Publication

2023
  • Metamong: Detecting Render-update Bugs in Web Browsers through Fuzzing (to appear)
    Suhwan Song, and Byoungyoung Lee
    ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE) 2023
  • Pspray: Timing Side-Channel based Linux Kernel Heap Exploitation Technique (to appear)
    Yoochan Lee, Jinhan Kwak, Junesoo Kang, Yuseok Jeon, and Byoungyoung Lee
    USENIX Security Symposium (Security) 2023
  • Extending a Hand to Attackers: Browser Privilege Escalation Attacks via Extensions (to appear)
    Young Min Kim, and Byoungyoung Lee
    USENIX Security Symposium (Security) 2023
  • An Extensible Orchestration and Protection Framework for Confidential Cloud Computing
    Adil Ahmad, Alex Schultz, Byoungyoung Lee, and Pedro Fonseca
    USENIX Symposium on Operating Systems Design and Implementation (OSDI) 2023
  • SEGFUZZ: Segmentizing Thread Interleaving to Discover Kernel Concurrency Bugs through Fuzzing
    Dae R. Jeong, Byoungyoung Lee, Insik Shin, and Youngjin Kwon
    IEEE Symposium on Security and Privacy (SP) 2023
  • GRAMINER: Fuzz Testing Gramine LibOS to Harden the Trusted Computing Base
    Jaewon Hur, and Byoungyoung Lee
    Workshop on System Software for Trusted Execution (SysTEX) 2023
  • Diagnosing Kernel Concurrency Failures with AITIA
    Dae R. Jeong, Minkyu Jung, Yoochan Lee, Byoungyoung Lee, Insik Shin, and Youngjin Kwon
    ACM EuroSys Conference (EuroSys) 2023
2022
  • Perfect Spray: A Journey From Finding a New Type of Logical Flaw at Linux Kernel To Developing a New Heap Exploitation Technique
    Yoochan Lee, Byoungyoung Lee, Yuseok Jeon, Jinhan Kwak, and Junesoo Kang
    BlackHat Europe 2022
  • SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities
    Jaewon Hur, Suhwan Song, Sunwoo Kim, and Byoungyoung Lee
    ACM Conference on Computer and Communications Security (CCS) 2022
  • MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference
    Cheolwoo Myung, Gwangmu Lee, and Byoungyoung Lee
    USENIX Security Symposium (Security) 2022
  • SYMSAN: Time and Space Efficient Concolic Execution via Dynamic Data-flow Analysis
    Ju Chen, Wookhyun Han, Mingjun Yin, Haochen Zeng, Yuxuan Chen, Chengyu Song, Byoungyoung Lee, Heng Yin, and Insik Shin
    USENIX Security Symposium (Security) 2022
  • FuzzOrigin: Detecting UXSS vulnerabilities in Browsers through Origin Fuzzing
    Sunwoo Kim, Young Min Kim, Jaewon Hur, Suhwan Song, Gwangmu Lee, and Byoungyoung Lee
    USENIX Security Symposium (Security) 2022
  • R2Z2: Detecting Rendering Regressions in Web Browsers through Differential Fuzz Testing
    Suhwan Song, Jaewon Hur, Sunwoo Kim, Philip Rogers, and Byoungyoung Lee
    IEEE/ACM International Conference on Software Engineering (ICSE) 2022
  • FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks
    Kyungtae Kim, Taegyu Kim, Ertza Warraich, Byoungyoung Lee, Kevin Butler, Antonio Bianchi, and Dave (Jing) Tian
    IEEE Symposium on Security and Privacy (SP) 2022
2021
  • M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles
    Arslan Khan, Hyungsub Kim, Byoungyoung Lee, Dongyan Xu, Antonio Bianchi, and Dave Tian
    USENIX Security Symposium (Security) 2021
  • Constraint-guided Directed Greybox Fuzzing
    Gwangmu Lee, Woochul Shim, and Byoungyoung Lee
    USENIX Security Symposium (Security) 2021
  • ExpRace: Exploiting Kernel Races through Raising Interrupts
    Yoochan Lee, Changwoo Min, and Byoungyoung Lee
    USENIX Security Symposium (Security) 2021
  • DiFuzzRTL: Differential Fuzz Testing to Find CPU Bugs
    Jaewon Hur, Suhwan Song, Dongup Kwon, Eunjin Baek, Jangwoo Kim, and Byoungyoung Lee
    IEEE Symposium on Security and Privacy (SP) 2021
  • KARD: Lightweight Data Race Detection with Per-Thread Memory Protection
    Adil Ahmad, Sangho Lee, Pedro Fonseca, and Byoungyoung Lee
    International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS) 2021
  • Chancel: Efficient Multi-client Isolation Under Adversarial Programs
    Adil Ahmad, Juhee Kim, Jaebaek Seo, Insik Shin, Pedro Fonseca, and Byoungyoung Lee
    Network and Distributed System Security Symposium (NDSS) 2021
2020
  • TRUSTORE: Side-Channel Resistant Storage for SGX using Intel Hybrid CPU-FPGA
    Hyunyoung Oh, Adil Ahmad, Seonghyun Park, Byoungyoung Lee, and Yunheung Paek
    ACM Conference on Computer and Communications Security (CCS) 2020
  • CrFuzz: Fuzzing Multi-purpose Programs through Input Validation
    Suhwan Song, Chengyu Song, Yeongjin Jang, and Byoungyoung Lee
    ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (FSE) 2020
  • BlackMirror: Preventing Wallhacks in 3D Online FPS Games
    Seonghyun Park, Adil Ahmad, and Byoungyoung Lee
    ACM Conference on Computer and Communications Security (CCS) 2020
  • Vessels: Efficient and Scalable Deep Learning Prediction on Trusted Processors
    Kyungtae Kim, Chung Hwan Kim, Junghwan Rhee, Xiao Yu, Haifeng Chen, Dave Tian, and Byoungyoung Lee
    ACM Symposium on Cloud Computing (SoCC) 2020
  • Exploiting Kernel Races through Taming Thread Interleaving
    Yoochan Lee, Changwoo Min, and Byoungyoung Lee
    BlackHat USA 2020
  • A Tale of Two Trees: One Writes, and Other Reads. Optimized Oblivious Accesses to Large-Scale Blockchains
    Duc V. Le, Lizzy Tengana Hurtado, Adil Ahmad, Mohsen Minaei, Byoungyoung Lee, and Aniket Kate
    Privacy Enhancing Technologies Symposium (PETS) 2020
  • HFL: Hybrid Fuzzing on the Linux Kernel
    Kyungtae Kim, Dae R. Jeong, Chung Hwan Kim, Yeongjin Jang, Insik Shin, and Byoungyoung Lee
    Network and Distributed System Security Symposium (NDSS) 2020
2019
  • All Your Clicks Belong to Me: Investigating Click Interception on the Web
    Mingxue Zhang, Wei Meng, Sangho Lee, Byoungyoung Lee, and Xinyu Xing
    USENIX Security Symposium (Security) 2019
  • uXOM: Efficient eXecute-Only Memory on ARM Cortex-M
    Donghyun Kwon, Jangseop Shin, Giyeol Kim, Byoungyoung Lee, Yeongpil Cho, and Yunheung Paek
    USENIX Security Symposium (Security) 2019
  • Razzer: Finding Kernel Race Bugs through Fuzzing
    Dae R. Jeong, Kyungtae Kim, Basavesh Ammanaghatta Shivakumar, Byoungyoung Lee, and Insik Shin
    IEEE Symposium on Security and Privacy (SP) 2019
  • PoLPer: Process-Aware Restriction of Over-Privileged Setuid Calls in Legacy Applications
    Yuseok Jeon, Junghwan Rhee, Chung Hwan Kim, Zhichun Li, Mathias Payer, Byoungyoung Lee, and Zhenyu Wu
    ACM Conference on Data and Application Security and Privacy (CODASPY) 2019
  • OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX
    Adil Ahmad, Byunggill Joe, Yuan Xiao, Yinqian Zhang, Insik Shin, and Byoungyoung Lee
    Network and Distributed System Security Symposium (NDSS) 2019
2018
  • Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing
    Wookhyun Han, Byunggill Joe, Byoungyoung Lee, Chengyu Song, and Insik Shin
    Network and Distributed System Security Symposium (NDSS) 2018
  • Securing Real-Time Microcontroller Systems through Customized Memory View Switching
    Chunghwan Kim, Taegyu Kim, Hongjun Choi, Zhongshu Gu, Byoungyoung Lee, Xiangyu Zhang, and Dongyan Xu
    Network and Distributed System Security Symposium (NDSS) 2018
  • Obliviate: A Data Oblivious Filesystem for Intel SGX
    Adil Ahmad, Kyungtae Kim, Muhammad Sarfaraz, and Byoungyoung Lee
    Network and Distributed System Security Symposium (NDSS) 2018
2017
  • HexType: Efficient Detection of Type Confusion Errors for C++
    Yuseok Jeon, Priyam Biswas, Scott Carr, Byoungyoung Lee, and Mathias Payer
    ACM Conference on Computer and Communications Security (CCS) 2017
  • CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems
    Su Yong Kim, Sangho Lee, Insu Yun, Wen Xu, Byoungyoung Lee, Youngtae Yun, and Taesoo Kim
    USENIX Annual Technical Conference (ATC) 2017
  • SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs
    Jaebaek Seo, Byoungyoung Lee, Sungmin Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim
    Network and Distributed System Security Symposium (NDSS) 2017
2016
  • Instant OS Updates via Userspace Checkpoint-and-Restart
    Sanidhya Kashyap, Changwoo Min, Byoungyoung Lee, Taesoo Kim, and Pavel Emelyanov
    USENIX Annual Technical Conference (ATC) 2016
  • HDFI: Hardware-assisted Data-Flow Isolation
    Chengyu Song, Hyungon Moon, Monjur Alam, Insu Yun, Byoungyoung Lee, Taesoo Kim, Wenke Lee, and Yunheung Paek
    IEEE Symposium on Security and Privacy (SP) 2016
  • TrackMeOrNot: Enabling Flexible Control on Web Tracking
    Wei Meng, Byoungyoung Lee, Xinyu Xing, and Wenke Lee
    International Conference on World Wide Web (WWW) 2016
  • Enforcing Kernel Security Invariants with Data Flow Integrity
    Chengyu Song, Byoungyoung Lee, Kangjie Lu, William R. Harris, Taesoo Kim, and Wenke Lee
    Network and Distributed System Security Symposium (NDSS) 2016
2015
  • Cross-checking Semantic Correctness: The Case of Finding File System Bugs
    Changwoo Min, Sanidhya Kashyap, Byoungyoung Lee, Chengyu Song, and Taesoo Kim
    ACM Symposium on Operating Systems Principles (SOSP) 2015
  • ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks
    Kangjie Lu, Chengyu Song, Byoungyoung Lee, Simon P. Chung, Taesoo Kim, and Wenke Lee
    ACM Conference on Computer and Communications Security (CCS) 2015
  • Type Casting Verification: Stopping an Emerging Attack Vector
    Byoungyoung Lee, Chengyu Song, Taesoo Kim, and Wenke Lee
    USENIX Security Symposium (Security) 2015
  • Understanding Malvertising Through Ad-Injecting Browser Extensions
    Xinyu Xing, Wei Meng, Byoungyoung Lee, Udi Weinsberg, Anmol Sheth, Roberto Perdisci, and Wenke Lee
    International Conference on World Wide Web (WWW) 2015
  • Preventing Use-after-free with Dangling Pointers Nullification
    Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, and Wenke Lee
    Network and Distributed System Security Symposium (NDSS) 2015
2014
  • Exploiting Unpatched iOS Vulnerabilities for Fun and Profit
    Yeongjin Jang, Tielei Wang, Byoungyoung Lee, and Billy Lau
    BlackHat USA 2014
  • Abusing Performance Optimization Weaknesses to Bypass ASLR
    Byoungyoung Lee, Yeongjin Jang, Tielei Wang, Chengyu Song, Long Lu, Taesoo Kim, and Wenke Lee
    BlackHat USA 2014
  • From Zygote to Morula: Fortifying weakened ASLR on Android
    Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, and Wenke Lee
    IEEE Symposium on Security and Privacy (SP) 2014
2011
  • Protecting Location Privacy Using Location Semantics
    Byoungyoung Lee, Jinoh Oh, Hwanjo Yu, and Jong Kim
    ACM SIGKDD Conference on Knowledge Discovery and Data Mining (KDD) 2011
2010
  • binOb+: A Framework for Potent and Stealthy Binary Obfuscation
    Byoungyoung Lee, Yuna Kim, and Jong Kim
    ACM Symposium on Information, Computer and Communications Security (ASIACCS) 2010