Secure Systems Lab @ Yonsei University

Current Research Topics

Automated Vulnerability Scanning Systems

This research agenda is centered around enhancing the security of software systems by identifying and fixing vulnerabilities. We aim to achieve this goal by developing novel system-level techniques that can automatically detect latent vulnerabilities in low-level software. Our focus lies in improving the effectiveness, efficiency, or both, of automated vulnerability discovery. Our efforts have resulted in several notable contributions, including Moneta [NDSS '25], ReUSB [USENIX Security '23], Agamotto [USENIX Security '20], and PeriScope [NDSS '19]. These advancements have significantly improved the efficiency and effectiveness of OS kernel vulnerability scanning. Additionally, our survey paper [IEEE S&P '19] examines code sanitization techniques for low-level programming languages such as C/C++, showcasing our comprehensive efforts in this field.

Trustworthy & Privacy-Preserving AI Systems

As software systems (including machine learning systems) handle increasingly sensitive data, such as personal information or intellectual property, it becomes crucial to ensure their protection within a trusted execution environment that is well-isolated from a variety of potential threats. To address this challenge, this research agenda focuses on the design and implementation of systems that leverage hardware security features like ARM TrustZone, alongside software techniques such as micro-hypervisor or compiler-based methods, to achieve trustworthy and confidential computing. Our work in this domain include ASGARD [NDSS '25] and GuardiaNN [Middleware '22], which showcase our efforts in realizing these objectives.

Learning-based Binary Reverse Engineering

Reverse engineering is a labor-intensive task that heavily relies on human effort. While several automated solutions have been proposed, many of them rely on heuristics. Although heuristics serve as practical approximations of the decision-making process of skilled reverse engineers, they are not without limitations. In our ongoing project, we are actively investigating this research area with the goal of exploring novel approaches that leverage state-of-the-art machine learning techniques to address various challenges in reverse engineering. As a result of our research efforts, we developed XBA [ISSTA '22], which demonstrates our contribution in this direction.