Brent Byunghoon Kang

Associate Professor

brentkang (at) kaist.ac.kr  

HOMEPAGE

Minsu Kim

Ph.D. Student

pshskms (at) kaist.ac.kr 

HOMEPAGE

Suyeon Yoo

Ph.D. Student

yoosuyeon (at) kaist.ac.kr

HOMEPAGE

Kihwan Kim

Ph.D. Student

abc (at) kaist.ac.kr

HOMEPAGE

Hojoon Lee

Ph.D. Student

hjlee228 (at) kaist.ac.kr

HOMEPAGE

Dongjae Jeong

Ph.D. Student

jjp1018 (at) kaist.ac.kr

HOMEPAGE

Deokjin Kim

Ph.D. Student

deokjin.kim (at) gmail.com

HOMEPAGE

Jonghwan Kim

Ph.D. Student

zzoru (at) kaist.ac.kr

HOMEPAGE

Jiseong Noh

Ph.D. Student

jiseong.noh (at) kaist.ac.kr

HOMEPAGE

Daehee Jang

Ph.D. Student

daehee87 (at) kaist.ac.kr

HOMEPAGE

Jinsoo Jang

Ph.D. Student

jisjang (at) kaist.ac.kr

HOMEPAGE

Changho Choi

Ph.D. Student

zpzigi (at) kaist.ac.kr

HOMEPAGE

Daegyeong Kim

Ph.D. Student

daegyeong.kim (at) kaist.ac.kr

HOMEPAGE

Seungyong Yang

Ph.D. Student

syyang (at) kaist.ac.kr

HOMEPAGE

Jaehyuk Lee

Ph.D. Student

jhl9105 (at) kaist.ac.kr

HOMEPAGE

Nohyun Kwak

Ph.D. Student

nhkwak (at) kaist.ac.kr

HOMEPAGE

Yeseul Choi

Ph.D. Student
yschoi46 (at) kaist.ac.kr

HOMEPAGE

Seongman Lee

Ph.D. Student
augustus92 (at) kaist.ac.kr

HOMEPAGE

Kuenwhee Oh

Master's Student
okw1003 (at) kaist.ac.kr

HOMEPAGE

Minjoon Park

Master's Student

dinggul (at) kaist.ac.kr

HOMEPAGE

Gunwoo Kim

Master's Student

signal (at) kaist.ac.kr

HOMEPAGE

Chihyun Song

Master's Student

ian0371 (at) kaist.ac.kr

HOMEPAGE

Yunjong Jeong

Master's Student

yunjong (at) kaist.ac.kr

HOMEPAGE

Eunjae Park

Staff

eunjae (at) kaist.ac.kr

Jisoo Lee

Staff

jisoo (at) kaist.ac.kr

Hyojung Lee

Staff

hyojunglee (at) kaist.ac.kr

Sunjune Kong

M.S. Graduate in 2015

Seunghyeon Lee

M.S. Graduate in 2015

SELECTED PUBLICATIONS


Hacking in Darkness: Return-oriented Programming against Secure Enclaves

J. Lee, J. Jang, Y. Jang, N. Kwak, Y. Choi, C. Choi, T. Kim, M. Peinado, Brent Byunghoon Kang

USENIX Security 2017 [PDF] [BIBTEX]


S-OpenSGX: A System-level Platform for Exploring SGX Enclave-Based Computing

C. Choi, N. Kwak, J. Jang, D. Jang, K. Oh, K. Kwag, Brent Byunghoon Kang

Computers & Security 2017 [PDF] [BIBTEX]


KI-Mon ARM: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object

Hojoon Lee, Hyungon Moon, Ingoo Heo, Daehee Jang, Jinsoo Jang, Kihwan Kim, Yunheung Paek, Brent Byunghoon Kang

IEEE TDSC 2017 [PDF] [BIBTEX]


Invi-server: Reducing the attack surfaces by making protected server invisible on networks

Jaehyun Park, Jiseong Noh, Myungchul Kim, Brent Byunghoon Kang

Computers & Security 2017 [PDF] [BIBTEX]


PrivateZone: Providing a Private Execution Environment using ARM TrustZone

Jinsoo Jang, Changho Choi, Jaehyuk Lee, Nohyun Kwak, Seongman Lee, Yeseul Choi, Brent Byunghoon Kang

IEEE TDSC 2016 [PDF] [BIBTEX]


On-demand Bootstrapping Mechanism for Isolated Cryptographic Operations on Commodity Accelerators

Yonggon Kim, Ohmin Kwon, Jinsoo Jang, Seongwook Jin, Hyeongboo Baek, Brent Byunghoon Kang, Hyunsoo Yoon

Computers & Security 2016 [PDF] [BIBTEX]


OpenSGX: An Open Platform for SGX Research

Prerit Jain† Soham Desai† Seongmin Kim⋆ Ming-Wei Shih†

JaeHyuk Lee⋆Changho Choi⋆ Young Shin⋆ Taesoo Kim† Brent Byunghoon Kang⋆ Dongsu Han⋆

NDSS Symposium 2016 (15.4%)  [PDF] [BIBTEX]


Vulnerabilities of network OS and mitigation with state-based permission system

J. Noh, S. Lee, J. Park, S. Shin, and B. Kang

Security and Communication Networks 2015 [PDF] [BIBTEX]


Detecting and Preventing Kernel Rootkit Attacks with Bus Snooping

H. Moon, H. Lee, I. Heo, K. Kim, Y. Paek and B. Kang 

IEEE Transactions on Dependable and Secure Computing [PDF] [BIBTEX]


Implementing an Application Specific Instruction-set Processor for System Level Dynamic Program Analysis Engines

I. Heo, M. Kim, Y. Lee, C. Choi, J. Lee, B. Kang, and Y. Paek

ACM Transactions on Design Automation of Electronic Systems [PDF] [BIBTEX]


Efficient Kernel Integrity Monitor Design for Commodity Mobile Application Processors

I. Heo, D. Jang, H. Moon, H. Cho, S. Lee, B. Kang, and Y. Paek

Journal of Semiconductor Technology and Science [PDF] [BIBTEX]


SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment 

J. Jang, S. Kong, M. Kim, D. Kim and B. Kang 

NDSS Symposium 2015 (Acceptance rate 16.6% (50/302)) [PDF] [BIBTEX] [PRESENTATION]


ATRA: Address Translation Redirection Attack against Hardware-based External Monitors 

D. Jang, H. Lee, M. Kim, D. H. Kim, D. G. Kim and B. Kang

ACM CCS 2014 (Acceptance rate 19.5% (114/585)) [PDF] [BIBTEX] [PRESENTATION]


Rosemary: A Robust, Secure, and High-performance Network Operating System 

S. Shin, Y. Song, T. Lee, S. Lee, J. Chung, P. Porras, V. Yegneswaran, J. Noh and B. Kang

ACM CCS 2014 (Acceptance rate 19.5% (114/585)) [PDF] [BIBTEX] 


KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object

H. Lee, H. Moon, D. Jang, K. Kim, J. Lee, Y. Paek and B. Kang

USENIX Security 2013 (Acceptance rate: 15.9% (44/277)) [PDF] [BIBTEX] 


Vigilare: Toward Snoop-based Kernel Integrity Monitor. 

H. Moon, H. Lee, J. Lee, K. Kim, Y. Paek and B. Kang

ACM CCS 2012 (Acceptance rates: 17.2%, 14%, 18.9%) [PDF] [BIBTEX] 


DoubleGuard: Detecting Intrusions In Multi-tier Web Applications. 

M. Le, A. Stavrou, B. Kang

IEEE Transactions on Dependable and Secure Computing, July-Aug. 2012, Volume: 9, Issue: 4 Page(s): 512-525. 

[PDF] [BIBTEX] 


Identifying Users with Application-Specific Command Streams 

A. El-Masri, P. Likarish, H. Wechsler, B. Kang

Twelfth Annual International Conference on Privacy, Security and Trust (PST 2014) July 2014, REGULAR paper. (Acceptance rate 47/161 = 29%) [PDF] [BIBTEX] 


Developing and Refining Infected-Host Enumeration Methods for Advanced Botnets

C. Nunnery and B. Kang

2012.12.25, Telecommunications Review, Vol. 22 Issue 6.


Entropy-Based Measurement of IP Address Inflation in the Waledac Botnet. 

R. Weaver, C. Nunnery, G. Singaraju, and B. Kang

CERT FloCon 2011 


Towards Complete Node Enumeration in a Peer-to-Peer Botnet. 

B. Kang, E. Chan-Tin, C. Lee, J. Tyra, H. Kang, C. Nunnery, Z. Wadler, G. Sinclair, N. Hopper, D. Dagon and Y. Kim

ACM Symposium on Information, Computer & Communication Security (ASIACCS 2009) [PDF] [BIBTEX]


Hash History Approach for Reconciling Mutual Inconsistency

B. Kang, R. Wilensky, J. Kubiatowicz, Proceedings of 23rd International Conference on Distributed Computing Systems (ICDCS), 2003 (Acceptance rates: 17.7%, 17.7%, 13.8%) 

[PDF] [BIBTEX]


Network Support for Mobile Multimedia using a Self-adaptive Distributed Proxy

Z. Mao, H. So, B. Kang and R. Katz

Proceedings of 11th International Workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV), 2001 (Acceptance rates: 33.3%, 30.5%, 30%) 

[PDF] [BIBTEX]


Toward a Model of Self-administering Data

B. Kang and R. Wilensky

Proceedings of the first ACM/IEEE-CS Joint Conference on Digital Libraries (JCDL), 2001 (Acceptance rates: 30%, 25%, 33%)

[PDF] [BIBTEX]


Dissertation: “S2D2: A Framework for Scalable and Secure Optimistic Replication.”

B. Kang

Ph.D. Dissertation, 2004. UC Berkeley TechReport, UCB/CSD-04-1351, Committee: Robert Wilensky, John Kubiatowicz, Eric Brewer, and John Chuang Qualification Exam Area: Operating Systems (with Security) [PDF]


Utility Patent: "SYSTEM AND METHOD FOR IMPLEMENTING A HIDDEN SERVER". 

Filed by George Mason University, January 12, 2012. 

Sole Inventor, Publication number: US 2012/0180127, Publication date: July 12, 2012 


Entropy-Based Measurement of IP Address Inflation in the Waledac Botnet

R. Weaver, C. Nunnery, G. Singaraju, and B. Kang, CERT/CC (Computer Emergency Readiness Team) Proceedings of FloCon 2011. [PDF]


Tumbling Down the Rabbit Hole: Exploring the Idiosyncrasies of Botmaster Systems in a Multi-Tier Botnet Infrastructure. 

C. Nunnery, G. Sinclair and B. Kang

USENIX LEET 2010 [PDF]


The Waledac Protocol: The How and Why. 

G. Sinclair, C. Nunnery and B. Kang

IEEE Malware 2009 [PDF]


Tracking Email Reputation for Authenticated Sender Identities. 

G. Singaraju, J. Moss and B. Kang

CEAS 2008 [PDF]


Concord: A Secure Mobile Data Authorization Framework for Regulatory Compliance. 

G. Singaraju and B. Kang

LISA 2008 [PDF]


RepuScore: Collaborative Reputation Management Framework for Email Infrastructure. 

G. Singaraju and B. Kang

LISA 2007 [PDF]


Peer-to-Peer Botnets: Overview and Case Study. 

J. Grizzard, V. Sharma, C. Nunnery, B. Kang and D. Dagon. 

(Cited by 340 times since its publication in Fall 2007)

USENIX HOTBOTS 2007 [PDF]


Privilege Messaging: An Authorization Framework over Email Infrastructure

B. Kang , G. Singaraju, and S. Jain

USENIX 20th Large Installation System Administration Conference (USENIX LISA), 2006 [PDF]


RegColl: Centralized Registry Framework for Infrastructure System Management

B. Kang, V. Sharma, and P. Thanki

USENIX 19th Large Installation System Administration Conference (USENIX LISA), 2005 [PDF]

Decentralized Peer-to-Peer Botnet Architectures

B. Kang and C. Nunnery

Book Chapter: "Advances in Information & Intelligent Systems", 2009 Springer Studies in Computational Intelligence, SCI 251, pp. 251?264. Springer-Verlag Berlin Heidelberg 2009 

http://link.springer.com/chapter/10.1007/978-3-642-04141-9_12


Spam Detection Using Network-Level Characteristics 

B. Kang and G. Singaraju

Encyclopedia of Cryptography and Security, 2nd Edition, Springer 2011 

http://www.informatik.uni-trier.de/~ley/db/reference/crypt/crypt2011.html


Unpacking Malware 

B. Kang and G. Sinclair

Encyclopedia of Cryptography and Security, 2nd Edition, Springer 2011 

http://www.informatik.uni-trier.de/~ley/db/reference/crypt/crypt2011.html


DNS-Based Botnet Detection 

B. Kang and M. Lim

Encyclopedia of Cryptography and Security, 2nd Edition, Springer 2011 

http://www.informatik.uni-trier.de/~ley/db/reference/crypt/crypt2011.html


Dynamic Analysis Of Malware

B. Kang and A. Srivastava

Encyclopedia of Cryptography and Security, 2nd Edition, Springer 2011 

http://www.informatik.uni-trier.de/~ley/db/reference/crypt/crypt2011.html

Teaching Security With Network Testbeds

J. Mirkovic, M. Ryan, J. Hickey, K. Sklower, P. Reiher, P. Peterson, B. Kang, M. Chuah, D. Massey, G. Ragusa

SIGCOMM 2011 Education Workshop. 

http://edusigcomm.info.ucl.ac.be/pmwiki/uploads/Workshop2011/20110312001/sigedu.pdf 

(Also appeared in SIGCOMM Computer Communication Review)


Interactive simulation tools for information assurance education

H. Yu, K. Williams, J. Xu, X. Yuan, B. Chu, B. Kang, T. Kombol

Proceedings of the Second Annual Conference on Education in Information Security (ACEIS), 2009


Unified Table Approach for Typographic Rendering

B. Kang (Sole Author)

Electronic Publishing, Artistic Imaging, and Digital Typography, 7th International Conference on Raster Imaging and Digital Typography (RIDT), 1998, Lecture Notes in Computer Science (LNCS), Springer Verlag, St. Malo, France, 1998. Volume 1375/1998, 55-65, DOI: 10.1007/BFb0053262 

http://www.springerlink.com/content/26466n942338t236/

COURSE

IS632: Hypervisor System Security (Spring)

Hypervisor is a software platform that virtualizes computer hardware to support multiple instances of operating system running concurrently on a shared hardware system. Hypervisors are also widely used for cloud-based hosting service. This hypervisor platform can be utilized for higher degree of isolation for computer security monitoring and analysis. It provides an adequate environment for building kernel integrity monitors. This course will provide the fundamentals and inner-workings of hypervisors in the context of designing new security, monitoring, and analysis tools.

IS631: Kernel System Security (Fall)

Operating system kernel is the most critical component in the system as it provides the basic functionalities and the secure environment in which applications run and operate. In this course, the fundamentals of OS kernel and system programming, principles and operation of the open-source Linux operating system are taught with an emphasis on security aspect, so that students can acquire a comprehensive understanding of operating system kernel, analysis methods and countermeasures against various rootkit malware that compromise and manipulate operating system.

ADDRESS
N5 2320 at KAIST,

291 Daehak-ro,

Yuseong-gu, Daejeon,

Republic of Korea 305-701

CONTACTS
Phone: +82 (42) 350-8338