_config.yml

name: KAIST WSP Lab
description: KAIST Web Security & Privacy Lab
avatar: /images/logo-icon.svg
url: https://wsp-lab.github.io

main-images:
  - /images/main-photo_1.jpg
  - /images/main-photo_2.jpg
  - /images/main-photo_3.jpg

footer-links:
  dribbble:
  email: sl.son@kaist.ac.kr
  facebook:
  flickr:
  github: WSP-LAB
  instagram:
  linkedin:
  pinterest:
  rss: # just type anything here for a working RSS icon
  twitter:
  stackoverflow: # your stackoverflow profile, e.g. "users/50476/bart-kiers"
  youtube: # channel/<your_long_string> or user/<user-name>
  googleplus: # anything in your profile username that comes after plus.google.com/

disqus:

google_analytics: UA-62491243-6

baseurl: ""
permalink: /:title/

version: v1.2.0

kramdown:
  input: GFM
  syntax_highlighter: rouge
  syntax_highlighter_opts:
    css_class: 'highlight'

research:
  - subject: "R1. Analyzing security/privacy risks in Machine Learning (ML) models"
    list:
    - title: "[NeurIPS'22] Learning to Generate Inversion-Resistant Model Explanations"
      contents: "Previous studies have demonstrated that an adversary can reconstruct original images based on model explanations, thus leaking privacy-sensitive features. To this end, we present Generative Noise Injector for Model Explanations (GNIME), a novel defense framework that perturbs model explanations to minimize the risk of model inversion attacks while preserving the interpretabilities of the generated explanations. Specifically, we formulate the defense training as a two-player minimax game between the inversion attack network on the one hand and the noise generator network on the other. We demonstrate that GNIME significantly decreases the information leakage in model explanations, decreasing transferable classification accuracy in facial recognition models by up to 84.8% while preserving the original functionality of model explanations."
      photo: /images/GNIME.png
      horizontal: true
      paper: /papers/jeong_neurips22.pdf
      code: https://github.com/WSP-LAB/GNIME

    - title: "[TDSC'22] Evaluating the Robustness of Trigger Set-Based Watermarks Embedded in Deep Neural Networks"
      contents: "Trigger set-based watermarking schemes have gained emerging attention as they provide a means to prove ownership for deep neural network model owners. In this paper, we argue that state-of-the-art trigger set-based watermarking algorithms do not achieve their designed goal of proving ownership. We conduct a comprehensive adversarial evaluation of 11 representative watermarking schemes against six of the existing attacks and demonstrate that each of these watermarking schemes lacks robustness against at least two attacks. We encourage follow-up studies to consider our guidelines when evaluating the robustness of their watermarking schemes via conducting comprehensive adversarial evaluation to demonstrate a meaningful upper bound of watermark robustness."
      photo: /images/wmeval.png
      horizontal: true
      paper: /papers/lee-tdsc22.pdf

  - subject: "R2. Building tools for finding vulnerabilities in server/client-side web applications"
    list:
    - title: "[NDSS'23] DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement through Differential Testing"
      contents: "This paper proposes DiffCSP, the first differential testing framework to find Content Security Policy (CSP) enforcement bugs involving JS execution. DiffCSP generates CSPs and a comprehensive set of HTML instances that exhibit all known ways of executing JS snippets. DiffCSP then executes each HTML instance for each generated policy across different browsers, thereby collecting inconsistent execution results. We demonstrate the efficacy of DiffCSP by finding 29 security bugs and eight functional bugs. We further identify the common root causes of CSP enforcement bugs. We confirm the risky trend of client browsers deriving completely different interpretations from the same CSPs, which raises security concerns. Our findings have contributed to patching 12 security bugs in major browsers, including Chrome and Safari."
      photo: /images/DiffCSP.png
      paper: /papers/wi-diffcsp-ndss23.pdf
      code: https://github.com/WSP-LAB/DiffCSP

    - title: "[USENIX Security'22] FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities"
      contents: "Exploiting a PHP object injection (POI) vulnerability often requires sophisticated property-oriented programming to shape an injection object. Existing off-the-shelf tools focus only on identifying potential POI vulnerabilities without confirming the presence of any exploit objects. To this end, we propose FUGIO, the first automatic exploit generation (AEG) tool for POI vulnerabilities. FUGIO conducts coarse-grained static and dynamic program analyses to generate a list of gadget chains that serve as blueprints for exploit objects. FUGIO then runs fuzzing campaigns using these identified chains and produces exploit objects. FUGIO generated 68 exploit objects from 30 applications containing known POI vulnerabilities with zero false positives. FUGIO also found two previously unreported POI vulnerabilities with five exploits, demonstrating its efficacy in generating functional exploits."
      photo: /images/FUGIO.png
      horizontal: true
      paper: /papers/park-fugio-sec22.pdf
      code: https://github.com/WSP-LAB/FUGIO

    - title: "[WWW'22] Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning"
      contents: "Off-the-shelf black-box web scanners suffer from unscalable testing as well as false negatives that stem from a testing strategy that employs fixed attack payloads, thus disregarding the exploitation of contexts to trigger vulnerabilities. To this end, we propose a novel method of adapting attack payloads to a target reflected XSS vulnerability using reinforcement learning (RL). We present Link, a general RL framework whose states, actions, and a reward function are designed to find reflected XSS vulnerabilities in a black-box and fully automatic manner. Link finds 45, 213, and 60 vulnerabilities with no false positives in Firing-Range, OWASP, and WAVSEP benchmarks, respectively. Link also finds 43 vulnerabilities in 12 real-world applications, demonstrating the promising efficacy of using RL in finding reflected XSS vulnerabilities."
      photo: /images/Link.png
      horizontal: true
      paper: /papers/lee-link-www22.pdf
      code: https://github.com/WSP-LAB/Link

    - title: "[WWW'22] HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs"
    - title: "[NDSS'21] The Abuser Inside Apps: Finding the Culprit Committing Mobile Ad Fraud"
    - title: "[USENIX Security'20] Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer"
    - title: "[NDSS'20] FUSE: Finding File Upload Bugs via Penetration Testing"

  - subject: "R3. Finding security/privacy vulnerabilities in web services"
    list:
    - title: "[USENIX WOOT'19] Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO"
      contents: "We investigate the design architecture of EOS.IO. Based on this investigation, we introduce four attacks whose root causes stem from the unique characteristics of EOS.IO, including intentionally slowing down the block creation time—which can disrupt the essential functions of its blockchain and incapacitate the entire EOS.IO system. We  also find that an adversary can partially freeze the execution of a target smart contract or maliciously consume all the resources of a target user with crafted requests. We report all the identified threats to the EOS.IO foundation, one of which is confirmed to be fatal. Finally, we discuss possible mitigations against the proposed attacks."
      photo: /images/EOS.png
      paper: /papers/lee-eos-woot19.pdf

    - title: "[CCS'18] Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications"
      contents: "Progressive Web App (PWA) is a new generation of Web application designed to provide native app-like browsing experiences even when a browser is offline. We conduct the first systematic study of the security and privacy aspects unique to PWAs. We identify security flaws in main browsers as well as design flaws in popular third-party push services, that exacerbate the phishing risk. We introduce a new side-channel attack that infers the victim’s history of visited PWAs. The proposed attack exploits the offline browsing feature of PWAs using a cache. We demonstrate a cryptocurrency mining attack which abuses service workers. Defenses and recommendations to mitigate the identified security and privacy risks are suggested with in-depth understanding."
      photo: /images/PPP.png
      paper: /papers/son-ppp-ccs18.pdf
      code: https://github.com/spostman/ppp-ccs2018

  - subject: "R4. Analyzing online scam/criminal activities occurring on the Internet"
    list:
    - title: "[WWW'23] RICC: Robust Collective Classification of Sybil Accounts"
      contents: "A Sybil attack is a critical threat that undermines the trust and integrity of web services by creating and exploiting a large number of fake (i.e., Sybil) accounts. To mitigate this threat, previous studies have proposed leveraging collective classification to detect Sybil accounts. Recently, researchers have demonstrated that state-of-the-art adversarial attacks are able to bypass existing collective classification methods. To this end, we propose RICC, the first robust collective classification framework, designed to identify adversarial Sybil accounts created by adversarial attacks. RICC significantly outperforms all existing Sybil detection methods, demonstrating superior robustness and efficacy in the collective classification of Sybil accounts."
      photo: /images/RICC.png
      horizontal: true
      paper: /papers/shin-ricc-www23.pdf
      code: https://github.com/WSP-LAB/RICC

    - title: "[MobiSys'22] HearMeOut: Detecting Voice Phishing Activities in Android"
      contents: "In South Korea, voice phishing has been proliferating with the advent of voice phishing apps. However, the voice phishing functionalities that these abusive apps implement are largely understudied. To this end, we analyze 1,017 voice phishing apps and reveal new phishing functionalities: outgoing call redirection, call screen overlay, and fake call voice. We further investigate implementations of these fatal functionalities to distinguish their malicious behaviors from their corresponding behaviors in benign apps. We then propose HearMeOut, an Android system-level service that detects phishing behaviors that phishing apps conduct in runtime and blocks the detected behaviors. HearMeOut achieves high accuracy with no false positives or negatives in classifying phishing behaviors while exhibiting an unnoticeable latency of 0.36 ms on average. Our user study demonstrates that HearMeOut is able to prevent 100% of participants from being phished by providing active warnings."
      photo: /images/HearMeOut.png
      horizontal: true
      paper: /papers/kim-hearmeout-mobisys22.pdf
      code: https://github.com/WSP-LAB/hearmeout

    - title: "[WWW'19] Doppelgängers on the Dark Web: A Large-scale Assessment on Phishing Hidden Web Services"
      contents: "We conducted an in-depth measurement study to demystify the prevalent phishing websites on the Dark Web. We analyzed the text content of 28,928 HTTP Tor hidden services hosting 21 million dark webpages and confirmed 901 phishing domains. We also discovered a trend on the Dark Web in which service providers perceive dark web domains as their service brands. This trend exacerbates the risk of phishing for their service users who remember only a partial Tor hidden service address. Our work facilitates a better understanding of the phishing risks on the Dark Web and encourages further research on establishing an authentic and reliable service on the Dark Web."
      photo: /images/Doppelgängers.png
      paper: /papers/yoon-www19.pdf
      summary: https://cs.kaist.ac.kr/board/view?bbs_id=news&bbs_sn=8793&page=1&skey=subject&svalue=%EC%86%90%EC%88%98%EC%97%98&menu=83


people_prof:
  name: Sooel Son
  photo: /images/sooel.png
  homepage: https://sites.google.com/site/ssonkaist/home

people_phd:
  - name: Suyoung Lee
    photo: /images/swimming.png
    homepage: https://leeswimming.com/
  - name: Sunnyeo Park
    photo: /images/sunnyeo.jpg
    homepage:
  - name: Soyoung Lee
    photo: /images/soyoung.jpg
    homepage:
  - name: Dongwon Shin
    photo: /images/dongwon.jpg
    homepage: https://godeastone.github.io/
  - name: Seongho Keum
    photo: /images/seongho.jpg
    homepage:
  - name: Sungwoo Jeon
    photo: /images/sungwoo.jpg
    homepage:

people_master:
  - name: Junkyu Kang
    photo: /images/junkyu.png
    homepage:
  - name: Yoonha Bahng
    photo: /images/yoonha.png
    homepage:
  - name: Changoo Lee
    photo: /images/changoo.png
    homepage:
  - name: Yongbi Son
    photo: /images/yongbi.png
    homepage:

people_alumni:
  - name: Taekjin Lee
    homepage:
    degree: Master
    work: now at National Security Research Institute, South Korea
  - name: Junghwan Park
    homepage: https://pagez.kr/
    degree: Master
    work: now at Naver, South Korea
  - name: Daejun Kim
    homepage: https://reset-kim.github.io
    degree: Master
    work: now at Theori, South Korea
  - name: Hyuntae Kim
    homepage:
    degree: Master
    work: now at Theori, South Korea
  - name: Hyunjoo Lee
    homepage:
    degree: Master
    work: now at Korea Institute of Nuclear Nonproliferation and Control, South Korea
  - name: Dahun Lee
    homepage:
    degree: Master
    work: now at Theori, South Korea
  - name: Wonho Song
    homepage:
    degree: Master
    work: now at Upstage, South Korea
  - name: Joongyum Kim
    homepage:
    degree: Ph.D.
    work: now at Moloco, South Korea
  - name: Hoyong Jeong
    homepage:
    degree: Master
    work: now at Deeping Source, South Korea
  - name: Seongil Wi
    homepage: https://seongil-wi.github.io/
    degree: Ph.D.
    work: now Assistant Professor at UNIST, South Korea
  - name: Jihwan Kim
    homepage: https://github.com/mdsnins
    degree: Master
    work: now at ENKI, South Korea
  - name: Beomsoo Kim
    homepage:
    degree: Master
    work: now at Hyundai Motor Company, South Korea
  - name: Kiwon Chung
    homepage:
    degree: Master
    work: now at ClumL, South Korea
  - name: Changmin Lee
    homepage:
    degree: Master
    work: now at Rebellions, South Korea

news:
  list:
  - date: Jan, 2025
    comments: A paper accepted in <strong>ICLR'25</strong>!
  - date: Jan, 2025
    comments: A paper accepted in <strong>AsiaCCS'25</strong>!
  - date: Oct, 2024
    comments: A paper accepted in <strong>ACSAC'24</strong>!
  - date: Aug, 2024
    comments: A paper published at <strong>Computers & Security 2024</strong>!
  - date: Sep, 2023
    comments: A paper accepted in <strong>NeurIPS'23</strong>!
  - date: Sep, 2023
    comments: A paper accepted in <strong>CCS'23</strong>!
  - date: Aug, 2023
    comments: Seongil Wi is appointed as an <strong>assistant professor</strong> at UNIST!
  - date: Apr, 2023
    comments: A paper accepted in <strong>ICML'23</strong>!
  - date: Jan, 2023
    comments: A paper accepted in <strong>WWW'23</strong>!
  - date: Dec, 2022
    comments: A paper accepted in <strong>NDSS'23</strong>!
  - date: Dec, 2022
    comments: Seongil Wi awarded <strong>2022 Naver Ph.D. Fellowship</strong>!
  - date: Sep, 2022
    comments: A paper accepted in <strong>NeurIPS'22</strong>!
  - date: May, 2022
    comments: A paper accepted in <strong>MobiSys'22</strong>!
  - date: Feb, 2022
    comments: Soyoung Lee awarded <strong>2022 KAIST SoC Best Thesis Award</strong>!
  - date: Jan, 2022
    comments: Two papers accepted in <strong>WWW'22</strong>!

publications:
  - year: 2025
    list:
    - title: "AdvPaint: Protecting Images from Inpainting Manipulation via Adversarial Attention Disruption"
      authors: Joonsung Jeon, Woo Jae Kim, Suhyeon Ha, Sooel Son, and Sung-eui Yoon
      published: false
      toptier_cs: true
      booktitle: "13th International Conference on Learning Representations (ICLR 2025)"
    - title: "Evaluating Robustness of Reference-based Phishing Detectors"
      authors: Eunjin Roh, Sungwoo Jeon, Sooel Son, and Sanghyun Hong
      published: false
      booktitle: "20th ACM ASIA Conference on Computer and Communications Security (AsiaCCS 2025)"
  - year: 2024
    list:
    - title: "You Only Perturb Once: Bypassing (Robust) Ad-Blockers Using Universal Adversarial Perturbations"
      authors: Dongwon Shin, Suyoung Lee, Sanghyun Hong, and Sooel Son
      published: true
      link: https://wsp-lab.github.io/papers/shin-yopo-acsac24.pdf
      code: https://github.com/WSP-LAB/YOPO
      booktitle: "40th Annual Computer Security Applications Conference (ACSAC 2024)"
    - title: "Targeted Model Inversion: Distilling Style Encoded in Predictions"
      authors: Hoyong Jeong, Kiwon Chung, Sung Ju Hwang, and Sooel Son
      link: https://wsp-lab.github.io/papers/jeong-tmi-cose24.pdf
      published: true
      booktitle: "Elsevier Computers & Security (Journal COSE 2024)"
  - year: 2023
    list:
    - title: "Effective Targeted Attacks for Adversarial Self-Supervised Learning"
      authors: Minseon Kim, Hyeonjeong Ha, Sooel Son, and Sung Ju Hwang
      link: https://openreview.net/pdf?id=2f0dlMZlNb
      published: true
      toptier_cs: true
      booktitle: "37th Annual Conference on Neural Information Processing Systems (NeurIPS 2023)"
    - title: "AdCPG: Classifying JavaScript Code Property Graphs with Explanations for Ad and Tracker Blocking"
      authors: Changmin Lee and Sooel Son
      link: https://wsp-lab.github.io/papers/lee-adcpg-ccs23.pdf
      code: https://github.com/WSP-LAB/AdCPG
      published: true
      toptier_security: true
      booktitle: "30th ACM Conference on Computer and Communications Security (CCS 2023)"
    - title: "Margin-based Neural Network Watermarking"
      authors: Byungjoo Kim, Suyoung Lee, Seanie Lee, Sooel Son, and Sung Ju Hwang
      link: https://proceedings.mlr.press/v202/kim23o/kim23o.pdf
      published: true
      toptier_cs: true
      booktitle: "40th International Conference on Machine Learning (ICML 2023)"
    - title: "RICC: Robust Collective Classification of Sybil Accounts"
      authors: Dongwon Shin, Suyoung Lee (co-leading author), and Sooel Son
      link: https://wsp-lab.github.io/papers/shin-ricc-www23.pdf
      code: https://github.com/WSP-LAB/RICC
      published: true
      toptier_cs: true
      booktitle: "The Web Conference 2023: Security, Privacy, and Trust Research Track (WWW 2023)"
    - title: "DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement through Differential Testing"
      link: https://wsp-lab.github.io/papers/wi-diffcsp-ndss23.pdf
      code: https://github.com/WSP-LAB/DiffCSP
      authors: Seongil Wi, Trung Tin Nguyen, Jihwan Kim, Ben Stock, and Sooel Son
      published: true
      toptier_security: true
      booktitle: "30th Network & Distributed System Security Symposium (NDSS 2023)"
  - year: 2022
    list:
    - title: "Learning to Generate Inversion-Resistant Model Explanations"
      authors: Hoyong Jeong, Suyoung Lee, Sung Ju Hwang, and Sooel Son
      link: https://wsp-lab.github.io/papers/jeong_neurips22.pdf
      code: https://github.com/WSP-LAB/GNIME
      published: true
      toptier_cs: true
      booktitle: "36th Annual Conference on Neural Information Processing Systems (NeurIPS 2022)"
    - title: "Evaluating the Robustness of Trigger Set-Based Watermarks Embedded in Deep Neural Networks"
      authors: Suyoung Lee, Wonho Song, Suman Jana, Meeyoung Cha, and Sooel Son
      link: https://wsp-lab.github.io/papers/lee-tdsc22.pdf
      published: true
      toptier_cs: false
      booktitle: "IEEE Transactions on Dependable and Secure Computing (Journal TDSC 2022)"
    - title: "Revisiting Binary Code Similarity Analysis using Interpretable Feature Engineering and Lessons Learned"
      authors: Dongkwan Kim, Eunsoo Kim, Sang Kil Cha, Sooel Son, and Yongdae Kim
      link: https://wsp-lab.github.io/papers/kim-tse22.pdf
      published: true
      toptier_cs: false
      booktitle: "IEEE Transactions on Software Engineering (Journal TSE 2022)"
    - title: "HearMeOut: Detecting Voice Phishing Activities in Android"
      authors: Joongyum Kim, Jihwan Kim, Seongil Wi, Yongdae Kim, and Sooel Son
      link: https://wsp-lab.github.io/papers/kim-hearmeout-mobisys22.pdf
      code: https://github.com/WSP-LAB/hearmeout
      published: true
      toptier_cs: true
      booktitle: "20th ACM International Conference on Mobile Systems, Applications, and Services 2022 (MobiSys 2022)"
    - title: "FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities"
      link: https://wsp-lab.github.io/papers/park-fugio-sec22.pdf
      code: https://github.com/WSP-LAB/FUGIO
      authors: Sunnyeo Park, Daejun Kim (co-leading author), Suman Jana, and Sooel Son
      published: true
      toptier_security: true
      code: https://github.com/WSP-LAB/FUGIO
      booktitle: 22nd USENIX Security Symposium (USENIX Security 2022)
    - title: "Watching the Watchers: Practical Video Identification Attack in LTE Networks"
      link: https://wsp-lab.github.io/papers/bae-watchers-sec22.pdf
      authors: Sangwook Bae, Mincheol Son, Dongkwan Kim, CheolJun Park, Jiho Lee, Sooel Son, and Yongdae Kim
      published: true
      toptier_security: true
      booktitle: 22nd USENIX Security Symposium (USENIX Security 2022)
    - title: "HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs"
      link: https://wsp-lab.github.io/papers/wi-hiddencpg-www22.pdf
      code: https://github.com/WSP-LAB/HiddenCPG
      authors: Seongil Wi, Sijae Woo, Joyce Whang, and Sooel Son
      published: true
      toptier_cs: true
      booktitle: "The Web Conference 2022: Security, Privacy, and Trust Research Track (WWW 2022)"
    - title: "Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning"
      link: https://wsp-lab.github.io/papers/lee-link-www22.pdf
      code: https://github.com/WSP-LAB/Link
      authors: Soyoung Lee, Seongil Wi, and Sooel Son
      published: true
      toptier_cs: true
      booktitle: "The Web Conference 2022: Security, Privacy, and Trust Research Track (WWW 2022)"
  - year: 2021
    list:
    - title: "AdCube: WebVR Ad Fraud and Practical Confinement of Third-Party Ads"
      link: https://wsp-lab.github.io/papers/lee-adcube-sec21.pdf
      authors: Hyunjoo Lee, Jiyeon Lee (co-leading author), Daejun Kim, Suman Jana, Insik Shin, and Sooel Son
      published: true
      toptier_security: true
      code: https://github.com/WSP-LAB/AdCube
      booktitle: 21st USENIX Security Symposium (USENIX Security 2021)
    - title: "Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem"
      link: https://wsp-lab.github.io/papers/kim-asiaccs21.pdf
      authors: Doowon Kim, Haehyun Cho, Yonghwi Kwon, Adam Oest, Adam Doupe, Sooel Son, Gail-Joon Ahn, and Tudor Dumitras
      published: true
      booktitle: 16th ACM ASIA Conference on Computer and Communications Security (ASIACCS 2021)
    - title: "The Abuser Inside Apps: Finding the Culprit Committing Mobile Ad Fraud"
      link: https://wsp-lab.github.io/papers/kim-fraud_detective-ndss21.pdf
      authors: Joongyum Kim, Junghwan Park (co-leading author), and Sooel Son
      toptier_security: true
      published: true
      booktitle: 28th Network & Distributed System Security Symposium (NDSS 2021)
  - year: 2020
    list:
    - title: "Lumos: Improving Smart Home IoT Visibility and Interoperability Through Analyzing Mobile Apps"
      link: https://wsp-lab.github.io/papers/kim-lumos-icnp20.pdf
      authors: Jeongmin Kim, Steven Y. Ko, Sooel Son, and Dongsu Han
      published: true
      booktitle: 28th IEEE International Conference on Network Protocols (ICNP 2020)
    - title: "Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer"
      link: https://wsp-lab.github.io/papers/lee-montage-sec20.pdf
      authors: Suyoung Lee, HyungSeok Han, Sang Kil Cha, and Sooel Son
      toptier_security: true
      published: true
      booktitle: 20th USENIX Security Symposium (USENIX Security 2020)
      code: https://github.com/WSP-LAB/Montage
    - title: "FUSE: Finding File Upload Bugs via Penetration Testing"
      link: https://wsp-lab.github.io/papers/lee-fuse-ndss20.pdf
      authors: Taekjin Lee, Seongil Wi (co-leading author), Suyoung Lee, and Sooel Son
      toptier_security: true
      published: true
      booktitle: 27th Network & Distributed System Security Symposium (NDSS 2020)
      code: https://github.com/WSP-LAB/FUSE
  - year: 2019
    list:
    - title: Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO
      link: https://wsp-lab.github.io/papers/lee-eos-woot19.pdf
      authors: Sangsup Lee, Daejun Kim (co-leading author), Dongkwan Kim, Sooel Son, and Yongdae Kim
      published: true
      booktitle: 13th USENIX Workshop on Offensive Technologies (WOOT 2019)
    - title: An Empirical Study of Prioritizing JavaScript Engine Crashes via Machine Learning
      link: https://wsp-lab.github.io/papers/park-crscope-asiaccs19.pdf
      authors: Sunnyeo Park, Dohyeok Kim, and Sooel Son
      published: true
      booktitle: 14th ACM ASIA Conference on Computer and Communications Security (ASIACCS 2019)
      code: https://github.com/WSP-LAB/CRScope
    - title: "Doppelgängers on the Dark Web: A Large-scale Assessment on Phishing Hidden Web Services"
      link: https://wsp-lab.github.io/papers/yoon-www19.pdf
      authors: Changhoon Yoon, Kwanwoo Kim, Yongdae Kim, Seungwon Shin, and Sooel Son
      toptier_cs: true
      published: true
      booktitle: "The Web Conference 2019: Security, Privacy, and Trust Research Track (WWW 2019)"
    - title: "Hidden Figures: Comparative Latency Analysis of Cellular Networks with Fine-grained State Machine Models"
      link: https://wsp-lab.github.io/papers/bae-hiddenfigure-hotmobile19.pdf
      authors: Sangwook Bae, Mincheol Son, Sooel Son, and Yongdae Kim
      booktitle: 20th International Workshop on Mobile Computing Systems and Applications (HOTMOBILE 2019)
      published: true
    - title: "Cybercriminal Minds: An Investigative Study of Cryptocurrency Abuses in the Dark Web"
      link: https://wsp-lab.github.io/papers/lee-mfscope-ndss19.pdf
      authors: Seunghyeon Lee, Changhoon Yoon, Heedo Kang, Yeonkeun Kim, Yongdae Kim, Dongsu Han, Sooel Son, and Seungwon Shin
      toptier_security: true
      published: true
      booktitle: 26th Network & Distributed System Security Symposium (NDSS 2019)
  - year: 2018
    list:
    - title: "Pride and Prejudice in Progressive Web Apps: Abusing Native App-like Features in Web Applications"
      link: https://wsp-lab.github.io/papers/son-ppp-ccs18.pdf
      authors: Jiyeon Lee, Hayeon Kim, Junghwan Park, Insik Shin, and Sooel Son
      published: true
      toptier_security: true
      booktitle: 25th ACM Conference on Computer and Communications Security (CCS 2018)
      code: https://github.com/spostman/ppp-ccs2018
      comments:
        - "There is an error in our paper in the proceedings: Safari 11.1 is NOT vulnerable to the history sniffing attack via cache."
  - year: "~ 2017"
    list:
    - title: What Mobile Ads Know About Mobile Users
      link: https://www.cs.cornell.edu/~shmat/shmat_ndss16.pdf
      authors: Sooel Son, Daehyeok Kim, and Vitaly Shmatikov
      published: true
      toptier_security: true
      booktitle: 23rd Network & Distributed System Security Symposium (NDSS 2016)
      media: https://www.mediapost.com/publications/article/265783/mobile-ads-can-infer-users-medication-dating-pre.html
    - title: "Toward better server-side Web security"
      link: https://repositories.lib.utexas.edu/handle/2152/24821
      authors: Sooel Son
      published: true
      booktitle: UTCS Dissertation (2014)
    - title: "Diglossia: Detecting Code Injection Attacks with Precision and Efficiency"
      link: http://www.cs.utexas.edu/~shmat/shmat_ccs13.pdf
      authors: Sooel Son, Kathryn S McKinley, and Vitaly Shmatikov
      toptier_security: true
      published: true
      booktitle: 20th ACM Conference on Computer and Communications Security (CCS 2013)
    - title: Model Checking Invariant Security Properties in OpenFlow
      link: http://www.csl.sri.com/users/vinod/papers/flover.pdf
      authors: Sooel Son, Seungwon Shin, Vinod Yegneswaran, Phil Porras, and Guofei Gu
      published: true
      booktitle: IEEE International Conference on Communications (ICC 2013)
    - title: "The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites"
      link: http://www.cs.utexas.edu/~shmat/shmat_ndss13postman.pdf
      authors: Sooel Son and Vitaly Shmatikov
      published: true
      toptier_security: true
      booktitle: 20th Network & Distributed System Security Symposium (NDSS 2013)
      comments: <b>Best student paper award</b>
    - title: "Fix Me Up: Repairing Access-Control Bugs in Web Applications"
      link: http://www.cs.utexas.edu/~shmat/shmat_ndss13fixmeup.pdf
      authors: Sooel Son, Kathryn S McKinley, and Vitaly Shmatikov
      toptier_security: true
      published: true
      booktitle: 20th Network & Distributed System Security Symposium (NDSS 2013)
    - title: "RoleCast: Finding Missing Security Checks When You Do Not Know What Checks Are"
      link: http://www.cs.utexas.edu/~shmat/shmat_oopsla11.pdf
      authors: Sooel Son, Kathryn S McKinley, and Vitaly Shmatikov
      toptier_cs: true
      published: true
      booktitle: ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2011)
    - title: "SAFERPHP: Finding Semantic Vulnerabilities in PHP Applications"
      link: http://www.cs.utexas.edu/~shmat/shmat_plas11.pdf
      authors: Sooel Son and Vitaly Shmatikov
      published: true
      booktitle: ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security at PLDI 2011 (PLAS 2011)
    - title: "The Hitckhiker's Guide to DNS Cache Poisoning"
      link: http://www.cs.utexas.edu/~samuel/paper/dns-securecomm2010.pdf
      authors: Sooel Son and Vitaly Shmatikov
      published: true
      booktitle: 6th International ICST Conference on Security and Privacy in Communication Networks (SecureCOMM 2010)

teaching:
  - name: Web Security Attack Laboratory
    code: CS447
    link:
    semesters:
      - name: 2023 Spring
        link: https://spostman.github.io/cs447
      - name: 2022 Spring
        link: https://spostman.github.io/cs492-spring2022
      - name: 2021 Fall
        link: https://spostman.github.io/cs492-fall2021
  - name: Data Structure
    code: CS206
    link:
    semesters:
      - name: 2021 Spring
        link: https://spostman.github.io/cs206c
      - name: 2020 Fall
        link: https://spostman.github.io/cs206c-fall2020
  - name: Machine Learning Application Trends in Information Security
    code: IS593
    link:
    semesters:
      - name: 2023 Spring
        link: https://spostman.github.io/is593a
      - name: 2020 Fall
        link: https://spostman.github.io/is593a-fall2020
      - name: 2019 Fall (CS492)
        link: https://spostman.github.io/cs492-fall2019
      - name: 2018 Fall
        link: https://docs.google.com/document/d/1oRNC_twHU3eEsNxfN-EyKpqWlSH_MaWfzF5Zuo1VRkg
  - name: Web Service Security and Privacy
    code: IS542
    link:
    semesters:
      - name: 2022 Fall
        link: https://spostman.github.io/is542
      - name: 2021 Spring
        link: https://spostman.github.io/is542-spring2021
      - name: 2020 Spring
        link: https://spostman.github.io/is542-spring2020
      - name: 2019 Spring
        link: https://docs.google.com/document/u/1/d/e/2PACX-1vQM71g1RWcrXYfdEzBvGGEY3jbBcUDOTdG3Y3e9f0s2_wRPXJbtc0ydO3bZ2pdTBrtB1Y87jB4ahJdL/pub
      - name: 2018 Spring
        link:
      - name: 2017 Fall
        link:

sass:
  style: :expanded

gems:
  - jekyll-sitemap # Create a sitemap using the official Jekyll sitemap gem
  - jekyll-feed # Create an Atom feed using the official Jekyll feed gem

# Exclude these files from your production _site
exclude:
  - Gemfile
  - Gemfile.lock
  - LICENSE
  - README.md
  - CNAME