Suyoung Lee Security Researcher

About Me

I am a Ph.D. student @KAIST WSP Lab. My primary research interests lie in the area of finding, analyzing, and patching software vulnerabilities. In particular, I am interested in automating these steps by leveraging recent advances in machine learning. Thus, the intersection of various fields including but not limited to computer security, software engineering, and machine learning is of my particular interest.

Education

Sept. 2019 - Ph.D. Student, Graduate School of Information Security, KAIST (Advisor: Sooel Son)
Sept. 2017 - Aug. 2019 M.S., Graduate School of Information Security, KAIST (Advisor: Sooel Son)
Mar. 2013 - Aug. 2017 B.S., Computer Engineering, Sungkyunkwan University

Publications

  1. Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer
    Suyoung Lee, HyungSeok Han, Sang Kil Cha, and Sooel Son.
    In proceedings of the USENIX Security Symposium, 2020
    [paper] [bib] [code] [data]

  2. FUSE: Finding File Upload Bugs via Penetration Testing
    Taekjin Lee, Seongil Wi, Suyoung Lee, and Sooel Son.
    In proceedings of the Network and Distributed System Security Symposium, 2020
    [paper] [bib] [code]

Reported Bugs

CVE-2019-8594 Arbitrary code execution in JavaSriptCore of Safari
CVE-2019-0923 Memory corruption in ChakraCore of Edge
CVE-2019-0860 Arbitrary code execution in ChakraCore of Edge (reward $5,000)

Honors and Awards

2019 MSRC’s 2018-2019 Most Valuable Security Researchers
2015 - 2016 Kwanjeong Educational Foundation Scholarship
2014 Distinguished Freshman Award