Hyungsub Kim (김형섭) HAAS 274 FRIENDS and PurSec Lab 305 N. University Street West Lafayette, IN 47907 [Curriculum vitae] [Google Scholar Profile] [Robotic Vehicle Software Tutorial] [Papers Related to Robotic Vehicles]

About Me

I will be on the job market in Q1 2024.

Recent News

• [May 2023] I'm a program committee member of ASIACCS 2024. (Please consider submitting your great work)
• [April 20 2023] I have been selected as a CPS (Cyber-Physical Systems) Rising Star, CPS-VO@NSF, 2023.
• [Feb 27 2023] I got Outstanding Reviewer Award from VehicleSec'23.
• [Feb 17 2023] I gave a talk on robotic vehicle security at Ohio State University (link).
• [Feb 2023] I'm a program committee member of ESORICS 2023. (Please consider submitting your great work)
• [Jan 2023] I'm a program committee member of RAID 2023. (Please consider submitting your great work)

Education

• Purdue University, West Lafayette, IN, USA
  • Ph.D. in Computer Science
  • May. 2018 -


• POSTECH, Pohang, Republic of Korea
  • M.S. in Computer Science and Engineering
  • Mar. 2013 - Feb. 2015


• University of Seoul, Seoul, Republic of Korea
  • B.S. in School of Computer Science
  • Mar. 2011 - Feb. 2013


• Chonnam National University, Gwangju, Republic of Korea
  • Department of Mathematics
  • Mar. 2005 - Feb. 2011


• Pyeongchon Information Industry High School, Anyang, Republic of Korea
  • Department of Information Processing
  • Mar. 2002 - Feb. 2005

Full-time Work Experience

• Researcher, 3rd R&D Institute (Intelligence, Surveillance and Reconnaissance), Agency for Defense Development (2015.3 - 2018.3).
• Auxiliary Policeman (as mandatory military service), Gwangju Metropolitan Police Agency (2007.7 - 2009.5).

Publications

Conference

• PatchVerif: Discovering Faulty Patches in Robotic Vehicles [pdf]
  Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu
  32nd USENIX Security Symposium (USENIX 2023), Anaheim, California, USA, August 9-11, 2023.
  (acceptance rate: TBA)


• PGPATCH: Policy-Guided Logic Bug Patching for Robotic Vehicles [pdf] [slide] [teaser video] [video] [github]
  Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu
  43rd IEEE Symposium on Security and Privacy (Oakland) (S&P 2022), San Francisco, California, USA, May 23-26, 2022.
  (acceptance rate: 147/1012=14.5%)


• M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles [pdf] [github]
  Arslan Khan, Hyungsub Kim, Byoungyoung Lee, Dongyan Xu, Antonio Bianchi, Dave (Jing) Tian
  30th USENIX Security Symposium (USENIX 2021), Vancouver, British Columbia, Canada, August 11-13, 2021.
  (acceptance rate: 246/1316=18.7%)


• PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles [pdf] [slide] [video] [github]
  Hyungsub Kim, Muslum Ozgur Ozmen, Antonio Bianchi, Z. Berkay Celik, Dongyan Xu
  28th Network and Distributed System Security Symposium (NDSS 2021), San Diego, California, USA, February 21-24, 2021.
  (acceptance rate: 87/573=15.2%)


• Inferring Browser Activity and Status Through Remote Monitoring of Storage Usage [pdf] [slide] [web page] [passive attack video] [active attack video]
  Hyungsub Kim, Sangho Lee, and Jong Kim
  32nd Annual Computer Security Applications Conference (ACSAC 2016), Los Angeles, California, USA, December 5-9, 2016.
  (acceptance rate: 48/210=22.8%)


• Identifying Cross-origin Resource Status Using Application Cache [pdf] [demo video]
  Sangho Lee, Hyungsub Kim, and Jong Kim
  22nd Network and Distributed System Security Symposium (NDSS 2015), San Diego, California, USA, February 8-11, 2015.
  (acceptance rate: 50/302=16.6%)


• Exploring and Mitigating Privacy Threats of HTML5 Geolocation API [pdf] [slide] [demo video]
  Hyungsub Kim, Sangho Lee, and Jong Kim
  30th Annual Computer Security Applications Conference (ACSAC 2014), New Orleans, Louisiana, USA, December 8-12, 2014.
  (acceptance rate: 47/236=19.9%)

Short Paper

• Short: Rethinking Secure Pairing in Drone Swarms [pdf]
  Muslum Ozgur Ozmen, Habiba Farrukh, Hyungsub Kim, Antonio Bianchi, Z. Berkay Celik
  The Inaugural ISOC Symposium on Vehicle Security and Privacy (VehicleSec 2023), San Diego, California, USA, February 27, 2023.
  

Workshop/Demo Papers

• Demo: Discovering Faulty Patches in Robotic Vehicle Control Software [pdf] [demo video 1] [demo video 2]
  Hyungsub Kim, Muslum Ozgur Ozmen, Z. Berkay Celik, Antonio Bianchi, Dongyan Xu
  The Inaugural ISOC Symposium on Vehicle Security and Privacy (VehicleSec 2023), San Diego, California, USA, February 27, 2023.
  


• Demo: Policy-based Discovery and Patching of Logic Bugs in Robotic Vehicles [pdf] [demo video] [github]
  Hyungsub Kim, Muslum Ozgur Ozmen, Antonio Bianchi, Z. Berkay Celik, Dongyan Xu
  4th International Workshop on Automotive and Autonomous Vehicle Security (AutoSec 2022), San Diego, California, USA, April 24, 2022.
  

Thesis

• Privacy Threats in HTML5 Geolocation API: Case Studies and Countermeasures [pdf]
  Master's Thesis, Department of Computer Science and Engineering, POSTECH, 2015.
  

Interdisciplinary Work

• Community-based death preparation and education: A scoping review [pdf]
  Sungwon Park, Hyungkyung Kim, Min Kyeong Jang, Hyungsub Kim, Rebecca Raszewski & Ardith Z. Doorenbos
  Death Studies, March 11, 2022.
  

Talks

• Defeating Logic Bugs in Robotic Vehicles
  New York University Abu Dhabi, UAE, November 10, 2022.
  Purdue University, Indiana, USA, November 18, 2022 (preliminary examination).
  Ohio State University, Ohio, USA, February 17, 2023 (link).


• Logic Bug-Finding and Patching Tools
  2nd Technology Innovation Institute (TII) Annual SSRC Research Partners Summit, Abu Dhabi, UAE, November 8, 2022.


• PGPATCH: Policy-Guided Logic Bug Patching for Robotic Vehicles
  43rd IEEE Symposium on Security and Privacy (S&P), San Francisco, California, USA, May 25, 2022.


• PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles
  28th Network and Distributed System Security Symposium (NDSS), San Diego, California, USA, Feb 24, 2021.


• Inferring Browser Activity and Status Through Remote Monitoring of Storage Usage
  32nd Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, USA, Dec 8, 2016.


• Exploring and Mitigating Privacy Threats of HTML5 Geolocation API
  30th Annual Computer Security Applications Conference (ACSAC), New Orleans, Louisiana, USA, Dec 11, 2014.


• I Know the Shortened URLs You Clicked on Twitter: Inference Attack using Public Click Analytics and Twitter Metadata
  Workshop among Asian Information Security Labs (WAIS), Shanghai, China, Jan 10, 2014.

Fellowships, Awards, and Honors

Professional Services

University Services

Teaching Experience

Useful Resource

• How to emulate embedded devices? QEMU internals
• How to implement dynamic analysis on top of QEMU? PANDA
• How to control drones? Control theory
• How to convert errors into commands? PID control
• How to do sensor fusion? (1) Kalman Filters
• How to do sensor fusion? (2) Complementary Filter
• How to simulate drones? Intelligent quads tutorials
• How to read sensor datasheets? Read a gyro datasheet

• Introduction to Robotics@Princeton

• Software Defined Radio with HackRF
• RF spectrum with GNU radio
• GPS spoofing
• GPS jamming
• Open-sourced Global Navigation Satellite Systems software-defined receiver

• Advanced Compilers@Cornell (Adrian Sampson)
• Learning and Teaching Software Analysis and Verification via SVF@UTS (Yulei Sui)
• Software Analysis Lectures@UPenn (Mayur Naik)

• Information Security Lab (CTF)@Gatech (Taesoo Kim)

• Experienced people's opinions are always useful!
• Advice for researchers and students (Michael Ernst@UW)
• The academic job search for computer scientists in 10 questions (Nicolas Papernot and Elissa M. Redmiles)
• Computer science graduate job and interview guide (Wes Weimer@UM, Claire Le Goues@CMU, Zak Fry@GrammaTech, Kevin Leach@VU, Yu Huang@VU, and Kevin Angstadt@St. Lawrence U)
• Feibelman, Peter J, "A PhD Is Not Enough!: A Guide to Survival in Science"
• Build an open source tool/library as a grad student (Devin Petersohn)

• Security and Privacy Conference Deadlines
• Software Engineering Conference Deadlines
• Systematization of Knowledge (SoK)

• Writing A Research Statement (CMU)
• The Purpose of a Research Statement (UPenn)

• Hints for PhD Defenses (Columbia)
• Outline for presentations at final exams (NPS)
• An example slide deck (Yale)
• PhD Dissertation Defense Slides Design: Example slides (CMU)

Personal