Daehee Jang (장대희)

daehee87@khu.ac.kr
Download CV      


About me

I finished my Ph.D at KAIST and joined Georgia Tech as postdoc under the supervision of professor Taesoo Kim (SSLab).
I am currently an assistant professor at Kyunghee University (KHU) School of Computing.
My research area is "System Security" including topics such as 'Fuzzing', 'Container Security', and so forth.
I enjoy CTF and I am also the founder of pwnable.kr wargame.
I am currently/actively looking for motivated grad students (PwnLab).

Selected Publications

"Fuzzing@Home: Distributed Fuzzing on Untrusted Heterogeneous Clients", Daehee Jang, Ammar Askar, Insu Yun, Stephen Tong, Yiqin Cai, Taesoo Kim. (RAID 2022) [pdf]

"Efficient Generation of Program Execution Hash", Eunyeong Ahn, Sunjin Kim, Saerom Park, Jong-Uk Hou, Daehee Jang (corresponding author). (IEEE Access Journal 2022) [pdf]

"Badaslr: Exceptional cases of ASLR aiding exploitation", Daehee Jang. (ELSEVIER Computers and Security Journal 2022) [pdf]

"Preventing Use-After-Free Attacks with Fast Forward Allocation", Brian Wickman, Hong Hu, Insu Yun, Daehee Jang, JungWon Lim, Sanidhya Kashyap, and Taesoo Kim. (USENIX Security 2021) [pdf]

"Fuzzing JavaScript Engines with Aspect-preserving Mutation", Soyeon Park, Wen Xu, Insu Yun, Daehee Jang, and Taesoo Kim. (IEEE Symposium on Security and Privacy 2020) [pdf]

"On the Analysis of Byte-Granularity Heap Randomization", Daehee Jang, Jonghwan Kim, Hojoon Lee, Minjune Park, Yunjong Jung, Minsu Kim, Brent Byunghoon Kang. (IEEE Transactions on Dependable and Secure Computing 2019) [pdf]

"PoLaR: Per-allocation Object Layout Randomization", Jonghwan Kim, Daehee Jang, Yunjong Jeong, Brent Byunghoon Kang. (IEEE/IFIP International Conference on Dependable Systems and Networks 2019) [pdf]

"Rethinking Anti-Emulation Techniques for Large-Scale Software Deployment", Daehee Jang, Yunjong Jung, Sungman Lee, Minjoon Park, Donguk Kim, Kuenhwan Kwak, Brent Byunghoon Kang. (ELSEVIER Computers and Security Journal 2019) [pdf]

"SGX-LEGO: Fine-Grained SGX Controlled-Channel Attack and its Countermeasure", Deokjin Kim Daehee Jang (co-first), Minjoon Park, Yunjong Jung, Jonghwan Kim, Seokjin Choi, Brent Byunghoon Kang. (ELSEVIER Computers and Security Journal 2018) [pdf]

"Domain Isolated Kernel: A lightweight sandbox for untrusted kernel extensions", Valentin J.M. Manes, Daehee Jang, Brent Byunghoon Kang, Chanho Ryu. (ELSEVIER Computers and Security Journal 2017) [pdf]

"ATRA: Address Translation Redirection Attack against Hardware-based External Monitors", D.Jang, H Lee, M. Kim, D. H. Kim, D. G. Kim and B. Kang. (ACM Conference on Computer and Communications Security 2014) [pdf]

"KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object", H. Lee, H. Moon, D. Jang , K. Kim, J. Lee, Y. Paek and B. Kang. (USENIX Security 2013) [pdf]

Selected Awards

Grand Prize Winner of 2017 Information Security Paper Competition (5,000,000 KRW prize) news link

2016 NAVER Ph.D. Fellowship Award (5,000,000 KRW prize)

Information Security Elite Nomination in KISA 2016 Awards Ceremony (Special Prize for Hancom Office Bug Bounty) news link

8th place in 2017 TrendMicro CTF Finals (BrentKawaii, four person team)

2nd place in 2016 SECCON CTF Finals (PwnPineappelApplePwn, four person team)

5th place in 2016 DEFCON CTF Finals (KaisHackGoN, 16 person team)

9th place in 2016 CODEGATE CTF Finals (KaSec, four person team)

9th place in 2015 CODEGATE CTF Finals (Alternatives, four person team)

8th place in 2013 DEFCON CTF Finals (Alternatives, eight person team)

Winner of 2015 WHITEHAT CTF Finals (아몰랑, four person team. 20,000,000 KRW prize)

3rd place in 2014 WHITEHAT CTF Finals (Alternatives, four person team. 8,000,000 KRW prize)

Bug Bounty Awards (Sole Activity)

RCE via Heap BOF in KMPlayer FLV Parser (CVE-2018-5200. 4,300,000 KRW prize)

RCE via Heap BOF in Hancom Office (KISA 16-251. 3,200,000 KRW prize)

RCE via Use-After-Free in Hancom Office (KISA report 15-621. 2,400,000 KRW prize)

RCE via Stack BOF in Hancom Office (KISA report 15-284. 1,500,000 KRW prize)

RCE via Stack BOF in IPTIME Router (KISA report 15-074. 1,800,000 KRW prize)

Invited Seminar/Talks

UNIST Software Department Invited Speaker (2022)
"Distributed Fuzzing on Untrusted Heterogeneous Clients"

KISA Invited Speaker (2022)
"Security Vulnerabilities in Web Application Frameworks"

Sejong University Invited Speaker (2022)
"System Security issues in Wargame/CTFs"

CPS Workshop Invited Speaker (2022)
"Fuzzing and Security in Embedded Systems"

ETRI System Security Lab Invited Speaker (2022)
"DBI and Offensive Security Technologies"

ETRI System Security Lab Invited Speaker (2021)
"Explaining Address Sanitizer and Fuzzing"

UNIST Software Department Invided Speaker (2019)
"0-day attack explained"

KAIST PLRG Lab Invited Speaker (2019)
"WASM Sandbox Explained"

ETRI System Security Lab Invited Speaker (2019)
"H/W based Fine Grained Memory Access Control"

CODEGATE Conference Invited Speaker (2016)
"Codemap: Visualization tool for software reverse engineering"

Hong Kong Cyber Security Symposium 2015 Speaker
"Android Mobile Malware Threats"

Dankook Univ. Security Lab Invited Speaker (2014)
"Applying Kernel exploit (CVE-2014-3153) to x86 Ubuntu 13.04"

Dankook Univ. Security Lab Invited Speaker (2014)
"OS Kernel Debugging With IDA Pro"