Sangho Lee

  

Selected Publications

  • MalDev: Subverting Secure VM through Exploiting PCIe Address Translation Services (to appear)
    • Sangyun Kim, Kyungwook Boo, Cheolwoo Myung, Sangho Lee, and Byoungyoung Lee
    • 34th USENIX Security Symposium (Security 2025), Seattle, Washington, USA, August 13-15, 2025
  • Hacksaw: Hardware-Centric Kernel Debloating via Device Inventory and Dependency Analysis [paper | code]
    • Zhenghao Hu, Sangho Lee, and Marcus Peinado
    • 30th ACM Conference on Computer and Communications Security (CCS 2023), Copenhagen, Denmark, November 26-30, 2023
  • Rethinking System Audit Architectures for High Event Coverage and Synchronous Log Availability [paper | code]
    • Varun Gandhi#, Sarbartha Banerjee#, Aniket Agrawal, Adil Ahmad, Sangho Lee, and Marcus Peinado
    • 32nd USENIX Security Symposium (Security 2023), Anaheim, California, USA, August 9-11, 2023
    • [# co-first authors]
  • APRON: Authenticated and Progressive System Image Renovation [paper | slides | code]
    • Sangho Lee
    • 2023 USENIX Annual Technical Conference (ATC 2023), Boston, Massachusetts, USA, July 10-12, 2023
  • Spacelord: Private and Secure Smart Space Sharing [paper]
    • Yechan Bae, Sarbartha Banerjee, Sangho Lee, and Marcus Peinado#
    • 38th Annual Computer Security Applications Conference (ACSAC 2022), Austin, Texas, USA, December 5-9, 2022
    • [# alphabetically ordered]
  • DeView: Confining Progressive Web Applications by Debloating Web APIs [paper | code]
    • ChangSeok Oh, Sangho Lee, Chenxiong Qian, Hyungjoon Koo, and Wenke Lee
    • 38th Annual Computer Security Applications Conference (ACSAC 2022), Austin, Texas, USA, December 5-9, 2022
  • Pridwen: Universally Hardening SGX Programs via Load-Time Synthesis [paper | code]
    • Fan Sang#, Ming-Wei Shih#, Sangho Lee, Xiaokuan Zhang, Michael Steiner, Mona Vij, and Taesoo Kim
    • 2022 USENIX Annual Technical Conference (ATC 2022), Carlsbad, California, USA, July 11-13, 2022
    • [# co-first authors]
  • HardLog: Practical Tamper-Proof System Auditing Using a Novel Audit Device [paper | code]
    • Adil Ahmad, Sangho Lee, and Marcus Peinado
    • 43rd IEEE Symposium on Security and Privacy (Oakland 2022), San Francisco, California, USA, May 22-26, 2022
  • KARD: Lightweight Data Race Detection with Per-Thread Memory Protection [paper]
    • Adil Ahmad, Sangho Lee, Pedro Fonseca, and Byoungyoung Lee
    • 26th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2021), Virtual, April 19-23, 2021
  • All Your Clicks Belong to Me: Investigating Click Interception on the Web [paper | code]
    • Mingxue Zhang, Wei Meng, Sangho Lee, Byoungyoung Lee, and Xinyu Xing
    • 28th USENIX Security Symposium (Security 2019), Santa Clara, California, USA, August 14-16, 2019
  • libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK) [paper | code]
    • Soyeon Park, Sangho Lee, Wen Xu, Hyungon Moon, and Taesoo Kim
    • 2019 USENIX Annual Technical Conference (ATC 2019), Renton, Washington, USA, July 10-12, 2019
  • Dominance as a New Trusted Computing Primitive for the Internet of Things [paper]
    • Meng Xu, Manuel Huber, Zhichuang Sun, Paul England, Marcus Peinado, Sangho Lee, Andrey Marochko, Dennis Matoon, Rob Spiger, and Stefan Thom
    • 40th IEEE Symposium on Security and Privacy (Oakland 2019), San Francisco, California, USA, May 20-22, 2019
  • QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing [paper | code]
  • Efficient Data Flow Tagging and Tracking for Refinable Cross-host Attack Investigation [paper]
    • Yang Ji, Sangho Lee, Mattia Fazzini, Joey Allen, Evan Downing, Taesoo Kim, Alessandro Orso, and Wenke Lee
    • 27th USENIX Security Symposium (Security 2018), Baltimore, Maryland, USA, August 15-17, 2018
  • RAIN: Refinable Attack Investigation with On-demand Inter-Process Information Flow Tracking [paper]
    • Yang Ji, Sangho Lee, Evan Downing, Weiren Wang, Mattia Fazzini, Taesoo Kim, Alessandro Orso, and Wenke Lee
    • 24th ACM Conference on Computer and Communications Security (CCS 2017), Dallas, Texas, USA, October 30-November 3, 2017
  • Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing [paper | slides | demo | code]
    • Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado
    • 26th USENIX Security Symposium (Security 2017), Vancouver, Canada, August 16-18, 2017
  • CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems [paper | slides]
    • Su Yong Kim, Sangho Lee, Insu Yun, Wen Xu, Byoungyoung Lee, Youngtae Yun, and Taesoo Kim
    • 2017 USENIX Annual Technical Conference (ATC 2017), Santa Clara, California, USA, July 12-14, 2017
  • T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs [paper | code]
    • Ming-Wei Shih#, Sangho Lee#, Taesoo Kim, and Marcus Peinado
    • 24th Network and Distributed System Security Symposium (NDSS 2017), San Diego, California, USA, February 26-March 1, 2017
    • [# co-first authors]
  • Breaking Kernel Address Space Layout Randomization with Intel TSX [paper | code]
    • Yeongjin Jang, Sangho Lee, and Taesoo Kim
    • 23rd ACM Conference on Computer and Communications Security (CCS 2016), Vienna, Austria, October 24-28, 2016
  • CrowdTarget: Target-based Detection of Crowdturfing in Online Social Networks [paper]
    • Jonghyuk Song, Sangho Lee, and Jong Kim
    • 22nd ACM Conference on Computer and Communications Security (CCS 2015), Denver, Colorado, USA, October 12-16, 2015
  • Identifying Cross-origin Resource Status Using Application Cache [paper | slides | demo]
    • Sangho Lee, Hyungsub Kim, and Jong Kim
    • 22nd Network and Distributed System Security Symposium (NDSS 2015), San Diego, California, USA, February 8-11, 2015
  • Stealing Webpages Rendered on Your Browser by Exploiting GPU Vulnerabilities [paper | slides | code]
    • Sangho Lee, Youngsok Kim, Jangwoo Kim, and Jong Kim
    • 35th IEEE Symposium on Security and Privacy (Oakland 2014), San Jose, California, USA, May 18-21, 2014
  • I Know the Shortened URLs You Clicked on Twitter: Inference Attack using Public Click Analytics and Twitter Metadata [paper]
    • Jonghyuk Song, Sangho Lee, and Jong Kim
    • 22nd International World Wide Web Conference (WWW 2013), Rio de Janeiro, Brazil, May 13-17, 2013
  • WarningBird: Detecting Suspicious URLs in Twitter Stream [paper | slides]
    • Sangho Lee and Jong Kim
    • 19th Network and Distributed System Security Symposium (NDSS 2012), San Diego, California, USA, February 5-8, 2012

Professional Services

Program Committee Member

  • USENIX Security Symposium (Security): 2025, 2022, 2021
  • Annual Computer Security Applications Conference (ACSAC): 2024, 2023, 2022, 2021, 2020, 2019, 2018, 2017, 2016
  • ACM SIGOPS Asia-Pacific Workshop on Systems (APSys): 2020
  • ACM Asia Conference on Information, Computer and Communications Security (ASIACCS): 2018
  • World Conference on Information Security Applications (WISA): 2018

Journal Reviewer

  • ACM TOPS 2016; IEEE TDSC 2018, 2014, 2009; IEEE TIFS 2018; IEEE TCSS 2017; IEEE CL 2013; SCN 2011; JCSE 2015