About me:

I am an Associate Professor in the Computer Science department at the University of Georgia and an Associate Director in the Institute for Cybersecurity and Privacy.
I have a Ph.D from the Department of Computer Science at Purdue University. I was co-advised by Dr. Xiangyu Zhang and Dr. Dongyan Xu. I got my Master and B.S in Computer Engineering from Hong-Ik University in Korea, and and my Master's thesis advisor was Dr. Sam H. Noh.
My research focuses on software security and cyber forensics. I am particularly interested in building practical solutions to improve the security and reliability of software and systems. I am also interested in developing fundamental primitives to analyze and investigate advanced cyber-attacks.

Research Interests:

Cyber security, Software reliability and security; Mobile Security; Program Analysis; Software engineering; Distributed Systems;

Prospective Students:

I am (always) looking for motivated (graduate and undergraduate) students with solid system and/or security background. If you are interested in working with me, please drop me an email.

Teaching:

• CSCI4270/6270 - Introduction to Computer Forensics [Fall 2023]
• CSCI4250/6250 - Computer Security [Spring2018]
• CSCI4730/6730 - Operating Systems [Fall2015, Spring2017, Fall 2017, Fall 2019, Fall 2020, Spring 2021, Fall 2022, Fall 2024]
• CSCI8240 - Software Security and Cyber Forensics [Spring2016, Fall2017, Fall2018, Spring 2021, Spring 2023, Spring 2024]
• CSCI8060 - Advanced Software Engineering [Spring2015, Fall2016]
• CSCI4900/6900 - Program Analysis for Software Reliability and Security [Fall2014]

Current Students:

• An Chen (PhD student)
• Basanta Chaulagain (PhD student)
• Kevin Jain (MS student)
• Josh Messitte (MS student)

Former Students:

• Xingzi Yuan (Square)
• Omid Setayeshfar (Facebook)
• Ruoyan Cai (Amazon)
• Sean Frankum (United States Department of Defense)
• Akshay Kokane (Microsoft)
• Matt Jones (Research Scientist at Georgia Tech Research Institute (CIPHER))
• Anderson Kunho Kim (Master student at Georgia Tech)
• Urvashi Sharma (Goldman Sachs)
• Lovina D'mello (Oracle)
• Pranav Panage (Shape Security)

Publications:

2025

RaceDB: Detecting Request Race Vulnerabilities in Database-Backed Web Applications An Chen, Yonghwi Kwon, and Kyu Hyung Lee. In Proceedings of the 46th IEEE Symposium on Security and Privacy (S&P 2025) paper

2024

FA-SEAL: Forensically Analyzable Symmetric Encryption for Audit Logs Basanta Chaulagain and Kyu Hyung Lee. In Proceedings of the 40th Annual Computer Security Applications Conference (ACSAC 2024) paper

Unveiling IoT Security in Reality: A Firmware-Centric Journey Nicolas Nino, Ruibo Lu, Wei Zhou, Kyu Hyung Lee, Ziming Zhao, and Le Guan. In Proceedings of the 33th USENIX Security Symposium (Security 2024) paper

RustLIVE: Reducing the Learning Barriers of Rust Through Visualization Diane B. Stephens, Kyu Hyung Lee, Mustakimur Rahman Khandaker. Frontiers in Education 2024 (FIE 2024) paper

2023

SynthDB: Synthesizing Database via Program Analysis for Security Testing of Web Applications An Chen, JiHo Lee, Basanta Chaulagain, Yonghwi Kwon, and Kyu Hyung Lee. In Proceedings of the 30th Network and Distributed System Security (NDSS 2023) paper

Linking Blockchain Technology and Digital Advertising: How Blockchain Technology Can Enhance Digital Advertising to Be More Effective, Efficient, and Trustworthy Jooyoung Kim, Kyu Hyung Lee, and Jaemin Kim Journal of Business Research paper

2022

Privacy invasion via smart-home hub in personal area networks Omid Setayeshfar, Karthika Subramani, Xingzi Yuan, Raunak Dey, Dezhi Hong, In Kee Kim, and Kyu Hyung Lee. In the Pervasive and Mobile Computing Journal (PMC 2022) paper

Hiding Critical Program Components via Ambiguous Translation Chijung Jung, Doowon Kim, An Chen, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon. In Proc. of the 44th International Conference on Software Engineering (ICSE 2022) paper

2021

Defeating Program Analysis Techniques via Ambiguous Translation Chijung Jung, Doowon Kim, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon. In Proc. of 36th IEEE/ACM International Conference on Automated Software Engineering (New Ideas and Emerging Results Track) (ASE NIER 2021) paper

TRACE: Enterprise-Wide Provenance Tracking for Real-Time APT Detection Hassaan Irshad, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Kyu Hyung Lee, Jignesh Patel, Somesh Jha, Yonghwi Kwon, Dongyan Xu, and Xiangyu Zhang. In IEEE Transactions on Information Forensics and Security (IEEE TIFS 2021) paper

ChatterHub: Privacy Invasion via Smart Home Hub Omid Setayeshfar, Karthika Subramani, Xingzi Yuan, Raunak Dey, Dezhi Hong, Kyu Hyung Lee, In Kee Kim. In Proceedings of the IEEE International Conference on Smart Computing (SMARTCOMP'21) paper

Find My Sloths: Automated Comparative Analysis of How Real Enterprise Computers Keep Up with the Software Update Races Omid Setayeshfar, John Junghwan Rhee, Chung Hwan Kim, Kyu Hyung Lee. In Proceedings of the 8th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'21) paper

Graalf: Supporting graphical analysis of audit logs for forensics Omid Setayeshfar, Christian Adkins, Matthew Jones, Kyu Hyung Lee, Prashant Doshi. In Software Impacts paper

A Novel AI-based Methodology for Identifying Cyber Attacks in Honey Pots Muhammed AbuOdeh, Christian Adkins, Omid Setayeshfar, Prashant Doshi, Kyu Hyung Lee. In Innovative Applications of AI, Emerging Applications (AAAI'21) paper

C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis Yonghwi Kwon, Weihang Wang, Jinho Jung, Kyu Hyung Lee, Roberto Perdisci. In Proceedings of the 28th Network and Distributed System Security (NDSS'21) paper

2020

When Push Comes to Ads: Measuring the Rise of (Malicious) Push Advertising Karthika Subramani, Xingzi Yuan, Omid Setayeshfar, Phani Vadrevu, Kyu Hyung Lee, Roberto Perdisci. In Proceedings of the ACM Internet Measurement Conference 2020 (IMC'20) paper

2019

Fuzzification: Anti-Fuzzing Techniques, Jinho Jung, Hong Hu, David Solodukhin, Daniel Pagan, Kyu Hyung Lee, Taesoo Kim. In Proceedings of the 28th USENIX Security Symposium (Security'19) pdf

2018

Kernel-Supported Cost-Effective Audit Logging for Causality Tracking, Shiqing Ma, Juan Zhai, Yonghwi Kwon, Kyu Hyung Lee, Xiangyu Zhang, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Dongyan Xu, Somesh Jha. In Proceedings of the 2018 Usenix Annual Technical Conference (ATC'18) pdf

JSgraph: Enabling Reconstruction of Web Attacks via Efficient Tracking of Live In-Browser JavaScript Executions, Bo Li, Phani Vadrevu, Kyu Hyung Lee, Roberto Perdisci. In Proceedings of the 25th Network and Distributed System Security (NDSS'18) pdf

MCI : Modeling-based Causality Inference in Audit Logging for Attack Investigation, Yonghwi Kwon, Fei Wang, Weihang Wang, Kyu Hyung Lee, Wen-Chuan Lee, Shiqing Ma, Xiangyu Zhang, Dongyan Xu, Somesh Jha, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran. In Proceedings of the 25th Network and Distributed System Security (NDSS'18) pdf

2017

MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning, Shiqing Ma, Juan Zhai, Fei Wang, Kyu Hyung Lee, Xiangyu Zhang, Dongyan Xu In Proceedings of the 26th Usenix Security Symposium (Security'17) pdf Distinguished Paper Award

DroidForensics: Accurate Reconstruction of Android Attacks via Multi-layer Forensic Logging, Xingzi Yuan, Omid Setayeshfar, Hongfei Yan, Pranav Panage, Xuetao Wei, Kyu Hyung Lee. In Proceedings of ACM Asia Conference on Computer and Communications Security (AsiaCCS'17) pdf

Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots, Phani Vadrevu, Jienan Liu, Bo Li, Babak Rahbarinia, Kyu Hyung Lee, Roberto Perdisci. In Proceedings of the 24th Network and Distributed System Security (NDSS'17) pdf

A2C: Self Destructing Exploit Executions via Input Perturbation, Yonghwi Kwon, Brendan Saltaformaggio, I Luk Kim, Kyu Hyung Lee, Xiangyu Zhang, Dongyan Xu. In Proceedings of the 24th Network and Distributed System Security (NDSS'17) pdf

2016

emphaSSL: Towards Emphasis as a Mechanism to Harden Networking Security in Android Apps, Xuetao Wei, Michael Wolf, Lei Guo, Kyu Hyung Lee, Ming-Chun Huang, and Nan Niu. In Proceedings of IEEE GLOBCOM (Globecom'16) pdf

SBBox: A Tamper-Resistant Digital Archiving System, Monjur Alam, Zhe Cheng Lee, Chrysostomos Nicopoulos, Kyu Hyung Lee, Jongman Kim, Junghee Lee. In International Journal of Cyber-Security and Digital Forensics (IJCSDF) 2016 Volume 5 [link]

PerfGuard: Binary-Centric Application Performance Monitoring in Production Environments, Chung Hwan Kim, Junghwan Rhee, Kyu Hyung Lee, Xiangyu Zhang and Dongyan Xu. In Proceedings of ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE'16) pdf

2015 and Before

Accurate, Low Cost and Instrumentation-Free Security Audit Logging for Windows, Shiqing Ma, Kyu Hyung Lee, Chung Hwan Kim, Junghwan Rhee, Xiangyu Zhang and Dongyan Xu. In Proceedings of Annual Computer Security Applications Conference (ACSAC'15) pdf

Infrastructure-Free Logging and Replay of Concurrent Execution on Multiple Cores, Kyu Hyung Lee, Dohyeong Kim and Xiangyu Zhang. In Proceedings of the European Conference on Object-Oriented Programming (ECOOP'14) pdf

LogGC: Garbage Collecting Audit Log, Kyu Hyung Lee, Xiangyu Zhang and Dongyan Xu. In Proceedings of ACM Conference on Computer and Communications Security (CCS'13) pdf

High Accuracy Attack Provenance via Binary-Based Execution Partition, Kyu Hyung Lee, Xiangyu Zhang and Dongyan Xu. In Proceedings of the 20th Network and Distributed System Security (NDSS'13) pdf

Unified Debugging of Distributed Systems with Recon, Kyu Hyung Lee, Nick Sumner, Xiangyu Zhang and Patrick Eugster. In Proceedings of IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'11) pdf

Toward Generating Reducible Replay Log, Kyu Hyung Lee, Yunhui Zheng, Nick Sumner and Xiangyu Zhang. In Proceedings of ACM SIGPLAN conference on Programming Language Design and Implementation (PLDI'11) pdf

PRES: Probabilistic Replay with Execution Sketching on Multiprocessors, Soyeon Park, Weiwei Xiong, Zuoning Yin, Rini Kaushik, Kyu H. Lee, Shan Lu and Yuanyuan Zhou. In Proceedings of ACM Symposium on Operating Systems Principles (SOSP'09) pdf

PFC: Transparent Optimization of Existing Prefetching Strategies for Multi-level Storage Systems, Zhe Zhang*, Kyuhyung Lee*, Xiaosong Ma, and Yuanyuan Zhou. In Proceedings of International Conference on Distributed Computing Systems (ICDCS'08) pdf
* These authors contributed equally to this work.

CISpan: Comprehensive Incremental Mining Algorithms of Closed Sequential Patterns for Multi-Versional Software Mining, Ding Yuan, Kyuhyung Lee, Hong Cheng, Gopal Krishna, Zhenmin Li, Xiao Ma, Yuanyuan Zhou and Jiawei Han. In Proceedings of SIAM International Conference on Data Mining (SDM'08) pdf

Augmenting RAID with an SSD for Energy Relief, Hyo J. Lee, Kyu H. Lee and Sam H. Noh. In Workshop on Power Aware Computing and Systems (HotPower'08) pdf

Write-Aware Buffer Cache Management Scheme for Nonvolatile RAM, Kyu Hyung Lee, In Hwan Doh, Jongmoo Choi, Donghee Lee, and Sam H. Noh. In Proceedings of International Conference on Advances in Computer Science and Technology (ACST'08) pdf