Associate Professor
Department of Electrical and Computer Engineering
Email: byoungyoung@snu.ac.kr
Associate Professor
Department of Electrical and Computer Engineering
Email: byoungyoung@snu.ac.kr
Short bio: I am an Associate Professor in Electrical and Computer Engineering at Seoul National University (SNU). I'm leading the CompSec Lab and associated with SOR. I am interested in general computer security and privacy related problems in general. My research focus is in systems security, namely attack mitigation, vulnerability finding, and confidential computing. More details can be found here
To prospective students: I'm looking for motivated students in system or security research. If you are interested in working with me, please contact me via byoungyoung@snu.ac.kr.
MalDev: Subverting Kernel and Secure VM through Exploiting Address Translation Services (to appear)
Sangyun Kim, Kyungwook Boo, Cheolwoo Myung, Sangho Lee, and Byoungyoung Lee
USENIX Security Symposium (Security) 2025
TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (to appear) [ code ]
Juhee Kim, Jinbum Park, Sihyeon Roh, Jaeyoung Chung, Youngjoo Lee, Taesoo Kim, and Byoungyoung Lee
IEEE Symposium on Security and Privacy (SP) 2025
PeTAL: Ensuring Access Control Integrity against Data-only Attacks on Linux (to appear) [ code ]
Juhee Kim, Jinbum Park, Yoochan Lee, Chengyu Song, Taesoo Kim, and Byoungyoung Lee
ACM Conference on Computer and Communications Security (CCS) 2024
OZZ: Identifying Kernel Out-of-Order Concurrency Bugs with In-Vivo Memory Access Reordering (to appear)
Dae R. Jeong, Yewon Choi, Byoungyoung Lee, Insik Shin, and Youngjin Kwon
ACM Symposium on Operating Systems Principles (SOSP) 2024
Bypassing ARM's Memory Tagging Extension with a Side-Channel Attack
Juhee Kim, Jinbum Park, Sihyeon Roh, Jaeyoung Chung, Youngjoo Lee, Taesoo Kim, and Byoungyoung Lee
BlackHat USA 2024
A Secure, Fast, and Resource-Efficient Serverless Platform with Function REWIND
Jaehyun Song, Bumsuk Kim, Minwoo Kwak, Byoungyoung Lee, Euiseong Seo, and Jinkyu Jeong
USENIX Annual Technical Conference (ATC) 2024
SyzRisk: A Change-Pattern-Based Continuous Kernel Regression Fuzzer
Gwangmu Lee, Duo Xu, Solmaz Salimi, Byoungyoung Lee, and Mathias Payer
ACM Symposium on Information, Computer and Communications Security (ASIACCS) 2024
Metamong: Detecting Render-update Bugs in Web Browsers through Fuzzing [ paper | slide ]
Suhwan Song, and Byoungyoung Lee
ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE) 2023
An Extensible Orchestration and Protection Framework for Confidential Cloud Computing [ paper | slide ]
Adil Ahmad, Alex Schultz, Byoungyoung Lee, and Pedro Fonseca
USENIX Symposium on Operating Systems Design and Implementation (OSDI) 2023
SEGFUZZ: Segmentizing Thread Interleaving to Discover Kernel Concurrency Bugs through Fuzzing [ paper | code ]
Dae R. Jeong, Byoungyoung Lee, Insik Shin, and Youngjin Kwon
IEEE Symposium on Security and Privacy (SP) 2023
GRAMINER: Fuzz Testing Gramine LibOS to Harden the Trusted Computing Base [ paper ]
Jaewon Hur, and Byoungyoung Lee
Workshop on System Software for Trusted Execution (SysTEX) 2023
Extending a Hand to Attackers: Browser Privilege Escalation Attacks via Extensions [ paper ]
Young Min Kim, and Byoungyoung Lee
USENIX Security Symposium (Security) 2023
Pspray: Timing Side-Channel based Linux Kernel Heap Exploitation Technique [ paper ]
Yoochan Lee, Jinhan Kwak, Junesoo Kang, Yuseok Jeon, and Byoungyoung Lee
USENIX Security Symposium (Security) 2023
Diagnosing Kernel Concurrency Failures with AITIA [ paper ]
Dae R. Jeong, Minkyu Jung, Yoochan Lee, Byoungyoung Lee, Insik Shin, and Youngjin Kwon
ACM EuroSys Conference (EuroSys) 2023
Perfect Spray: A Journey From Finding a New Type of Logical Flaw at Linux Kernel To Developing a New Heap Exploitation Technique
Yoochan Lee, Byoungyoung Lee, Yuseok Jeon, Jinhan Kwak, and Junesoo Kang
BlackHat Europe 2022
SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities [ paper | slide | code ]
Jaewon Hur, Suhwan Song, Sunwoo Kim, and Byoungyoung Lee
ACM Conference on Computer and Communications Security (CCS) 2022
FuzzOrigin: Detecting UXSS vulnerabilities in Browsers through Origin Fuzzing [ paper | slide | code ]
Sunwoo Kim, Young Min Kim, Jaewon Hur, Suhwan Song, Gwangmu Lee, and Byoungyoung Lee
USENIX Security Symposium (Security) 2022
SYMSAN: Time and Space Efficient Concolic Execution via Dynamic Data-flow Analysis [ paper | slide ]
Ju Chen, Wookhyun Han, Mingjun Yin, Haochen Zeng, Yuxuan Chen, Chengyu Song, Byoungyoung Lee, Heng Yin, and Insik Shin
USENIX Security Symposium (Security) 2022
MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference [ paper | slide ]
Cheolwoo Myung, Gwangmu Lee, and Byoungyoung Lee
USENIX Security Symposium (Security) 2022
R2Z2: Detecting Rendering Regressions in Web Browsers through Differential Fuzz Testing [ paper | slide ]
Suhwan Song, Jaewon Hur, Sunwoo Kim, Philip Rogers, and Byoungyoung Lee
IEEE/ACM International Conference on Software Engineering (ICSE) 2022
FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks [ paper ]
Kyungtae Kim, Taegyu Kim, Ertza Warraich, Byoungyoung Lee, Kevin Butler, Antonio Bianchi, and Dave (Jing) Tian
IEEE Symposium on Security and Privacy (SP) 2022
DiFuzzRTL: Differential Fuzz Testing to Find CPU Bugs [ paper | slide | code ]
Jaewon Hur, Suhwan Song, Dongup Kwon, Eunjin Baek, Jangwoo Kim, and Byoungyoung Lee
IEEE Symposium on Security and Privacy (SP) 2021
ExpRace: Exploiting Kernel Races through Raising Interrupts [ paper | slide ]
Yoochan Lee, Changwoo Min, and Byoungyoung Lee
USENIX Security Symposium (Security) 2021
Constraint-guided Directed Greybox Fuzzing [ paper | slide ]
Gwangmu Lee, Woochul Shim, and Byoungyoung Lee
USENIX Security Symposium (Security) 2021
M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles [ paper ]
Arslan Khan, Hyungsub Kim, Byoungyoung Lee, Dongyan Xu, Antonio Bianchi, and Dave Tian
USENIX Security Symposium (Security) 2021
KARD: Lightweight Data Race Detection with Per-Thread Memory Protection [ paper ]
Adil Ahmad, Sangho Lee, Pedro Fonseca, and Byoungyoung Lee
International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) 2021
Chancel: Efficient Multi-client Isolation Under Adversarial Programs [ paper | slide ]
Adil Ahmad, Juhee Kim, Jaebaek Seo, Insik Shin, Pedro Fonseca, and Byoungyoung Lee
Network and Distributed System Security Symposium (NDSS) 2021
BlackMirror: Preventing Wallhacks in 3D Online FPS Games [ paper | slide ]
Seonghyun Park, Adil Ahmad, and Byoungyoung Lee
ACM Conference on Computer and Communications Security (CCS) 2020
TRUSTORE: Side-Channel Resistant Storage for SGX using Intel Hybrid CPU-FPGA [ paper | slide ]
Hyunyoung Oh, Adil Ahmad, Seonghyun Park, Byoungyoung Lee, and Yunheung Paek
ACM Conference on Computer and Communications Security (CCS) 2020
Vessels: Efficient and Scalable Deep Learning Prediction on Trusted Processors [ paper ]
Kyungtae Kim, Chung Hwan Kim, Junghwan Rhee, Xiao Yu, Haifeng Chen, Dave Tian, and Byoungyoung Lee
ACM Symposium on Cloud Computing (SoCC) 2020
A Tale of Two Trees: One Writes, and Other Reads. Optimized Oblivious Accesses to Large-Scale Blockchains [ paper ]
Duc V. Le, Lizzy Tengana Hurtado, Adil Ahmad, Mohsen Minaei, Byoungyoung Lee, and Aniket Kate
Privacy Enhancing Technologies Symposium (PETS) 2020
CrFuzz: Fuzzing Multi-purpose Programs through Input Validation [ paper ]
Suhwan Song, Chengyu Song, Yeongjin Jang, and Byoungyoung Lee
ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE) 2020
Exploiting Kernel Races through Taming Thread Interleaving [ paper ]
Yoochan Lee, Changwoo Min, and Byoungyoung Lee
BlackHat USA 2020
HFL: Hybrid Fuzzing on the Linux Kernel [ paper | slide ]
Kyungtae Kim, Dae R. Jeong, Chung Hwan Kim, Yeongjin Jang, Insik Shin, and Byoungyoung Lee
Network and Distributed System Security Symposium (NDSS) 2020
uXOM: Efficient eXecute-Only Memory on ARM Cortex-M [ paper | slide ]
Donghyun Kwon, Jangseop Shin, Giyeol Kim, Byoungyoung Lee, Yeongpil Cho, and Yunheung Paek
USENIX Security Symposium (Security) 2019
All Your Clicks Belong to Me: Investigating Click Interception on the Web [ paper ]
Mingxue Zhang, Wei Meng, Sangho Lee, Byoungyoung Lee, and Xinyu Xing
USENIX Security Symposium (Security) 2019
Razzer: Finding Kernel Race Bugs through Fuzzing [ paper | slide | code ]
Dae R. Jeong, Kyungtae Kim, Basavesh Ammanaghatta Shivakumar, Byoungyoung Lee, and Insik Shin
IEEE Symposium on Security and Privacy (SP) 2019
PoLPer: Process-Aware Restriction of Over-Privileged Setuid Calls in Legacy Applications [ paper ]
Yuseok Jeon, Junghwan Rhee, Chung Hwan Kim, Zhichun Li, Mathias Payer, Byoungyoung Lee, and Zhenyu Wu
ACM Conference on Data and Application Security and Privacy (CODASPY) 2019
OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX [ paper | slide | code ]
Adil Ahmad⭑, Byunggill Joe⭑, Yuan Xiao, Yinqian Zhang, Insik Shin, and Byoungyoung Lee
Network and Distributed System Security Symposium (NDSS) 2019
⭑ co-first authors
Obliviate: A Data Oblivious Filesystem for Intel SGX [ paper | slide ]
Adil Ahmad, Kyungtae Kim, Muhammad Sarfaraz, and Byoungyoung Lee
Network and Distributed System Security Symposium (NDSS) 2018
Securing Real-Time Microcontroller Systems through Customized Memory View Switching [ paper | slide | code ]
Chunghwan Kim, Taegyu Kim, Hongjun Choi, Zhongshu Gu, Byoungyoung Lee, Xiangyu Zhang, and Dongyan Xu
Network and Distributed System Security Symposium (NDSS) 2018
Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing [ paper | slide | code ]
Wookhyun Han, Byunggill Joe, Byoungyoung Lee, Chengyu Song, and Insik Shin
Network and Distributed System Security Symposium (NDSS) 2018
HexType: Efficient Detection of Type Confusion Errors for C++ [ paper | slide | code ]
Yuseok Jeon, Priyam Biswas, Scott Carr, Byoungyoung Lee, and Mathias Payer
ACM Conference on Computer and Communications Security (CCS) 2017
CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems [ paper | slide ]
Su Yong Kim, Sangho Lee, Insu Yun, Wen Xu, Byoungyoung Lee, Youngtae Yun, and Taesoo Kim
USENIX Annual Technical Conference (ATC) 2017
SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs [ paper | slide | code ]
Jaebaek Seo, Byoungyoung Lee, Sungmin Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim
Network and Distributed System Security Symposium (NDSS) 2017
Instant OS Updates via Userspace Checkpoint-and-Restart [ paper | slide ]
Sanidhya Kashyap, Changwoo Min, Byoungyoung Lee, Taesoo Kim, and Pavel Emelyanov
USENIX Annual Technical Conference (ATC) 2016
HDFI: Hardware-assisted Data-Flow Isolation [ paper | slide | code ]
Chengyu Song, Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim, Wenke Lee, and Yunheung Paek
IEEE Symposium on Security and Privacy (SP) 2016
TrackMeOrNot: Enabling Flexible Control on Web Tracking [ paper | code ]
Wei Meng, Byoungyoung Lee, Xinyu Xing, and Wenke Lee
International Conference on World Wide Web (WWW) 2016
Enforcing Kernel Security Invariants with Data Flow Integrity [ paper | slide | code ]
Chengyu Song, Byoungyoung Lee, Kangjie Lu, William R. Harris, Taesoo Kim, and Wenke Lee
Network and Distributed System Security Symposium (NDSS) 2016
ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks [ paper | slide | code ]
Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee
ACM Conference on Computer and Communications Security (CCS) 2015
Cross-checking Semantic Correctness: The Case of Finding File System Bugs [ paper | slide ]
Changwoo Min, Sanidhya Kashyap, Byoungyoung Lee, Chengyu Song, and Taesoo Kim
ACM Symposium on Operating Systems Principles (SOSP) 2015
Type Casting Verification: Stopping an Emerging Attack Vector [ paper | slide | code | demo ]
Byoungyoung Lee, Chengyu Song, Taesoo Kim, and Wenke Lee
USENIX Security Symposium (Security) 2015
Internet Defense Prize by Facebook and USENIX (link)
Top 10 Finalists by CSAW Best Applied Research Paper Award (link)
Understanding Malvertising Through Ad-Injecting Browser Extensions [ paper ]
Xinyu Xing, Wei Meng, Byoungyoung Lee, Udi Weinsberg, Anmol Sheth, Roberto Perdisci, and Wenke Lee
International Conference on World Wide Web (WWW) 2015
Preventing Use-after-free with Dangling Pointers Nullification [ paper | slide | demo ]
Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee
Network and Distributed System Security Symposium (NDSS) 2015
Third place award by CSAW Best Applied Research Paper Award (link)
Abusing Performance Optimization Weaknesses to Bypass ASLR [ slide ]
Byoungyoung Lee, Yeongjin Jang, Tielei Wang, Chengyu Song, Long Lu, Taesoo Kim, and Wenke Lee
BlackHat USA 2014
Exploiting Unpatched iOS Vulnerabilities for Fun and Profit [ slide ]
Yeongjin Jang, Tielei Wang, Byoungyoung Lee, and Billy Lau
BlackHat USA 2014
From Zygote to Morula: Fortifying weakened ASLR on Android [ paper | slide | code ]
Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, and Wenke Lee
IEEE Symposium on Security and Privacy (SP) 2014
Byoungyoung Lee, Jinoh Oh, Hwanjo Yu, and Jong Kim
ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD) 2011
Byoungyoung Lee, Yuna Kim, and Jong Kim
ACM Symposium on Information, Computer and Communications Security (ASIACCS) 2010
Donghyun Kwon, Jiwon Seo, Yeongpil Cho, Byoungyoung Lee, and Yunheung Paek
IEEE Transactions on Mobile Computing 2019
Meng Xu, Chengyu Song, Yang ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee, Chenxiong Qian, Sangho Lee, and Taesoo Kim
ACM Computing Surveys (CSUR) 2016