I’m interested in computer security, especially the areas of data-driven security and web security measurements. I’m currently working in the area of web security, analyzing websites in order to measure security from technical and human-centered perspectives.
Advisor: Doowon Kim
|Address:||Min H. Kao Building, Room 339
1520 Middle Drive
Knoxville, TN 37996-2250
Dazzle-Attack: Anti-Forensic Server-Side Attack Via Fail-Free Dynamic State Machine. Bora Lee, Kyungchan Lim, JiHo Lee, Chijung Jung, Doowon Kim, Kyu Hyung Lee, Haehyun Cho, and and Yonghwi Kwon. In Proceedings of the 2022 The 23rd World Conference on Information Security Applications. WISA, 2022. (WISA’22)
Abstract: Server-side malware is one of the prevalent threats that can affect a large number of clients who visit the compromised server. In this paper, we propose Dazzle-attack, a new advanced server-side attack that is resilient to forensic analysis such as reverse-engineering. Dazzleattack retrieves typical (and non-suspicious) contents from benign and uncompromised websites to avoid detection and mislead the investigation to erroneously associate the attacks with benign websites. Dazzleattack leverages a specialized state-machine that accepts any inputs and produces outputs with respect to the inputs, which substantially enlarges the input-output space and makes reverse-engineering effort significantly difficult. We develop a prototype of Dazzle-attack and conduct empirical evaluation of Dazzle-attack to show that it imposes significant challenges to forensic analysis.