About

Interests

  • Software Security
  • Fuzzing
  • Static Analysis
  • Software Engineering using LLM

Experience

  • Suresofttech Inc. (Jul 2021 ~ Present)
    • Static semantic analysis to check runtime error (Abstract interpretation)
    • Automatic code correction using LLM
  • KITRI Best of the Best 5th (Jun 2016 ~ Feb 2017)
    • Security Consulting Track

Education

  • M.S., Information Security
    Yonsei University
    2019 - 2021
  • B.S., Information Security
    Daegu Catholic University
    2014 - 2018

Publications

Conference

[1] Jueon Eom, Seyeon Jeong and Taekyoung Kwon, "Fuzzing JavaScript Interpreters with Coverage-Guided Reinforcement Learning for LLM-Based Mutation", Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2024), Sep 2024

[2] Seyeon Jeong, Euibin Bae, Minhyuk Kwon and Kyunghwa Choi, "Automatic Code Correction Framework for Static Analysis Defects using Large Language Models", The 1st Workshop on Code Intelligence (CIW 2023) (APSEC 2023 Workshop), Dec 2023

[3] Seyeon Jeong, Eunbi Hwang, Yeongpil Cho and Taekyoung Kwon, "PHI: Pseudo-HAL Identification for Scalable Firmware Fuzzing", 26th International Conference on Information Security and Cryptology (ICISC 2023), Nov 2023

[4] Seoyoung Kim, Seyeon Jeong, Mingi Cho, Soochang Chung and Taekyoung Kwon, "Poster: Evaluating Code Coverage for System Call Fuzzers", Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS 2019 Poster), Nov 2019

[5] Se-Yeon Jeong, I-Ju Choi, Yeong-Jin Kim, Yong-Min Shin, Jeong-Hun Han, Goo-Hong Jung and Kyoung-Gon Kim, "A Study on ROS Vulnerabilities and Countermeasure", Proceedings of the Companion of the 2017 ACM/IEEE International Conference on Human-Robot Interaction (HRI 2017 Late-Breaking Reports), Mar 2017

Journal

[1] Eunbi Hwang, Hyunseok Lee, Seyeon Jeong, Mingi Cho and Taekyoung Kwon, "Toward Fast and Scalable Firmware Fuzzing With Dual-Level Peripheral Modeling", IEEE Access, Oct 2021

[2] Mingi Cho, Jaedong Jang, Yezee Seo, Seyeon Jeong, Soochang Chung and Taekyoung Kwon, "Towards bidirectional LUT-level detection of hardware Trojans", Computers & Security, May 2021

[3] Seyeon Jeong, Mingi Cho, Eunbi Hwang and Taekyoung Kwon, "A Study of Cyber Security Threat Analysis on FPGA-based Embedded Systems", Journal of the KNST, Sep 2020

Patents

  • 10-26380580000 : FIRMWARE EMULATION METHOD AND DEVICE THEREFOR (펌웨어 에뮬레이션 방법 및 이를 위한 장치) (2024.02.14 Registration)
  • 10-25436630000 : SOFTWARE VERIFICATION METHOD OF ELECTRONIC APPARATUS (전자 장치의 소프트웨어 검증 방법) (2023.06.09 Registration)

Vulnerability Reports

  • 2024
    • Stack Overflow in Jsish (CVE-2024-24186)
    • Use After Free in Jsish (CVE-2024-24189)
    • Stack Overflow in Espruino (CVE-2024-25200)
    • Out-of-bounds Read in Espruino (CVE-2024-25201)
  • 2023
    • Heap Buffer Overflow in JerryScript (CVE-2023-31907)
    • Heap Buffer Overflow in JerryScript (CVE-2023-31908)
    • Heap Buffer Overflow in JerryScript (CVE-2023-31910)
    • Out of Memory in JerryScript (CVE-2023-31914)
    • Undefined Behavior in JerryScript (CVE-2023-31919)
    • Undefined Behavior in JerryScript (CVE-2023-31920)
    • Undefined Behavior in JerryScript (CVE-2023-31921)
    • Stack Overflow in QuickJS (CVE-2023-31922)
    • Undefined Behavior in JerryScript (CVE-2023-34867)
    • Undefined Behavior in JerryScript (CVE-2023-34868)
    • Heap Buffer Overflow in JerryScript (CVE-2023-38961)

Awards

  • 2nd Place, Hacking Defense Competition of the Army in 2018
    Republic of Korea Army Headquarters