JeeHyun is a Ph.D. in Computer Science at North Carolina State University.
He works in the areas of software engineering, security, and privacy to improve software security and reliability. His advisor is Prof. Laurie Williams. He is a member of the Software Engineering RealSearch group. Prior to coming to NCSU, he received a master's degree in Computer Science at SUNY, Stony Brook and a bachelor's degree in Computer Science at Korea University.

Please feel free to contact me  [email: hwang250 </AT/> gmail.com]

My Research

His research interests span topics in software engineering, security and privacy with use of ideas from data analytics, testing, mining, and formal methods. He develops automated tools and techniques to improve software security and reliability. His current research includes empirical study, testing, debugging, performance improvement, and usable security for improving the quality of access control policies, firewall policies, and access control systems. His research results have been published in the following research domains:

  • Empirical Study/Literature Review/Survey in the area of Security
 - Access Control Policy Evolution: An Empirical Study (Submitted)
 - A Systematic Literature Review on Extensions to Role-Based Access Control (Submitted)
 - Policy-Based Testing [Entry in Encyclopedia of Software Engineering 2010]
  • Security Testing and Debugging: Automated Test Input Generation and Fault Localization/Fixing
  - Systematic Structural Testing of Firewall Policies [SRDS 2008][TNSM 2012]
  - First Step Towards Automatic Correction of Firewall Policy Faults [USENIX LISA 2010][TAAS 2012]
  - Fault Localization for Firewall Policies [SRDS 2009]
  • Performance Measurement and Improvement
 - Designing Fast and Scalable XACML Policy Evaluation Engines [Tool][SIGMETRICS 2008][TC 2011]
 - Selection of Regression System Tests for Security Policy Evolution [ASE 2012]
 - Refactoring Access Control Policies for Performance Improvement [ICPE 2012]

  • Security Policy Analysis using techniques such as Symbolic Model Checking
 - Model Checking for Verification of Mandatory Access Control Models and Properties [IJSEKE 2011]
 - Assessing Quality of Policy Properties in Verification of Access Control Policies [ACSAC 2008]
 - ACPT: A Tool for Modeling and Verifying Access Control Policies [Tool][NIST ACPT][POLICY 2010 Demo]
  • Mining User Activity Patterns
 - Mining Likely Properties of Access Control Policies via Association Rule Mining [DBSec 2010]

Publications

Please refer to my full list of publications and Google citation site (220 citation counts as of June 2014).

Tools 

I develop analysis and testing tools to help assess and improve the quality of software security-related components (such as access control policies and policy evaluation engines). My tools include an access control policy tool (in collaboration with Dr. Vicent Hu at US National Institute of Standards and Technology) and XEngine (in collaboration with Dr. Alex Liu and Dr. Fei Chen at Michigan State University).

  • The jointly-developed NCSU/NIST Acess Control Policy Tool (ACPT) is available as a beta release. [POLICY 2010 Demo]
    - ACPT has been beta-tested in various agencies/labs and companies such as DISA, FermiLab, SAIC, NOAA, Ross Sampson Corporation, Johns Hopkins University, and Inventure Enterprises. US National Institute of Standards and Technology (NIST) supports 130K from 2010.
    - Users have been very positive, and are applying ACPT to a wide variety of software. One commented, “There are many valuable features in the NIST ACPT, and we hope to recommend it to our vendors to verify and validate the policies they author.“ Please see more comments here.
  • The jointly-developed XEngine is available as a beta release. [SIGMETRICS 2008, TC 2011]
    - XEngine is a policy evaluation engine that improves performance significantly.
    XEngine has been downloaded more than 1,300 times (as of Jan 2014).

Awards and Certifications

  • Finalist for the 2011 National Security Innovation Competition
  • Best Student Paper Award (USENIX LISA 2010)
  • Mentoring two undergraduate students for the Research Experiences for Undergraduates (REU) project
  • Academic honors in Computer Science Studies, Korea University (2001-2002)
  • U.S. Army Commendation Medal for outstanding performance in U.S. Army (2001)

        

  Psalm 20:7 Some trust in chariots and some in horses,

but we trust in the name of the Lord our God.

            Last update: 2014-07-28