I’m an Assistant Professor in the Department of Electrical Engineering and Computer Science at the University of Tennessee, Knoxville. I received my Ph.D. in Computer Science from the University of Maryland, College Park in May 2020 where I worked with Prof. Tudor Dumitras.

My research interests include computer security (data-driven security and usable security), computer networks (Internet measurement) and the Web. I am interested in identifying the root causes of security threats by understanding actors (e.g., adversary and end-users) involved, with data-driven and human-centered perspectives (i.e., usability study).

I have been awarded NSA Best Scientific Cybersecurity Paper (2017) and the Ann G. Wylie Dissertation Fellowship (2019). My works about the Code-Signing PKI have been featured in Ars Technica, The Register, Schneier on Security, Threatpost, etc.

I am actively looking for self-motivated students (including Ph.D. and undergraduate students), Postdoc, and visiting scholars. Please email me if you’re interested in security, computer networks, and the Web.

doowon-kim

345 Min H. Kao Bldg
doowon@utk.edu
Twitter
Google Scholar
CV

News

  • Mar. 2023: “Evaluating Password Composition Policy and Password Meters of Popular Websites” accepted at SecWeb Workshop (co-located with IEEE S&P’23).
  • Mar. 2023: TPC of NDSS 2024, RAID 2023, and TMA 2023.
  • Nov. 2022: Awarded supplemental funding and support from Google TensorFlow
  • Nov. 2022: PyFET: Forensically Equivalent Transformation for Python Binary Decompilation accepted at S&P’23 (Oakland).
  • Sep. 2022: Awarded Google exploreCSR.
  • Sep. 2022: Awarded StART (Support for Affiliated Research Teams) program in collaboration with Oak Ridge National Laboratory.
  • Aug. 2022: TPC of IEEE EuroS&P ‘23 and Best Student Paper Award of WISA’22.
  • May 2022: TPC of AsiaCCS ‘23
  • Apr. 2022: NSF proposal awarded: EAGER: DCL: SaTC: Enabling Interdisciplinary Collaboration: Combatting Disinformation and Racial Bias: A Deep-Learning-Assisted Investigation of Temporal Dynamics of Disinformation
  • Apr. 2022: TPC of CheckMate ‘22, WISA ‘22, and NDSS ‘23
  • Apr. 2022: My Ph.D. student, Kyungchan Lim awarded IEEE S&P 2022 Travel Grant
  • Feb. 2022: TPC of WiSec ‘22, TMA ‘22, ICICS ‘22, and RAID ‘22
  • Dec. 2021: “Hiding Critical Program Components via Ambiguous Translation” accepted to ICSE’22.
  • Oct. 2021: TPC of the Web Conf ‘21 (Security Track)
  • Aug. 2021: “Defeating program analysis techniques via Ambiguous Translation” accepted to ASE’21 (NIER).
  • May 2021: TPC of AsiaCCS ‘22.
  • Feb. 2021: Two papers accepted to AsiaCCS ‘21.
More
  • Feb. 2021: TPC of RAID ‘21.
  • Jan. 2021: “TLS 1.3 in Practice: How TLS 1.3 Contributes to Internet” accepted to the Web Conf. ‘21 (fomerly WWW)

Selected Publications

  • [IEEE S&P’23]: PyFET: Forensically Equivalent Transformation for Python Binary Decompilation.
    Ali Ahad, Chijung Jung, Ammar Askar, Doowon Kim, Taesoo Kim, and Yonghwi Kwon.

  • [ICSE ‘22]: Hiding Critical Program Components via Ambiguous Translation.
    Chijung Jung, Doowon Kim, An Chen, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon.

  • [WWW ‘21]: TLS 1.3 in Practice: How TLS 1.3 Contributes to Internet.
    Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon.

  • [USENIX Security ‘18]: The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI.
    Doowon Kim, Bum Jun Kwon, Kristián Kozák, Christopher Gates, and Tudor Dumitraș.

  • [ACM CCS ‘17]: Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI.
    Doowon Kim, Bum Jun Kwon, and Tudor Dumitraș.

  • [IEEE S&P ‘17]: Comparing the usability of cryptographic APIs.
    Yasemin Acar, Michael Backes, Sascha Fahl, Simson Garfinkel, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. (The authors are alphabetically ordered.)

  • [SOUPS ‘16]: An inconvenient trust: User attitudes toward security and usability tradeoffs for key-directory encryption systems.
    Wei Bai, Doowon Kim, Moses Namara, Yichen Qian, Patrick Gage Kelley, and Michelle L. Mazurek.

  • [IEEE S&P ‘16]: You get where you’re looking for: The impact of information sources on code security.
    Awarded the 5th annual NSA Best Scientific Cybersecurity Paper.
    Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. (The authors are alphabetically ordered.)

Professional Service

Review Panel

  • [NSF] National Science Foundation Proposal Review Panelist — 2023
Technical Program Committee
  • [CCS] ACM Conference on Computer and Communications Security — 2021
  • [NDSS] Network and Distributed System Security Symposium — 2023, 2024
  • [WWW] The Web Conference (security track) — 2022
  • [AsiaCCS] ACM Asia Conference on Computer and Communications Security — 2022, 2023
  • [Euro S&P] IEEE European Symposium on Security and Privacy — 2023
  • [RAID] International Symposium on Research in Attacks, Intrusions and Defenses — 2021, 2022, 2023
  • [ISC] Information Security Conference — 2023
  • [TMA] Network Traffic Measurement and Analysis Conference — 2022, 2023
  • [WiSec] ACM Conference on Security and Privacy in Wireless and Mobile Networks — 2021, 2022
  • [CODASPY] ACM Conference on Data and Application Security and Privacy — 2021
  • [WISA] World Conference on Information Security Applications — 2022, 2023
  • [ICICS] International Conference on Information and Communications Security — 2021, 2022
  • [MSN] International Conference on Mobility, Sensing and Networking — 2021
  • [CSET] Workshop on Cyber Security Experimentation and Test — 2020, 2021
  • [CheckMATE] Man-At-The-Middle Attacks Workshop — 2021, 2022
  • [WPES] Workshop on Privacy in the Electronic Society — 2022
  • [SecWeb] SecWeb Workshop — 2023
Program Chair/Co-Chair
  • Publication Chair: IEEE Secure Development Conference (SecDev) 2022
  • Student Travel Grants Co-Chair: ACM Conference on Computer and Communications Security (CCS) 2021
  • Poster Session Chair: Korean Computer Scientists and Engineers Association in America Technical Symposium 2021
Journal Reviewer
  • IEEE Transactions on Computers
  • Institute of Electronics, Information and Communication Engineers
External Reviewer
  • [CCS] ACM Conference on Computer and Communications Security — 2017, 2018, 2019
  • [NDSS] The Network and Distributed System Security Symposium — 2018, 2019, 2020
  • [S&P] IEEE Symposium on Security and Privacy — 2018, 2019
  • [USENIX Security] USENIX Security Symposium — 2018
  • [CODASPY] ACM Conference on Data and Application Security and Privacy — 2020
  • [RAID] Research in Attacks, Intrusions and Defenses — 2018, 2019