Biography

Paul (Kyungwhoon) Cheun, is Corporate President & Chief Technology Officer (CTO) of Device eXperience (DX) Division and Head of Samsung Research at Samsung Electronics. As CTO, Paul is driving the company’s technological innovations and strategy to align them with Samsung’s corporate goals. He also heads up Samsung Research, the advanced Research & Development hub of the DX Division at Samsung Electronics.

Under his leadership, Samsung Research leads the development of future technologies and identifies new growth opportunities for the company through efforts spanning 15 R&D centers and 7 AI centers located globally. Samsung Research's main focus is Artificial Intelligence, next generation communications, robot, security & privacy etc., and is constantly expanding its research areas to new fields to provide better and meaningful experiences to our valued customers.

Biography

WooChul Shim is a corporate VP at Samsung Research. He leads the Security Assurance Lab. His main goal is to eliminate vulnerabilities in Samsung products by implementing a robust security governance framework encompassing policies, processes, and systems. Together with the penetration testing team and the automated vulnerability discovery research team, he has focused on developing automated methods to detect vulnerabilities within the Continuous Integration pipeline.

Biography

Yong Ho Hwang is a Coporate VP at Samsung Electronics, and leads the security & privacy team at Samsung Research. His team plays a crucial role in delivering innovative security solutions by conducting advanced researches on exploring cyber-attack techniques and developing protective measures. The primary goal of these research efforts is to enhance the security level of Samsung products, and address users’ privacy concerns. He received Ph.D. from POSTECH EEE, and worked in SPAR Lab/Computer Science at the Johns Hopkins University as a post-doctoral researcher.

Hack for Security: How hacking drives security innovation

In today's connected world, cybersecurity has emerged as a paramount concern. Traditional security measures, however, often fall short in protecting users against quickly evolving cyber threats and vulnerabilities. To timely protect users against evolving threats, a fascinating paradoxical approach, "Hack for Security," can be employed as a catalyst to drive innovative security solutions.

In this talk, we present the concept of "Hack for Security," and explain how it can be applied as a positive measure to improve security. To most people “hacking” is considered a cybercrime conducted with malicious intent. Our talk focuses on shifting this paradigm, and proposing various ways in which hacking principles can be applied in a more positive manner to help enhance security. Based on real-world examples and case studies, we will demonstrate how ethical hackers can proactively identify vulnerabilities, fortify defenses, and mitigate potential risks before malicious attackers exploit them.

Moreover, this talk emphasizes the importance of being adequately equipped with a hacker mindset, and building this culture within cybersecurity teams. By fostering a culture of curiosity, continuous learning, and adaptability, security professionals can try to stay one step ahead and timely develop mitigation strategies to protect digital assets.

We will explain how the key notions and practices from the “Hack for Security” approach would help drive innovative solutions, and make our digital world a safer place.

Biography

Kang Geun Shin (신강근) is the Kevin and Nancy O'Connor Professor of Computer Science and Founding Director of the Real-Time Computing Laboratory in the Department of Electrical Engineering and Computer Science, The University of Michigan, Ann Arbor, Michigan. At Michigan, he has supervised the completion of 91 PhDs and also chaired the Computer Science and Engineering Division at Michigan for three years starting 1991. From 1978 to 1982 he was on the faculty of Rensselaer Polytechnic Institute, Troy, New York. He received the B.S. degree in Electronics Engineering from Seoul National University, Seoul, Korea in 1970, and both the M.S. and Ph.D. degrees in Electrical Engineering from Cornell University, Ithaca, New York in 1976 and 1978, respectively.

Detection and Resolution of Control Decision Anomalies

Component faults, bugs, and malicious attacks can all degrade in, or even prevent semi-autonomous systems (SASs) from, correctly capturing their operation context, which is essential to support critical safety features like emergency braking in an autonomous car. While safety features in modern SASs usually rely on static assignment of control priority, such a design may lead to catastrophic accidents when accompanied with erroneous/compromised control and context estimation.

To mitigate the grave danger of SASs' use of incorrect data for making control decisions and learn from the incidents/crashes of Boeing 737 MAX, we propose CADCA, a novel control decision-maker for SASs, that is designed to operate under sensor/data errors or falsifications as well as malicious/erroneous control inputs with the ultimate goal of resolving conflicting control inputs to ensure safety. Our extensive evaluation (of more than 15,700 test-cases) has shown CADCA to achieve a 98% success rate in preventing the execution of incorrect control decisions caused by component failures and/or malicious attacks in the most common scenarios.

This talk will detail the motivation, design and evaluation of CADCA with semi-autonomous vehicles as a representative SAS.

This is joint work with Daniel Chen and Noah Curran.

Biography

Insu Yun is an assistant professor at KAIST, currently leading Hacking Lab. He is interested in system security in general, especially, binary analysis, automatic vulnerability detection, and automatic exploit generation. His work has been published to the major computer conferences such as IEEE Security & Privacy, USENIX Security, and USENIX OSDI. Particularly, his research won the best paper award from USENIX Security and OSDI in 2018. In addition to research, he has been participating in several hacking competitions as a hacking expert. In particular, he won Pwn2Own 2020 by compromising Apple Safari and won DEFCON CTF in 2015 and 2018, which is the world hacking competition.Prior to joining KAIST, he received his Ph.D. degree in Computer Science from Georgia Tech in 2020.

Academic research from offensive research

Offensive research is different from academic research. Offensive research is target-specific, practical, and empirical. It differs from the generalized, theoretical, and systematic approach pursued by academic research. Nevertheless, offensive research is extremely beneficial to academic research.

This talk will share my experiences developing research topics from offensive research. In particular, in this talk, I will present my research works inspired by hacking, including ArcHeap and HardsHeap. ArcHeap is a tool that automatically discovers heap exploit techniques. HardsHeap extends ArcHeap to evaluate secure allocators, which were challenging to handle in ArcHeap. I will conclude this talk with other research opportunities from offensive research.

Biography

Jun Han is an Assistant Professor at Yonsei University with an appointment in the School of Electrical and Electronic Engineering. He founded and directs the Cyber-Physical Systems and Security (CyPhy) Lab at Yonsei. Prior to joining Yonsei, he was at the National University of Singapore with an appointment in the Department of Computer Science, School of Computing. His research interests lie at the intersection of sensing and mobile computing systems and security and focus on utilizing contextual information for security applications in the Internet-of-Things and Cyber-Physical Systems. He publishes at top-tier venues across various research communities spanning mobile computing, sensing systems, and security (including MobiSys, MobiCom, SenSys, Ubicomp, IPSN, S&P/Oakland, CCS, and Usenix Security). He received multiple awards including Google Research Scholar Award. He received his Ph.D. from the Electrical and Computer Engineering Department at Carnegie Mellon University as a member of the Mobile, Embedded, and Wireless (MEWS) Group. He received his M.S. and B.S. degrees in Electrical and Computer Engineering also at Carnegie Mellon University. Jun also worked as a software engineer at Samsung Electronics.

Sensing the Future: Unveiling the Benefits and Risks of Sensing in Cyber-Physical Security

With the emergence of the Internet-of-Things (IoT) and Cyber-Physical Systems (CPS), we are witnessing a wealth of exciting applications that enable computational devices to interact with the physical world via an overwhelming number of sensors and actuators. However, such interactions pose new challenges to traditional approaches to security and privacy. In this talk, I will present how I utilize sensor data to provide security and privacy protections for IoT/CPS scenarios, and further introduce novel security threats arising from similar sensor data. Specifically, I will highlight some of our recent projects that leverage sensor data for attack and defense in various IoT settings. I will also introduce my future research directions such as identifying and defending against unforeseen security challenges from newer domains including smart homes, buildings, and vehicles.

Biography

Beomseok Oh is a master student at System Security Lab in KAIST. His research interest is cellular security, especially the security of layer 3 in LTE and 5G. He has published three papers at USENIX security, NDSS symposium, and WiSec. He holds an undergraduate degree in Mathematics and Electrical Engineering from KAIST.

Tackling SIM Box Fraud through Device Model Fingerprinting

Voice phishing is a well-known telecommunication fraud in Korea, which caused 1.7 trillion wons of financial damage to individuals over the last five years. Fraudsters utilize a device called SIM Box to convert internet calls to cellular calls and vice versa, allowing them to target certain nations while overseas. Several researchers have proposed schemes to detect SIM-boxed calls, but they can only be applied after the calls are made.

In this talk, I will introduce my recent research on fingerprinting SIM boxes in cellular networks, which can eventually “prevent” unauthorized SIM boxes connecting to the networks. The core idea of this work is leveraging the differences in network capabilities among different cellular device models, which can be gathered without any change on the network side. We conducted experiments with 100 cellular devices to demonstrate the feasibility of our device model fingerprinting technique. We are also collaborating with a major MNO to verify the feasibility of the technique and explore possibilities for the deployment.

Biography

I am a Ph.D student at Seoul National University (SNU), advised by Byoungyoung Lee in Compsed lab. My primary research areas are hardware fuzzing and cloud computing. Especially, I have worked on implementing RTL fuzzer to find bugs in RISC-V CPU designs. Currently, I am working on secure cloud computing technology, so called confidential computing (e.g., Intel SGX, and AMD SEV). To be specific, I am working on re-designing current big-data, and machine learning platform to protect data while preserving efficiency.

SpecDoctor: Differential Fuzz Testing to Find Transient Execution Vulnerabilities

Transient execution vulnerabilities have critical security impacts to software systems since those break the fundamental security assumptions guaranteed by the CPU. Detecting these critical vulnerabilities in the RTL development stage is particularly important, as it offers a chance to fix the vulnerability early before reaching the chip manufacturing stage.

This paper proposes SpecDoctor, an automated RTL fuzzer to discover transient execution vulnerabilities in the CPU. To be specific, SpecDoctor designs a fuzzing template, allowing it to test all different scenarios of transient execution vulnerabilities (e.g., Meltdown, Spectre, ForeShadow, etc.) with a single template. Then SpecDoctor performs a multi-phased fuzzing, where each phase is dedicated to solve an individual vulnerability constraint in the RTL context, thereby effectively finding the vulnerabilities.

We implemented and evaluated SpecDoctor on two out-of-order RISC-V CPUs, Boom and NutShell-Argo. During the evaluation, SpecDoctor found transient-execution vulnerabilities which share the similar attack vectors as the previous works. Furthermore, SpecDoctor found two interesting variants which abuse unique attack vectors: Boombard, and Birgus. Boombard exploits an unknown implementation bug in RISC-V Boom, exacerbating it into a critical transient execution vulnerability. Birgus launches a Spectre-type attack with a port contention side channel in NutShell CPU, which is constructed using a unique combination of instructions. We reported the vulnerabilities, and both are confirmed by the developers, illustrating the strong practical impact of SpecDoctor.

Enhanced Personal Information Management

PII (Personally Identifiable Information) and sensitive information have to be detected and de-identified in order for data to be utilized/analyzed securely. We introduce our solutions that accomplish this goal and explain how they are being applied to data in the current enterprise system.

Samsung Knox Matrix: Bringing Security to an Increasingly Connected World

The Knox Matrix is Samsung’s vision for a future in which connected devices protect each other. This is a comprehensive approach to security that will become increasingly essential as it connects with more devices in our lives. Many users around the world already own devices, from mobile devices and TVs to refrigerators and robot vacuum cleaners. The presence of more than 14 billion connected devices on the market shows the vastness of this landscape, which shows no signs of shrinking. Samsung knows that this increase in connectivity is likely to lead to more exploitation because there are possibilities that one damaged device will affect another within the same ecosystem. Traditional security infrastructures are designed to protect a single device and will not be able to keep up with these changes. The newly introduced Knox Matrix will solve this problem through a revolutionary concept that opens the way for multi-device security for mobile phones, TVs, and home appliances.