Welcome to

Secure and Sound Software
(SEED) Research Group

at the University of Maryland, College Park

We develop fundamental techniques to secure real-world systems.
We cover diverse topics including identifying and fixing vulnerabilities in critical systems such as autonomous vehicles and drones, investigation and prevention of advanced cyberattacks, and reverse-engineering stealthy and sophisticated malware binaries.

Secure and Sound Software (SEED ) Research Group

The SEED research group at the University of Maryland is affiliated with the Department of Eletrical and Computer Engineering (ECE), Department of Computer Science (CS), the Maryland Cybersecurity Center (MC2), and the University of Maryland Institute for Advanced Computer Studies (UMIACS).

We strive to conduct fundamental research that can create a practical impact on security. In particular, we focus on discovering and patching unknown critical vulnerabilities in real-world systems that previous techniques fail to do, investigating sophisticated advanced attacks that existing techniques gave up, and protecting complex systems against unknown future attacks.

In other words, we care about the below three criteria when conducting research.
1. Problem/Goal Oriented (not technique oriented)
We care about "what to secure and what practical security benefits we can deliver," not the specific techniques required to achieve the goal. When we pick a research problem, we focus on whether the problem is worth researching instead of how nice the techniques are on paper. Solidness and soundness of techniques are essential, not a determining factor. We are open to any technique that fits and solves the problem.
2. Fundamental Impact
We care about "a research project securing the target directly and fundamentally," not an ad-hoc solution. We propose and develop algorithms and systems that can be generic, long-lasting, and applicable to other systems. We focus on identifying the key factors and constraints that can determine the effectiveness of our techniques in other systems (or new systems).
3. Foundational Research
We aim to be our research to be the 'SEED' of future research. We focus on developing techniques that can be used by others, including researchers, practitioners, and industrial developers. We aim to deliver techniques and systems that can be a seed of future research that would change the world.

Research in our group has been recognized by NSF CRII and NSF CAREER awards, Cisco Research Award, ACM SIGPLAN Distinguished Paper Award at OOPSLA'19, and ACM SIGSOFT Distinguished Paper Award at ASE'13. We also won the national championship at NCCDC (National Collegiate Cyber Defense Competition) in 2019 and 2020.

Interested in joining the group? See this page.

Team Members

Current

Yonghwi Kwon (Director)
Assistant Professor, PI
http://yongkwon.info

- Assistant Professor:
University of Maryland, 2023-present.
University of Virginia, 2018-2023.

Kyungchan Lim (Postdoc)
Postdoctoral Researcher
https://kyungchanlim.github.io/

- Ph.D in Computer Science:
University of Tennessee, Knoxville, 2021-2025.

Ali Ahad
Ph.D. Student joined in 2020 (UMD, ECE)
https://aliahad97.github.io/

Research: Software Security [CCS'21, FSE'21, S&P'22, S&P'23, ASPLOS'24]

Jiacheng Li
Ph.D. Student joined in 2024 (UMD, CS)

Research: Software Security/CPS Security

Alexandros Antonakakis
Ph.D. Student joined in 2025 (UMD, CS)

Research: Software Security/Testing

Chi-wei Chen
Ph.D. Student joined in 2024 (UMD, ECE)

Research: Software Security/CPS Security

Xavier Francois
Undergraduate joined in 2024 (UMD, ECE)

Research: Software Security

Mikias Kelela
Undergraduate joined in 2025 (UMD, ECE)

Research: Software Security

Arjun Samavedam
High school student joined in 2024

Research: Software Security

Visitors

Hyungmin Cho
Visiting Professor

Associate Professor, Sungkyunkwan University, South Korea.

Alumni

Ph.D.
University of Maryland
Erin Avllazagaj (2024) [USENIX'24]
joined Johns Hopkins University Applied Physics Laboratory.
Now at Meta.
University of Virginia
Chijung Jung (2024) [FSE'21, S&P'22, ICSE'22] joined Republic of Korea Army.
Abbas Naderi (2020, Advisor: Professor Jack Davidson).
Masters
University of Virginia
Bora Lee (2023) [WISA'22]
joined Republic of Korea Army.
Jiho Lee (2024) [NDSS'23].
Undergraduate/Visitor
National Security Research Institute
Sungjin Kim (2024-2025)
Sungkyunkwan University
Eun Jung (2024-2025)
Taeyoung Kim (2025-2025)
Seoul National University of Science and Technology
Hyeonsu Byun (2025-2025)
University of California, Berkeley
Sungjin Yi (2021-2022)
University of Virginia
Rajiv Sarvepalli (2020-2022)
Haoxiang Zhang (2021-2022)

Research Project Topics

Currently looking for students for all the topics below.

Cyber Physical Systems Security

Developing automated testing techniques for drones, drone swarms, and autonomous vehicles to find critical vulnerabilities.

Members: Jiacheng Li, Chi-wei Chen
Key Papers: S&P'22, CCS'22, FSE'21
Supported by

Binary Decompilation

Transforming Python Binaries that existing decompilers failed to enable their decompilation. Automatically synthesizing decompilers via AI and recovering lost semantics from binaries.

Members: Jiacheng Li, Ali Ahad
Key Papers: S&P'23, ICSE'19
Supported by  

Web Security Analysis/Defense

Developing security analysis techniques (e.g., fuzzing) to identify vulnerabilities and defences against paylaod injection attacks for web server applications.

Members: Ali Ahad
Key Papers: NDSS'23, ICSE'23, CCS'21
Supported by  

Exploitation/Malicious Code Analysis

Developing techniques that discover hidden malicious code, reproduce/replay exploitations, and finding vulnerabilities.

Members: Ali Ahad, Jiacheng Li
Key Papers: NDSS'21, CCS'19, NDSS'18
Supported by  

AI Systems Security

Mitigate cyberattacks on AI systems (e.g., LLM based systems) via program analysis. For example, we aim to identify fundamental weaknesses of LLM-based systems and propose defenses.

Members: Ali Ahad
Key Papers: ASPLOS'24

Program Synthesis

Developing cross platform debugging techniques via binary translation. Sythesizing programs from traces by aligning data/code between executions.

Members: -
Key Papers: FSE'21, ISSTA'17, ASE'13
Supported by

Publications

- Top Venues in Security/Systems (S&P (Oakland) [22, 23, 25, 34, 39, 46, 47], CCS [21, 28, 37], NDSS [2, 8, 13, 24, 40], USENIX [45], ASPLOS [3, 4, 44]), in SE/PL (ICSE [18, 35, 41], FSE [6, 29], ASE [ 1, 11, 30], OOPSLA [7, 19]), in Web (WWW [9, 14, 26, 48, 49], IMC [42])

49. WWW'25 - What's in Phishers: A Longitudinal Study of Security Configurations in Phishing Websites and Kits, In Proc. of 34th The Web Conference - BibTex
Kyungchan Lim, Kiho Lee, Fujiao Ji, Yonghwi Kwon, Hyoungshick Kim, and Doowon Kim

48. WWW'25 - 7 Days Later: Analyzing Phishing-Site Lifespan After Detected, In Proc. of 34th The Web Conference - BibTex
Kiho Lee, Kyungchan Lim, Hyoungshick Kim, Yonghwi Kwon, and Doowon Kim

47. S&P'25 - RaceDB: Detecting Request Race Vulnerabilities in Database-Backed Web Applications, In Proc. of the 46th IEEE Symposium on Security and Privacy - BibTex
An Chen, Yonghwi Kwon, and Kyu Hyung Lee

46. S&P'25 - CMASan: Custom Memory Allocator-aware Address Sanitizer, In Proc. of the 46th IEEE Symposium on Security and Privacy - BibTex
Junwha Hong, Wonil Jang, Mijung Kim, Lei Yu, Yonghwi Kwon, and Yuseok Jeon

45. USENIX'24 - Scavy: Automated Discovery of Memory Corruption Targets in Linux Kernel for Privilege Escalation, In Proc. of the 33rd USENIX Security Symposium - BibTex
Erin Avllazagaj, Yonghwi Kwon, and Tudor DumitraČ™

44. ASPLOS'24 - FreePart: Hardening Data Processing Software via Framework-based Partitioning and Isolation, In Proc. of the 29th International Conference on Architectural Support for Programming Languages and Operating Systems - BibTex
Ali Ahad, Gang Wang, Chung Hwan Kim, Suman Jana, Zhiqiang Lin, and Yonghwi Kwon

43. ICISC'23 - BTFuzzer: a profile-based fuzzing framework for Bluetooth protocols, In Proc. of the 26th Annual International Conference on Information Security and Cryptology - BibTex
Min Jang, Yuna Hwang, Yonghwi Kwon, and Hyoungshick Kim
Best Paper Award

42. IMC'23 - A Longitudinal Study of Vulnerable Client-side Resources and Web Developers' Updating Behaviors, In Proc. of the 23rd ACM Internet Measurement Conference - BibTex
Kyungchan Lim, Yonghwi Kwon, and Doowon Kim

41. ICSE'23 - BFTDetector: Automatic Detection of Business Flow Tampering for Digital Content Service, In Proc. of the 45th International Conference on Software Engineering - BibTex
I Luk Kim, Weihang Wang, Yonghwi Kwon, and Xiangyu Zhang

40. NDSS'23 - SynthDB: Synthesizing Database via Program Analysis for Security Testing of Web Applications, In Proc. of the 30th Network and Distributed System Security Symposium - BibTex
An Chen, JiHo Lee, Basanta Chaulagain, Yonghwi Kwon, and Kyu Hyung Lee

39. S&P'23 - PyFET: Forensically Equivalent Transformation for Python Binary Decompilation, In Proc. of the 44th IEEE Symposium on Security and Privacy - BibTex
Ali Ahad, Chijung Jung, Ammar Askar, Doowon Kim, Taesoo Kim, and Yonghwi Kwon

38. CCS'22 (Poster) - Automated Discovery of Sensor Spoofing Attacks on Robotic Vehicles, In Proc. of the 29th ACM Conference on Computer and Communications Security - BibTex
Kyeongseok Yang*, Sudharssan Mohan* (*: co-first authors), Yonghwi Kwon, Heejo Lee, and Chung Hwan Kim

37. CCS'22 - DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing, In Proc. of the 29th ACM Conference on Computer and Communications Security - BibTex
Seulbae Kim, Major Liu, Junghwan Rhee, Yuseok Jeon, Yonghwi Kwon, and Chung Hwan Kim

36. WISA'22 - Dazzle-attack: Anti-Forensic Server-side Attack via Fail-free Dynamic State Machine, In Proc. of the 23rd World Conference on Information Security Applications - BibTex
Bora Lee*, Kyungchan Lim* (*: co-first authors), JiHo Lee, Chijung Jung, Doowon Kim, Kyu Hyung Lee, Haehyun Cho, and Yonghwi Kwon
Best Student Paper Award

35. ICSE'22 - Hiding Critical Program Components via Ambiguous Translation, In Proc. of the 44th International Conference on Software Engineering - BibTex
Chijung Jung, Doowon Kim, An Chen, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon

34. S&P'22 - SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithms, In Proc. of the 43rd IEEE Symposium on Security and Privacy - BibTex
Chijung Jung, Ali Ahad, Yuseok Jeon, and Yonghwi Kwon

33. ACSAC'21 - Sofware Watermarking via a Binary Function Relocation, In Proc. of 37th Annual Conference on Computer Security Applications - Slides | BibTex
Honggoo Kang, Yonghwi Kwon, Sangjin Lee, and Hyungjoon Koo

32. ASE'21 (NIER) - Defeating Program Analysis Techniques via Ambiguous Translation, In Proc. of 36th IEEE/ACM International Conference on Automated Software Engineering (New Ideas and Emerging Results Track) - BibTex
Chijung Jung, Doowon Kim, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon

31. TIFS (Journal, IF: 6.211) - TRACE: Enterprise-Wide Provenance Tracking For Real-Time APT Detection, IEEE Transactions on Information Forensics and Security - BibTex
Hassaan Irshad, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Kyu Hyung Lee, Jignesh Patel, Somesh Jha, Yonghwi Kwon, Dongyan Xu, and Xiangyu Zhang

30. ASE'21 - An Empirical Study of Bugs in WebAssembly Compilers, In Proc. of 36th IEEE/ACM International Conference on Automated Software Engineering - BibTex
Alan Romano, Xinyue Liu, Yonghwi Kwon, and Weihang Wang

29. FSE'21 - Swarmbug: Debugging Configuration Bugs in Swarm Robotics, In Proc. of 29th ACM SIGSOFT International Symposium on the Foundations of Software Engineering - Invited Talk at WISA | BibTex
Chijung Jung, Ali Ahad, Jinho Jung, Sebastian Elbaum, and Yonghwi Kwon

28. CCS'21 - Spinner: Automated Dynamic Command Subsystem Perturbation, In Proc. of 28th ACM Conference on Computer and Communications Security - BibTex
Chijung Jung, Ali Ahad, and Yonghwi Kwon

27. ASIACCS'21 - Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem, In Proc. of 16th ACM ASIA Conference on Computer and Communications Security - BibTex
Doowon Kim, Haehyun Cho, Yonghwi Kwon, Adam Doupe, Sooel Son, Gail-Joon Ahn, and Tudor Dumitras

26. WWW'21 - TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet, In Proc. of 30th The Web Conference - Video | BibTex
Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon

25. S&P'21 - OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary, In Proc. of the 42nd IEEE Symposium on Security and Privacy - BibTex
Zhuo Zhang, Yapeng Ye, Wei You, Guanhong Tao, Wen-chuan Lee, Yonghwi Kwon, Yousra Aafer, and Xiangyu Zhang

24. NDSS'21 - C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis, In Proc. of the 28th Network and Distributed System Security Symposium - Slides | Video | BibTex
Yonghwi Kwon, Weihang Wang, Jinho Jung, Kyu Hyung Lee, and Roberto Perdisci

23. S&P'20 - TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks, In Proc. of the 41st IEEE Symposium on Security and Privacy - Video | BibTex
Ranjita Pai Kasturi, Yiting Sun, Ruian Duian, Omar Alrawi, Ehsan Asdar, Victor Zhu, Yonghwi Kwon, and Brendan Saltaformaggio

22. S&P'20 - PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning, In Proc. of the 41st IEEE Symposium on Security and Privacy - BibTex
Wei You, Zhuo Zhang, Yonghwi Kwon, Yousra Aafer, Fei Peng, Yu Shi, Carson Makena Harmon, and Xiangyu Zhang

21. CCS'19 - MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis, In Proc. of the 26th ACM Conference on Computer and Communications Security - Slides | Code | BibTex
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Ali Razmjoo-Qalaei, Mohammad-Reza Zamiri-Gourabi, and Jack W. Davidson

20. ACSAC'19 - CUBISMO: Decloaking Server-side Malware via Cubist Program Analysis, In Proc. of the 35th Annual Conference on Computer Security Applications - Slides | BibTex
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Mandana Bagheri-Marzijarani, and Jack W. Davidson

19. OOPSLA'19 - BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation, In Proc. of the 2019 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications - BibTex
Zhuo Zhang, Wei You, Guanhong Tao, Guannan Wei, Yonghwi Kwon, and Xiangyu Zhang
ACM SIGPLAN Distinguished Paper Award

18. ICSE'19 - Probabilistic Disassembly, In Proc. of the 41st International Conference on Software Engineering - Slides | BibTex
Kenneth Adam Miller, Yonghwi Kwon, Yi Sun, Zhuo Zhang, Xiangyu Zhang, and Zhiqiang Lin

17. ACSAC'18 - Lprov: Practical Library-aware Provenance Tracing, In Proc. of the 34th Annual Conference on Computer Security Applications - BibTex
Fei Wang, Yonghwi Kwon, Shiqing Ma, Xiangyu Zhang, and Dongyan Xu

16. ATC'18 - Kernel-Supported Cost-Effective Audit Logging for Causality Tracking, In Proc. of the 2018 USENIX Annual Technical Conference - BibTex
Shiqing Ma, Juan Zhai, Yonghwi Kwon, Kyu Hyung Lee, Xiangyu Zhang, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Dongyan Xu, and Somesh Jha

15. Ph.D. Thesis - Combatting Advanced Persistent Threat via Causality Inference and Program Analysis - BibTex
Yonghwi Kwon

14. WWW'18 - AdBudgetKiller: Online Advertising Budget Draining Attack, In Proc. of the 27th International World Wide Web Conference - BibTex
I Luk Kim, Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, Weijie Meng, and Xiangyu Zhang

13. NDSS'18 - MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation, In Proc. of the 25th Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Fei Wang, Weihang Wang, Kyu Hyung Lee, Wen-Chuan Lee, Shiqing Ma, Xiangyu Zhang, Dongyan Xu, Somesh Jha, Gabriela Ciocarlie, Ashish Gehani, and Vinod Yegneswaran

12. ACSAC'17 - RevARM: A Platform-Agnostic ARM Binary Rewriter for Security Applications, In Proc. of the 33rd Annual Conference on Computer Security Applications - BibTex
Taegyu Kim, Chung Hwan Kim, Hongjun Choi, Yonghwi Kwon, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu

11. ASE'17 - PAD: Programming Third-party Web Advertisement Censorship, In Proc. of the 32nd IEEE/ACM International Conference on Automated Software Engineering - BibTex
Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, I Luk Kim, Wen-Chuan Lee, Yingqi Liu, Weijie Meng, Xiangyu Zhang, and Patrick Eugster

10. ISSTA'17 - CPR: Cross Platform Binary Code Reuse via Platform Independent Trace Program, In Proc. of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis - Slides | BibTex
Yonghwi Kwon, Weihang Wang, Yunhui Zheng, Xiangyu Zhang, and Dongyan Xu

9. WWW'17 - J-Force: Forced Execution on JavaScript, In Proc. of the 26th International World Wide Web Conference - BibTex
Kyungtae Kim, I Luk Kim, Chung Hwan Kim, Yonghwi Kwon, Yunhui Zheng, Xiangyu Zhang, and Dongyan Xu

8. NDSS'17 - A2C: Self Destructing Exploit Executions via Input Perturbation, In Proc. of the 24th Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Brendan Saltaformaggio, I Luk Kim, Kyu Hyung Lee, Xiangyu Zhang, and Dongyan Xu

7. OOPSLA'16 - Apex: Automatic Programming Assignment Error Explanation, In Proc. of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications - Website | BibTex
Dohyeong Kim, Yonghwi Kwon, Peng Liu, I Luk Kim, David Mitchel Perry, Xiangyu Zhang, and Gustavo Rodriguez-Rivera

6. FSE'16 - WebRanz: Web Page Randomization For Better Advertisement Delivery and Web-Bot Prevention, In Proc. of the 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering - Website | BibTex
Weihang Wang, Yunhui Zheng, Xinyu Xing, Yonghwi Kwon, Xiangyu Zhang, and Patrick Eugster

5. WOOT'16 - Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic, In Proc. of the 10th USENIX Workshop on Offensive Technologies - BibTex
Brendan Saltaformaggio, Hongjun Choi, Kristen Johnson, Yonghwi Kwon, Qi Zhang, Xiangyu Zhang, Dongyan Xu, and John Qian

4. ASPLOS'16 - LDX: Causality Inference by Lightweight Dual Execution, In Proc. of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems - Slides | Demo Video | BibTex
Yonghwi Kwon, Dohyeong Kim, William N. Sumner, Kyungtae Kim, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu

3. ASPLOS'15 - Dual Execution for On the Fly Fine Grained Execution Comparison, In Proc. of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems - BibTex
Dohyeong Kim, Yonghwi Kwon, William N. Sumner, Xiangyu Zhang, and Dongyan Xu

2. NDSS'15 - P2C: Understanding Output Data Files via On-the-Fly Transformation from Producer to Consumer Executions, In Proc. of the 22nd Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Fei Peng, Dohyeong Kim, Kyungtae Kim, Xiangyu Zhang, Dongyan Xu, Vinod Yegneswaran, and John Qian

1. ASE'13 - PIEtrace: Platform Independent Executable Trace, In Proc. of the 28th IEEE/ACM International Conference on Automated Software Engineering - Slides | Website | BibTex
Yonghwi Kwon, Xiangyu Zhang, and Dongyan Xu
Best Paper Award, ACM SIGSOFT Distinguished Paper Award