Assistant Professor

Department of Electrical and Computer Engineering

Seoul National University (SNU)


Email: byoungyoung@snu.ac.kr

CV

PGP key


Short bio: I am an Assistant Professor in Electrical and Computer Engineering at Seoul National University (SNU). I am interested in all computer security and privacy related problems in general. In particular, my research focus is in system security, e.g., designing and implementing secure systems in operating systems, compilers, or applications (sometimes in hardware layers as well).


To prospective students: I'm looking for motivated students in system or security research. If you are interested in working with me, please contact me via byoungyoung@snu.ac.kr.

Teaching

Publication (Conference)

2020

  • BlackMirror: Preventing Wallhacks in 3D Online FPS Games (to appear) [ paper ]

    Seonghyun Park, Adil Ahmad, and Byoungyoung Lee

    ACM Conference on Computer and Communications Security (CCS) 2020

  • Vessels: Efficient and Scalable Deep Learning Prediction on Trusted Processors (to appear)

    Kyungtae Kim, Chung Hwan Kim, Junghwan Rhee, Xiao Yu, Haifeng Chen, Dave Tian, and Byoungyoung Lee

    ACM Symposium on Cloud Computing (SoCC) 2020

  • A Tale of Two Trees: One Writes, and Other Reads. Optimized Oblivious Accesses to Large-Scale Blockchains (To appear)

    Duc V. Le, Lizzy Tengana Hurtado, Adil Ahmad, Mohsen Minaei, Byoungyoung Lee, and Aniket Kate

    Privacy Enhancing Technologies Symposium (PETS) 2020

  • CrFuzz: Fuzzing Multi-purpose Programs through Input Validation (to appear) [ paper ]

    Suhwan Song, Chengyu Song, Yeongjin Jang, and Byoungyoung Lee

    ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE) 2020

  • Exploiting Kernel Races through Taming Thread Interleaving (to appear) [ paper ]

    Yoochan Lee, Changwoo Min, and Byoungyoung Lee

    BlackHat USA 2020

  • TRUSTORE: Side-Channel Resistant Storage for SGX using Intel Hybrid CPU-FPGA (to appear) [ paper ]

    Hyunyoung Oh, Adil Ahmad, Seonghyun Park, Byoungyoung Lee, and Yunheung Paek

    ACM Conference on Computer and Communications Security (CCS) 2020

  • HFL: Hybrid Fuzzing on the Linux Kernel [ paper | slide ]

    Kyungtae Kim, Dae R. Jeong, Chung Hwan Kim, Yeongjin Jang, Insik Shin, and Byoungyoung Lee

    Network and Distributed System Security Symposium (NDSS) 2020

2019

  • uXOM: Efficient eXecute-Only Memory on ARM Cortex-M [ paper | slide ]

    Donghyun Kwon, Jangseop Shin, Giyeol Kim, Byoungyoung Lee, Yeongpil Cho, and Yunheung Paek

    USENIX Security Symposium (Security) 2019

  • All Your Clicks Belong to Me: Investigating Click Interception on the Web [ paper ]

    Mingxue Zhang, Wei Meng, Sangho Lee, Byoungyoung Lee, and Xinyu Xing

    USENIX Security Symposium (Security) 2019

  • Razzer: Finding Kernel Race Bugs through Fuzzing [ paper | slide | code ]

    Dae R. Jeong, Kyungtae Kim, Basavesh Ammanaghatta Shivakumar, Byoungyoung Lee, and Insik Shin

    IEEE Symposium on Security and Privacy (Oakland) 2019

  • PoLPer: Process-Aware Restriction of Over-Privileged Setuid Calls in Legacy Applications [ paper ]

    Yuseok Jeon, Junghwan Rhee, Chung Hwan Kim, Zhichun Li, Mathias Payer, Byoungyoung Lee, and Zhenyu Wu

    ACM Conference on Data and Application Security and Privacy (CODASPY) 2019

  • OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX [ paper | slide | code ]

    Adil Ahmad⭑, Byunggill Joe⭑, Yuan Xiao, Yinqian Zhang, Insik Shin, and Byoungyoung Lee

    Network and Distributed System Security Symposium (NDSS) 2019

    ⭑ co-first authors

2018

  • Obliviate: A Data Oblivious Filesystem for Intel SGX [ paper | slide ]

    Adil Ahmad, Kyungtae Kim, Muhammad Sarfaraz, and Byoungyoung Lee

    Network and Distributed System Security Symposium (NDSS) 2018

  • Securing Real-Time Microcontroller Systems through Customized Memory View Switching [ paper | slide | code ]

    Chunghwan Kim, Taegyu Kim, Hongjun Choi, Zhongshu Gu, Byoungyoung Lee, Xiangyu Zhang, and Dongyan Xu

    Network and Distributed System Security Symposium (NDSS) 2018

  • Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing [ paper | slide | code ]

    Wookhyun Han, Byunggill Joe, Byoungyoung Lee, Chengyu Song, and Insik Shin

    Network and Distributed System Security Symposium (NDSS) 2018

2017

  • HexType: Efficient Detection of Type Confusion Errors for C++ [ paper | slide | code ]

    Yuseok Jeon, Priyam Biswas, Scott Carr, Byoungyoung Lee, and Mathias Payer

    ACM Conference on Computer and Communications Security (CCS) 2017

  • CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems [ paper | slide ]

    Su Yong Kim, Sangho Lee, Insu Yun, Wen Xu, Byoungyoung Lee, Youngtae Yun, and Taesoo Kim

    USENIX Annual Technical Conference (ATC) 2017

  • SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs [ paper | slide | code ]

    Jaebaek Seo, Byoungyoung Lee, Sungmin Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim

    Network and Distributed System Security Symposium (NDSS) 2017

2016

  • Instant OS Updates via Userspace Checkpoint-and-Restart [ paper | slide ]

    Sanidhya Kashyap, Changwoo Min, Byoungyoung Lee, Taesoo Kim, and Pavel Emelyanov

    USENIX Annual Technical Conference (ATC) 2016

  • HDFI: Hardware-assisted Data-Flow Isolation [ paper | slide | code ]

    Chengyu Song, Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim, Wenke Lee, and Yunheung Paek

    IEEE Symposium on Security and Privacy (Oakland) 2016

  • TrackMeOrNot: Enabling Flexible Control on Web Tracking [ paper | code ]

    Wei Meng, Byoungyoung Lee, Xinyu Xing, and Wenke Lee

    International Conference on World Wide Web (WWW) 2016

  • Enforcing Kernel Security Invariants with Data Flow Integrity [ paper | slide | code ]

    Chengyu Song, Byoungyoung Lee, Kangjie Lu, William R. Harris, Taesoo Kim, and Wenke Lee

    Network and Distributed System Security Symposium (NDSS) 2016

2015

  • ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks [ paper | slide | code ]

    Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee

    ACM Conference on Computer and Communications Security (CCS) 2015

  • Cross-checking Semantic Correctness: The Case of Finding File System Bugs [ paper | slide ]

    Changwoo Min, Sanidhya Kashyap, Byoungyoung Lee, Chengyu Song, and Taesoo Kim

    ACM Symposium on Operating Systems Principles (SOSP) 2015

  • Type Casting Verification: Stopping an Emerging Attack Vector [ paper | slide | code | demo ]

    Byoungyoung Lee, Chengyu Song, Taesoo Kim, and Wenke Lee

    USENIX Security Symposium (Security) 2015

       Internet Defense Prize by Facebook and USENIX (link)

       Top 10 Finalists by CSAW Best Applied Research Paper Award (link)

  • Understanding Malvertising Through Ad-Injecting Browser Extensions [ paper ]

    Xinyu Xing, Wei Meng, Byoungyoung Lee, Udi Weinsberg, Anmol Sheth, Roberto Perdisci, and Wenke Lee

    International Conference on World Wide Web (WWW) 2015

  • Preventing Use-after-free with Dangling Pointers Nullification [ paper | slide | demo ]

    Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee

    Network and Distributed System Security Symposium (NDSS) 2015

       Third place award by CSAW Best Applied Research Paper Award (link)

2014

  • Abusing Performance Optimization Weaknesses to Bypass ASLR [ slide ]

    Byoungyoung Lee, Yeongjin Jang, Tielei Wang, Chengyu Song, Long Lu, Taesoo Kim, and Wenke Lee

    BlackHat USA 2014

  • Exploiting Unpatched iOS Vulnerabilities for Fun and Profit [ slide ]

    Yeongjin Jang, Tielei Wang, Byoungyoung Lee, and Billy Lau

    BlackHat USA 2014

  • From Zygote to Morula: Fortifying weakened ASLR on Android [ paper | slide | code ]

    Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, and Wenke Lee

    IEEE Symposium on Security and Privacy (Oakland) 2014

2011

  • Protecting Location Privacy Using Location Semantics [ paper | code ]

    Byoungyoung Lee, Jinoh Oh, Hwanjo Yu, and Jong Kim

    ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD) 2011

2010

  • binOb+: A Framework for Potent and Stealthy Binary Obfuscation [ paper ]

    Byoungyoung Lee, Yuna Kim, and Jong Kim

    ACM Symposium on Information, Computer and Communications Security (ASIACCS) 2010

Publication (Journal)

2019

  • PrOS: Light-weight Privatized Secure OSes in ARM TrustZone [ paper ]

    Donghyun Kwon, Jiwon Seo, Yeongpil Cho, Byoungyoung Lee, and Yunheung Paek

    IEEE Transactions on Mobile Computing 2019

2016

  • Toward Engineering a Secure Android Ecosystem: A Survey of Existing Techniques [ paper ]

    Meng Xu, Chengyu Song, Yang ji, Ming-Wei Shih, Kangjie Lu, Cong Zheng, Ruian Duan, Yeongjin Jang, Byoungyoung Lee, Chenxiong Qian, Sangho Lee, and Taesoo Kim

    ACM Computing Surveys (CSUR) 2016

Honors and Awards

  • Google ASPIRE Award ($30,000 award), 2019
  • Internet Defense Prize by Facebook and USENIX ($100,000 award), 2015
  • Qualified for DARPA Cyber Grand Challenge (Team Disekt, $750,000 award), 2015
  • Third place award by CSAW Best Applied Research Paper Award, 2015
  • Vulnerability Bounty Award by Firefox, Mozilla ($3,000 award), 2014
  • Vulnerability Bounty Award by Firefox, Mozilla ($3,000 award), 2013
  • Vulnerability Bounty Award by Chrome, Google ($3,000 award), 2013
  • The 8th place at DEFCON 19 CTF (Team PLUS@POSTECH), Las Vegas, USA, Aug. 2011
  • The 3rd place at DEFCON 17 CTF (Team PLUS@POSTECH), Las Vegas, USA, Aug. 2009
  • The 6th place at DEFCON 14 CTF (Team TheEastSea), Las Vegas, USA, Aug. 2006
  • 'Supereme Award' at Wowhacker Hacking Festival, Seoul, Korea, Jun. 2007
  • 'Special Prize' at KISA Hacking Defense Competition, Seoul, Korea, Mar. 2006
  • POSTECH Undergraduate Research Program Scholarship, 2005
  • Full undergraduate study scholarship, Korea Science and Engineering Foundation (KOSEF), 2003

Reported Vulnerabilities and Exploits (selected)

Students Advising

  • Kyungtae Kim (PhD student at Purdue, co-advised with Dave Tian, Interned at NEC)
  • Yuseok Jeon (PhD student at Purdue, co-advised with Mathias Payer. Interned at Intel)
  • Adil Ahmad (PhD student at Purdue, co-advised with Pedro Fonseca, Interned at NEC and Microsoft Research)
  • Gwangmu Lee (PhD student at SNU)
  • Jaewon Hur (PhD student at SNU)
  • Cheolwoo Myeong (PhD Student at SNU)
  • Kyungwook Boo (MS Student at SNU)
  • Suhwan Song (MS Student at SNU)
  • Yoochan Lee (MS Student at SNU)
  • Seonghyun Park (MS Student at SNU)
  • Juhee Kim (MS Student at SNU)
  • Jinhan Kwak (MS Student at SNU)
  • Sunwoo Kim (MS Student at SNU)
  • Jinwoo Lee (MS Student at SNU)
  • Sangyun Kim (MS Student at SNU)

Visitors

  • Jaeback Seo (2018, PhD at KAIST, Now working at Google)
  • Yuxuan Chen (2018, Undergraduate at Purdue, Now working at Facebook)
  • Wookhyun Han (2018, PhD student at KAIST, Interned at Google)
  • Byunggill Joe (2018, PhD student at KAIST)
  • Muhammad Ihsanulhaq Sarfaraz (2017, PhD student at Purdue EE)