Web Analytics
S3 Lab - Software & Systems Security Laboratory
Shear logo


The Shear project creates a secure environment for the least-authority execution of over-privileged applications that may be exploited by adversaries to launch privileged attacks. We use advanced program analysis and operating systems techniques to extract the minimal authority of a program and enforce it at run-time.

Available Work

  • PoLPer: a least-privilege enforcement tool for setuid calls (paper)


Zelun Kong
Zelun Kong
PhD student


FreePart: Hardening Data Processing Software via Framework-based Partitioning and Isolation (to appear)
Ali Ahmad, Gang Wang, Chung Hwan Kim, Suman Jana, Zhiqiang Lin, and Yonghwi Kwon
In ASPLOS 2024 [ bibtex ]
PoLPer: Process-Aware Restriction of Over-Privileged Setuid Calls in Legacy Applications
Yuseok Jeon, Junghwan Rhee, Chung Hwan Kim, Zhichun Li, Mathias Payer, Byungyoung Lee, and Zhenyu Wu
In CODASPY 2019 [ pdf :: slides :: bibtex ]