Publications

DICOS: Discovering Insecure Code Snippets from Stack Overflow Posts by Leveraging User Discussions (to appear)
Hyunji Hong, Seunghoon Woo, Heejo Lee
Annual Computer Security Applications Conference (ACSAC 2021)
(acceptance rate: 24.5%) [paper]
V0Finder: Discovering the Correct Origin of Publicly Reported Software Vulnerabilities
Seunghoon Woo, Dongwook Lee, Sunghan Park, Heejo Lee, Sven Dietrich
30th USENIX Security Symposium (Security 2021)
(acceptance rate: 19.0%) [paper] [slide] [code]
OctoPoCs: Automatic Verification of Propagated Vulnerable Code Using Reformed Proofs of Concept
Seongkyeong Kwon, Seunghoon Woo, Gangmo Seong, Heejo Lee
51st IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2021)
(acceptance rate: 16.3%) [paper] [slide] [code]
CENTRIS: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse
Seunghoon Woo, Sunghan Park, Seulbae Kim, Heejo Lee, Hakjoo Oh
43rd International Conference on Software Engineering (ICSE 2021)
(acceptance rate: 22.4%) [paper] [slide] [code]
VUDDY: A Scalable Approach for Vulnerable Code Clone Discovery
Seulbae Kim, Seunghoon Woo, Heejo Lee, Hakjoo Oh
38th IEEE Symposium on Security and Privacy (S&P 2017)
(acceptance rate: 12.9%) [paper] [slide] [code]
IoTcube: an automated analysis platform for finding security vulnerabilities
Seulbae Kim, Seunghoon Woo, Heejo Lee, Hakjoo Oh
38th IEEE Symposium on Poster presented at Security and Privacy (S&P Poster 2017)
(acceptance rate: N/A) [paper]

Projects

Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security

Project Manager (Jun 2019 - Present)
International Joint Research

The Intelligent IoT Integrator (I3): LA Smart City Project

Researcher & Developer (Nov 2017 - Present)
University of Southern California

A Study on Verifying Open-Source Software Reliability for Reinforcing Operating System Security

Researcher (Apr 2020 - Oct 2020)

Development of DNS-based lightweight framework for automatic response to abnormal network behavior

Researcher & Developer (May 2018 - Oct 2018)

NICOP-Smokescreen : A study of a DDoS-resilient Network Architecture through Traffic Classification and Isolation

Project Manager (Sep 2017 - Sep 2019)
Office of Naval Research

Development of Vulnerability Discovery Technologies for IoT Software Security

Researcher & Developer (Feb 2016 - May 2018)
International Joint Research

Patents

METHOD FOR IDENTIFYING OPEN-SOURCE SOFTWARE COMPONENTS AT THE SOURCE-CODE LEVEL
Heejo Lee, Seunghoon Woo (10-2021-0010585, Jan 2021)

Open-Source Contributions

Xpdf (Fixing Security Vulnerabilities (with Seongkyeong Kwon))
https://www.xpdfreader.com (Dec 2020)
Redis (Fixing Security Vulnerabilities)
https://github.com/redis/redis (Feb 2020)
Stepmania (Fixing Security Vulnerabilities (with Seongkyeong Kwon))
https://github.com/stepmania/stepmania (Sep 2019)
Godot (Fixing Security Vulnerabilities)
https://github.com/godotengine/godot (Jul 2019)
LibGDX (Fixing Security Vulnerabilities)
https://github.com/libgdx/libgdx (Jul 2020)

Experiences

Center for Software Security and Assurance

Mar 2016 - Present
Researcher & Developer
Developed an automated software vulnerable-code clone detection tool (https://iotcube.net).

National University of Singapore

Jan 2017 - Feb 2017
Research Intern (Advisor: Prof. Minsuk Kang)
Developed a basic DDoS attack simulation tool.

DoDotDo (startup)

Dec 2014 - Sep 2015
Core developer
Developed a smart watch-based hotel management system.

Samsung Electronics, Suwon, Korea

Jun 2014 - Feb 2016
Student intern (Jun 2014 - Aug 2014) and Engineer (Dec 2015 - Feb 2016)
Developed a multi-platformed application supporting the connection between Smart TV and other devices (i.e., smartphone).

Talks and Presentations

Analysis of Reused Open-Source Software Components for Software Bill of Materials

Aug 2021
Talk at IoTcube Conference 2021

V0Finder: Discovering the Correct Origin of Publicly Reported Software Vulnerabilities

Aug 2021
Paper presentation at 30th USENIX Security Symposium

CENTRIS: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse

May 2021
Paper presentation at 43rd International Conference on Software Engineering

Verification Technology for Open-Source Software Security

Nov 2020
Talk at KIISC Online Short Course about System Reverse Engineering and Vulnerability Analysis

Automatic Vulnerability Analysis Framework Applied to LA Smart City Projects

Aug 2019
Talk at IoTcube Conference 2019

Identifying Constituent OSS in Software through Code Similarity Detection

Jan 2018
Research presentation at 10th Workshop among Asian Information Security Labs

IoTcube: an automated analysis platform for finding security vulnerabilities

May 2017
Poster presentation at 38th IEEE Symposium on Security and Privacy