Welcome to

Secure and Sound Software (SEED) Research Group

We develop security techniques to secure real-world software systems, providing fundamental security primitives (or seed security techniques). We cover diverse topics including identifying and fixing vulnerabilities in critical systems such as autonomous vehicles and drones, investigation and prevention of advanced cyberattacks, and reverse-engineering stealthy and sophisticated malware binaries.

About Us

Secure and Sound Software (SEED) Research Group

The SEED research group at the University of Maryland is affiliated with the Department of Eletrical and Computer Engineering (ECE), the Maryland Cybersecurity Center (MC2), and the University of Maryland Institute for Advanced Computer Studies (UMIACS).

We thrive to conduct fundamental research that can create impact the practical security. In particular, we focus on discover and patching unknown critical vulnerabilities in real-world systems that previous techniques fail to do, investigating sophisticated advanced attacks that existing techniques gave up, and protecting complex systems against unknown future attacks.

We have a few criteria for research projects.

1. Problem/Goal Oriented (not technique oriented): We care about "what to secure and what practical security benefits we can deliver," not the specific techniques required to achieve the goal. In other words, when we pick a research problem, we focus on whether the problem is worth researching instead of particular methods for solving the problem. Of course, methods must be sound and solid, but that is an essential, not a determining factor. We leverage various and diverse techniques (and are also open to any new emerging techniques), ranging from OS kernel, virtual machine, compilers/PL, reverse-engineering, network/system modeling, artificial intelligence (AI), and causal analysis, to name a few, if needed.

2. Fundamental Impact: We care about "whether a research project would make the target secure directly and fundamentally," not securing systems in an ad-hoc way. We propose and develop algorithms and systems that can be generic, long-lasting, and even applicable to other systems. We focus on identifying the key factors/constraints that can determine the effectiveness of our techniques in other systems (or new systems).

3. Foundational Research: As the name "SEED" suggests, we focus on developing techniques that can be used by others, including researchers, practitioners, and industrial developers. We aim to deliver techniques and systems that can be a seed of future research that would change the world.

Team Members

Interested in joining the group? See this page.

Current

Yonghwi Kwon (Director)
Assistant Professor, PI

- Ph.D., Computer Science, Purdue University (2018).

Website: http://yongkwon.info

Chijung Jung
Ph.D. Student Joined in 2019 (Post qual.)

Research: Swarm Security/Debugging [FSE'21, S&P'22], Software Security [CCS'21, WISA'22, S&P'23, ICSE'22]

Website: https://chijung-jung.github.io/

Ali Ahad
Ph.D. Student Joined in 2020 (Post qual.)

Research: Software Security [CCS'21, S&P'23, ASPLOS'24], Debugging/Testing [FSE'21, S&P'22]

Website: https://aliahad97.github.io/

Alumni

Ph.D.

1. Abbas Naderi (Advisor: Prof. Jack W. Davidson)

Masters

1. Bora Lee, 2023 (at Korean Army)
2. Jiho Lee, 2024
3. Jiahao Cai, 2019 (at Google)

Undergraduate

1. Sungjin Yi, UC Berkeley, 2021-2022
2. Rajiv Sarvepalli, UVA, 2020
3. Haoxiang Zhang, UVA, 2021 (at Columbia University)

Research Project Topics

Project topics that our group is working on.
We are looking for students for all the topics below. See this page for the details.

 
Cyber Physical Systems Security

Developing automated testing techniques for drones, drone swarms, and autonomous vehicles to find critical vulnerabilities.

Members: Chijung Jung, Ali Ahad
Key Papers: S&P'22, CCS'22, FSE'21
Supported by

 
Binary Decompilation

Transforming Python Binaries that existing decompilers failed to enable their decompilation. Automatically synthesizing decompilers via AI and recovering lost semantics from binaries.

Members: Ali Ahad, Chijung Jung
Key Papers: S&P'23, ICSE'19
Supported by  

 
Web Security Analysis/Defense

Developing security analysis techniques (e.g., fuzzing) to identify vulnerabilities and defences against paylaod injection attacks for web server applications.

Members: Chijung Jung, Jiho Lee
Key Papers: NDSS'23, ICSE'23, CCS'21
Supported by  

Exploitation/Malicious Code Analysis

Developing techniques that discover hidden malicious code, reproduce/replay exploitations, and finding vulnerabilities.

Members: Ali Ahad
Key Papers: NDSS'21, CCS'19, NDSS'18
Supported by  

AI/ML Software Partitioning

Mitigate cyberattcks on AI/ML libraries by automatically partitioning and isolating the libraries' code. Attacks will be confined within the isolated compartments.

Members: Ali Ahad
Key Papers: ASPLOS'24

Program Debugging/Synthesis

Developing cross platform debugging techniques via binary translation. Sythesizing programs from traces by aligning data/code between executions.

Members: Chijung Jung, Ali Ahad
Key Papers: FSE'21, ISSTA'17, ASE'13
Supported by

Publications

- Top Venues in Security/Systems (S&P (Oakland) [22, 23, 25, 34, 39], CCS [21, 28, 37], NDSS [2, 8, 13, 24, 40], ASPLOS [3, 4, 42]), in SE/PL (ICSE [18, 35, 41], FSE [6, 29], ASE [ 1, 11, 30], OOPSLA [7, 19]), in Web (WWW [9, 14, 26])

43. ASPLOS'24 - FreePart: Hardening Data Processing Software via Framework-based Partitioning and Isolation, In Proc. of the 29th International Conference on Architectural Support for Programming Languages and Operating Systems - BibTex
Ali Ahad, Gang Wang, Chung Hwan Kim, Suman Jana, Zhiqiang Lin, and Yonghwi Kwon

42. IMC'23 - A Longitudinal Study of Vulnerable Client-side Resources and Web Developers' Updating Behaviors, In Proc. of the 23rd ACM Internet Measurement Conference - BibTex
Kyungchan Lim, Yonghwi Kwon, and Doowon Kim

41. ICSE'23 - BFTDetector: Automatic Detection of Business Flow Tampering for Digital Content Service, In Proc. of the 45th International Conference on Software Engineering - BibTex
I Luk Kim, Weihang Wang, Yonghwi Kwon, and Xiangyu Zhang

40. NDSS'23 - SynthDB: Synthesizing Database via Program Analysis for Security Testing of Web Applications, In Proc. of the 30th Network and Distributed System Security Symposium - BibTex
An Chen, JiHo Lee, Basanta Chaulagain, Yonghwi Kwon, and Kyu Hyung Lee

39. S&P'23 - PyFET: Forensically Equivalent Transformation for Python Binary Decompilation, In Proc. of the 44th IEEE Symposium on Security and Privacy - BibTex
Ali Ahad, Chijung Jung, Ammar Askar, Doowon Kim, Taesoo Kim, and Yonghwi Kwon

38. CCS'22 (Poster) - Automated Discovery of Sensor Spoofing Attacks on Robotic Vehicles, In Proc. of the 29th ACM Conference on Computer and Communications Security - BibTex
Kyeongseok Yang*, Sudharssan Mohan* (*: co-first authors), Yonghwi Kwon, Heejo Lee, and Chung Hwan Kim

37. CCS'22 - DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing, In Proc. of the 29th ACM Conference on Computer and Communications Security - BibTex
Seulbae Kim, Major Liu, Junghwan Rhee, Yuseok Jeon, Yonghwi Kwon, and Chung Hwan Kim

36. WISA'22 - Dazzle-attack: Anti-Forensic Server-side Attack via Fail-free Dynamic State Machine, In Proc. of the 23rd World Conference on Information Security Applications - BibTex
Bora Lee*, Kyungchan Lim* (*: co-first authors), JiHo Lee, Chijung Jung, Doowon Kim, Kyu Hyung Lee, Haehyun Cho, and Yonghwi Kwon
Best Student Paper Award

35. ICSE'22 - Hiding Critical Program Components via Ambiguous Translation, In Proc. of the 44th International Conference on Software Engineering - BibTex
Chijung Jung, Doowon Kim, An Chen, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon

34. S&P'22 - SwarmFlawFinder: Discovering and Exploiting Logic Flaws of Swarm Algorithms, In Proc. of the 43rd IEEE Symposium on Security and Privacy - BibTex
Chijung Jung, Ali Ahad, Yuseok Jeon, and Yonghwi Kwon

33. ACSAC'21 - Sofware Watermarking via a Binary Function Relocation, In Proc. of 37th Annual Conference on Computer Security Applications - Slides | BibTex
Honggoo Kang, Yonghwi Kwon, Sangjin Lee, and Hyungjoon Koo

32. ASE'21 (NIER) - Defeating Program Analysis Techniques via Ambiguous Translation, In Proc. of 36th IEEE/ACM International Conference on Automated Software Engineering (New Ideas and Emerging Results Track) - BibTex
Chijung Jung, Doowon Kim, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon

31. TIFS (Journal, IF: 6.211) - TRACE: Enterprise-Wide Provenance Tracking For Real-Time APT Detection, IEEE Transactions on Information Forensics and Security - BibTex
Hassaan Irshad, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Kyu Hyung Lee, Jignesh Patel, Somesh Jha, Yonghwi Kwon, Dongyan Xu, and Xiangyu Zhang

30. ASE'21 - An Empirical Study of Bugs in WebAssembly Compilers, In Proc. of 36th IEEE/ACM International Conference on Automated Software Engineering - BibTex
Alan Romano, Xinyue Liu, Yonghwi Kwon, and Weihang Wang

29. FSE'21 - Swarmbug: Debugging Configuration Bugs in Swarm Robotics, In Proc. of 29th ACM SIGSOFT International Symposium on the Foundations of Software Engineering - Invited Talk at WISA | BibTex
Chijung Jung, Ali Ahad, Jinho Jung, Sebastian Elbaum, and Yonghwi Kwon

28. CCS'21 - Spinner: Automated Dynamic Command Subsystem Perturbation, In Proc. of 28th ACM Conference on Computer and Communications Security - BibTex
Chijung Jung, Ali Ahad, and Yonghwi Kwon

27. ASIACCS'21 - Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem, In Proc. of 16th ACM ASIA Conference on Computer and Communications Security - BibTex
Doowon Kim, Haehyun Cho, Yonghwi Kwon, Adam Doupe, Sooel Son, Gail-Joon Ahn, and Tudor Dumitras

26. WWW'21 - TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet, In Proc. of 30th The Web Conference - Video | BibTex
Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon

25. S&P'21 - OSPREY: Recovery of Variable and Data Structure via Probabilistic Analysis for Stripped Binary, In Proc. of the 42nd IEEE Symposium on Security and Privacy - BibTex
Zhuo Zhang, Yapeng Ye, Wei You, Guanhong Tao, Wen-chuan Lee, Yonghwi Kwon, Yousra Aafer, and Xiangyu Zhang

24. NDSS'21 - C2SR: Cybercrime Scene Reconstruction for Post-mortem Forensic Analysis, In Proc. of the 28th Network and Distributed System Security Symposium - Slides | Video | BibTex
Yonghwi Kwon, Weihang Wang, Jinho Jung, Kyu Hyung Lee, and Roberto Perdisci

23. S&P'20 - TARDIS: Rolling Back The Clock On CMS-Targeting Cyber Attacks, In Proc. of the 41st IEEE Symposium on Security and Privacy - Video | BibTex
Ranjita Pai Kasturi, Yiting Sun, Ruian Duian, Omar Alrawi, Ehsan Asdar, Victor Zhu, Yonghwi Kwon, and Brendan Saltaformaggio

22. S&P'20 - PMP: Cost-effective Forced Execution with Probabilistic Memory Pre-planning, In Proc. of the 41st IEEE Symposium on Security and Privacy - BibTex
Wei You, Zhuo Zhang, Yonghwi Kwon, Yousra Aafer, Fei Peng, Yu Shi, Carson Makena Harmon, and Xiangyu Zhang

21. CCS'19 - MalMax: Multi-Aspect Execution for Automated Dynamic Web Server Malware Analysis, In Proc. of the 26th ACM Conference on Computer and Communications Security - Slides | Code | BibTex
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Ali Razmjoo-Qalaei, Mohammad-Reza Zamiri-Gourabi, and Jack W. Davidson

20. ACSAC'19 - CUBISMO: Decloaking Server-side Malware via Cubist Program Analysis, In Proc. of the 35th Annual Conference on Computer Security Applications - Slides | BibTex
Abbas Naderi-Afooshteh, Yonghwi Kwon, Anh Nguyen-Tuong, Mandana Bagheri-Marzijarani, and Jack W. Davidson

19. OOPSLA'19 - BDA: Practical Dependence Analysis for Binary Executables by Unbiased Whole-program Path Sampling and Per-path Abstract Interpretation, In Proc. of the 2019 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications - BibTex
Zhuo Zhang, Wei You, Guanhong Tao, Guannan Wei, Yonghwi Kwon, and Xiangyu Zhang
ACM SIGPLAN Distinguished Paper Award

18. ICSE'19 - Probabilistic Disassembly, In Proc. of the 41st International Conference on Software Engineering - Slides | BibTex
Kenneth Adam Miller, Yonghwi Kwon, Yi Sun, Zhuo Zhang, Xiangyu Zhang, and Zhiqiang Lin

17. ACSAC'18 - Lprov: Practical Library-aware Provenance Tracing, In Proc. of the 34th Annual Conference on Computer Security Applications - BibTex
Fei Wang, Yonghwi Kwon, Shiqing Ma, Xiangyu Zhang, and Dongyan Xu

16. ATC'18 - Kernel-Supported Cost-Effective Audit Logging for Causality Tracking, In Proc. of the 2018 USENIX Annual Technical Conference - BibTex
Shiqing Ma, Juan Zhai, Yonghwi Kwon, Kyu Hyung Lee, Xiangyu Zhang, Gabriela Ciocarlie, Ashish Gehani, Vinod Yegneswaran, Dongyan Xu, and Somesh Jha

15. Ph.D. Thesis - Combatting Advanced Persistent Threat via Causality Inference and Program Analysis - BibTex
Yonghwi Kwon

14. WWW'18 - AdBudgetKiller: Online Advertising Budget Draining Attack, In Proc. of the 27th International World Wide Web Conference - BibTex
I Luk Kim, Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, Weijie Meng, and Xiangyu Zhang

13. NDSS'18 - MCI: Modeling-based Causality Inference in Audit Logging for Attack Investigation, In Proc. of the 25th Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Fei Wang, Weihang Wang, Kyu Hyung Lee, Wen-Chuan Lee, Shiqing Ma, Xiangyu Zhang, Dongyan Xu, Somesh Jha, Gabriela Ciocarlie, Ashish Gehani, and Vinod Yegneswaran

12. ACSAC'17 - RevARM: A Platform-Agnostic ARM Binary Rewriter for Security Applications, In Proc. of the 33rd Annual Conference on Computer Security Applications - BibTex
Taegyu Kim, Chung Hwan Kim, Hongjun Choi, Yonghwi Kwon, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu

11. ASE'17 - PAD: Programming Third-party Web Advertisement Censorship, In Proc. of the 32nd IEEE/ACM International Conference on Automated Software Engineering - BibTex
Weihang Wang, Yonghwi Kwon, Yunhui Zheng, Yousra Aafer, I Luk Kim, Wen-Chuan Lee, Yingqi Liu, Weijie Meng, Xiangyu Zhang, and Patrick Eugster

10. ISSTA'17 - CPR: Cross Platform Binary Code Reuse via Platform Independent Trace Program, In Proc. of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis - Slides | BibTex
Yonghwi Kwon, Weihang Wang, Yunhui Zheng, Xiangyu Zhang, and Dongyan Xu

9. WWW'17 - J-Force: Forced Execution on JavaScript, In Proc. of the 26th International World Wide Web Conference - BibTex
Kyungtae Kim, I Luk Kim, Chung Hwan Kim, Yonghwi Kwon, Yunhui Zheng, Xiangyu Zhang, and Dongyan Xu

8. NDSS'17 - A2C: Self Destructing Exploit Executions via Input Perturbation, In Proc. of the 24th Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Brendan Saltaformaggio, I Luk Kim, Kyu Hyung Lee, Xiangyu Zhang, and Dongyan Xu

7. OOPSLA'16 - Apex: Automatic Programming Assignment Error Explanation, In Proc. of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications - Website | BibTex
Dohyeong Kim, Yonghwi Kwon, Peng Liu, I Luk Kim, David Mitchel Perry, Xiangyu Zhang, and Gustavo Rodriguez-Rivera

6. FSE'16 - WebRanz: Web Page Randomization For Better Advertisement Delivery and Web-Bot Prevention, In Proc. of the 24th ACM SIGSOFT International Symposium on the Foundations of Software Engineering - Website | BibTex
Weihang Wang, Yunhui Zheng, Xinyu Xing, Yonghwi Kwon, Xiangyu Zhang, and Patrick Eugster

5. WOOT'16 - Eavesdropping on Fine-Grained User Activities Within Smartphone Apps Over Encrypted Network Traffic, In Proc. of the 10th USENIX Workshop on Offensive Technologies - BibTex
Brendan Saltaformaggio, Hongjun Choi, Kristen Johnson, Yonghwi Kwon, Qi Zhang, Xiangyu Zhang, Dongyan Xu, and John Qian

4. ASPLOS'16 - LDX: Causality Inference by Lightweight Dual Execution, In Proc. of the 21st International Conference on Architectural Support for Programming Languages and Operating Systems - Slides | Demo Video | BibTex
Yonghwi Kwon, Dohyeong Kim, William N. Sumner, Kyungtae Kim, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu

3. ASPLOS'15 - Dual Execution for On the Fly Fine Grained Execution Comparison, In Proc. of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems - BibTex
Dohyeong Kim, Yonghwi Kwon, William N. Sumner, Xiangyu Zhang, and Dongyan Xu

2. NDSS'15 - P2C: Understanding Output Data Files via On-the-Fly Transformation from Producer to Consumer Executions, In Proc. of the 22nd Network and Distributed System Security Symposium - Slides | BibTex
Yonghwi Kwon, Fei Peng, Dohyeong Kim, Kyungtae Kim, Xiangyu Zhang, Dongyan Xu, Vinod Yegneswaran, and John Qian

1. ASE'13 - PIEtrace: Platform Independent Executable Trace, In Proc. of the 28th IEEE/ACM International Conference on Automated Software Engineering - Slides | Website | BibTex
Yonghwi Kwon, Xiangyu Zhang, and Dongyan Xu
Best Paper Award, ACM SIGSOFT Distinguished Paper Award