-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.html
More file actions
367 lines (276 loc) · 18.5 KB
/
Copy pathindex.html
File metadata and controls
367 lines (276 loc) · 18.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta content="width=device-width, initial-scale=1" name="viewport" />
<meta content="#ffffff" name="theme-color" />
<meta content="#da532c" name="msapplication-TileColor" />
<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/jpswalsh/[email protected]/css/academicons.min.css" integrity="sha384-FIue+PI4SsI9XfHCz8dBLg33b0c1fMJgNU3X//L26FYbGnlSEfWmNT7zgWc2N9b6" crossorigin="anonymous">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@fortawesome/[email protected]/css/all.min.css" integrity="sha384-DyZ88mC6Up2uqS4h/KRgHuoeGwBcD4Ng9SiP4dIRy0EXTlnuz47vAwmeGwVChigm" crossorigin="anonymous">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/css/bulma.min.css" integrity="sha384-IJLmUY0f1ePPX6uSCJ9Bxik64/meJmjSYD7dHaJqTXXEBE4y+Oe9P2KBZa/z7p0Q" crossorigin="anonymous">
<link href="https://sangho2.github.io/deep-thought.css" rel="stylesheet" />
<link href="https://sangho2.github.io/custom.css" rel="stylesheet" />
<title>
Sangho Lee
</title>
<!--<script async src="//static.getclicky.com/100925728.js"></script>-->
<!--<noscript><p><img alt="Clicky" width="1" height="1" src="//in.getclicky.com/100925728ns.gif" /></p></noscript>-->
</head>
<body class="has-background-white">
<nav aria-label="section navigation" class="navbar is-light" role="navigation">
<div class="container">
<div class="navbar-brand">
<a class="navbar-item is-size-5 has-text-weight-bold" href="https://sangho2.github.io">Sangho Lee</a>
<a aria-expanded="false" aria-label="menu" class="navbar-burger burger" data-target="navMenu" role="button">
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
<span aria-hidden="true"></span>
</a>
</div>
<div class="navbar-menu" id="navMenu">
<div class="navbar-end has-text-centered">
<a class="navbar-item" id="nav-search" title="Search" data-target="#search-modal">
<span class="icon">
<i class="fas fa-search"></i>
</span>
</a>
<a class="navbar-item" id="dark-mode" title="Switch to dark theme">
<span class="icon">
<i class="fas fa-adjust"></i>
</span>
</a>
</div>
</div>
</div>
</nav>
<section class="section">
<div class="container">
<div class="has-text-centered">
<h1 class="title is-2"></h1>
<p class="subtitle is-4"></p>
<p>
</p>
</div>
<div class="content">
<h1 id="sangho-lee">Sangho Lee</h1>
<ul>
<li>Principal Researcher</li>
<li><a rel="external" href="https://www.microsoft.com/en-us/research/people/sanghle/">Microsoft Research Redmond</a></li>
<li>99/3727, 14820 NE 36th St, Redmond, WA 98052</li>
<li><a href="mailto:[email protected]">[email protected]</a> | <a href="mailto:[email protected]">[email protected]</a></li>
</ul>
<p> <a class="link" href="cv.pdf" target="_blank">
<i class="ai ai-cv ai-2x"></i>
</a>
<a class="link" href="http://scholar.google.com/citations?user=kjPZ8VcAAAAJ&hl=en" target="_blank">
<i class="ai ai-google-scholar ai-2x"></i>
</a>
<a class="link" href="https://dblp.org/pid/17/5702-1" target="_blank">
<i class="ai ai-dblp ai-2x"></i>
</a></p>
<h2 id="selected-publications">Selected Publications</h2>
<ul>
<li><strong>IOValve: Leakage-Free I/O Sandbox for Large-Scale Untrusted Data Processing</strong> [<a href="https://sangho2.github.io/papers/lee:iovalve.pdf">paper</a> | <a href="https://sangho2.github.io/papers/lee:iovalve-slides.pdf">slides</a>]
<ul>
<li><strong>Sangho Lee</strong>, Jules Drean, Yue Tan, and Marcus Peinado</li>
<li><em>32nd ACM Conference on Computer and Communications Security (<strong>CCS 2025</strong>)</em>, Taipei, Taiwan, October 13-17, 2025</li>
</ul>
</li>
<li><strong>Hacksaw: Hardware-Centric Kernel Debloating via Device Inventory and Dependency Analysis</strong> [<a href="https://sangho2.github.io/papers/hu:hacksaw.pdf">paper</a> | <a rel="external" href="https://github.com/microsoft/Hacksaw">code</a>]
<ul>
<li>Zhenghao Hu, <strong>Sangho Lee</strong>, and Marcus Peinado</li>
<li><em>30th ACM Conference on Computer and Communications Security (<strong>CCS 2023</strong>)</em>, Copenhagen, Denmark, November 26-30, 2023</li>
</ul>
</li>
<li><strong>Rethinking System Audit Architectures for High Event Coverage and Synchronous Log Availability</strong> [<a href="https://sangho2.github.io/papers/gandhi:omnilog.pdf">paper</a> | <a rel="external" href="https://github.com/microsoft/OmniLog">code</a>]
<ul>
<li>Varun Gandhi#, Sarbartha Banerjee#, Aniket Agrawal, Adil Ahmad, <strong>Sangho Lee</strong>, and Marcus Peinado</li>
<li><em>32nd USENIX Security Symposium (<strong>Security 2023</strong>)</em>, Anaheim, California, USA, August 9-11, 2023</li>
<li>[# co-first authors]</li>
</ul>
</li>
<li><strong>APRON: Authenticated and Progressive System Image Renovation</strong> [<a href="https://sangho2.github.io/papers/lee:apron.pdf">paper</a> | <a href="https://sangho2.github.io/papers/lee:apron-slides.pdf">slides</a> | <a rel="external" href="https://github.com/microsoft/APRON">code</a>]
<ul>
<li><strong>Sangho Lee</strong></li>
<li><em>2023 USENIX Annual Technical Conference (<strong>ATC 2023</strong>)</em>, Boston, Massachusetts, USA, July 10-12, 2023</li>
</ul>
</li>
<li><strong>Spacelord: Private and Secure Smart Space Sharing</strong> [<a href="https://sangho2.github.io/papers/bae:spacelord.pdf">paper</a>]
<ul>
<li>Yechan Bae, Sarbartha Banerjee, <strong>Sangho Lee</strong>, and Marcus Peinado#</li>
<li><em>38th Annual Computer Security Applications Conference (<strong>ACSAC 2022</strong>)</em>, Austin, Texas, USA, December 5-9, 2022</li>
<li>[# alphabetically ordered]</li>
</ul>
</li>
<li><strong>DeView: Confining Progressive Web Applications by Debloating Web APIs</strong> [<a href="https://sangho2.github.io/papers/oh:deview.pdf">paper</a> | <a rel="external" href="https://github.com/shivamidow/deview">code</a>]
<ul>
<li>ChangSeok Oh, <strong>Sangho Lee</strong>, Chenxiong Qian, Hyungjoon Koo, and Wenke Lee</li>
<li><em>38th Annual Computer Security Applications Conference (<strong>ACSAC 2022</strong>)</em>, Austin, Texas, USA, December 5-9, 2022</li>
</ul>
</li>
<li><strong>Pridwen: Universally Hardening SGX Programs via Load-Time Synthesis</strong> [<a href="https://sangho2.github.io/papers/sang:pridwen.pdf">paper</a> | <a rel="external" href="https://github.com/sslab-gatech/Pridwen">code</a>]
<ul>
<li>Fan Sang#, Ming-Wei Shih#, <strong>Sangho Lee</strong>, Xiaokuan Zhang, Michael Steiner, Mona Vij, and Taesoo Kim</li>
<li><em>2022 USENIX Annual Technical Conference (<strong>ATC 2022</strong>)</em>, Carlsbad, California, USA, July 11-13, 2022</li>
<li>[# co-first authors]</li>
</ul>
</li>
<li><strong>HardLog: Practical Tamper-Proof System Auditing Using a Novel Audit Device</strong> [<a href="https://sangho2.github.io/papers/ahmad:hardlog.pdf">paper</a> | <a rel="external" href="https://github.com/microsoft/HardLog">code</a>]
<ul>
<li>Adil Ahmad, <strong>Sangho Lee</strong>, and Marcus Peinado</li>
<li><em>43rd IEEE Symposium on Security and Privacy (<strong>Oakland 2022</strong>)</em>, San Francisco, California, USA, May 22-26, 2022</li>
</ul>
</li>
<li><strong>KARD: Lightweight Data Race Detection with Per-Thread Memory Protection</strong> [<a href="https://sangho2.github.io/papers/ahmad:kard.pdf">paper</a>]
<ul>
<li>Adil Ahmad, <strong>Sangho Lee</strong>, Pedro Fonseca, and Byoungyoung Lee</li>
<li><em>26th International Conference on Architectural Support for Programming Languages and Operating Systems (<strong>ASPLOS 2021</strong>)</em>, Virtual, April 19-23, 2021</li>
</ul>
</li>
<li><strong>All Your Clicks Belong to Me: Investigating Click Interception on the Web</strong> [<a href="https://sangho2.github.io/papers/zhang:observer.pdf">paper</a> | <a rel="external" href="https://github.com/cuhk-seclab/observer">code</a>]
<ul>
<li>Mingxue Zhang, Wei Meng, <strong>Sangho Lee</strong>, Byoungyoung Lee, and Xinyu Xing</li>
<li><em>28th USENIX Security Symposium (<strong>Security 2019</strong>)</em>, Santa Clara, California, USA, August 14-16, 2019</li>
</ul>
</li>
<li><strong>libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK)</strong> [<a href="https://sangho2.github.io/papers/park:libmpk.pdf">paper</a> | <a rel="external" href="https://github.com/sslab-gatech/libmpk">code</a>]
<ul>
<li>Soyeon Park, <strong>Sangho Lee</strong>, Wen Xu, Hyungon Moon, and Taesoo Kim</li>
<li><em>2019 USENIX Annual Technical Conference (<strong>ATC 2019</strong>)</em>, Renton, Washington, USA, July 10-12, 2019</li>
</ul>
</li>
<li><strong>Dominance as a New Trusted Computing Primitive for the Internet of Things</strong> [<a href="https://sangho2.github.io/papers/xu:cider.pdf">paper</a>]
<ul>
<li>Meng Xu, Manuel Huber, Zhichuang Sun, Paul England, Marcus Peinado, <strong>Sangho Lee</strong>, Andrey Marochko, Dennis Matoon, Rob Spiger, and Stefan Thom</li>
<li><em>40th IEEE Symposium on Security and Privacy (<strong>Oakland 2019</strong>)</em>, San Francisco, California, USA, May 20-22, 2019</li>
</ul>
</li>
<li><strong>QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing</strong> [<a href="https://sangho2.github.io/papers/yun:qsym.pdf">paper</a> | <a rel="external" href="https://github.com/sslab-gatech/qsym">code</a>]
<ul>
<li>Insu Yun, <strong>Sangho Lee</strong>, Meng Xu, Yeongjin Jang, and Taesoo Kim</li>
<li><em>27th USENIX Security Symposium (<strong>Security 2018</strong>)</em>, Baltimore, Maryland, USA, August 15-17, 2018</li>
<li><i class="fas fa-award"></i> <a rel="external" href="https://www.usenix.org/conferences/best-papers?taxonomy_vocabulary_1_tid=2018&title_1=security">Distinguished Paper Award</a>, <a rel="external" href="https://www.icbs.cn/en/web/index/18009_1581229__">Frontiers of Science Award</a></li>
</ul>
</li>
<li><strong>Efficient Data Flow Tagging and Tracking for Refinable Cross-host Attack Investigation</strong> [<a href="https://sangho2.github.io/papers/ji:rtag.pdf">paper</a>]
<ul>
<li>Yang Ji, <strong>Sangho Lee</strong>, Mattia Fazzini, Joey Allen, Evan Downing, Taesoo Kim, Alessandro Orso, and Wenke Lee</li>
<li><em>27th USENIX Security Symposium (<strong>Security 2018</strong>)</em>, Baltimore, Maryland, USA, August 15-17, 2018</li>
</ul>
</li>
<li><strong>RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking</strong> [<a href="https://sangho2.github.io/papers/ji:rain.pdf">paper</a>]
<ul>
<li>Yang Ji, <strong>Sangho Lee</strong>, Evan Downing, Weiren Wang, Mattia Fazzini, Taesoo Kim, Alessandro Orso, and Wenke Lee</li>
<li><em>24th ACM Conference on Computer and Communications Security (<strong>CCS 2017</strong>)</em>, Dallas, Texas, USA, October 30-November 3, 2017</li>
</ul>
</li>
<li><strong>Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing</strong> [<a href="https://sangho2.github.io/papers/lee:sgx-branch-shadow.pdf">paper</a> | <a href="https://sangho2.github.io/papers/lee:sgx-branch-shadow-slides.pdf">slides</a> | <a rel="external" href="https://www.youtube.com/watch?v=jf9PanlF374">demo</a> | <a rel="external" href="https://github.com/sslab-gatech/branch-shadowing">code</a>]
<ul>
<li><strong>Sangho Lee</strong>, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado</li>
<li><em>26th USENIX Security Symposium (<strong>Security 2017</strong>)</em>, Vancouver, Canada, August 16-18, 2017</li>
</ul>
</li>
<li><strong>CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems</strong> [<a href="https://sangho2.github.io/papers/kim:cab-fuzz.pdf">paper</a> | <a href="https://sangho2.github.io/papers/kim:cab-fuzz-slides.pdf">slides</a>]
<ul>
<li>Su Yong Kim, <strong>Sangho Lee</strong>, Insu Yun, Wen Xu, Byoungyoung Lee, Youngtae Yun, and Taesoo Kim</li>
<li><em>2017 USENIX Annual Technical Conference (<strong>ATC 2017</strong>)</em>, Santa Clara, California, USA, July 12-14, 2017</li>
</ul>
</li>
<li><strong>T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs</strong> [<a href="https://sangho2.github.io/papers/shih:tsgx.pdf">paper</a> | <a rel="external" href="https://github.com/sslab-gatech/t-sgx">code</a>]
<ul>
<li>Ming-Wei Shih#, <strong>Sangho Lee</strong>#, Taesoo Kim, and Marcus Peinado</li>
<li><em>24th Network and Distributed System Security Symposium (<strong>NDSS 2017</strong>)</em>, San Diego, California, USA, February 26-March 1, 2017</li>
<li>[# co-first authors]</li>
</ul>
</li>
<li><strong>Breaking Kernel Address Space Layout Randomization with Intel TSX</strong> [<a href="https://sangho2.github.io/papers/jang:drk.pdf">paper</a> | <a rel="external" href="https://github.com/sslab-gatech/DrK">code</a>]
<ul>
<li>Yeongjin Jang, <strong>Sangho Lee</strong>, and Taesoo Kim</li>
<li><em>23rd ACM Conference on Computer and Communications Security (<strong>CCS 2016</strong>)</em>, Vienna, Austria, October 24-28, 2016</li>
</ul>
</li>
<li><strong>CrowdTarget: Target-based Detection of Crowdturfing in Online Social Networks</strong> [<a href="https://sangho2.github.io/papers/song:crowdtarget.pdf">paper</a>]
<ul>
<li>Jonghyuk Song, <strong>Sangho Lee</strong>, and Jong Kim</li>
<li><em>22nd ACM Conference on Computer and Communications Security (<strong>CCS 2015</strong>)</em>, Denver, Colorado, USA, October 12-16, 2015</li>
</ul>
</li>
<li><strong>Identifying Cross-origin Resource Status Using Application Cache</strong> [<a href="https://sangho2.github.io/papers/lee:appcache.pdf">paper</a> | <a href="https://sangho2.github.io/papers/lee:appcache-slides.pdf">slides</a> | <a rel="external" href="https://www.youtube.com/watch?v=hgYwRsWq2y0">demo</a>]
<ul>
<li><strong>Sangho Lee</strong>, Hyungsub Kim, and Jong Kim</li>
<li><em>22nd Network and Distributed System Security Symposium (<strong>NDSS 2015</strong>)</em>, San Diego, California, USA, February 8-11, 2015</li>
</ul>
</li>
<li><strong>Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities</strong> [<a href="https://sangho2.github.io/papers/lee:gpu.pdf">paper</a> | <a href="https://sangho2.github.io/papers/lee:gpu-slides.pdf">slides</a> | <a rel="external" href="https://github.com/sangho2/gpu-uninit-mem">code</a>]
<ul>
<li><strong>Sangho Lee</strong>, Youngsok Kim, Jangwoo Kim, and Jong Kim</li>
<li><em>35th IEEE Symposium on Security and Privacy (<strong>Oakland 2014</strong>)</em>, San Jose, California, USA, May 18-21, 2014</li>
</ul>
</li>
<li><strong>I Know the Shortened URLs You Clicked on Twitter: Inference Attack using Public Click Analytics and Twitter Metadata</strong> [<a href="https://sangho2.github.io/papers/song:click-infer.pdf">paper</a>]
<ul>
<li>Jonghyuk Song, <strong>Sangho Lee</strong>, and Jong Kim</li>
<li><em>22nd International World Wide Web Conference (<strong>WWW 2013</strong>)</em>, Rio de Janeiro, Brazil, May 13-17, 2013</li>
</ul>
</li>
<li><strong>WarningBird: Detecting Suspicious URLs in Twitter Stream</strong> [<a href="https://sangho2.github.io/papers/lee:warningbird.pdf">paper</a> | <a href="https://sangho2.github.io/papers/lee:warningbird-slides.pdf">slides</a>]
<ul>
<li><strong>Sangho Lee</strong> and Jong Kim</li>
<li><em>19th Network and Distributed System Security Symposium (<strong>NDSS 2012</strong>)</em>, San Diego, California, USA, February 5-8, 2012</li>
</ul>
</li>
</ul>
<h2 id="professional-services">Professional Services</h2>
<h3 id="program-committee-member">Program Committee Member</h3>
<ul>
<li>USENIX Security Symposium (Security): <a rel="external" href="https://www.usenix.org/conference/usenixsecurity26">2026</a>, <a rel="external" href="https://www.usenix.org/conference/usenixsecurity25">2025</a>, <a rel="external" href="https://www.usenix.org/conference/usenixsecurity22">2022</a>, <a rel="external" href="https://www.usenix.org/conference/usenixsecurity21">2021</a></li>
<li>ACM Conference on Computer and Communications Security (CCS): <a rel="external" href="http://sigsac.org/ccs/CCS2026">2026</a></li>
<li>Information Security Conference (ISC): <a rel="external" href="https://isc25.skku.edu/">2025</a></li>
<li>Annual Computer Security Applications Conference (ACSAC): <a rel="external" href="https://www.acsac.org/2024/">2024</a>, <a rel="external" href="https://www.acsac.org/2023/">2023</a>, <a rel="external" href="https://www.acsac.org/2022/">2022</a>, <a rel="external" href="https://www.acsac.org/2021/">2021</a>, <a rel="external" href="https://www.acsac.org/2020/">2020</a>, <a rel="external" href="https://www.acsac.org/2019/">2019</a>, <a rel="external" href="https://www.acsac.org/2018/">2018</a>, <a rel="external" href="https://www.acsac.org/2017/">2017</a>, <a rel="external" href="https://www.acsac.org/2016/">2016</a></li>
<li>ACM SIGOPS Asia-Pacific Workshop on Systems (APSys): <a rel="external" href="https://ap-sys.org/apsys2020">2020</a></li>
<li>ACM Asia Conference on Information, Computer and Communications Security (ASIACCS): <a rel="external" href="http://asiaccs2018.org/">2018</a></li>
<li>World Conference on Information Security Applications (WISA): <a rel="external" href="http://wisa.or.kr/">2018</a></li>
</ul>
<h3 id="journal-reviewer">Journal Reviewer</h3>
<ul>
<li>ACM TOPS 2016; IEEE TDSC 2018, 2014, 2009; IEEE TIFS 2018; IEEE TCSS 2017; IEEE CL 2013; SCN 2011; JCSE 2015</li>
</ul>
</div>
</div>
</section>
<section class="modal" id="search-modal">
<div class="modal-background"></div>
<div class="modal-card">
<header class="modal-card-head">
<p class="modal-card-title">Search</p>
</header>
<section class="modal-card-body">
<div class="field mb-2">
<div class="control">
<input class="input" id="search" placeholder="Search this website." type="search" />
</div>
</div>
<div class="search-results">
<div class="search-results__items"></div>
</div>
</section>
</div>
<button aria-label="close" class="modal-close is-large"></button>
</section>
<footer class="footer py-4">
<div class="content has-text-centered">
<p>
Powered by
<span class="icon-text">
<span class="icon">
<i class="fas fa-power-off"></i>
</span>
<span>zola</span>
</span>
</p>
</div>
</footer>
<script src="https://sangho2.github.io/elasticlunr.min.js"></script>
<script src="https://sangho2.github.io/search_index.en.js"></script><script src="https://sangho2.github.io/js/site.js"></script>
</body>
</html>