Sang Kil Cha / 차상길

KAIST 사이버보안연구센터 센터장
KAIST 정보보호대학원, 전산학부 부교수

Office: N5동 2319호
Phone: +82-42-350-3569
Email:

 

Misc: CVPGP KeyGitHubDBLP

 

 

소개

차상길 교수는 컴퓨터 기반의 실험과학자이며, 현재 주 연구분야는 소프트웨어 보안 및 프로그램 분석이다. 그의 연구는 컴퓨터 보안과 소프트웨어 공학의 교차점에 있다고 할 수 있으며, 대개 프로그램을 자동 분석하는 시스템을 설계, 구현하고 평가하는 것을 포함한다. 차상길 교수는 2014년과 2020년에는 취약점 자동 탐지에 관한 논문으로 ACM distinguished paper award를 수상한 바 있다. 현재는 카이스트 사이버보안연구센터의 센터장을 역임중이며, 또한 카이스트 소프트웨어 보안 연구실을 운영하고 있다.

 

수업

 

주요 논문 목록

BibTex: [bibtex], Google Scholar: [link].

 

[26]

Fuzzle: Making a Puzzle for Fuzzers

Haeun Lee, Soomin Kim, and Sang Kil Cha.
In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, 2022, (to appear) [pdf]
 
[25]

Revisiting Binary Code Similarity Analysis using Interpretable Feature Engineering and Lessons Learned

Dongkwan Kim, Eunsoo Kim, Sang Kil Cha, Sooel Son, and Yongdae Kim.
IEEE Transactions on Software Engineering, 2022, (to appear) [pdf]
 
[24]

How'd Security Benefit Reverse Engineers? — The Implication of Intel CET on Function Identification

Hyungseok Kim, Junoh Lee, Soomin Kim, Seungil Jung, and Sang Kil Cha.
In Proceedings of the International Conference on Dependable Systems Networks, 2022, [pdf]
 
[23]

Smartian: Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses

Jaeseung Choi, Doyeon Kim, Soomin Kim, Gustavo Grieco, Alex Groce, and Sang Kil Cha.
In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, 2021, [pdf]
 
[22]

NTFuzz: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis

Jaeseung Choi, Kangsu Kim, Daejin Lee, and Sang Kil Cha.
In Proceedings of the IEEE Symposium on Security and Privacy, 2021, [pdf]
 
[21]

Boosting Fuzzer Efficiency: An Information Theoretic Perspective

Marcel Böhme, Valentin Jean Marie Manès, and Sang Kil Cha.
In Proceedings of the International Symposium on Foundations of Software Engineering , 2020 (ACM Distinguished Paper Award), [pdf]
 
[20]

Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference

Valentin Jean Marie Manès, Soomin Kim, and Sang Kil Cha.
In Proceedings of the International Conference on Software Engineering , 2020, [pdf]
 
[19]

Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer

Suyoung Lee, HyungSeok Han, Sang Kil Cha, and Sooel Son.
In Proceedings of the USENIX Security Symposium, 2020, [pdf]
 
[18]

The Art, Science, and Engineering of Fuzzing: A Survey

Valentin Jean Marie Manès, HyungSeok Han, Choongwoo Han, Sang Kil Cha, Manuel Egele, Edward J. Schwartz, and Maverick Woo.
IEEE Transactions on Software Engineering, 2019, [pdf]
 
[17]

Grey-box Concolic Testing on Binary Code

Jaeseung Choi, Joonun Jang, Choongwoo Han, and Sang Kil Cha.
In Proceedings of the International Conference on Software Engineering , 2019, [pdf]
 
[16]

CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines

HyungSeok Han, DongHyeon Oh, and Sang Kil Cha.
In Proceedings of the Network and Distributed System Security Symposium, 2019, [pdf]
 
[15]

B2R2: Building an Efficient Front-End for Binary Analysis

Minkyu Jung, Soomin Kim, HyungSeok Han, Jaeseung Choi, and Sang Kil Cha.
In Proceedings of the NDSS Workshop on Binary Analysis Research, 2019 (Best Paper Award), [pdf]
 
[14]

Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition

SeongIl Wi, Jaeseung Choi, and Sang Kil Cha.
In Proceedings of the USENIX Workshop on Advances in Security Education, 2018, [pdf]
 
[13]

IMF: Inferred Model-based Fuzzer

HyungSeok Han and Sang Kil Cha.
In Proceedings of the ACM Conference on Computer and Communications Security, 2017, [pdf]
 
[12]

Testing Intermediate Representations for Binary Analysis

Soomin Kim, Markus Faerevaag, Minkyu Jung, Seungil Jung, DongYeop Oh, JongHyup Lee, and Sang Kil Cha.
In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering, 2017, [pdf]
 
[11]

RETracer: Triaging Crashes by Reverse Execution from Partial Memory Dumps

Weidong Cui, Marcus Peinado, Sang Kil Cha, Yanick Fratantonio, and Vasileios P. Kemerlis.
In Proceedings of the International Conference on Software Engineering, 2016, [pdf]
 
[10]

Towards Resource-Aware Security Testing of Software

Sang Kil Cha.
Ph.D. Thesis, Carnegie Mellon University, 2015
 
[9]

Program-Adaptive Mutational Fuzzing

Sang Kil Cha, Maverick Woo, and David Brumley.
In Proceedings of the IEEE Symposium on Security and Privacy, 2015, [pdf]
 
[8]

Optimizing Seed Selection for Fuzzing

Alexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan Foote, David Warren, Gustavo Grieco, and David Brumley.
In Proceedings of the USENIX Security Symposium, 2014, [pdf]
 
[7]

Enhancing Symbolic Execution with Veritesting

Thanassis Avgerinos, Alexandre Rebert, Sang Kil Cha, and David Brumley.
In Proceedings of the International Conference on Software Engineering, 2014 (ACM Distinguished Paper Award), [pdf]
 
[6]

Automatic Exploit Generation

Thanassis Avgerinos, Sang Kil Cha, Alexandre Rebert, Edward J. Schwartz, Maverick Woo, and David Brumley.
Communications of the ACM, 2014
 
[5]

Scheduling Black-box Mutational Fuzzing

Maverick Woo, Sang Kil Cha, Samantha Gottlieb, and David Brumley.
In Proceedings of the ACM Conference on Computer and Communications Security, 2013, [pdf]
 
[4]

Unleashing Mayhem on Binary Code

Sang Kil Cha, Thanassis Avgerinos, Alexandre Rebert, and David Brumley.
In Proceedings of the IEEE Symposium on Security and Privacy, 2012, [pdf]
 
[3]

AEG: Automatic Exploit Generation

Thanassis Avgerinos, Sang Kil Cha, Brent Lim Tze Hao, and David Brumley.
In Proceedings of the Network and Distributed System Security Symposium, 2011, [pdf]
 
[2]

Platform-Independent Programs

Sang Kil Cha, Brian Pak, David Brumley, and Richard J. Lipton.
In Proceedings of the ACM Conference on Computer and Communications Security, 2010, [pdf]
 
[1]

SplitScreen: Enabling Efficient, Distributed Malware Detection

Sang Kil Cha, Iulian Moraru, Jiyong Jang, John Truelove, David Brumley, and David G. Andersen.
In Proceedings of the USENIX Symposium on Networked Systems Design and Implementation, 2010, [pdf]