Computer and Communication Security Laboratory

Computer & Communication Security Laboratory (CCS Lab) was established in 2004 for the purpose of studying security problems and proper countermeasures. The members of CCS Lab are pursuing research on system security and network security. We take part in activities related to computer security and cooperate with professors and researchers inside and outside the country for research advances. We continue to publish the results of our researches and projects in the major international journals and conferences.

CCSLAB - Main

News

2021/09/09	Seunghoon's paper, V0Finder (SECURITY 2021), is introduced as news articles
The articles introduce the research results of V0Finder, which discovers the Vulnerability Zero (VZ, the software where a vulnerability first originated) of software vulnerabilities, and the importance of discovering VZs in the perspective of prompt vulnerability detection and patching process. (https://www.boannews.com/media/view.asp?idx=100545) (http://www.kyosu.net/news/articleView.html?idxno=76034)
2021/02/19	Seunghoon's paper, CENTRIS (ICSE 2021), is introduced as a news article in The Daily Swig
The article introduces the research results of CENTRIS, which identifies modified OSS components accounting for 95% real-world popular OSS ecosystem, and its significance in terms of security and the software supply chain management. (https://portswigger.net/daily-swig/centris-new-tool-helps-prevent-software-supply-chain-attacks-by-flagging-modified-open-source-components)
2020/09/25	It has been published as a special feature article in the 2020 issue of 'Engineering Journal' on the theme of 'Going to Korea University Blockchain Research Institute'
Pre-checking and preventing security vulnerabilities caused by open source code reuse in the block chain has been introduced. Picture
2020/07/13	MBC news regarding the safety problem by the security vulnerabilities is reported at July 13, 2020
One message can stop a fast moving scooter remotely which can be fatal to the user. The news story is based on the analysis by CCS lab members. (https://imnews.imbc.com/replay/2020/nwdesk/article/5841148_32524.html) (Video with English subtitles: https://youtu.be/H23Ezt5QGq4")
2018/09/14	CCSLAB got the 1st prize for UDC2018 contest
CCSLAB got the first prize for the UDC2018 contest with SmartWall, the firewall system for the smart contract. Picture
2018/09/14	Prof. Lee presented about blockchain security in UDC2018
Professor presented about software security issues can be included such as vulnerability propagation through the code clones of open source software (OSS) and the existence of same vulnerabilities in multiple locations via the code reuse of reference implementations through the sessions. (https://youtu.be/LnLWcQlR3Bw)

Registered CVEs

2021/08/04	CVE-2021-37232	Choongin Lee, Taewoo Kim
2021/08/04	CVE-2021-37231	Choongin Lee, Taewoo Kim
N/A	CVE-2020-10137	Nkuba Kayembe Carlos
N/A	CVE-2020-9061	Nkuba Kayembe Carlos
N/A	CVE-2020-9060	Nkuba Kayembe Carlos
N/A	CVE-2020-9059	Nkuba Kayembe Carlos
N/A	CVE-2020-9058	Nkuba Kayembe Carlos
N/A	CVE-2020-9057	Nkuba Kayembe Carlos
2020/12/25	CVE-2020-35376	Seunghoon Woo, Seongkyong Kwon
N/A	CVE-2020-20412	Seunghoon Woo, Seongkyong Kwon
2020/06/15	CVE-2020-14147	Seunghoon Woo

Publication

2021/12/06	Dicos: Discovering Insecure Code Snippets from Stack Overflow Posts by Leveraging User Discussions, Annual Computer Security Applications Conference (ACSAC)	Hyunji Hong
2021/11/23	오픈소스 SW 공급망 공격 대응기술 동향, 금융보안원-전자금융과 금융보안	이희조
2021/11/12	METHOD FOR IDENTIFYING OPEN-SOURCE SOFTWARE COMPONENTS AT THE SOURCE-CODE LEVEL	Heejo Lee
2021/10/22	METHOD FOR DETECTING SOFTWARE VULNERABILITY BASED ON BINARY CODE CLONE	Heejo Lee
2021/10/15	METHOD FOR IDENTIFYING OPEN-SOURCE SOFTWARE COMPONENTS AT THE SOURCE-CODE LEVEL	Heejo Lee
2021/08/11	V0Finder: Discovering the Correct Origin of Publicly Reported Software Vulnerabilities, USENIX Security Symposium (Security)	Seunghoon Woo
2021/06/23	Secure and Scalable IoT: An IoT Network Platform Based on Network Overlay and MAC security, International Conference on ICT Systems Security and Privacy Protection (IFIP SEC)	Junwon Lee
2021/06/22	QuickBCC: Quick and Scalable Binary Vulnerable Code Clone Detection, International Conference on ICT Systems Security and Privacy Protection (IFIP SEC)	Hajin Jang*
2021/06/21	OctoPoCs: Automatic Verification of Propagated Vulnerable Code Using Reformed Proofs of Concept, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)	Seongkyeong Kwon
2021/06/11	An SSH predictive model using machine learning with web proxy session logs, International Journal of Information Security	Junwon Lee
2021/05/24	Resilience Evaluation of Multi-Path Routing against Network Attacks and Failures, Electronics	Hyok An

More Publication...