Yonghwi Kwon, the University of Virginia

I am the John Knight Career Enhancement Assistant Professor in the Department of Computer Science at the University of Virginia. My research interests include software systems security (i.e., securing software to prevent cyberattacks), cyber forensics (i.e., recovering cyber forensic evidence from data/programs), and software engineering (software testing and reverse-engineering).

I have been honored with NSF CRII Award (2019), ACM SIGPLAN Distinguished Paper Award (2019), Maurice H. Halstead Memorial Award (2017), ASE Best Paper Award (2013), ACM SIGSOFT Distinguished Paper Award (2013), and Microsoft Most Valuable Professional Award (2008 ~ 2012).

CV (Resume)   Email: yongkwon /at/ virginia.edu, yongkwon.cs /at/ gmail.com
I am looking for students who are interested in software/systems security. If you are, please fill out this form.


2021/03: Spinner: Automated Dynamic Command Subsystem Perturbation accepted in CCS'21!
2021/02: Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem accepted in ASIACCS'21!
2021/01: TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet accepted in WWW'21!
2020/11: OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary accepted in S&P'21!
2020/09: C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis accepted in NDSS'21!
2020/05: Our UVa CCDC team won the National CCDC (NCCDC)!! (Three times in a row, or Three-peat!)
2019/10: Featured on UVa Today and Distinguished Paper Award!
1. UVa Today covered my research group and projects!
2. BDA (OOPSLA'19) wins the ACM SIGPLAN Distinguished Paper Award!
2019/09: 3 papers (one CCS, two S&P) accepted!
2019/08: 2 papers (ACSAC and OOPSLA) accepted!
2019/07: NSF Proposal Awarded: Data Provenance Infrastructure towards Robust and Reliable Data Sharing and Analytics. Thanks NSF for support!
2019/06: NSF Proposal Awarded: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse. Thanks NSF for support!
2019/04: Our UVa CCDC (Collegiate Cyber Defense Competition) team won the National CCDC (NCCDC)!!
2019/03: Won the MACCDC.
2019/02: NSF Proposal Awarded: Secure and Comprehensive Forensic Audit Infrastructure for Transparent Heterogeneous Computing. Thanks NSF for support!
Read more

Publications

Top Conferences in Security (S&P (Oakland) [25, 23, 22], ACM CCS [28, 21], NDSS [24, 13, 8, 2], USENIX Security), in Programming Language (ASPLOS [4, 3], OOPSLA [19, 7]), in Software Engineering (ICSE [18], FSE [6], ASE [11, 1], ISSTA [10]), in Web (WWW [26, 14, 9])
Selective Conferences: ACSAC [20, 17, 12], ASIACCS [27], USENIX ATC [16]


28. CCS'21 - Spinner: Automated Dynamic Command Subsystem Perturbation, In Proc. of 28th ACM Conference on Computer and Communications Security
Meng Wang, Chijung Jung, Ali Ahad, and Yonghwi Kwon
Paper | BibTex

27. ASIACCS'21 - Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem, In Proc. of 16th ACM ASIA Conference on Computer and Communications Security

26. WWW'21 - TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet, In Proc. of 30th The Web Conference
Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon
Paper | BibTex

25. S&P'21 - OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary, In Proc. of the 42nd IEEE Symposium on Security and Privacy
Zhuo Zhang, Yapeng Ye, Wei You, Guanhong Tao, Wen-chuan Lee, Yonghwi Kwon, Yousra Aafer, and Xiangyu Zhang
Paper | BibTex

24. NDSS'21 - C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis, In Proc. of the 28th Network and Distributed System Security Symposium

23. S&P'20 - TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks, In Proc. of the 41st IEEE Symposium on Security and Privacy
Ranjita Pai Kasturi, Yiting Sun, Ruian Duian, Omar Alrawi, Ehsan Asdar, Victor Zhu, Yonghwi Kwon, and Brendan Saltaformaggio
Paper | BibTex

22. S&P'20 - PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning, In Proc. of the 41st IEEE Symposium on Security and Privacy
Wei You, Zhuo Zhang, Yonghwi Kwon, Yousra Aafer, Fei Peng, Yu Shi, Carson Makena Harmon, and Xiangyu Zhang
Paper | BibTex

21. CCS'19 - MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis, In Proc. of the 26th ACM Conference on Computer and Communications Security
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Ali Razmjoo-Qalaei, Mohammad-Reza Zamiri-Gourabi, and Jack W. Davidson
Paper | Slides | Code | BibTex

20. ACSAC'19 - CUBISMO: Decloaking Server-side Malware via Cubist Program Analysis, In Proc. of the 35th Annual Conference on Computer Security Applications
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Mandana Bagheri-Marzijarani, and Jack W. Davidson
Paper | Slides | BibTex

19. OOPSLA'19 - BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation, In Proc. of the 2019 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications
Zhuo Zhang, Wei You, Guanhong Tao, Guannan Wei, Yonghwi Kwon, and Xiangyu Zhang
Paper | BibTex
ACM SIGPLAN Distinguished Paper Award

18. ICSE'19 - Probabilistic Disassembly, In Proc. of the 41st International Conference on Software Engineering
Kenneth Adam Miller, Yonghwi Kwon, Yi Sun, Zhuo Zhang, Xiangyu Zhang, and Zhiqiang Lin
Paper | Slides | BibTex

17. ACSAC'18 - Lprov: Practical Library-aware Provenance Tracing, In Proc. of the 34th Annual Conference on Computer Security Applications
Fei Wang, Yonghwi Kwon, Shiqing Ma, Xiangyu Zhang, and Dongyan Xu
Paper | BibTex

16. ATC'18 - Kernel-Supported Cost-Effective Audit Logging for Causality Tracking, In Proc. of the 2018 USENIX Annual Technical Conference
Shiqing Ma, Jun Zhai, Yonghwi Kwon, Kyu Hyung Lee, Xiangyu Zhang, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Dongyan Xu, and Somesh Jha
Paper | BibTex


15. Ph.D. Thesis - Combatting Advanced Persistent Threat via Causality Inference and Program Analysis
Yonghwi Kwon
Dissertation

14. WWW'18 - AdBudgetKiller: Online Advertising Budget Draining Attack, In Proc. of the 27th International World Wide Web Conference
I Luk Kim, Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, Weijie Meng, and Xiangyu Zhang
Paper | BibTex

13. NDSS'18 - MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation, In Proc. of the 25th Network and Distributed System Security Symposium
Yonghwi Kwon, Fei Wang, Weihang Wang, Kyu Hyung Lee, Wen-Chuan Lee, Shiqing Ma, Xiangyu Zhang, Dongyan Xu, Somesh Jha, Gabriela Ciocarlie, Ashish Gehani, and Vinod Yegneswaran
Paper | Slides | BibTex

12. ACSAC'17 - RevARM: A Platform-Agnostic ARM Binary Rewriter for Security Applications, In Proc. of the 33rd Annual Conference on Computer Security Applications
Taegyu Kim, Chung Hwan Kim, Hongjun Choi, Yonghwi Kwon, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu
Paper | BibTex

11. ASE'17 - PAD: Programming Third-party Web Advertisement Censorship, In Proc. of the 32nd IEEE/ACM International Conference on Automated Software Engineering
Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, I Luk Kim, Wen-Chuan Lee, Yingqi Liu, Weijie Meng, Xiangyu Zhang, Patrick Eugster
Paper | BibTex

10. ISSTA'17 - CPR: Cross Platform Binary Code Reuse via Platform Independent Trace Program, In Proc. of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis

9. WWW'17 - J-Force: Forced Execution on JavaScript, In Proc. of the 26th International World Wide Web Conference
Kyungtae Kim, I Luk Kim, Chung Hwan Kim, Yonghwi Kwon, Yunhui Zheng, Xiangyu Zhang, and Dongyan Xu
Paper | BibTex

8. NDSS'17 - A2C: Self Destructing Exploit Executions via Input Perturbation, In Proc. of the 24th Network and Distributed System Security Symposium

7. OOPSLA'16 - Apex: Automatic Programming Assignment Error Explanation, In Proc. of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications
Dohyeong Kim, Yonghwi Kwon, Peng Liu, I Luk Kim, David Mitchel Perry, Xiangyu Zhang, and Gustavo Rodriguez-Rivera
Paper | Website | BibTex

6. FSE'16 - WebRanz: Web Page Randomization For Better Advertisement Delivery and Web-Bot Prevention, In Proc. of the 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering

5. WOOT'16 - Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic, In Proc. of the 10th USENIX Workshop on Offensive Technologies
Brendan Saltaformaggio, Hongjun Choi, Kristen Johnson, Yonghwi Kwon, Qi Zhang, Xiangyu Zhang, Dongyan Xu, John Qian
Paper | BibTex

4. ASPLOS'16 - LDX: Causality Inference by Lightweight Dual Execution, In Proc. of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems

3. ASPLOS'15 - Dual Execution for On the Fly Fine Grained Execution Comparison, In Proc. of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems
Dohyeong Kim, Yonghwi Kwon, William N. Sumner, Xiangyu Zhang, and Dongyan Xu
Paper | BibTex

2. NDSS'15 - P2C: Understanding Output Data Files via On-the-Fly Transformation from Producer to Consumer Executions, In Proc. of the 22nd Network and Distributed System Security Symposium
Yonghwi Kwon, Fei Peng, Dohyeong Kim, Kyungtae Kim, Xiangyu Zhang, Dongyan Xu, Vinod Yegneswaran, and John Qian
Paper | Slides | BibTex

1. ASE'13 - PIEtrace: Platform Independent Executable Trace, In Proc. of the 28th IEEE/ACM International Conference on Automated Software Engineering
Yonghwi Kwon, Xiangyu Zhang, and Dongyan Xu
Paper | Slides | Website | BibTex
Best Paper Award, ACM SIGSOFT Distinguished Paper Award

Team

Graduate Students

1. Chijung Jung (UVA, PhD, Fall 2019~), focusing on Swarm Security, Software Security [CCS'21], Forensics
2. Meng Wang (UVA, PhD, Fall 2019~), focusing on Software Security [CCS'21]
3. Ali Ahad (UVA, PhD, Fall 2020~), focusing on Software Security [CCS'21], Forensics
4. Xin Liu (UVA, PhD, Fall 2020~), focusing on Software Security, Forensics


Undergraduate Students

1. Rajiv Sarvepalli (UVA) -- (Part of JUMP URI (Undergraduate Research Initiative) Program)
2. Haoxiang Zhang (UVA)


Alumni

Abbas Naderi (PhD, UVA), Advisor: Prof. Jack W. Davidson
Jiahao Cai (Master, UVA), now at Google
Jake Smith (Undergrad, UVA), Employment: Confidential


External Collaborators

In USA:
Georgia Institute of Technology (with Prof. Brendan Saltaformaggio)
University at Buffalo, SUNY (with Prof. Weihang Wang)
University of Georgia (with Prof. Kyu Hyung Lee)
University of Tennessee (with Prof. Doowon Kim)
University of Texas at Dallas (with Prof. Kangkook Jee, Prof. Wei Yang)
International Collaboration:
Korea Advanced Institute of Science and Technology (KAIST) (with Prof. Sooel Son)
Soongsil University (with Prof. Haehyun Cho‬)
Ulsan National Institute of Science and Technology (UNIST) (with Prof. ‪Yuseok Jeon‬)

Teaching/Services

Teaching

Cyber Forensics: Automated Software Approaches (Spring 2021/2020, Undergraduate/Graduate)
Software Security via Program Analysis (Fall 2019, Fall 2018, Graduate)
Operating Systems (Fall 2020, Spring 2019, Undergraduate)


Services

I have served for the following conferences.
Program Committee:
2021: ACSAC, ASIACCS, CODASPY, ESORICS, WISA
2020: ESORICS, ACSAC, ESORICS, OOPSLA (ERC), NDSS
2019: NDSS, ACSAC
2018: ACSAC

I have participated in organizing the following events.
Poster Co-chair: ACSAC'21
Communication Co-chair: 2019 KOCSEA Technical Symposium

I have served for the following panelist.
NSF (National Science Foundation) SBIR (Small Business Innovation Research) Panelist


Participation

I have been participating in several projects/activities including:
1. I am a faculty mentor of the UVa CCDC (Collegiate Cyber Defense Competition) Team.
      - May 24, 2020: Our UVa CCDC team won the national!! (Three times in a row, or Three-peat!)
      - April 25, 2019: We won the national!
      - March 30, 2019: We won the regional final!
2. I am actively supporting undergraduate research programs: JUMP URI (Undergraduate Research Initiative) Program

Miscellaneous

Great Reads

This is a list of general suggestions for reading/reviewing/writing academic papers.
1. Reviewing Research Papers Efficiently (by John Regehr, University of Utah)
2. How to Write a Security Paper (by Patrick McDaniel, Pennsylvania State University)

From the Advice for researchers and students compiled by Michael Ernst:
1. Writing a progress/status report
2. How to write a technical paper

There are some great and fun (and also educational) TED talks you can watch when you are bored:
1. Grit: the power of passion and perseverance (Grit is very important for being a good researcher)
2. Inside the mind of a master procrastinator (Let's not be a procrastinator)
3. How to speak so that people want to listen
4. This is what happens when you reply to spam email

There are some ways to systematically generate good ideas:
1. TRIZ is "theory of the resolution of invention-related tasks"


Technical Articles

I enjoy coding and writing technical articles. Here are some of my articles explaining details about coding, debugging, and reverse-engineering. I also wrote lots of technical articles in Microsoftware, a monthly managine for Korean developers. I authored a book which is a collection of those articles (revised) in the magazine.

1. Hooking the Real COM Objects: Intercepting IHTMLDocument3 Functions, Dec 2011
2. Phishing applications: Security threats regarding the SetParent function, Nov 2011