-B and Atelier B. Our tool was presented at NDSS Symposium - VehicleSec 2023. (For detailed information refer to this site: github.com/HackProof/HASUMS)
Published papers in premier conferences and journals : ACSAC (1 paper), BlackHat Asia (3 papers), BlackHat EU (3 papers), BlackHat USA (1 paper), DEFCON (4 papers), ICCC (6 papers), IEEE MILCOM (1 paper), Virus Bulletin (2 papers) at Korea University / AsiaCrypt (1 paper), CT-RSA (3 papers), ICCC (2 papers), IEEE TC (1 paper) at Sungkyunkwan University
2023 Highlights : Professor Seungjoo Kim, SANE lab.'s advisor, has been appointed as the vice president for Digital Information of Korea University, and our paper, "Formally Verified Software Update Management System in Automotive" has been accepted to NDSS Symposium - VehicleSec 2023 (Inaugural Symposium on Vehicle Security and Privacy 2023)!
2022 Highlights : Our papers, "TMoC: Threat Modelers on Chain" was presented at Black Hat Asia 2022 Arsenal, "Block Double-Submission Attack: Block Withholding Can Be Self-Destructive" was presented at ACM AFT 2022 (ACM Advances in Financial Technologies 2022), "Do You Really Need to Disguise Normal Servers as Honeypots?" was accepted to IEEE MILCOM 2022 (40th IEEE Military Communications Conference 2022), and our paper, "Rethinking Selfish Mining under Pooled Mining" was accepted to ICT Express journal, the Impact Factor of which is 4.317, ranking it 22 out of 91 in Telecommunications.
2021 Highlights : Two papers from our lab were accepted in DEFCON Blockchain Village 2021! : "Blockchain as a Threat Modeling Thinking Tool" and "Will Secure Element Really Help Strengthen the Security of Cryptocurrency Wallets?". Congratulations to all the authors! And our journal paper, "CIA-Level Driven Secure SDLC Framework for Integrating Security into SDLC Process" and "Blockchain as a Cyber Defense", were accepted to Journal of Ambient Intelligence and Humanized Computing (IF:7.104), and IEEE Access (IF:4.098) respectively.
2020 Highlights : Our paper, "Blockchain for Cyber Defense: Will It Be As Good As You Think?" was presented at DEFCON Blockchain Village 2020, and the paper, "BinTyper: Type Confusion Detection for C++ Binaries", was accepted to Black Hat Europe 2020. In addition, another paper, "Application of the Common Criteria to Building Trustworthy Automotive SDLC", was accepted at the 19th ICCC 2020 (The 19th International Common Criteria Conference 2020), and our journal paper, "Blockchain Based Sensitive Data Management by Using Key Escrow Encryption System from the Perspective of Supply Chain", was published at IEEE Access (IF:4.098).
2019 Highlights : Our paper, "When Voice Phishing met Malicious Android App (extended version)" was accepted to Black Hat Asia 2019 conference (acceptance ratio: 11.95% = 35 accepted / 293 submissions) (See press coverage at DARKReading and Heise), and another paper "Fuzzing and Exploiting Virtual Channels in Microsoft Remote Desktop Protocol for Fun and Profit" was accepted to Black Hat Europe 2019 (Our discovery of an information leak vulnerability in Microsoft Remote Desktop Client, CVE-2019-1108, had received $10,000 bug bounty from HackerOne). Furthermore, our automated mobile cloud app analysis tool, "soFrida", was accepted to DEFCON Demo Labs 2019. By using this tool, we had analyzed 4 million Android apps and found 2,700+ potentially vulnerable apps that could leak sensitive personal information data and manipulate back-end cloud DB. For more details, see sofrida.github.io. And also two papers were accepted at the 18th ICCC 2019 (The 18th International Common Criteria Conference 2019) : "IoT Device Hacking and New Direction of IoT Security Evaluation Using Common Criteria" and "Verification of IVI Over-The-Air Using UML/OCL". One moer thing! Our graduate students, "JaeKi Kim" and "Min-Chang Jang", presented "Kimsuky Group: Tracking the King of the Spear-Phishing" at 29th VB2019 (Virus Bulletin conference 2019) again, after VB 2018.
2018 Highlights : Our graduate students, "JaeKi Kim" and "Min-Chang Jang", presented "DOKKAEBI: Documents of Korean and Evil Binary" at 28th VB2018 (Virus Bulletin conference 2018), and "Min-Chang Jang" also presented "When Voice Phishing met Malicious Android App" at CODE BLUE 2018 (See press and book coverage at KBS1 and SBS). Furthermore, we opened a 'Center for High-Assurance Operating Systems(CHAOS)' in Korea University in order to develop the technologies needed to make and evaluate EAL6/EAL7 OS.
2017 Highlights : Yes, we did it again after Black Hat USA 2013 : See our talk, "Are you watching TV now? Is it real?: Hacking of smart TV with 0-day" at Hack in Paris 2017 (See press coverage at 01net.com and demo.), and "LG vs. Samsung Smart TV: Which Is Better for Tracking You?" at CODE BLUE 2017! Additionally, my graduate student, "Min-Chang Jang", gave a talk on forensic studies of "North Korean hacking" at Black Hat Europe 2017 (See press coverage at Sky News.) and also at Black Hat Asia 2018. Furthermore, we opened a 'Army RMF Research Center(AR²C)'.
2016 Highlights : The paper, "Deep Learning Based Real-Time DNS DDoS Detection System", was accepted to ACSAC 2016 (The 32nd Annual Computer Security Applications Conference 2016) as a poster presentation.
2015 Highlights : Our professor, "Seungjoo Kim" talked about the various cybersecurity educational and professional training programs of Korea at CODE BLUE 2015 (This presentation slide was selected as one of the 'Most Talked-About Slide on Facebook'!), and we discovered some critical vulnerabilities in LTE Femtocell and notified to the operator and manufacturer (Research Paper @ SECUINSIDE 2015). Additionally, our case studies submission on the "DDoS Attack to DNS Using Infected IoT Devices" to this year's ACSAC 2015 (The 31st Annual Computer Security Applications Conference 2015, which is one of the most important cyber security conferences in the world and the oldest information security conference held annually) was included in the program.
2014 Highlights : Our paper, "Developing a Protection Profile for Smart TV" was accepted at The 15th ICCC 2014 (International Common Criteria Conference 2014), and another paper "(The First Experimental) Study on Smart TV Forensics" was presented at Journal of the KIISC (Korean Institute of Information Security and Cryptology) (English version is here! : "Further Analysis on Smart TV Forensics" at Journal of Internet Technology (SCI-E, IF:1.930)).
2013 Highlights : "Smart TV Security - #1984 in 21st century" appeared at The 14th CanSecWest 2013 (The 14th CanSecWest Applied Security Conference 2013) (See press coverage at MBC, KBS, channelIT, inews24.com), and the extended version, "Hacking, Surveilling, and Deceiving Victims on Smart TV" was also presented at The 17th Black Hat USA 2013 (See press and book coverage at The Wall Street Journal, The Guardian, Fox News, ZDNet, Network World, Digital Trends, CBS, KBS, The Electronic Times, Nitesh Dhanjani's "Abusing the Internet of Things - Blackouts, Freakouts, and Stakeouts - (O'REILLY)", ENISA's report entitled "Security and Resilience of Smart Home Environments", and etc.). Furthermore, we had two papers accepted at The 14th ICCC 2013 (The 14th International Common Criteria Conference 2013). One was "Problem and Improvement of the Composition Documents for Smart Card Composite Product Evaluations", and the other one was "How the CC Harmonizes with Secure Software Development Lifecycle". One more thing! "SHRT - New method of URL shortening including relative word of target URL" was presented at SOUPS 2013 (The Symposium on Usable Privacy and Security 2013) as a poster.
2012 Highlights : Our journal paper, "Efficient Certificateless Proxy Signature Scheme with Provable Security" was accepted at Information Sciences (IF:3.643).
2011 Highlights : Prof. Seungjoo Kim moved to School of Cybersecurity, Korea University from School of Information and Communication Engineering, Sungkyunkwan University and established his lab, "SANE (Security Assessment aNd Engineering) Lab".
Now, we're recruiting creative graduate students who possess a passion for learning, thinking, etc. If you are willing to work with us see the following : ⑴ Introduction to SANE Lab., ⑵ Introduction to Security Engineering, ⑶ Must read items for new students at SANE Lab.