Assistant Professor

Department of Computer Science

Purdue University


Email: byoungyoung@purdue.edu

CV

PGP key


Short bio: I am an Assistant Professor in Computer Science at Purdue University. I am interested in all computer security and privacy related problems in general. In particular, my research focus is in system security, e.g., designing and implementing secure systems in operating systems, compilers, or applications (sometimes in hardware layers as well).


To prospective students: I'm looking for motivated students in system or security research. If you are interested in working with me, please contact me via byoungyoung@purdue.edu.

Teaching

Publication

2017

  • HexType: Efficient Detection of Type Confusion Errors for C++ (to appear)

    Yuseok Jeon, Priyam Biswas, Scott Carr, Byoungyoung Lee, and Mathias Payer

    ACM Conference on Computer and Communications Security (CCS) 2017

  • CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems [ paper ]

    Su Yong Kim, Sangho Lee, Insu Yun, Wen Xu, Byoungyoung Lee, Youngtae Yun, and Taesoo Kim

    USENIX Annual Technical Conference (ATC) 2017

  • SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs [ paper | slide ]

    Jaebaek Seo, Byoungyoung Lee, Sungmin Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim

    Network and Distributed System Security Symposium (NDSS) 2017

2016

  • Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques [ paper ]

    Meng Xu, Chengyu Song, Yang ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee, Chenxiong Qian, Sangho Lee, and Taesoo Kim

    ACM Computing Surveys (CSUR) 2016

  • Instant OS Updates via Userspace Checkpoint-and-Restart [ paper | slide ]

    Sanidhya Kashyap, Changwoo Min, Byoungyoung Lee, Taesoo Kim, and Pavel Emelyanov

    USENIX Annual Technical Conference (ATC) 2016

  • HDFI: Hardware-assisted Data-Flow Isolation [ paper ]

    Chengyu Song, Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim, Wenke Lee, and Yunheung Paek

    IEEE Symposium on Security and Privacy (Oakland) 2016

  • TrackMeOrNot: Enabling Flexible Control on Web Tracking [ paper | code ]

    Wei Meng, Byoungyoung Lee, Xinyu Xing, and Wenke Lee

    International Conference on World Wide Web (WWW) 2016

  • Enforcing Kernel Security Invariants with Data Flow Integrity [ paper | slide ]

    Chengyu Song, Byoungyoung Lee, Kangjie Lu, William R. Harris, Taesoo Kim, and Wenke Lee

    Network and Distributed System Security Symposium (NDSS) 2016

2015

  • ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks [ paper | slide ]

    Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee

    ACM Conference on Computer and Communications Security (CCS) 2015

  • Cross-checking Semantic Correctness: The Case of Finding File System Bugs [ paper | slide ]

    Changwoo Min, Sanidhya Kashyap, Byoungyoung Lee, Chengyu Song, and Taesoo Kim

    ACM Symposium on Operating Systems Principles (SOSP) 2015

  • Type Casting Verification: Stopping an Emerging Attack Vector [ paper | slide | code | demo ]

    Byoungyoung Lee, Chengyu Song, Taesoo Kim, and Wenke Lee

    Usenix Security Symposium (Security) 2015

       Internet Defense Prize by Facebook and USENIX (link)

       Top 10 Finalists by CSAW Best Applied Research Paper Award (link)

  • Understanding Malvertising Through Ad-Injecting Browser Extensions [ paper ]

    Xinyu Xing, Wei Meng, Byoungyoung Lee, Udi Weinsberg, Anmol Sheth, Roberto Perdisci, and Wenke Lee

    International Conference on World Wide Web (WWW) 2015

  • Preventing Use-after-free with Dangling Pointers Nullification [ paper | slide | demo ]

    Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee

    Network and Distributed System Security Symposium (NDSS) 2015

       Third place award by CSAW Best Applied Research Paper Award (link)

2014

  • Abusing Performance Optimization Weaknesses to Bypass ASLR [ slide ]

    Byoungyoung Lee, Yeongjin Jang, Tielei Wang, Chengyu Song, Long Lu, Taesoo Kim, and Wenke Lee

    2014 BlackHat USA 2014

  • Exploiting Unpatched iOS Vulnerabilities for Fun and Profit [ slide ]

    Yeongjin Jang, Tielei Wang, Byoungyoung Lee, and Billy Lau

    2014 BlackHat USA 2014

  • From Zygote to Morula: Fortifying weakened ASLR on Android [ paper | slide | code ]

    Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, and Wenke Lee

    IEEE Symposium on Security and Privacy (Oakland) 2014

2011

  • Protecting Location Privacy Using Location Semantics [ paper | code ]

    Byoungyoung Lee, Jinoh Oh, Hwanjo Yu, and Jong Kim

    ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD) 2011

2010

  • binOb+: A Framework for Potent and Stealthy Binary Obfuscation [ paper ]

    Byoungyoung Lee, Yuna Kim, and Jong Kim

    ACM Symposium on Information, Computer and Communications Security (ASIACCS) 2010

Honors and awards

  • Internet Defense Prize by Facebook and USENIX ($100,000 award), 2015
  • Qualified for DARPA Cyber Grand Challenge (Team Disekt, $750,000 award), 2015
  • Third place award by CSAW Best Applied Research Paper Award, 2015
  • Vulnerability Bounty Award by Firefox, Mozilla ($3,000 award), 2014
  • Vulnerability Bounty Award by Firefox, Mozilla ($3,000 award), 2013
  • Vulnerability Bounty Award by Chrome, Google ($3,000 award), 2013
  • The 8th place at DEFCON 19 CTF (Team PLUS@POSTECH), Las Vegas, USA, Aug. 2011
  • The 3rd place at DEFCON 17 CTF (Team PLUS@POSTECH), Las Vegas, USA, Aug. 2009
  • The 6th place at DEFCON 14 CTF (Team TheEastSea), Las Vegas, USA, Aug. 2006
  • 'Supereme Award' at Wowhacker Hacking Festival, Seoul, Korea, Jun. 2007
  • 'Special Prize' at KISA Hacking Defense Competition, Seoul, Korea, Mar. 2006
  • POSTECH Undergraduate Research Program Scholarship, 2005
  • Full undergraduate study scholarship, Korea Science and Engineering Foundation (KOSEF), 2003

Reported vulnerabilities and exploits (selected)