About Me

Hi! My name is DongInn Kim. I am a PhD candidate in Computer Science at Indiana University. My current research focuses on the reverse engineering for the security of IoT devices and building an intelligent dynamic analysis tool on the top of existing static/dynamic analysis security tools. My PhD thesis under the supervision of Prof. Jean Camp is based on developing an intrusion detection system by fingerprinting the accessing edge services and IoT devices with machine learning processes of the collected features.
I work for the IU CSI CTF (Capture The Flag) team and I am also working on
the Open Source Cluster Application Resources
(OSCAR) as a core developer. My
research interests include software engineering, clustering computing, and
systems security.
Research Interest
My current research focuses on the reverse engineering for the security of IoT
devices and building an intelligent dynamic analysis tool on the top of
existing static/dynamic analysis security tools.
Current Work
- work on the SCGSR Awards in PNNL for the Summer intern: the proposed project is to develop a system to detect the BGP hijacking in the IoT environment.
- mentor an REU student, Eric Swiler for the project of the SSL certification database
Past Work
- detect malicious domains from the CH registry database: planning to apply
machine learning
- binary analysis to investigate any possible penetrations in Intel SGX: working
with SGX reading group
- practice the CTF exercises / problems with
some various reverse engineering tools (e.g. radare2, unicorn, capstone,
keystone, …)
- renovating the security toolbar, which is an extension of Firefox to make web
browsing more secure.
- work on the “CUTS CertProbe and CertWarehouse” for collecting and compiling
the Public key
certificates. <= [Previous work: PDF]
Publications
- Vafa Andalibi, Jayati Dev, DongInn Kim, Eliot Lear, and Jean Camp. Making Access Control Easy in IoT. In IFIP International Symposium on Human Aspects of Information Security & Assurance, June 2021.
- Vafa Andalibi, Eliot Lear, DongInn Kim, and Jean Camp. On the Analysis of MUD-Files’ Interactions, Conflicts, and Configuration Requirements Before Deployment. In 5th EAI International Conference on Safety and Security in Internet of Things, SaSeIoT, May 2021. Springer.
- Shakthidhar Gopavaram, Jayati Dev, Marthie Grobler, DongInn Kim, Sanchari Das, and L Jean Camp. Cross-National Study on Phishing Resilience. In Proceedings of the Workshop on Usable Security and Privacy (USEC), May 2021. =>
PDF
- DongInn Kim, Vafa Andalibi, and L Jean Camp. Protecting IoT Devices through Localized Detection of BGP Hijacks for Individual Things. In SafeThings 2021, Oakland, May 2021. IEEE Workshop on the Internet of Safe Things. =>
PDF
- DongInn Kim, Vafa Andalibi, and L Jean Camp. Fingerprinting Edge and Cloud Services in IoT. In Systematic Approaches to Digital Forensic Engineering, City University of New York (CUNY), New York City, May 2020. IEEE Computer Society. =>
PDF
- Vafa Andalibi, DongInn Kim, and L. Jean Camp. Throwing MUD into the FOG: Defending IoT and Fog by expanding MUD to Fog network. In 2nd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 19), Renton, WA, July 2019. USENIX Association. =>
PDF
- DongInn Kim, Jeffrey M. Squyres, and Andrew Lumsdaine: The Introduction of
the OSCAR Database API (ODA) =>
PDF
- DongInn Kim, Jeffrey M. Squyres, and Andrew Lumsdaine: Revamping the OSCAR
database: A Flexible Approach to Cluster Configuration Data Management. =>
PDF
Technical Skills
Machine learning (ML) models that I have implmented with R:
Name |
What does it do |
K-Means |
Unsupervised, non-parametric ML to classify data with the given K value |
E-M |
Unsupervised, parametric ML to find maximum likelihood or maximum a posteriori |
Linear Regression |
Supervised, parametric ML to find the linear model between given data sets (X,…, Y) |
Logistic Regression |
Supervised, parametric ML to find the categorical model between dependent variables |
KNN |
Unsupervised, non-parametric ML for classification and regression |
Naive Bayes |
Semi-supervised, parametric ML for the probabilistic classifier with the assumption of IID |
Here is the list of the tools that I am currently learning:
Name |
What does it do |
Frida |
Dynamic instrumentation toolkit for the binary analysis |
Scapy |
Python version of tshark and more |
Radare2 |
Reverse engineering framework |
Unicorn |
CPU emulator (U) |
Capstone |
Disassembly framework |
Keystone |
Assembler framework |
Pwndbg |
GDB plug-in to make debugging with GDB much easier |
Research Colleagues
- L Jean Camp: Professor, School of Informatics and
Computing, Indiana University
- Andrew Lumsdaine:
UW-PNNL Distinguished Faculty Fellow and Affiliate Professor of Computer
Science, University of Washington