Heejo Lee
YOU?
Author Swipe
View article: CNEPS: A Precise Approach for Examining Dependencies among Third-Party C/C++ Open-Source Components
CNEPS: A Precise Approach for Examining Dependencies among Third-Party C/C++ Open-Source Components Open
The rise in open-source software (OSS) reuse has led to intricate dependencies among third-party components, increasing the demand for precise dependency analysis. However, owing to the presence of reused files that are difficult to identi…
View article: ZMAD: Lightweight Model-Based Anomaly Detection for the Structured Z-Wave Protocol
ZMAD: Lightweight Model-Based Anomaly Detection for the Structured Z-Wave Protocol Open
Smart home automation is part of the Internet of Things that enables house remote control via the use of smart devices, sensors, and actuators. Despite its convenience, vulnerabilities in smart home devices provide attackers with an opport…
View article: L2Fuzz: Discovering Bluetooth L2CAP Vulnerabilities Using Stateful Fuzz Testing
L2Fuzz: Discovering Bluetooth L2CAP Vulnerabilities Using Stateful Fuzz Testing Open
Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) is a wireless technology\nused in billions of devices. Recently, several Bluetooth fuzzing studies have\nbeen conducted to detect vulnerabilities in Bluetooth devices, but they fall\nshort o…
View article: Circuit: A JavaScript Memory Heap-Based Approach for Precisely Detecting Cryptojacking Websites
Circuit: A JavaScript Memory Heap-Based Approach for Precisely Detecting Cryptojacking Websites Open
Cryptojacking is often used by attackers as a means of gaining profits by exploiting users’ resources without their consent, despite the anticipated positive effect of browser-based cryptomining. Previous approaches have attempted to detec…
View article: xVDB: A High-Coverage Approach for Constructing a Vulnerability Database
xVDB: A High-Coverage Approach for Constructing a Vulnerability Database Open
Security patches play an important role in detecting and fixing one-day vulnerabilities. However, collecting abundant security patches from diverse data sources is not a simple task. This is because (1) each data source provides vulnerabil…
View article: Riding the IoT Wave With VFuzz: Discovering Security Flaws in Smart Homes
Riding the IoT Wave With VFuzz: Discovering Security Flaws in Smart Homes Open
Z-Wave smart home Internet of Things devices are used to save energy, increase comfort, and remotely monitor home activities. In the past, security researchers found Z-Wave device vulnerabilities through reverse engineering, manual audits,…
View article: Resilience Evaluation of Multi-Path Routing against Network Attacks and Failures
Resilience Evaluation of Multi-Path Routing against Network Attacks and Failures Open
The current state of security and availability of the Internet is far from being commensurate with its importance. The number and strength of DDoS attacks conducted at the network layer have been steadily increasing. However, the single pa…
View article: CENTRIS: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse
CENTRIS: A Precise and Scalable Approach for Identifying Modified Open-Source Software Reuse Open
Open-source software (OSS) is widely reused as it provides convenience and efficiency in software development. Despite evident benefits, unmanaged OSS components can introduce threats, such as vulnerability propagation and license violatio…
View article: UDP-Based Active Scan for IoT Security (UAIS)
UDP-Based Active Scan for IoT Security (UAIS) Open
Today, IoT devices are flooding, and traffic is increasing rapidly.The Internet of Things creates a variety of added value through connections between devices, while many devices are easily targeted by attackers due to security vulnerabili…
View article: Vehicle Speed Measurement Methodology Robust to Playback Speed-Manipulated Video File
Vehicle Speed Measurement Methodology Robust to Playback Speed-Manipulated Video File Open
Concomitant with the virtual ubiquity of dashcams in vehicles, the instantaneous speed of vehicles during accidents can now be measured using dashcam videos to understand the causes of such accidents. In this study, we estimated vehicle sp…
View article: VERISMART: A Highly Precise Safety Verifier for Ethereum Smart Contracts
VERISMART: A Highly Precise Safety Verifier for Ethereum Smart Contracts Open
We present VERISMART, a highly precise verifier for ensuring arithmetic safety of Ethereum smart contracts. Writing safe smart contracts without unintended behavior is critically important because smart contracts are immutable and even a s…
View article: Extraction of Creation-Time for Recovered Files on Windows FAT32 File System
Extraction of Creation-Time for Recovered Files on Windows FAT32 File System Open
In this article, we propose a creation order reconstruction method of deleted files for the FAT32 file system with Windows operating systems. Creation order of files is established using a correlation between storage locations of the files…
View article: VeriSmart: A Highly Precise Safety Verifier for Ethereum Smart Contracts
VeriSmart: A Highly Precise Safety Verifier for Ethereum Smart Contracts Open
We present VeriSmart, a highly precise verifier for ensuring arithmetic safety of Ethereum smart contracts. Writing safe smart contracts without unintended behavior is critically important because smart contracts are immutable and even a s…
View article: Packer Detection for Multi-Layer Executables Using Entropy Analysis
Packer Detection for Multi-Layer Executables Using Entropy Analysis Open
Packing algorithms are broadly used to avoid anti-malware systems, and the proportion of packed malware has been growing rapidly. However, just a few studies have been conducted on detection various types of packing algorithms in a systemi…
View article: Broken Integrity Detection of Video Files in Video Event Data Recorders
Broken Integrity Detection of Video Files in Video Event Data Recorders Open
As digital evidence has a highly influential role in proving the innocence of suspects, methods for integrity verification of such digital evidence have become essential in the digital forensic field.Most surveillance camera systems are no…
View article: SIGMATA: Storage Integrity Guaranteeing Mechanism against Tampering Attempts for Video Event Data Recorders
SIGMATA: Storage Integrity Guaranteeing Mechanism against Tampering Attempts for Video Event Data Recorders Open
The usage and market size of video event data recorders (VEDRs), also known as car black boxes, are rapidly increasing. Since VEDRs can provide more visual information about car accident situations than any other device that is currently u…
View article: Detecting Violations of Security Requirements for Vulnerability Discovery in Source Code
Detecting Violations of Security Requirements for Vulnerability Discovery in Source Code Open
Finding software vulnerabilities in source code before the program gets deployed is crucial to ensure the software quality. Existing source code auditing tools for vulnerability detection generate too many false positives, and only limited…
View article: Introduction to the Issue on Signal and Information Processing for Privacy
Introduction to the Issue on Signal and Information Processing for Privacy Open
The articles in this special section are designed to provide a venue for state-of-the-art research being doing in how signal and information processing is advancing the field of information privacy.
View article: Bootstrapping Real-world Deployment of Future Internet Architectures
Bootstrapping Real-world Deployment of Future Internet Architectures Open
The past decade has seen many proposals for future Internet architectures. Most of these proposals require substantial changes to the current networking infrastructure and end-user devices, resulting in a failure to move from theory to rea…
View article: Integrity Verification Scheme of Video Contents in Surveillance Cameras for Digital Forensic Investigations
Integrity Verification Scheme of Video Contents in Surveillance Cameras for Digital Forensic Investigations Open
For digital forensic investigations, the proposed scheme verifies the integrity of video contents in legacy surveillance camera systems with no built-in integrity protection. The scheme exploits video frames remaining in slack space of sto…