Yonghwi Kwon, University of Virginia

I am the John Knight Career Enhancement Assistant Professor in the Department of Computer Science at the University of Virginia. My research interests include software systems security, cyber forensics, and software engineering. I have been honored with NSF CRII Award, ACM SIGPLAN Distinguished Paper Award, Maurice H. Halstead Memorial Award, ASE Best Paper Award, ACM SIGSOFT Distinguished Paper Award, and Microsoft Most Valuable Professional Award.

CV (Resume)   Email:
I am looking for motivated students. If you are interested in software/systems security, please fill out this form.


2021/09: Proposal Awarded by Cisco: Securing the IoT Infrastructure via Execution Diversification and Active Deception. Thanks Cisco Systems for support!
2021/08: 2 papers accepted (ASE'21 NIER and ACSAC'21)
1. Defeating Program Analysis Techniques via Ambiguous Translation (ASE'21 NIER)
2. Sofware Watermarking via a Binary Function Relocation (ACSAC'21)
2021/07: An Empirical Study of Bugs in WebAssembly Compilers accepted in ASE'21!
2021/05: Swarmbug: Debugging Configuration Bugs in Swarm Robotics accepted in FSE'21!
2021/03: Spinner: Automated Dynamic Command Subsystem Perturbation accepted in CCS'21!
2021/02: Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem accepted in ASIACCS'21!
2021/01: TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet accepted in WWW'21!
2020/11: OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary accepted in S&P'21!
2020/09: C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis accepted in NDSS'21!
2020/05: Our UVa CCDC team won the National CCDC (NCCDC)!! (Three times in a row, or Three-peat!)
2019/10: Featured on UVa Today and Distinguished Paper Award!
1. UVa Today covered my research group and projects!
2. BDA (OOPSLA'19) wins the ACM SIGPLAN Distinguished Paper Award!
2019/09: 3 papers (one CCS, two S&P) accepted!
2019/08: 2 papers (ACSAC and OOPSLA) accepted!
2019/07: NSF Proposal Awarded: Data Provenance Infrastructure towards Robust and Reliable Data Sharing and Analytics. Thanks NSF for support!
2019/06: NSF Proposal Awarded: Doctor WHO: Investigation and Prevention of Online Content Management System Abuse. Thanks NSF for support!
2019/04: Our UVa CCDC (Collegiate Cyber Defense Competition) team won the National CCDC (NCCDC)!!
2019/03: Won the MACCDC.
2019/02: NSF Proposal Awarded: Secure and Comprehensive Forensic Audit Infrastructure for Transparent Heterogeneous Computing. Thanks NSF for support!
Read more

Publications

Top Conferences in Security (S&P (Oakland) [22, 23, 25], CCS [21, 28], NDSS [2, 8, 13, 24]), in PL/System (ASPLOS [3, 4], OOPSLA [7, 19], ATC [16]), in Software Engineering (ICSE [18], FSE [6, 29], ASE [1, 11, 30], ISSTA [9]), in Web (WWW [9, 14, 26])   -   Selective Conferences: ACSAC [12, 17, 20, 33], ASIACCS [27]


33. ACSAC'21 - Sofware Watermarking via a Binary Function Relocation, In Proc. of 37th Annual Conference on Computer Security Applications - BibTex
Honggoo Kang, Yonghwi Kwon, Sangjin Lee, and Hyungjoon Koo

32. ASE'21 (NIER) - Defeating program analysis techniques via Ambiguous Translation, In Proc. of 36th IEEE/ACM International Conference on Automated Software Engineering (New Ideas and Emerging Results Track) - BibTex
Chijung Jung, Doowon Kim, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon

31. IEEE TIFS'21 (Journal, IF: 6.211) - TRACE: Enterprise-Wide Provenance Tracking For Real-Time APT Detection, IEEE Transactions on Information Forensics and Security - BibTex
Hassaan Irshad, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Kyu Hyung Lee, Jignesh Patel, Somesh Jha, Yonghwi Kwon, Dongyan Xu, and Xiangyu Zhang

30. ASE'21 - An Empirical Study of Bugs in WebAssembly Compilers, In Proc. of 36th IEEE/ACM International Conference on Automated Software Engineering - BibTex
Alan Romano, Xinyue Liu, Yonghwi Kwon, and Weihang Wang

29. FSE'21 - Swarmbug: Debugging Configuration Bugs in Swarm Robotics, In Proc. of 29th ACM SIGSOFT International Symposium on the Foundations of Software Engineering - BibTex
Chijung Jung, Ali Ahad, Jinho Jung, Sebastian Elbaum, and Yonghwi Kwon

28. CCS'21 - Spinner: Automated Dynamic Command Subsystem Perturbation, In Proc. of 28th ACM Conference on Computer and Communications Security - BibTex
Meng Wang, Chijung Jung, Ali Ahad, and Yonghwi Kwon

27. ASIACCS'21 - Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem, In Proc. of 16th ACM ASIA Conference on Computer and Communications Security - BibTex
Doowon Kim, Haehyun Cho, Yonghwi Kwon, Adam Doupe, Sooel Son, Gail-Joon Ahn, and Tudor Dumitras

26. WWW'21 - TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet, In Proc. of 30th The Web Conference - BibTex
Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon

25. S&P'21 - OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary, In Proc. of the 42nd IEEE Symposium on Security and Privacy - BibTex
Zhuo Zhang, Yapeng Ye, Wei You, Guanhong Tao, Wen-chuan Lee, Yonghwi Kwon, Yousra Aafer, and Xiangyu Zhang

24. NDSS'21 - C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis, In Proc. of the 28th Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Weihang Wang, Jinho Jung, Kyu Hyung Lee, and Roberto Perdisci

23. S&P'20 - TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks, In Proc. of the 41st IEEE Symposium on Security and Privacy - BibTex
Ranjita Pai Kasturi, Yiting Sun, Ruian Duian, Omar Alrawi, Ehsan Asdar, Victor Zhu, Yonghwi Kwon, and Brendan Saltaformaggio

22. S&P'20 - PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning, In Proc. of the 41st IEEE Symposium on Security and Privacy - BibTex
Wei You, Zhuo Zhang, Yonghwi Kwon, Yousra Aafer, Fei Peng, Yu Shi, Carson Makena Harmon, and Xiangyu Zhang

21. CCS'19 - MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis, In Proc. of the 26th ACM Conference on Computer and Communications Security - Slides | Code | BibTex
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Ali Razmjoo-Qalaei, Mohammad-Reza Zamiri-Gourabi, and Jack W. Davidson

20. ACSAC'19 - CUBISMO: Decloaking Server-side Malware via Cubist Program Analysis, In Proc. of the 35th Annual Conference on Computer Security Applications - Slides | BibTex
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Mandana Bagheri-Marzijarani, and Jack W. Davidson

19. OOPSLA'19 - BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation, In Proc. of the 2019 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications - BibTex
Zhuo Zhang, Wei You, Guanhong Tao, Guannan Wei, Yonghwi Kwon, and Xiangyu Zhang
ACM SIGPLAN Distinguished Paper Award

18. ICSE'19 - Probabilistic Disassembly, In Proc. of the 41st International Conference on Software Engineering - Slides | BibTex
Kenneth Adam Miller, Yonghwi Kwon, Yi Sun, Zhuo Zhang, Xiangyu Zhang, and Zhiqiang Lin

17. ACSAC'18 - Lprov: Practical Library-aware Provenance Tracing, In Proc. of the 34th Annual Conference on Computer Security Applications - BibTex
Fei Wang, Yonghwi Kwon, Shiqing Ma, Xiangyu Zhang, and Dongyan Xu

16. ATC'18 - Kernel-Supported Cost-Effective Audit Logging for Causality Tracking, In Proc. of the 2018 USENIX Annual Technical Conference - BibTex
Shiqing Ma, Jun Zhai, Yonghwi Kwon, Kyu Hyung Lee, Xiangyu Zhang, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Dongyan Xu, and Somesh Jha


15. Ph.D. Thesis - Combatting Advanced Persistent Threat via Causality Inference and Program Analysis
Yonghwi Kwon

14. WWW'18 - AdBudgetKiller: Online Advertising Budget Draining Attack, In Proc. of the 27th International World Wide Web Conference - BibTex
I Luk Kim, Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, Weijie Meng, and Xiangyu Zhang

13. NDSS'18 - MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation, In Proc. of the 25th Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Fei Wang, Weihang Wang, Kyu Hyung Lee, Wen-Chuan Lee, Shiqing Ma, Xiangyu Zhang, Dongyan Xu, Somesh Jha, Gabriela Ciocarlie, Ashish Gehani, and Vinod Yegneswaran

12. ACSAC'17 - RevARM: A Platform-Agnostic ARM Binary Rewriter for Security Applications, In Proc. of the 33rd Annual Conference on Computer Security Applications - BibTex
Taegyu Kim, Chung Hwan Kim, Hongjun Choi, Yonghwi Kwon, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu

11. ASE'17 - PAD: Programming Third-party Web Advertisement Censorship, In Proc. of the 32nd IEEE/ACM International Conference on Automated Software Engineering - BibTex
Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, I Luk Kim, Wen-Chuan Lee, Yingqi Liu, Weijie Meng, Xiangyu Zhang, and Patrick Eugster

10. ISSTA'17 - CPR: Cross Platform Binary Code Reuse via Platform Independent Trace Program, In Proc. of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis - Slides | BibTex
Yonghwi Kwon, Weihang Wang, Yunhui Zheng, Xiangyu Zhang, and Dongyan Xu

9. WWW'17 - J-Force: Forced Execution on JavaScript, In Proc. of the 26th International World Wide Web Conference - BibTex
Kyungtae Kim, I Luk Kim, Chung Hwan Kim, Yonghwi Kwon, Yunhui Zheng, Xiangyu Zhang, and Dongyan Xu

8. NDSS'17 - A2C: Self Destructing Exploit Executions via Input Perturbation, In Proc. of the 24th Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Brendan Saltaformaggio, I Luk Kim, Kyu Hyung Lee, Xiangyu Zhang, and Dongyan Xu

7. OOPSLA'16 - Apex: Automatic Programming Assignment Error Explanation, In Proc. of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications - Website | BibTex
Dohyeong Kim, Yonghwi Kwon, Peng Liu, I Luk Kim, David Mitchel Perry, Xiangyu Zhang, and Gustavo Rodriguez-Rivera

6. FSE'16 - WebRanz: Web Page Randomization For Better Advertisement Delivery and Web-Bot Prevention, In Proc. of the 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering - Website | BibTex
Weihang Wang, Yunhui Zheng, Xinyu Xing, Yonghwi Kwon, Xiangyu Zhang, and Patrick Eugster

5. WOOT'16 - Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic, In Proc. of the 10th USENIX Workshop on Offensive Technologies - BibTex
Brendan Saltaformaggio, Hongjun Choi, Kristen Johnson, Yonghwi Kwon, Qi Zhang, Xiangyu Zhang, Dongyan Xu, and John Qian

4. ASPLOS'16 - LDX: Causality Inference by Lightweight Dual Execution, In Proc. of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems - Slides | Demo Video | BibTex
Yonghwi Kwon, Dohyeong Kim, William N. Sumner, Kyungtae Kim, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu

3. ASPLOS'15 - Dual Execution for On the Fly Fine Grained Execution Comparison, In Proc. of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems - BibTex
Dohyeong Kim, Yonghwi Kwon, William N. Sumner, Xiangyu Zhang, and Dongyan Xu

2. NDSS'15 - P2C: Understanding Output Data Files via On-the-Fly Transformation from Producer to Consumer Executions, In Proc. of the 22nd Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Fei Peng, Dohyeong Kim, Kyungtae Kim, Xiangyu Zhang, Dongyan Xu, Vinod Yegneswaran, and John Qian

1. ASE'13 - PIEtrace: Platform Independent Executable Trace, In Proc. of the 28th IEEE/ACM International Conference on Automated Software Engineering - Slides | Website | BibTex
Yonghwi Kwon, Xiangyu Zhang, and Dongyan Xu
Best Paper Award, ACM SIGSOFT Distinguished Paper Award

Team

Graduate Students

1. Chijung Jung (UVA, PhD, Fall 2019~), focusing on Swarm Security/Debugging [FSE'21], Software Security [CCS'21], Forensics [ASE'21 (NIER)]
2. Meng Wang (UVA, PhD, Fall 2019~), focusing on Software Security [CCS'21]
3. Ali Ahad (UVA, PhD, Fall 2020~), focusing on Software Security [CCS'21], Debugging [FSE'21], Forensics
4. Xin Liu (UVA, PhD, Fall 2020~), focusing on Software Security, Forensics


Undergraduate Students

1. Rajiv Sarvepalli (UVA) -- (Part of JUMP URI (Undergraduate Research Initiative) Program)
2. Haoxiang Zhang (UVA)


Former Students (Graduated):

Abbas Naderi (PhD, UVA), Advisor: Prof. Jack W. Davidson
Jiahao Cai (Master, UVA), now at Google
Jake Smith (Undergrad, UVA), Employment: Confidential


External Collaborators

In USA:
Georgia Institute of Technology (with Prof. Brendan Saltaformaggio)
University at Buffalo, SUNY (with Prof. Weihang Wang)
University of Georgia (with Prof. Kyu Hyung Lee)
University of Tennessee (with Prof. Doowon Kim)
University of Texas at Dallas (with Prof. Kangkook Jee, Prof. Wei Yang)
International Collaboration:
Korea Advanced Institute of Science and Technology (KAIST) (with Prof. Sooel Son)
Soongsil University (with Prof. Haehyun Cho‬)
Ulsan National Institute of Science and Technology (UNIST) (with Prof. ‪Yuseok Jeon‬)

Teaching/Services

Teaching

Cyber Forensics: Automated Software Approaches (Spring 2021/2020, Undergraduate/Graduate)
Software Security via Program Analysis (Fall 2019, Fall 2018, Graduate)
Operating Systems (Fall 2020, Spring 2019, Undergraduate)


Services

I have served for the following conferences.
Program Committee:
2021: ACSAC, ASIACCS, CODASPY, ESORICS, WISA
2020: ESORICS, ACSAC, ESORICS, OOPSLA (ERC), NDSS
2019: NDSS, ACSAC
2018: ACSAC

I have participated in organizing the following events.
Poster Co-chair: ACSAC'21
Workshop Chair: MATE'21 (Man-At-The-Middle), Co-located with the ACM CCS'21
Communication Co-chair: 2019 KOCSEA Technical Symposium

I have served for the following panelist.
NSF (National Science Foundation) SBIR (Small Business Innovation Research) Panelist


Participation

I have been participating in several projects/activities including:
1. I am a faculty mentor of the UVa CCDC (Collegiate Cyber Defense Competition) Team.
      - May 24, 2020: Our UVa CCDC team won the national!! (Three times in a row, or Three-peat!)
      - April 25, 2019: We won the national!
      - March 30, 2019: We won the regional final!
2. I am actively supporting undergraduate research programs: JUMP URI (Undergraduate Research Initiative) Program

Miscellaneous

Great Reads

Two excellent suggestions for Ph.D. students by Matt Might:
1. 10 easy ways to fail a Ph.D.
2. 3 qualities of successful Ph.D. students: Perseverance, tenacity and cogency

This is a list of general suggestions for reading/reviewing/writing academic papers.
1. Reviewing Research Papers Efficiently (by John Regehr, University of Utah)
2. How to Write a Security Paper (by Patrick McDaniel, Pennsylvania State University)

From the Advice for researchers and students compiled by Michael Ernst:
1. Writing a progress/status report
2. How to write a technical paper

There are some great and fun (and also educational) TED talks you can watch when you are bored:
1. Grit: the power of passion and perseverance (Grit is very important for being a good researcher)
2. Inside the mind of a master procrastinator (Let's not be a procrastinator)
3. How to speak so that people want to listen
4. This is what happens when you reply to spam email

There are some ways to systematically generate good ideas:
1. TRIZ is "theory of the resolution of invention-related tasks"


Technical Articles and Books

I authored a book named Effective Windows Programming which covers various advanced techniques and tricks for Windows Programming (Win32 APIs).
I also enjoy coding and writing technical articles. Here are some of my articles explaining details about coding, debugging, and reverse-engineering.

1. Hooking the Real COM Objects: Intercepting IHTMLDocument3 Functions, Dec 2011
2. Phishing applications: Security threats regarding the SetParent function, Nov 2011