PhySec

PhySec Lab

PhySec Lab explores security and privacy at the physical layer, where real-world signals serve as both vulnerabilities and defenses

PhySec Lab investigates security and privacy issues arising from physical-layer signals that are naturally generated during real-world system operation. We study a broad range of physical signals—including vibrations, acoustic emissions, sensor readings, electromagnetic leakage, and visual signals captured by imaging sensors—to understand how physical phenomena interact with modern computing systems.

By analyzing physical-layer signals from both offensive and defensive perspectives, PhySec Lab aims to (1) identify previously underexplored attack surfaces and privacy leakage risks, and (2) design practical security mechanisms—such as authentication, device identification, and device pairing—that are well suited for resource-constrained and sensor-rich commercial platforms, including IoT and mobile devices, wearables, and AR/VR systems.

Sunwoo Lee is an Assistant Professor in the Department of Cyber Security at Ewha Womans University, Seoul, Republic of Korea.

She received her Ph.D. in Information Security from the School of Cybersecurity at Korea University, where she conducted research on secure IoT system design based on PHY-level challenge–response structures, under the supervision of Professor Dong Hoon Lee. She also holds a B.S. in Mathematics from the College of Natural Science at Sogang University.

Prior to joining Ewha Womans University in March 2026, she served as an Assistant Professor in the Department of Information Security at Seoul Women’s University from March 2024 to February 2026. She also worked as a Staff Engineer at the Security & Privacy Lab of Samsung Research between October 2022 and February 2024, where she gained hands-on experience in real-world security and privacy systems. In addition, she was a Research Professor at the School of Cybersecurity, Korea University, from March 2022 to September 2022.

Her research interests include data-driven security, IoT and sensor security, user authentication, device identification (fingerprinting), usable security, side-channel attacks, and privacy leakage attacks, with a particular focus on leveraging physical-layer signals for both security enhancement and vulnerability analysis.

Interested in joining PhySec Lab?

We welcome highly motivated undergraduate and graduate students
interested in cybersecurity, side-channel analysis, and
the security of systems grounded in the physical world.

If you are interested in joining the lab, please contact us via email.

Students

PhySec Lab welcomes motivated students !

Undergraduate Researchers

Yejin Ahn (Sep. 2025 – )
Chaeyeon Lee (Feb. 2025 – Feb. 2026)

Publications

Conference

2025

- Sunwoo Lee, and Wonsuk Choi. "Eyes on Your Typing: Snooping Finger Motions on Virtual Keyboards". Proceedings of the 46th IEEE Symposium on Security and Privacy (IEEE S&P (Oakland) 2025) (acceptance rate: 14.8% = 257/1740)

2021

- Sunwoo Lee, Wonsuk Choi, and Dong Hoon Lee. "Usable user authentication on a smartwatch using vibration." Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (ACM CCS 2021)

Earlier Publications (Before 2020)

- Sunwoo Lee, Wonsuk Choi, and Dong Hoon Lee. "Ulrera!: Securing ultrasonic sensor based on Signal Relation and Randomness." {Poster Session} 26th USENIX Security Symposium (USENIX Security 2017)

Journal

2025

- Young-joo Park and Sunwoo Lee (2025), "A Survey on Deep Learning-Based Image Approaches for Malicious Network Traffic Detection," The Journal of Korean Institute of Communications and Information Sciences, 50(10). [Scopus, KCI]
- Yena So, and Sunwoo Lee (2025). "Self-Destructing Messenger Based on PII Detection." The Journal of Korean Institute of Communications and Information Sciences, 50(10). [Scopus, KCI]
- Nahyun Kim, Hanseul Jung*, Minyoung Choi*, Jeongmin Bak, Sunwoo Lee. "Charging Into Your Privacy: Indirect Privacy Leakage Attack Using a Laptop Charger." IEEE Transactions on Dependable and Secure Computing (IEEE TDSC), Accepted, 2025. [SCIE (Q1), IF 7.5, JCR Top 5% in Computer Science, Software Engineering]
- Minyoung Choi, Ahyoung Cho, and Sunwoo Lee (2025). "Real-Time Network Attack Detection and APP Implementation for Wi-Fi Based IP Cameras Using Machine Learning." The Journal of Korean Institute of Communications and Information Sciences, 50(8), 1279-1289. [Scopus, KCI]
- Sunwoo Lee. "Gyro-Mag: Attack-Resilient System Based on Sensor Estimation." Sensors 25.7 (2025): 2208. [SCIE (Q2), IF 3.4]
- Sunwoo Lee. "Real Steps or Not: Auto-Walker Detection in Move-to-Earn Applications." Sensors 25.4 (2025): 1002. [SCIE (Q2), IF 3.4]

2023

- Sunwoo Lee, Wonsuk Choi, and Dong Hoon Lee. "The vibration knows who you are! A further analysis on usable authentication for smartwatch users." Computers & Security 125 (2023): 103040. [SCIE (Q1), IF 4.8, JCR Top 17.7% in Computer Science, Information Systems]

2022

- Sunwoo Lee, and Dong Hoon Lee. "From Attack to Identification: MEMS Sensor Fingerprinting Using Acoustic Signals." IEEE Internet of Things Journal (2022): 5447-5460. [SCIE (Q1), IF 10.6, JCR Top 1.79% in Computer Science, Information Systems]

Earlier Publications (Before 2020)

- Sunwoo Lee, Wonsuk Choi, and Dong Hoon Lee. "Securing ultrasonic sensors against signal injection attacks based on a mathematical model." IEEE Access 7 (2019): 107716-107729. [SCIE (Q1), IF 3.745]

Patents

- DEVICE AND METHOD FOR DETECTING SIGNAL INJECTION ATTACK USING RELATION BETWEEN GYROSCOPE AND MAGNETOMETER (Granted Patent Number(KR): 10-2790021, 2025)
- METHOD FOR DETECTING ATTACK USING ROAD TRAFFIC INFRASTRUCTURE IN V2X ENVIRONMENT (Granted Patent Number(KR): 10-2602602, 2023)
- CONGESTION ATTACK DETECTION SYSTEM IN AUTONOMOUS COOPERATIVE DRIVING ENVIRONMENT USING RECEIVED SIGNAL STRENGTH MEASUREMENT (Granted Patent Number(KR): 10-2510380, 2023)
- METHOD OF DETECTING ATTACK ON SENSOR (Granted Patent Number(KR): 10-2491867, 2023)
- TECHNIQUE FOR AUTOMOTIVE SOFTWARE UPDATE BY USING WHITE-BOX CRYPTOGRAPHY (Granted Patent Number(KR): 10-2491866, 2023)
- CONGESTION ATTACK DETECTION SYSTEM IN AUTONOMOUS COOPERATIVE DRIVING ENVIRONMENT USING RECEIVED SIGNAL STRENGTH MEASUREMENT (Granted Patent Number(KR): 10-2404211, 2022)
- User Authentication using Vibration Signals on Wearable Devices (Granted Patent Number(KR): 10-2393483, 2022)
- User Authentication using Vibration Signals on Wearable Devices (PCT Application Number: PCT/KR2021/004911, 2021)
- DEVICE AND METHOD FOR DETECTING A SIGNAL INJECTION ATTACK ON AN ULTRASONIC SENSOR (Granted Patent Number(KR): 10-1992832, 2019)
- METHOD FOR TRANSMITTING AND RECEIVING A MESSAGE IN A VEHICLE NETWORK SYSTEM, (Granted Patent Number(KR): 10-1705639, 2017)

Courses

Seoul Women's University

- Introduction to Computer and Information Security
- Data Structure
- Computer Algorithm
- Privacy Protection Technologies

Ewha Womans University

- Risk Management and Intrusion Detection Systems (Undergraduate)
- Intrusion Detection Systems (Graduate)

Latest News

🎉 Officially Launched – Jan 2026

Contact

Jinseonmi-gwan, Room 237

Ewha Womans University

52, Ewhayeodae-gil

Seodaemun-gu, Seoul 03760

Republic of Korea

Email: sun.lee@ewha.ac.kr

Page updated

Google Sites

Report abuse