Sang Kil Cha's Homepage

About Me

I am an experimental computer scientist whose research is at the intersection of computer security and software engineering. My research is mainly about building and evaluating systems that can analyze programs. I received ACM distinguished paper awards in 2014, 2020, and 2022, and I am currently leading CSRC and SoftSec Lab at KAIST.

Teaching

(IS-561) Binary Code Analysis and Secure Software Systems: 2016S 2017F 2018F 2019F 2021F 2023F 2024F
(IS-893) Advanced Software Security: 2016F
(IS-511) Introduction to Information Security: 2017S 2018S
(IS-521) Information Security Laboratory: 2017S 2018S 2019S 2020S 2020F
(CS-220) Programming Principles: 2019S 2020S 2021S 2024S
(CS-492E) Introduction to Software Security: 2022S

Selected Publications

BibTex: [bibtex], Google Scholar: [link].

[32]	AsFuzzer: Differential Testing of Assemblers with Error-Driven Grammar Inference Hyungseok Kim, Soomin Kim, Jungwoo Lee, and Sang Kil Cha. In Proceedings of the International Symposium on Software Testing and Analysis , 2024 ( ACM Distinguished Paper Award), [pdf]

[31]	Evaluating Directed Fuzzers: Are We Heading in the Right Direction? Tae Eun Kim, Jaeseung Choi, Seongjae Im, Kihong Heo, and Sang Kil Cha. In Proceedings of the International Symposium on Foundations of Software Engineering , 2024, [pdf]

[30]	FunProbe: Probing Functions from Binary Code through Probabilistic Analysis Soomin Kim, Hyungseok Kim, and Sang Kil Cha. In Proceedings of the International Symposium on Foundations of Software Engineering , 2023, [pdf]

[29]	DAFL: Directed Grey-box Fuzzing Guided by Data Dependency Tae Eun Kim, Jaeseung Choi, Kihong Heo, and Sang Kil Cha. In Proceedings of the USENIX Security Symposium, 2023, [pdf]

[28]	BotScreen: Trust Everybody, but Cut the Aimbots Yourself Minyeop Choi, Gihyuk Ko, and Sang Kil Cha. In Proceedings of the USENIX Security Symposium, 2023 ( USENIX Distinguished Paper Award), [pdf]

[27]	Reassembly is Hard: A Reflection on Challenges and Strategies Hyungseok Kim, Soomin Kim, Junoh Lee, Kangkook Jee, and Sang Kil Cha. In Proceedings of the USENIX Security Symposium, 2023, [pdf]

[26]	Revisiting Binary Code Similarity Analysis using Interpretable Feature Engineering and Lessons Learned Dongkwan Kim, Eunsoo Kim, Sang Kil Cha, Sooel Son, and Yongdae Kim. IEEE Transactions on Software Engineering, vol. 49, no. 4, 2023 [pdf]

[25]	Fuzzle: Making a Puzzle for Fuzzers Haeun Lee, Soomin Kim, and Sang Kil Cha. In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, 2022 ( ACM Distinguished Paper Award), [pdf]

[24]	How'd Security Benefit Reverse Engineers? — The Implication of Intel CET on Function Identification Hyungseok Kim, Junoh Lee, Soomin Kim, Seungil Jung, and Sang Kil Cha. In Proceedings of the International Conference on Dependable Systems Networks, 2022, [pdf]

[23]	Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses Jaeseung Choi, Doyeon Kim, Soomin Kim, Gustavo Grieco, Alex Groce, and Sang Kil Cha. In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, 2021, [pdf]

[22]	NTFuzz: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis Jaeseung Choi, Kangsu Kim, Daejin Lee, and Sang Kil Cha. In Proceedings of the IEEE Symposium on Security and Privacy, 2021, [pdf]

[21]	The Art, Science, and Engineering of Fuzzing: A Survey Valentin Jean Marie Manès, HyungSeok Han, Choongwoo Han, Sang Kil Cha, Manuel Egele, Edward J. Schwartz, and Maverick Woo. IEEE Transactions on Software Engineering, vol. 47, no. 11, 2021 ( Best Paper Award), [pdf]

[20]	Boosting Fuzzer Efficiency: An Information Theoretic Perspective Marcel Böhme, Valentin Jean Marie Manès, and Sang Kil Cha. In Proceedings of the International Symposium on Foundations of Software Engineering , 2020 ( ACM Distinguished Paper Award), [pdf]

[19]	Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference Valentin Jean Marie Manès, Soomin Kim, and Sang Kil Cha. In Proceedings of the International Conference on Software Engineering , 2020, [pdf]

[18]	Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer Suyoung Lee, HyungSeok Han, Sang Kil Cha, and Sooel Son. In Proceedings of the USENIX Security Symposium, 2020, [pdf]

[17]	Grey-box Concolic Testing on Binary Code Jaeseung Choi, Joonun Jang, Choongwoo Han, and Sang Kil Cha. In Proceedings of the International Conference on Software Engineering , 2019, [pdf]

[16]	CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines HyungSeok Han, DongHyeon Oh, and Sang Kil Cha. In Proceedings of the Network and Distributed System Security Symposium, 2019, [pdf]

[15]	B2R2: Building an Efficient Front-End for Binary Analysis Minkyu Jung, Soomin Kim, HyungSeok Han, Jaeseung Choi, and Sang Kil Cha. In Proceedings of the NDSS Workshop on Binary Analysis Research, 2019 ( Best Paper Award), [pdf]

[14]	Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition SeongIl Wi, Jaeseung Choi, and Sang Kil Cha. In Proceedings of the USENIX Workshop on Advances in Security Education, 2018, [pdf]

[13]	IMF: Inferred Model-based Fuzzer HyungSeok Han and Sang Kil Cha. In Proceedings of the ACM Conference on Computer and Communications Security, 2017, [pdf]

[12]	Testing Intermediate Representations for Binary Analysis Soomin Kim, Markus Faerevaag, Minkyu Jung, Seungil Jung, DongYeop Oh, JongHyup Lee, and Sang Kil Cha. In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, 2017, [pdf]

[11]	RETracer: Triaging Crashes by Reverse Execution from Partial Memory Dumps Weidong Cui, Marcus Peinado, Sang Kil Cha, Yanick Fratantonio, and Vasileios P. Kemerlis. In Proceedings of the International Conference on Software Engineering, 2016, [pdf]

[10]	Towards Resource-Aware Security Testing of Software Sang Kil Cha. Ph.D. Thesis, Carnegie Mellon University, 2015

[9]	Program-Adaptive Mutational Fuzzing Sang Kil Cha, Maverick Woo, and David Brumley. In Proceedings of the IEEE Symposium on Security and Privacy, 2015, [pdf]

[8]	Optimizing Seed Selection for Fuzzing Alexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan Foote, David Warren, Gustavo Grieco, and David Brumley. In Proceedings of the USENIX Security Symposium, 2014, [pdf]

[7]	Enhancing Symbolic Execution with Veritesting Thanassis Avgerinos, Alexandre Rebert, Sang Kil Cha, and David Brumley. In Proceedings of the International Conference on Software Engineering, 2014 ( ACM Distinguished Paper Award), [pdf]

[6]	Automatic Exploit Generation Thanassis Avgerinos, Sang Kil Cha, Alexandre Rebert, Edward J. Schwartz, Maverick Woo, and David Brumley. Communications of the ACM, 2014

[5]	Scheduling Black-box Mutational Fuzzing Maverick Woo, Sang Kil Cha, Samantha Gottlieb, and David Brumley. In Proceedings of the ACM Conference on Computer and Communications Security, 2013, [pdf]

[4]	Unleashing Mayhem on Binary Code Sang Kil Cha, Thanassis Avgerinos, Alexandre Rebert, and David Brumley. In Proceedings of the IEEE Symposium on Security and Privacy, 2012, [pdf]

[3]	AEG: Automatic Exploit Generation Thanassis Avgerinos, Sang Kil Cha, Brent Lim Tze Hao, and David Brumley. In Proceedings of the Network and Distributed System Security Symposium, 2011, [pdf]

[2]	Platform-Independent Programs Sang Kil Cha, Brian Pak, David Brumley, and Richard J. Lipton. In Proceedings of the ACM Conference on Computer and Communications Security, 2010, [pdf]

[1]	SplitScreen: Enabling Efficient, Distributed Malware Detection Sang Kil Cha, Iulian Moraru, Jiyong Jang, John Truelove, David Brumley, and David G. Andersen. In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation, 2010, [pdf]

Office:	#2319, N5
Phone:	+82-42-350-3569
Email:

Sang Kil Cha / 차상길

About Me

Teaching

Selected Publications

[32]

AsFuzzer: Differential Testing of Assemblers with Error-Driven Grammar Inference

[31]

Evaluating Directed Fuzzers: Are We Heading in the Right Direction?

[30]

FunProbe: Probing Functions from Binary Code through Probabilistic Analysis

[29]

DAFL: Directed Grey-box Fuzzing Guided by Data Dependency

[28]

BotScreen: Trust Everybody, but Cut the Aimbots Yourself

[27]

Reassembly is Hard: A Reflection on Challenges and Strategies

[26]

Revisiting Binary Code Similarity Analysis using Interpretable Feature Engineering and Lessons Learned

[25]

Fuzzle: Making a Puzzle for Fuzzers

[24]

How'd Security Benefit Reverse Engineers? — The Implication of Intel CET on Function Identification

[23]

Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses

[22]

NTFuzz: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis

[21]

The Art, Science, and Engineering of Fuzzing: A Survey

[20]

Boosting Fuzzer Efficiency: An Information Theoretic Perspective

[19]

Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference

[18]

Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer

[17]

Grey-box Concolic Testing on Binary Code

[16]

CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines

[15]

B2R2: Building an Efficient Front-End for Binary Analysis

[14]

Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition

[13]

IMF: Inferred Model-based Fuzzer

[12]

Testing Intermediate Representations for Binary Analysis

[11]

RETracer: Triaging Crashes by Reverse Execution from Partial Memory Dumps

[10]

Towards Resource-Aware Security Testing of Software

[9]

Program-Adaptive Mutational Fuzzing

[8]

Optimizing Seed Selection for Fuzzing

[7]

Enhancing Symbolic Execution with Veritesting

[6]

Automatic Exploit Generation

[5]

Scheduling Black-box Mutational Fuzzing

[4]

Unleashing Mayhem on Binary Code

[3]

AEG: Automatic Exploit Generation

[2]

Platform-Independent Programs

[1]

SplitScreen: Enabling Efficient, Distributed Malware Detection