I am an Associate Professor in the Computer Science department at the University of Georgia and an Associate Director in the Institute for Cybersecurity and Privacy.
I have a Ph.D from the Department of Computer Science at Purdue University. I was co-advised by Dr. Xiangyu Zhang and Dr. Dongyan Xu. I got my Master and B.S in Computer Engineering from Hong-Ik University in Korea, and and my Master's thesis advisor was Dr. Sam H. Noh.
My research focuses on software security and cyber forensics. I am particularly interested in building practical solutions to improve the security and reliability of software and systems. I am also interested in developing fundamental primitives to analyze and investigate advanced cyber-attacks.
Cyber security, Software reliability and security; Mobile Security; Program Analysis; Software engineering; Distributed Systems;
I am (always) looking for motivated (graduate and undergraduate) students with solid system and/or security background. If you are interested in working with me, please drop me an email.
Find My Sloths: Automated Comparative Analysis of How Real Enterprise Computers Keep Up with the Software Update Races In Proceedings of the 8th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA'21)
Graalf: Supporting graphical analysis of audit logs for forensics In Software Impacts paper
A Novel AI-based Methodology for Identifying Cyber Attacks in Honey Pots In Innovative Applications of AI, Emerging Applications (AAAI'21) paper
C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis In Proceedings of the 28th Network and Distributed System Security (NDSS'21) paper
When Push Comes to Ads: Measuring the Rise of (Malicious) Push Advertising In Proceedings of the ACM Internet Measurement Conference 2020 (IMC'20) paper
Fuzzification: Anti-Fuzzing Techniques, In Proceedings of the 28th USENIX Security Symposium (Security'19) pdf
Kernel-Supported Cost-Effective Audit Logging for Causality Tracking, In Proceedings of the 2018 Usenix Annual Technical Conference (ATC'18) pdf
MCI : Modeling-based Causality Inference in Audit Logging for Attack Investigation, In Proceedings of the 25th Network and Distributed System Security (NDSS'18) pdf
MPI: Multiple Perspective Attack Investigation with Semantic Aware Execution Partitioning, In Proceedings of the 26th Usenix Security Symposium (Security'17) pdf Distinguished Paper Award
DroidForensics: Accurate Reconstruction of Android Attacks via Multi-layer Forensic Logging, In Proceedings of ACM Asia Conference on Computer and Communications Security (AsiaCCS'17) pdf
Enabling Reconstruction of Attacks on Users via Efficient Browsing Snapshots, In Proceedings of the 24th Network and Distributed System Security (NDSS'17) pdf
A2C: Self Destructing Exploit Executions via Input Perturbation, In Proceedings of the 24th Network and Distributed System Security (NDSS'17) pdf
emphaSSL: Towards Emphasis as a Mechanism to Harden Networking Security in Android Apps, In Proceedings of IEEE GLOBCOM (Globecom'16) pdf
SBBox: A Tamper-Resistant Digital Archiving System, In International Journal of Cyber-Security and Digital Forensics (IJCSDF) 2016 Volume 5 [link]
PerfGuard: Binary-Centric Application Performance Monitoring in Production Environments, In Proceedings of ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE'16) pdf
2015 and Before
Accurate, Low Cost and Instrumentation-Free Security Audit Logging for Windows, In Proceedings of Annual Computer Security Applications Conference (ACSAC'15) pdf
Infrastructure-Free Logging and Replay of Concurrent Execution on Multiple Cores, In Proceedings of the European Conference on Object-Oriented Programming (ECOOP'14) pdf
LogGC: Garbage Collecting Audit Log, In Proceedings of ACM Conference on Computer and Communications Security (CCS'13) pdf
High Accuracy Attack Provenance via Binary-Based Execution Partition, In Proceedings of the 20th Network and Distributed System Security (NDSS'13) pdf
Unified Debugging of Distributed Systems with Recon, In Proceedings of IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'11) pdf
Toward Generating Reducible Replay Log, In Proceedings of ACM SIGPLAN conference on Programming Language Design and Implementation (PLDI'11) pdf
PRES: Probabilistic Replay with Execution Sketching on Multiprocessors, In Proceedings of ACM Symposium on Operating Systems Principles (SOSP'09) pdf
CISpan: Comprehensive Incremental Mining Algorithms of Closed Sequential Patterns for Multi-Versional Software Mining, In Proceedings of SIAM International Conference on Data Mining (SDM'08) pdf
Augmenting RAID with an SSD for Energy Relief, In Workshop on Power Aware Computing and Systems (HotPower'08) pdf
Write-Aware Buffer Cache Management Scheme for Nonvolatile RAM, In Proceedings of International Conference on Advances in Computer Science and Technology (ACST'08) pdf