Computer and Communication Security Laboratory

Computer & Communication Security Laboratory (CCS Lab) was established in 2004 for the purpose of studying security problems and proper countermeasures. The members of CCS Lab are pursuing research on system security and network security. We take part in activities related to computer security and cooperate with professors and researchers inside and outside the country for research advances. We continue to publish the results of our researches and projects in the major international journals and conferences.

CCSLAB - Main

News

2022/04/22	CCSLAB got the excellence award for the IITP R&D project exchange meeting
CCSLAB got the excellence award for the IITP R&D project exchange meeting with the "Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security" project. Picture
2021/09/08	Seunghoon's paper, V0Finder (SECURITY 2021), is introduced as news articles in Boan News and Professor Newspaper.
The articles introduce the research results of V0Finder, which discovers the Vulnerability Zero (VZ, the software where a vulnerability first originated) of software vulnerabilities, and the importance of discovering VZs in the perspective of prompt vulnerability detection and patching process. (https://www.boannews.com/media/view.asp?idx=100545, and http://www.kyosu.net/news/articleView.html?idxno=76034)
2021/02/19	Seunghoon's paper, CENTRIS (ICSE 2021), is introduced as a news article in The Daily Swig.
The article introduces the research results of CENTRIS, which identifies modified OSS components accounting for 95% real-world popular OSS ecosystem, and its significance in terms of security and the software supply chain management. (https://portswigger.net/daily-swig/centris-new-tool-helps-prevent-software-supply-chain-attacks-by-flagging-modified-open-source-components)
2020/09/25	It has been published as a special feature article in the 2020 issue of 'Engineering Journal' on the theme of 'Going to Korea University Blockchain Research Institute'.
Pre-checking and preventing security vulnerabilities caused by open source code reuse in the block chain has been introduced. Picture
2020/07/13	MBC news regarding the safety problem by the security vulnerabilities is reported at July 13, 2020.
One message can stop a fast moving scooter remotely which can be fatal to the user. The news story is based on the analysis by CCS lab members. (https://imnews.imbc.com/replay/2020/nwdesk/article/5841148_32524.html) (Video with English subtitles: https://youtu.be/H23Ezt5QGq4")
2018/09/14	CCSLAB got the 1st prize for UDC2018 contest.
CCSLAB got the first prize for the UDC2018 contest with SmartWall, the firewall system for the smart contract. Picture

More News.......

Registered CVEs

2021/08/04	CVE-2021-37232	Choongin Lee, Taewoo Kim
2021/08/04	CVE-2021-37231	Choongin Lee, Taewoo Kim
2022/01/07	CVE-2020-10137	Nkuba Kayembe Carlos
2022/01/07	CVE-2020-9061	Nkuba Kayembe Carlos
2022/01/07	CVE-2020-9060	Nkuba Kayembe Carlos
2022/01/07	CVE-2020-9059	Nkuba Kayembe Carlos
2022/01/07	CVE-2020-9058	Nkuba Kayembe Carlos
2022/01/07	CVE-2020-9057	Nkuba Kayembe Carlos
2020/12/25	CVE-2020-35376	Seunghoon Woo, Seongkyong Kwon
2020/12/25	CVE-2020-20412	Seunghoon Woo, Seongkyong Kwon
2020/06/15	CVE-2020-14147	Seunghoon Woo

Publication

2022/10/25	METHOD AND DEVICE FOR BUILDING VULNERABILITY DATABASE	Heejo Lee
2022/10/01	공급망 보안을 위한 오픈소스 소프트웨어 취약점 관리 기술, 정보보호학회	홍현지
2022/09/06	CIRCUIT: A JavaScript Memory Heap-Based Approach for Precisely Detecting Cryptojacking Websites, IEEE Access	Hyunji Hong
2022/09/01	오픈소스 SW 취약점 분석 및 탐지 기술 동향, OSIA S&TR	우승훈
2022/08/10	xVDB: A High-Coverage Approach for Constructing a Vulnerability Database, IEEE Access	Hyunji Hong
2022/08/10	MOVERY: A Precise Approach for Modified Vulnerable Code Clone Discovery from Modified Open-Source Software Components, USENIX Security Symposium	Seunghoon Woo
2022/06/27	L2Fuzz: Discovering Bluetooth L2CAP Vulnerabilities Using Stateful Fuzz Testing, Annual IEEE/IFIP Int'l Conf. on Dependable Systems and Networks (DSN)	Haram Park
2022/04/25	How to divide a permission token in the delegation process of blockchain-based access control for IoT, The 16th Annual IEEE Int'l Systems Conf. (SYSCON)	Jeonghwa Heo
2022/02/26	Improving SSH detection model using IPA time and WGAN-GP, Computers & Security	Junwon Lee
2021/12/27	Riding the IoT Wave With VFuzz: Discovering Security Flaws in Smart Homes, IEEE Access	Carlos Kayembe Nkuba
2021/12/06	Dicos: Discovering Insecure Code Snippets from Stack Overflow Posts by Leveraging User Discussions, Annual Computer Security Applications Conf. (ACSAC)	Hyunji Hong

More Publication...