S3 Lab - Software & Systems Security Laboratory

security people

Yuseok Jeon
Yuseok Jeon
Affiliated Faculty
Doowon Kim
Doowon Kim
Affiliated Faculty
Junghwan (John) Rhee
Junghwan (John) Rhee
Affiliated Faculty
Vasuki Shankar
Vasuki Shankar
Masters student
Benjamin Stark
Benjamin Stark
Masters student
Ishpreet Bhasin
Ishpreet Bhasin
Undergraduate student

security courses and seminar

Software & Systems Security Seminar

A group seminar to read and discuss papers from recent and imminent top-tier security conferences.

CS 6324: Information Security

A comprehensive study of security vulnerabilities in information systems and the basic techniques for developing secure applications and practicing safe computing.

CS 6301: Special Topics in Computer Science - Security of CPS & IoT Systems

This graduate-level course covers security issues relating to cyber-physical systems and the Internet of Things.

security projects

Trusted Things Trusted Things

The Trusted Things project develops new software systems to enable secure IoT leveraging trusted execution environment techniques.

Shear Shear

The Shear project creates a secure environment for the least-authority execution of over-privileged applications that may be exploited by adversaries to launch privileged attacks.

RetroFirm RetroFirm

The RetroFirm project focuses on analyzing and modifying the off-the-shelf firmware binary images of various cyber-physical and IoT systems to enhance their security.

PeriShield PeriShield

The PeriShield project analyzes the security of various types of peripheral devices and it develops cutting-edge tools to detect/prevent malicious peripherals.

AI Vault AI Vault

The AI Vault project designs and develops a new trusted execution environment tailored to run artificial intelligence and machine learning programs on modern AI platforms (e.g., cloud and embedded devices) while providing strong data confidentiality and high efficiency.

AutoInsight AutoInsight

The AutoInsight project applies advanced techniques in software security and control systems to build a new security analysis platform for self-driving car systems.

RetroV RetroV

Robotic vehicles (as known as drones) are facing various threats of cyber-physical attacks that exploit their security vulnerabilities. RetroV develops automated analysis tools to find such vulnerabilities in existing robotic vehicle systems retrospectively and retrofits their design against advanced cyber-physical attacks.

CLUE CLUE

The CLUE project develops an infrastructure to detect and diagnose system anomalies in enterprise systems. These anomalies include stealthy malware and other types of hidden system anomalies. CLUE provides a diverse set of tools to find and understand such anomalies with minimal disruption to the target system.

CAFE CAFE

Cloud Application Function Enclave (CAFE) is an end-to-end framework for confidential distribution and execution of cloud applications. Attackers with a reverse-engineering capability may steal or manipulate sensitive application logic. CAFE prevents such attempts using hypervisor- and hardware-based techniques.

recent security publications (see all)

PASAN: Detecting Peripheral Access Concurrency Bugs within Bare-metal Embedded Applications
Taegyu Kim, Vireshwar Kumar, Junghwan (John) Rhee, Jizhou Chen, Kyungtae Kim, Chung Hwan Kim, Dongyan Xu, and Dave (Jing) Tian
In Security 2021 [ pdf :: bibtex ]
Vessels: Efficient and Scalable Deep Learning Prediction on Trusted Processors
Kyungtae Kim, Chung Hwan Kim, Junghwan (John) Rhee, Xiao Yu, Haifeng Chen, Dave (Jing) Tian, and Byoungyoung Lee
In SOCC 2020 [ pdf :: slides :: bibtex ]
Detecting Malware Injection with Program-DNS Behavior
Yixin Sun, Kangkook Jee, Suphannee Sivakorn, Zhichun Li, Cristian Lumezanu, Lauri Korts-Pàˆrn, Zhenyu Wu, Junghwan (John) Rhee, Chung Hwan Kim, Mung Chiang, and Prateek Mittal
In EuroS&P 2020 [ pdf :: bibtex ]
From Control Model to Program: Investigating Robotic Aerial Vehicle Accidents with Mayday
Taegyu Kim, Chung Hwan Kim, Altay Ozen, Fan Fei, Zhan Tu, Xiangyu Zhang, Xinyan Deng, Dave (Jing) Tian, and Dongyan Xu
In Security 2020 [ pdf :: slides :: bibtex ]