Kyungchan Lim

Degree: PhD

Advisor: Doowon Kim

Address: Min H. Kao Building, Room 339
1520 Middle Drive
Knoxville, TN 37996-2250

I’m interested in computer security, especially the areas of data-driven security and web security measurements. I’m currently working in the area of web security, analyzing websites in order to measure security from technical and human-centered perspectives.


Abstract:  Server-side malware is one of the prevalent threats that can affect a large number of clients who visit the compromised server. In this paper, we propose Dazzle-attack, a new advanced server-side attack that is resilient to forensic analysis such as reverse-engineering. Dazzleattack retrieves typical (and non-suspicious) contents from benign and uncompromised websites to avoid detection and mislead the investigation to erroneously associate the attacks with benign websites. Dazzleattack leverages a specialized state-machine that accepts any inputs and produces outputs with respect to the inputs, which substantially enlarges the input-output space and makes reverse-engineering effort significantly difficult. We develop a prototype of Dazzle-attack and conduct empirical evaluation of Dazzle-attack to show that it imposes significant challenges to forensic analysis.