(Security Assessment aNd Engineering LABoratory │ www.KimLab.net)
Our research interests lie primarily in building system that is hack-proof (i.e., mathematically-verified secure). For this, we are interested in theory, techniques, and tools to secure the system by both "designing-in" the necessary countermeasures and "engineering-out" vulnerabilities throughout the life cycle of the system.
Especially, we focus on : ⑴ SDL (Security development lifecycle), ⑵ Threat modeling and risk assessment, ⑶ Security design & code review, ⑷ Supply chain security, ⑸ SOTA (Secure software updates over the air), ⑹ Security assessment & authorization such as Common Criteria, CMVP, SSE-CMM, RMF A&A, etc, ⑺ Blockchain & Crypto engineering.
What we've done
Our lab's R&Ds mainly focus on "Security Assessment" and "Security Engineering". Till now we have gotten some notable achievements such as :
Smart TV : In 2017, LG electronics, which had been working with us, received 'world-first' Common Criteria EAL2 certification for home appliances (smart TV). CC EAL2 is the same security level as Samsung KNOX! (Prior to this, in 2015, we got TTA-verified security certification from TTA(Telecommunications Technology Association), which was well-known security testing and certification laboratory in Korea! (For detailed information refer to this article: "How to Obtain Common Criteria Certification of Smart TV for Home IoT Security and Reliability", Symmetry 2017, 9(10), 233 (IF: 1.457))
Network-enabled Weapon Systems : From 2016 to 2017, we jointly developed the Korean RMF(Risk Management Framework) with the ROK Joint Chiefs of Staff. Through this, we had established the national strategy for securing the army's weapon systems and supply chain against cyber attack for the first time in Korea. (For detailed information refer to this article: "Security Evaluation Framework for Military IoT Devices", Security and Communication Networks 2018 (IF: 1.067))
soFrida : In 2019, we developed 'soFrida', which was an automatic vulnerability analysis tool against the mobile cloud app and, among the 4 million android apps, we had identified 2,700+ potentially vulnerable android apps. Our tool will be shown for the first time at DEFCON 2019. (For detailed information refer to this site: sofrida.github.io)
Secure SDLC : From 2019 to 2020, we had conducted R&D project for diagnosing and improving the current level of Samsung Research's Secure SDLC(Software Development Life Cycle). Through this project, we quantitatively analyzed the difference in Secure SDLC level between Samsung and its competitors, and suggested improvement plans for Secure SDLC optimized for Samsung.
Published papers in premier conferences and journals : ACSAC (1 paper), BlackHat Asia (2 papers), BlackHat EU (3 papers), BlackHat USA (1 paper), DEFCON (2 papers), ICCC (6 papers), Virus Bulletin (2 papers) at Korea University / AsiaCrypt (1 paper), CT-RSA (3 papers), ICCC (2 papers), IEEE TC (1 paper) at Sungkyunkwan University
2020 Highlights : Our paper, "Blockchain for Cyber Defense: Will It Be As Good As You Think?" was presented at DEFCON Blockchain Village 2020, and the paper, "BinTyper: Type Confusion Detection for C++ Binaries", was accepted to Black Hat Europe 2020. In addition, another paper, "Application of the Common Criteria to Building Trustworthy Automotive SDLC", was accepted at the 19th ICCC 2020 (The 19th International Common Criteria Conference 2020), and our journal paper, "Blockchain Based Sensitive Data Management by Using Key Escrow Encryption System from the Perspective of Supply Chain", was published at IEEE Access (IF:4.098).
2019 Highlights : Our paper, "When Voice Phishing met Malicious Android App (extended version)" was accepted to Black Hat Asia 2019 conference (acceptance ratio: 11.95% = 35 accepted / 293 submissions) (See press coverage at DARKReading and Heise), and another paper "Fuzzing and Exploiting Virtual Channels in Microsoft Remote Desktop Protocol for Fun and Profit" was accepted to Black Hat Europe 2019 (Our discovery of an information leak vulnerability in Microsoft Remote Desktop Client, CVE-2019-1108, had received $10,000 bug bounty from HackerOne). Furthermore, our automated mobile cloud app analysis tool, "soFrida", was accepted to DEFCON Demo Labs 2019. By using this tool, we had analyzed 4 million Android apps and found 2,700+ potentially vulnerable apps that could leak sensitive personal information data and manipulate back-end cloud DB. For more details, see sofrida.github.io. And also two papers were accepted at the 18th ICCC 2019 (The 18th International Common Criteria Conference 2019) : "IoT Device Hacking and New Direction of IoT Security Evaluation Using Common Criteria" and "Verification of IVI Over-The-Air Using UML/OCL". One moer thing! Our graduate students, "JaeKi Kim" and "Min-Chang Jang", presented "Kimsuky Group: Tracking the King of the Spear-Phishing" at 29th VB2019 (Virus Bulletin conference 2019) again, after VB 2018.
2018 Highlights : Our graduate students, "JaeKi Kim" and "Min-Chang Jang", presented "DOKKAEBI: Documents of Korean and Evil Binary" at 28th VB2018 (Virus Bulletin conference 2018), and "Min-Chang Jang" also presented "When Voice Phishing met Malicious Android App" at CODE BLUE 2018 (See press and book coverage at KBS1 and SBS). Furthermore, we opened a 'Center for High-Assurance Operating Systems(CHAOS)' in Korea University in order to develop the technologies needed to make and evaluate EAL6/EAL7 OS.
2017 Highlights : Yes, we did it again after Black Hat USA 2013 : See our talk, "Are you watching TV now? Is it real?: Hacking of smart TV with 0-day" at Hack in Paris 2017 (See press coverage at 01net.com and demo.), and "LG vs. Samsung Smart TV: Which Is Better for Tracking You?" at CODE BLUE 2017! Additionally, my graduate student, "Min-Chang Jang", gave a talk on forensic studies of "North Korean hacking" at Black Hat Europe 2017 (See press coverage at Sky News.) and also at Black Hat Asia 2018. Furthermore, we opened a 'Army RMF Research Center(AR²C)'.
2016 Highlights : The paper, "Deep Learning Based Real-Time DNS DDoS Detection System", was accepted to ACSAC 2016 (The 32nd Annual Computer Security Applications Conference 2016) as a poster presentation.
2015 Highlights : Our professor, "Seungjoo Kim" talked about the various cybersecurity educational and professional training programs of Korea at CODE BLUE 2015 (This presentation slide was selected as one of the 'Most Talked-About Slide on Facebook'!), and we discovered some critical vulnerabilities in LTE Femtocell and notified to the operator and manufacturer (Research Paper @ SECUINSIDE 2015). Additionally, our case studies submission on the "DDoS Attack to DNS Using Infected IoT Devices" to this year's ACSAC 2015 (The 31st Annual Computer Security Applications Conference 2015, which is one of the most important cyber security conferences in the world and the oldest information security conference held annually) was included in the program.
2014 Highlights : Our paper, "Developing a Protection Profile for Smart TV" was accepted at The 15th ICCC 2014 (International Common Criteria Conference 2014), and another paper "(The First Experimental) Study on Smart TV Forensics" was presented at Journal of the KIISC (Korean Institute of Information Security and Cryptology) (English version is here! : "Further Analysis on Smart TV Forensics" at Journal of Internet Technology (SCI-E, IF:1.930)).
2013 Highlights : "Smart TV Security - #1984 in 21st century" appeared at The 14th CanSecWest 2013 (The 14th CanSecWest Applied Security Conference 2013) (See press coverage at MBC, KBS, channelIT, inews24.com), and the extended version, "Hacking, Surveilling, and Deceiving Victims on Smart TV" was also presented at The 17th Black Hat USA 2013 (See press and book coverage at The Wall Street Journal, The Guardian, Fox News, ZDNet, Network World, Digital Trends, CBS, KBS, The Electronic Times, Nitesh Dhanjani's "Abusing the Internet of Things - Blackouts, Freakouts, and Stakeouts - (O'REILLY)", ENISA's report entitled "Security and Resilience of Smart Home Environments", and etc.). Furthermore, we had two papers accepted at The 14th ICCC 2013 (The 14th International Common Criteria Conference 2013). One was "Problem and Improvement of the Composition Documents for Smart Card Composite Product Evaluations", and the other one was "How the CC Harmonizes with Secure Software Development Lifecycle". One more thing! "SHRT - New method of URL shortening including relative word of target URL" was presented at SOUPS 2013 (The Symposium on Usable Privacy and Security 2013) as a poster.
2012 Highlights : Our journal paper, "Efficient Certificateless Proxy Signature Scheme with Provable Security" was accepted at Information Sciences (IF:3.643).
2011 Highlights : Prof. Seungjoo Kim moved to School of Cybersecurity, Korea University from School of Information and Communication Engineering, Sungkyunkwan University and established his lab, "SANE (Security Assessment aNd Engineering) Lab".