Welcome to the NSS Lab @ KAIST
Led by Seungwon Shin the NSS (Network and System Security) lab at KAIST focuses on network and system security. In particular, we study a variety of topics including software defined network (SDN) security, embedded system and IoT using SDN, and web and mobile. We are now working on Design and Implementation of Innovative Security Services with SDN, SDN Security Evaluation project and Analysis of the Dark Web Environment. We also study cyber threat intelligence, container security, and blockchain security.
- Cyber Threat Intelligence
- SDN/NFV Security
- Container Security
- Blockchain Security
ㅤNews
- May 2026
- “𝑃𝐶²: Politically Controversial Content Generation via Jailbreaking Attacks on GPT-based Text-to-Image Models” has been accepted to CCS 2026
- February 2026
- “AccelFaaS: Accelerating FaaS via Pre-warmed Memory and Control Channel Offloading” has been accepted to TCC 2026
- “TDSnap: Enabling Secure Function-as-a-Service with Trusted Domain Snapshots” has been accepted to DAC 2026
- January 2026
- “SafeMoE: Safe Fine-Tuning for MoE LLMs by Aligning Harmful Input Routing” has been accepted to ICLR 2026
- December 2025
- “HybridMesh: A Hardware-software Hybrid Approach for Accelerating Service Mesh Ingress” has been accepted to NSDI 2026
- “RDNet: An RDMA-aware Container Network Interface for Cloud Environments” has been accepted to INFOCOM 2026
- “BEACON: Automatic Container Policy Generation using Environment-aware Dynamic Analysis” has been accepted to COMSEC 2025
- November 2025
- “SECTRACER: A Framework for Uncovering the Root Causes of Network Intrusions via Security Provenance” has been accepted to COMSEC 2025
- October 2025
- “PassREfinder-FL: Privacy-Preserving Credential Stuffing Risk Prediction via Graph-Based Federated Learning for Representing Password Reuse between Websites” has been accepted to ESWA 2025
- September 2025
- “MoEvil: Poisoning Expert to Compromise the Safety of Mixture-of-Experts LLMs” has been accepted to ACSAC 2025 (Distinguished Paper Award)
- August 2025
- “Improbable Bigrams Expose Vulnerabilities of Incomplete Tokens in Byte-Level Tokenizers” has been accepted to EMNLP 2025
- June 2025
- “Refusal Is Not an Option: Unlearning Safety Alignment of Large Language Models” has been accepted to Usenix Security 2025
- May 2025
- “HardMesh: Enabling High-performance Service Mesh Ingress Processing with SmartNIC” has been accepted to SIGCOMM (Shorts) 2025
- March 2025
- “CR-ATTACKER: Exploiting Crash-reporting Systems using Timing Gap and Unrestricted File-based Workflow” has been accepted to ACCESS 2025
- January 2025
- “When LLMs Go Online: The Emerging Threat of Web-Enabled LLMs” has been accepted to Usenix Security 2025
- “Obliviate: Neutralizing Task-agnostic Backdoors within the Parameter-efficient Fine-tuning Paradigm” has been accepted to NAACL 2025
- “Claim-Guided Textual Backdoor Attack for Practical Applications” has been accepted to NAACL 2025
- December 2024
- “Uncovering Threats in Container Systems: A Study on Misconfigured Container Components in the Wild” has been accepted to ACCESS 2024
- “AVXProbe: Enhancing Website Fingerprinting with Side-Channel-Assisted Kernel-Level Traces” has been accepted to ASIACCS 2025
- “MUFFLER: Secure Tor Traffic Obfuscation with Dynamic Connection Shuffling and Distributing” has been accepted to INFOCOM 2025
- November 2024
- “Covering Cracks in Content Moderation: Delexicalized Distant Supervision for Illicit Drug Jargon Detection” has been accepted to KDD 2025
- September 2024
- “CENSor: Detecting Illicit Bitcoin Operation via GCN-based Hyperedge Classification” has been accepted to ACCESS 2024
- “gShock: A GNN-based Fingerprinting System for Permissioned Blockchain Networks over Encrypted Channels” has been accepted to ACCESS 2024
- August 2024
- “Tweezers: A Framework for Security Event Detection via Event Attribution-centric Tweet Embedding” has been accepted to NDSS 2025
- “BotFence: A Framework for Network-Enriched Botnet Detection and Response with SmartNICs” has been accepted to ACCESS 2024
- April 2024
- “Ambusher: Exploring the Security of Distributed SDN Controllers through Protocol State Fuzzing” has been accepted to TIFS 2024
- “Hyperion: Hardware-based High-performance and Secure System for Container Networks” has been accepted to TCC 2024
- “HardWhale: A Hardware-isolated Network Security Enforcement System for Cloud Environments“ has been accepted to ICDCS 2024
- March 2024
- “Ignore Me But Don’t Replace Me: Utilizing Non-Linguistic Elements for Pretraining on the Cybersecurity Domain“ has been accepted to NAACL 2024
- January 2024
- “Enhancing security in SDN: Systematizing attacks and defenses from a penetration perspective“ has been accepted to Elsevier Computer Networks 2024
- November 2023
- “DRAINCLoG: Detecting Rouge Accounts with Illegally-obtained NFTs using Classifiers Learned on Graphs” has been accepted to NDSS 2024
- September 2023
- “Cryonics: Trustworthy Function-as-a-Service using Snapshot-based Enclaves” has been accepted to SoCC 2023
- “HELIOS: Hardware-assisted High-performance Security Extension for Cloud Networking” has been accepted to SoCC 2023
- August 2023
- “Evolving Bots: The New Generation of Comment Bots and their Underling Scam Campaigns in YouTube” has been accepted to IMC 2023
- “AVX-TSCHA: Leaking Information Through AVX Extensions in Commercial Processors” has been accepted to COMSEC 2023
- July 2023
- “PassREfinder: Credential Stuffing Risk Prediction by Representing Password Reuse between Websites on a Graph” has been accepted to IEEE S&P 2024
- June 2023
- “Witnessing Erosion of Membership Inference Defenses: Understanding Effects of Data Drift in Membership Privacy” has been accepted to RAID 2023
- May 2023
- “DarkBERT: A Language Model for the Dark Side of the Internet” has been accepted to ACL 2023
- February 2023
- “AVX Timing Side-Channel Attacks against Address Space Layout Randomization” has been accepted to DAC 2023