Biography

Paul (Kyungwhoon) Cheun, is Corporate President & Chief Technology Officer (CTO) of Device eXperience (DX) Division and Head of Samsung Research at Samsung Electronics. As CTO, Paul is driving the company’s technological innovations and strategy to align them with Samsung’s corporate goals. He also heads up Samsung Research, the advanced Research & Development hub of the DX Division at Samsung Electronics.

Under his leadership, Samsung Research leads the development of future technologies and identifies new growth opportunities for the company through efforts spanning R&D centers and AI centers around the world. Samsung Research's main focus is Artificial Intelligence, Device Innovation, Communications & Media, Platform, and is constantly expanding its research areas to new fields to provide better and meaningful experiences to our valued customers.

Biography

Taesoo Kim is a Vice President at Samsung Research and a Professor in the School of Cybersecurity and Privacy and the School of Computer Science at Georgia Tech. He also serves as the director of the Georgia Tech Systems Software and Security Center (GTS3). His research focuses on building systems with fundamental security principles, including robust system design, thorough implementation analysis, and clear separation of trusted components. Recently, he led Team Atlanta in the DARPA AIxCC competition, where teams built cyber reasoning systems capable of autonomously identifying and fixing bugs using large language models (LLMs). He has received numerous awards, including the NSF CAREER Award (2018), the Internet Defense Prize (2015), and several best paper awards, such as USENIX Security '18 and EuroSys '17. He holds a BS from KAIST (2009), an SM (2011), and a Ph.D. (2014) from MIT.

Challenges and Opportunities in Security in the GenAI era

In this talk, I will share my perspectives on the challenges and opportunities for creating a safer world in the emerging era of generative AIs, such as large language models (LLMs). I will discuss key research directions that the security community is currently pursuing and the common obstacles faced, illustrated through the recent DARPA competition, AIxCC. Collaborating between Samsung, Georgia Tech, KAIST, and POSTECH, we design and build a cyber reasoning system capable of autonomously identifying and repairing security vulnerabilities in large-scale, real-world open-source projects. I will highlight our approaches, competition results, and the potential applications of this cyber reasoning system to enhance the security of Samsung's products and services.

Biography

Brendan Dolan-Gavitt is an Associate Professor at the NYU Tandon School of Engineering. His research focuses on the intersection of AI and software security, examining both the security of software produced using AI assistants such as GitHub Copilot, and exploring how AI systems can be used to improve on traditional techniques in software security. He has received the NSF CAREER award, two R&D 100 Awards, and a distinguished paper award at IEEE S&P 2022. He is currently on leave from NYU, working at the startup XBOW to build AI agents for offensive security that can find and fix vulnerabilities in web applications before they can be exploited by attackers.

AI Agents for Offensive Security

The rise of AI systems that can capably use tools and take actions in digital or physical environments promises to drastically change many fields, and computer security is no exception. In this keynote, I will discuss recent advances that have allowed language models to become surprisingly capable at autonomously identifying and exploiting software vulnerabilities. Building from the insight that the weaknesses of language models (hallucinations, non-determinism) can be avoided—or even turned into strengths—when strong external verifiers are available, I will show how offensive security is uniquely positioned to benefit from advances in AI. Finally, I will discuss novel pitfalls, open questions, and possible risks from the emergence of highly capable offensive security agents.

Biography

Insu Yun is an assistant professor at KAIST, currently leading Hacking Lab. He is interested in system security in general, especially, binary analysis, automatic vulnerability detection, and automatic exploit generation. His work has been published to the major computer conferences such as IEEE Security & Privacy, USENIX Security, and USENIX OSDI. Particularly, his research won the best paper award from USENIX Security and OSDI in 2018. In addition to research, he has been participating in several hacking competitions as a hacking expert. In particular, he won Pwn2Own 2020 by compromising Apple Safari and won DEFCON CTF in 2015 and 2018, which is the world hacking competition. Prior to joining KAIST, he received his Ph.D. degree in Computer Science from Georgia Tech in 2020.

Make world safe through hacking

We aim for a safe world, yet we are still far from it. To make the world safe, we must know our enemies as the old saying goes. In this talk, I will share the recent trends in hacking activities and their economic nature, contributing to the significant polarization of today's attacks. I will also discuss various efforts (both educational and research) that our lab is currently undertaking to respond to the existing issues. Finally, I will briefly discuss the changes that AI will bring to the future of cybersecurity.

Biography

Sangdon Park is an assistant professor at POSTECH GSAI/CSE. His research interest focuses on designing trustworthy AI systems by understanding from theory to implementation and by considering practical applications in computer security, computer vision, robotics, cyber-physical systems, and natural language processing. He serves on the program committees of premium machine learning conferences, including NeurIPS, ICLR, and ICML. Prior to joining POSTECH, he was a postdoctoral researcher at the Georgia Institute of Technology, mentored by Taesoo Kim. He holds a Ph.D. in Computer and Information Science from the University of Pennsylvania in 2021, where he was advised by Insup Lee and Osbert Bastani.

Rethinking and Harnessing Trustworthiness of Generative AI for Security

We live in a surprising age of generative AI. Performant generative AI popularizes its applications for knowledge base, web search, personalized agents, arts, and even security. As a prominent security usage of generative AI, DARPA initiated a competition called AIxCC which urges for using generative AI for finding software bugs and generating security patches. But, the brighter the light, the darker the shadow. Generative AI has been criticized due to its hallucination effect, biased generation, and privacy concerns. In security perspective, the hallucination of generative AI negatively impacts its security applications, like generating wrong security patches. In this talk, I will share lessons learned from my efforts on building trustworthy AI, emphaizing on rethinking and harnessing hallucination effects.

Biography

Juhee Kim is a Ph.D. student at CompSec Lab, Seoul National University, advised by Byoungyoung Lee. Her research focuses on attacks and defenses against software systems, including operating systems and web browsers. Recent studies have centered on security techniques utilizing hardware features, such as ARM's Pointer Authentication Code (PAC) and Memory Tagging Extensions (MTE).

Bypassing ARM's Memory Tagging Extension with a Side-Channel Attack

ARM Memory Tagging Extension (MTE) is a new hardware extension introduced in ARMv8.5-A architecture designed to detect memory corruption. Compared to previous mitigation techniques such as DEP, ASLR, and CFI, MTE can detect the root cause of memory corruption attacks. For this reason, MTE is considered the most promising path forward for improving C/C++ software security by many security experts, since its first adoption with Pixel 8 in October 2023.

In this talk, we show that despite high hopes, MTE is not yet the silver bullet for eliminating memory corruption attacks. Specifically, we introduce new exploitation techniques that leak the MTE tags through speculative execution. We demonstrate that the MTE-based protection in Google Chrome and the Linux kernel can be bypassed.

Biography

I am a student in a Combined Master's and Doctorate program at UNIST(Ulsan National Institute of Science and Technology, South Korea) under the supervision of Prof. Hyngon Moon. My research area is system security, operating systems, and program analysis. I focus on conducting research that greatly interests academia and industry.

Efficient Use-After-Free Prevention with Opportunistic Page-Level Sweeping

Defeating use-after-free exploits presents a challeng- ing problem, one for which a universal solution remains elusive. Recent efforts towards efficient prevention of use-after-free exploits have found that delaying the reuse of freed memory can both be effective and efficient in many cases. Previous studies have proposed two primary approaches: one where reuse is postponed until the allocator can confidently ascertain the absence of any dangling pointers to the freed memory, and another that refrains from reusing a freed heap chunk until the program’s termination. We make an intriguing observation from our in-depth analysis of these two approaches and their reported performance impacts. When compared to the design that delays the reuse until the program terminates the strategy that delays the reuse just until no dangling pointer references the freed chunk suffers from a significant performance overhead for some workloads. The change in the reuse of each heap chunk affects the distribution of allocated chunks in the heap, and the performance of some benchmarks. This study proposes HUSHVAC, an allocator that performs delayed reuse in such a way that the distribution of heap chunks becomes more friendly to such workloads. An evaluation of HUSHVAC showed that the average performance overhead of HUSHVAC (4.7%) was lower than that of the state-of-the-art (11.4%) when running the SPEC CPU 2006 benchmark suite. Specifically, the overhead of HUSHVAC on the distribution-sensitive benchmark was about 35.2% while the prior work has an overhead of 110%.

Biography

Dongok Kim is a Master's student at KAIST Hacking Lab. He received his bachelor's degree at KAIST, School of Computing and Electrical Engineering. He is interested in general system security, including software security, binary exploitation and embedded system security.
Currently, he focuses on Linux kernel security, especially in kernel exploit automation and kernel vulnerability triage. He is also a competitive CTF player and often plays for team KAIST GoN and The Goose. He participated and was awarded on several global/local CTFs.

Biography

Haein Lee is a PhD student at KAIST Hacking Lab. He received his bachelor’s degree at KAIST, Electrical Engineering and School of Computing. He is interested in system security including software security, bug finding and exploit generation. Currently, he focuses on generating security patch using LLM with a fully automated manner.

From 1-day to Profit: A brand-new paradigm of exploit bounty program

The increasing value of 0-day vulnerabilities has led to a rise in the significance of 1-day exploits—exploitation of vulnerabilities that already have security patches. Despite the availability of patches, the "patch gap," or the time between the release of a patch and its application, makes 1-day attacks increasingly threatening.

To address this issue, vendors are shifting their focus from merely identifying vulnerabilities to preventing their exploitation. This shift has given rise to a new type of bounty programs that reward not only the vulnerabilities but also novel exploitation techniques. These programs differ from traditional bug bounty programs, which typically reward only 0-day vulnerabilities.

In this talk, we will share our experiences with two such exploit-oriented bounty programs: KernelCTF and V8CTF. We will begin by introducing each program, highlighting their focus, targets, and unique characteristics. Next, we will provide insights into crafting 1-day exploits for the Linux kernel and the V8 JavaScript engine, including a detailed timeline of vulnerability identification and exploitation. Finally, we will discuss the challenges in preventing 1-day exploits, explore various exploit mitigations, and reflect on the positive impact these bounty programs have on the security community.

Biography

Soyeon Park is a Security Researcher at Samsung Research America. She completed her Ph.D. in the School of Cybersecurity and Privacy and the School of Computer Science at the Georgia Institute of Technology, under the supervision of Prof. Taesoo Kim. Her research interests include software security, with a focus on automatic vulnerability detection in software, hardware-assisted memory hardening, and machine learning for security.

Program Synthesis for Fuzzing in Rust

Fuzzing has emerged as a practical method for discovering bugs in software testing. With the help of coverage feedback, fuzzing has been working well by providing random or semi-structured data to programs that take binary and slightly structured inputs in order to identify bugs. However, generating fuzzing harnesses for libraries is challenging because it requires a deep understanding of the libraries and the characteristics of the programming language in which they are written. Also, fuzzing programs that take heavily structured input, such as program code, necessitates program synthesis that takes programming language characteristics, like compilers, into account. In this talk, we will discuss two program synthesis efforts to test the Rust programming language. Rust is a community-driven programming language that emphasizes memory safety and performance. Libraries and compilers are essential components of Rust ecosystem, and testing them for correctness is crucial. To address this issue, we introduce an automated tool to generate fuzzing harnesses for Rust libraries without manual effort. Furthermore, we propose a Large Language Model (LLM)-assisted tool for synthesizing Rust program to test Rust compilers based on specification and examples. This tool leverages LLMs’ capabilities to generate comprehensive test cases targeting compiler misbehavior. As a result, we discovered 82 unique bugs in Rust libraries and a few unique crashes in Rust compilers.

Biography

Sunwoo Ahn is a security researcher at Samsung Research. He received the Ph.D. degree in electrical and computing engineering in 2023 from Seoul National University, Seoul, South Korea. His research interests include machine learning-based security and code representation learning.

Preventing Artificially Inflated SMS Attacks through Large-Scale Traffic Inspection

Artificially inflated traffic (AIT) attacks are projected to become a leading threat in 2024 for businesses that heavily rely on SMS-based user verification systems: attackers program bots to set up fake accounts, and use them to generate excessive volumes of artificial SMS verification request. Malicious telcos or SMS aggregators are suspects: hiring attackers to perform SMS traffic inflating attacks on their behalf, and making profit by billing service providers for the logged SMS traffic. Rule-based detectors have been deployed but they are inherently ineffective against tweaking attacks that incrementally change attack configurations to bypass the underlying detection logic. We developed an ML-based AIT attack detection system which exploits common AIT attack characteristics, and uses novel set of multi-level features to detect AIT attacks with about 84% recall rate, while maintaining false positive rates around 0.5%. We closely collaborated with Samsung Big Data Center to successfully deploy the first version of the proposed system in May 2024 on the Samsung Account authentication server.

Biography

Jinbum Park is a security researcher, working for Security and Privacy Team, Samsung Research. He is mainly working as a blue team member but has a huge interest in offensive techniques. His main research interests cover from system security to machine learning security. He currently spends most time on Islet project (github.com/islet-project), which aims to bring ARM CCA (a new confidential computing hardware primitive) into mobile devices.

Biography

Heeill is a Software Engineer at Samsung Research, working on Samsung Islet, open-source project written in Rust that enables ARM CCA. At Samsung Research, he worked on automated Rust fuzzing and various system security projects regarding Samsung products. Heeill's research interest includes Rust Programming Language, use case for on-device confidential computing and operating systems.

On-Device Confidential Computing: Updates on Our Activities and Future Potential

In this talk, we will give an update on our activities following the introduction of the research topic on on-device confidential computing at the SSTF event in 2022. We have made our work available to the public under the name 'Islet', an open-source project built upon the Arm CCA for confidential computing. Moreover, we have become members of the Confidential Computing Consortium (CCC), where we actively participate in its activities. Throughout this session, we will highlight the main features we are focused on with Islet and present the potential future where complete confidential computing is implemented across the entire data processing pipeline, from servers to user devices. Lastly, we will showcase exciting use case scenarios that we are currently exploring as proofs of concept (PoC), emphasizing their possible integration in AI and gaming domains.

Biography

Yong Ho Hwang is a Corporate VP at Samsung Electronics, and leads the security & privacy team at Samsung Research. His team plays a crucial role in delivering innovative security solutions by conducting advanced researches on exploring cyber-attack techniques and developing protective measures. The primary goal of these research efforts is to enhance the security level of Samsung products, and address users’ privacy concerns. He received Ph.D. from POSTECH EEE, and worked in SPAR Lab/Computer Science at the Johns Hopkins University as a post-doctoral researcher