DICOS: Discovering Insecure Code Snippets from Stack Overflow Posts by Leveraging User Discussions (to appear)
Annual Computer Security Applications Conference (ACSAC 2021)
(acceptance rate: 24.5%) [paper]
V0Finder: Discovering the Correct Origin of Publicly Reported Software Vulnerabilities
30th USENIX Security Symposium (Security 2021)
OctoPoCs: Automatic Verification of Propagated Vulnerable Code Using Reformed Proofs of Concept
51st IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021)
CENTRIS: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse
43rd International Conference on Software Engineering (ICSE 2021)
VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery
38th IEEE Symposium on Security and Privacy (S&P 2017)
IoTcube: an automated analysis platform for finding security vulnerabilities
38th IEEE Symposium on Poster presented at Security and Privacy (S&P Poster 2017)
(acceptance rate: N/A) [paper]
METHOD FOR IDENTIFYING OPEN-SOURCE SOFTWARE COMPONENTS AT THE SOURCE-CODE LEVEL
Xpdf (Fixing Security Vulnerabilities (with Seongkyeong Kwon))
Redis (Fixing Security Vulnerabilities)
Stepmania (Fixing Security Vulnerabilities (with Seongkyeong Kwon))
Godot (Fixing Security Vulnerabilities)
LibGDX (Fixing Security Vulnerabilities)
Developed an automated software vulnerable-code clone detection tool (https://iotcube.net).
Developed a basic DDoS attack simulation tool.
Developed a smart watch-based hotel management system.
Developed a multi-platformed application supporting the connection between Smart TV and other devices (i.e., smartphone).
Talks and Presentations
Talk at IoTcube Conference 2021
Paper presentation at 30th USENIX Security Symposium
Paper presentation at 43rd International Conference on Software Engineering
Talk at KIISC Online Short Course about System Reverse Engineering and Vulnerability Analysis
Talk at IoTcube Conference 2019
Research presentation at 10th Workshop among Asian Information Security Labs
Poster presentation at 38th IEEE Symposium on Security and Privacy