AI System Security
Prompt InjectionInformation LeakResponsible ModelSafety FilteringSoftware Security
ReversingBinary Code Similarity AnalysisAutomatic Exploit GenerationCellular Network Security
Baseband ExploitControl PlaneIMSCharging BypassCore NetworkCyber-Physical System Security
Drone HijackingCar HackingWearable DevicesSensor SpoofingEMI InjectionRobots
Dongkwan Kim
Postdoctoral Fellow [at] Georgia Tech
756 W Peachtree St NW S0980, Atlanta, GA, US, 30308
Korean, English
Background
Bio
Bio
I am a security engineer and researcher with a deep interest in uncovering inter-domain security threats in AI, IoT, mobile networks, and cyber-physical systems. My work spans beyond device-level vulnerabilities, focusing on how security issues impact business logic, service architectures, and user privacy. Currently, I'm exploring:
- AI for Security – Developing AI-driven vulnerability discovery and exploitation tools as a finalist in DARPA's AIxCC competition at Georgia Tech.
- Securing AI Systems – Formerly at Samsung Security Center, where I worked on enterprise and on-device AI security.
- Identify and exploit security vulnerabilities across diverse domains
- Research and build solutions to secure AI-integrated infrastructures
- Reverse-engineer firmware, basebands, and embedded systems
- Collaborate with cross-functional teams to mitigate security risks
- 5x DEFCON Finalist | Multiple hacking competition awards
- 9 publications in top-tier security venues (USENIX Security, CCS, NDSS, TSE, TMC)
- 7 patents in cybersecurity and AI security domains
- 17+ industry and government projects in security research & engineering
Research Interests
Research Interests
Work Experience
Work Experience
Postdoctoral Fellow, School of Cybersecurity and Privacy, Georgia Tech
Feb, 2025 - Present1 month
Participating in AIxCC run by DARPA, a competition that leverages AI to find vulnerabilities and patch them fully automatically.- Manager: Prof. Taesoo Kim
Senior Engineer, Advanced Penetration Testing Group, Samsung Security Center, Samsung SDS
Aug, 2022 - Dec, 20242 years 5 months
Worked at the Samsung Security Center, carrying out Red Team efforts to proactively prevent security threats to products and services of all Samsung affiliates: Integrated AI service systems, IoT/embedded devices, Android applications, kernel-level mitigations, and many more.Postdoctoral Researcher, KAIST
Mar, 2022 - Jul, 20225 months
Continued collaboration research on 1) sensor spoofing and EMI injection against drones, 2) finding logic bugs in smartphone baseband software- Manager: Prof. Yongdae Kim
Research Intern, Pinion Industries
Dec, 2013 - Feb, 20143 months
An automotive software and security start-up. Analyzed various components in a car including network systems, AVN, telematics, smartkey, and ECUs.Student Senior, KAIST CERT
Sep, 2010 - Dec, 20122 years 4 months
Investigated security incidents. In one case, successfully identified the culprit leading to their apprehension by the police.- Student Team Leader (2011. 9. 1 ~ 2012. 8. 31)
Education
Education
Electrical Engineering, Ph.D., KAIST
Mar, 2016 - Feb, 2022
Electrical Engineering, M.S., KAIST
Mar, 2014 - Feb, 2016
Software and System Security, Visiting Scholar, EURECOM
Jun, 2014 - Jul, 2014
Computer Science, Bachelor, KAIST
Feb, 2010 - Feb, 2014
Recent Talks (Selected)
Recent Talks (Selected)
AI Security Primer: Red Team Perspectives on Navigating New Threats and Safeguarding AI Frontier [Slides (Korean)]
Dongkwan Kim
.HACK Conference, Theori
Link: Schedule2024-05-28
Scaling up Vulnerability Analysis of IoT Devices with Heuristics and Binary Code Similarity [Slides]
Dongkwan Kim
Colloquium Fall 2023, School of Cybersecurity, Korea University
Link: Schedule2023-10-25
Publications
Publications
BaseComp: A Comparative Analysis for Integrity Protection in Cellular Baseband Software [PDF] [Slides] [Code]
Eunsoo Kim*, Min Woo Baek*, CheolJun Park, Dongkwan Kim, Yongdae Kim, Insu Yun
Proceedings of the 32st USENIX Security Symposium (Security'23)
Aug 10, 2023
Un-Rocking Drones: Foundations of Acoustic Injection Attacks and Recovery Thereof [PDF] [Slides] [Site] [Code & Data]
Jinseob Jung, Dongkwan Kim, Joonha Jang, Juhwan Noh, Changhun Song, and Yongdae Kim
Proceedings of the 2023 Annual Network and Distributed System Security Symposium (NDSS'23)
Mar 02, 2023
Paralyzing Drones via EMI Signal Injection on Sensory Communication Channels [PDF] [Slides] [Site]
Joonha Jang*, ManGi Cho*, Jaehoon Kim, Dongkwan Kim , and Yongdae Kim
Proceedings of the 2023 Annual Network and Distributed System Security Symposium (NDSS'23)
Mar 02, 2023
Watching the Watchers: Practical Video Identification Attack in LTE Networks [PDF] [Slides] [Site]
Sangwook Bae, Mincheol Son, Dongkwan Kim, CheolJun Park, Jiho Lee, Sooel Son, and Yongdae Kim
Proceedings of the 31st USENIX Security Symposium (Security'22)
Aug 10, 2022
Revisiting Binary Code Similarity Analysis using Interpretable Feature Engineering and Lessons Learned [PDF] [Benchmark] [Tool]
Dongkwan Kim, Eunsoo Kim, Sang Kil Cha, Sooel Son, and Yongdae Kim
IEEE Transactions on Software Engineering (TSE'22)
Jul 01, 2022
Improving Large-Scale Vulnerability Analysis of IoT Devices with Heuristics and Binary Code Similarity [PDF] [Slides] [Code]
Dongkwan Kim
Ph.D. Thesis
Feb 18, 2022
Enabling the Large-Scale Emulation of Internet of Things Firmware With Heuristic Workarounds [PDF]
Dongkwan Kim, Eunsoo Kim, Mingeun Kim, Yeongjin Jang, and Yongdae Kim
IEEE Security & Privacy
May 14, 2021
BaseSpec: Comparative Analysis of Baseband Software and Cellular Specifications for L3 Protocols [PDF] [Slides] [Code]
Dongkwan Kim*, Eunsoo Kim*, CheolJun Park, Insu Yun, and Yongdae Kim
Proceedings of the 2021 Annual Network and Distributed System Security Symposium (NDSS'21)
Feb 24, 2021
FirmAE: Towards Large-Scale Emulation of IoT Firmware forDynamic Analysis [PDF] [Slides] [Code]
Mingeun Kim, Dongkwan Kim, Eunsoo Kim, Suryeon Kim, Yeongjin Jang, and Yongdae Kim
Proceedings of the 2020 Annual Computer Security Applications Conference (ACSAC'20)
Link: Reported CVEs and PoC exploits,Dec 11, 2020
Who Spent My EOS? On the (In)Security of Resource Management of EOS.IO [PDF] [Slides]
Sangsup Lee, Daejun Kim, Dongkwan Kim, Sooel Son, and Yongdae Kim
Proceedings of the 13th USENIX Workshop on Offensive Technologies (WOOT'19)
Media: CoinSpice,...Aug 13, 2019
Peeking over the Cellular Walled Gardens - A Method for Closed Network Diagnosis [PDF]
Byeongdo Hong, Shinjo Park, Hongil Kim, Dongkwan Kim, Hyunwook Hong, Hyunwoo Choi, Jean-Pierre Seifert, Sung-Ju Lee, and Yongdae Kim
IEEE Transactions on Mobile Computing (TMC'18)
Feb 12, 2018
When Cellular Networks Met IPv6: Security Problems of Middleboxes in IPv6 Cellular Networks [PDF]
Hyunwook Hong, Hyunwoo Choi, Dongkwan Kim, Hongil Kim, Byeongdo Hong, Jiseong Noh, and Yongdae Kim
Proceedings of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P'17)
Apr 28, 2017
Pay As You Want: Bypassing Charging System in Operational Cellular Networks [PDF]
Hyunwook Hong, Hongil Kim, Byeongdo Hong, Dongkwan Kim, Hyunwoo Choi, Eunkyu Lee and Yongdae Kim
Proceedings of the 17th International Workshop on Information Security Applications (WISA'16)
Aug 26, 2016
Dissecting VoLTE: Exploiting Free Data Channels and Security Problems [PDF]
Dongkwan Kim
M.S. Thesis
Feb 19, 2016
Breaking and Fixing VoLTE: Exploiting Hidden Data Channels and Mis-implementations [PDF] [Slides]
Dongkwan Kim*, Hongil Kim*, Minhee Kwon, Hyungseok Han, Yeongjin Jang, Dongsu Han, Taesoo Kim, and Yongdae Kim
Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS'15)
Media: CVE-2015-6614,Nexus Security Bulletin,CERT,DSLReports,IT World,Softpedia,tom's guide,Pocketnow,FierceMobileIT,Techworm,Neowin,Network World,...Oct 13, 2015
BurnFit: Analyzing and Exploiting Wearable Devices [PDF] [Slides] Best Paper
Dongkwan Kim, Suwan Park, Kibum Choi, Yongdae Kim
Proceedings of the 16th International Workshop on Information Security Applications (WISA'15)
Aug 26, 2015
Rocking Drones with Intentional Sound Noise on Gyroscopic Sensors [PDF] [Slides]
Yunmok Son, Hocheol Shin, Dongkwan Kim, Youngseok Park, Juhwan Noh, Kibum Choi, Jungwoo Choi, and Yongdae Kim
Proceedings of the 24th USENIX Security Symposium (Security'15)
Media: Popular Science,New York Daily,Discover Magazine,Defense Systems,IBTimes,Sputnik,Techworm,Slashdot,Network World,Gizmodo,...Aug 14, 2015
Analyzing Security of Korean USIM-based PKI Certificate Service [PDF]
Shinjo Park, Suwan Park, Insu Yun, Dongkwan Kim, Yongdae Kim
Proceedings of the 15th International Workshop on Information Security Applications (WISA'14)
Aug 26, 2014
High-speed automatic segmentation of intravascular stent struts in optical coherence tomography images [PDF]
Myounghee Han, Dongkwan Kim, Wang-Yuhl Oh, and Sukyoung Ryu
Proceedings of SPIE Biomedical Optics, Photonics West 2013 (BiOS'13)
Feb 02, 2013
Awards
Awards
Finalist to Defcon 27 CTF (team. KaisHack GoN)
Aug 09, 2019
Finalist to Defcon 26 CTF (team. KaisHack+PLUS+GoN)
Aug 09, 2018
HDCON CTF 1st Prize $20,000 (team. maxlen)
Organized by Ministry of Science and ICT
Nov 30, 2017
Whitehat Contest 2017 1st Prize $30,000 (team. Old GoatskiN)
Organized by Ministry of National Defense
Nov 27, 2017
Codegate CTF 3rd Prize $5,000 (team. Old GoatskiN)
Organized by Ministry of Science, ICT and Future Planning of Korea
Apr 12, 2017
Finalist to Defcon 24 CTF (team. KaisHack GoN)
Aug 05, 2016
Whitehat Contest 2014 1st Prize $20,000 (team. Syssec)
Organized by Ministry of National Defense and National Intelligence Service of Korea
Nov 18, 2014
Finalist to Defcon 22 CTF (team. KAIST GoN)
Aug 08, 2014
HDCON CTF Silver Prize $2,000 (team. GoN)
Organized by Korea Internet & Security Agency (KISA)
Dec 04, 2013
Whitehat Contest 2013 1st Prize $20,000 (team. KAIST GoN)
Organized by Ministry of National Defense and National Intelligence Service
Oct 02, 2013
Finalist to Defcon 20 CTF (team. KAIST GoN)
Jul 27, 2012
HDCON CTF Silver Prize $2,000 (team. KAIST GoN)
Organized by Korea Internet & Security Agency (KISA)
Jul 11, 2012
Codegate YUT CTF 3rd Prize $5,000 (team. KAIST GoN)
Organized by Ministry of Science, ICT and Future Planning of Korea
Apr 03, 2012
ISEC CTF 1st Prize $10,000 (team. GoN)
Organized by Ministry of the Interior and Safety
Sep 21, 2011
PADOCON CTF 1st Prize $1,000 (team. GoN)
Organized by PAraDOx CONference (union of undergraduate hacking groups)
Jan 31, 2011
References
References
Dr. Yongdae Kim [www]
Director, Cyber Security Research Center (CSRC), KAIST and Professor, School of Electrical Engineering and Graduate School of Information Security, KAIST
yongdaek@kaist.ac.krDr. Taesoo Kim [www]
Professor, School of Cybersecurity and Privacy (SCP) and Computer Science (SCS), Georgia Tech
taesoo@gatech.eduDr. Sang Kil Cha [www]
Director, Cyber Security Research Center (CSRC), KAIST and Associate Professor, School of Computing and Graduate School of Information Security, KAIST
sangkilc@kaist.ac.krDr. Sooel Son [www]
Associate Professor, School of Computing and Graduate School of Information Security, KAIST
sl.son@kaist.ac.krDr. Yeongjin Jang [www]
Principal Software Engineer, Samsung Research America
y.jang1@samsung.comDr. Insu Yun [www]
Associate Professor, School of Electrical Engineering, KAIST
insuyun@kaist.ac.kr