C Conference Proceeding | J Journal Article | W Workshop Proceeding

2021

  • Defeating program analysis techniques via Ambiguous Translation.
    Chijung Jung, Doowon Kim, Weihang Wang, Yunhui Zheng, Kyu Hyung Lee, and Yonghwi Kwon.
    ASE’21 (NIER): 36th IEEE/ACM International Conference on Automated Software Engineering (New Ideas and Emerging Results Track). C

  • Certified Malware in South Korea: A Localized Study of Breaches of Trust in Code-Signing PKI Ecosystem.
    Bumjun Kwon, Sanghyun Hong, Yuseok Jeon, and Doowon Kim.
    ICICS 2021: The 2021 International Conference on Information and Communications Security. Acceptance rate: 24.3% (49 out of 202). C

  • Security Analysis on Practices of Certificate Authorities in the HTTPS Phishing Ecosystem.
    Doowon Kim, Haehyun Cho, Yonghwi Kwon, Adam Doupe, Sooel Son, Gail-Joon Ahn, Tudor Dumitras.
    AsiaCCS 2021: ACM ASIA Conference on Computer and Communications Security. Acceptance rate: 19.3% (70 out of 362). C

  • Analyzing Spatial Differences in the TLS Security of Delegated Web Services.
    Joonhee Lee, Hyunwoo Lee, Jongheon Jeong, Doowon Kim, Taekyoung “Ted” Kwon.
    AsiaCCS 2021: ACM ASIA Conference on Computer and Communications Security. Acceptance rate: 19.3% (70 out of 362). C

  • TLS 1.3 in Practice: How TLS 1.3 Contributes to the Internet.
    Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon.
    The Web Conference 2021 (TheWebConf 2021, formerly WWW). Acceptance rate: 20.6% (357 out of 1736). C

2020

  • Scam Pandemic: How Attackers Exploit Public Fear through Phishing.
    Marzieh Bitaab, Haehyun Cho, Adam Oest, Penghui Zhang, Zhibo Sun, Rana Pourmohamad, Doowon Kim, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, and Gail-Joon Ahn.
    eCrime 2020: The 2020 APWG Symposium on Electronic Crime Research. C

  • Understanding of Adversary Behavior and Security Threats in Public Key Infrastructures.
    Doowon Kim.
    Ph.D. Dissertation

2018

  • The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI.
    Doowon Kim, Bum Jun Kwon, Kristián Kozák, Christopher Gates, and Tudor Dumitraș.
    USENIX Security 2018: USENIX Security Symposium. Acceptance rate: 19.2% (100 out of 520). C
    Media: Ars Technica

  • Issued for Abuse: Measuring the Underground Trade in Code Signing Certificate.
    Kristián Kozák, Bum Jun Kwon, Doowon Kim, and Tudor Dumitraş.
    WEIS 2018: The Workshop on the Economics of Information Security. W
    Media: Venafi, HelpNetSecurity, The Register #1, The Register #2, Security Affairs, MOU

2017

  • Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI.
    Doowon Kim, Bum Jun Kwon, and Tudor Dumitraș.
    CCS 2017: ACM Conference on Computer and Communications Security. Acceptance rate: 18.1% (151 out of 836). C
    Media: Schneier on Security, The Register, The SSL Store, Ars Technica, Threatpost, Tech Wire Asia, End Game, CPS-VO, Systweak, Fortuna’s Corner, Security Affairs, The Hacker News, Security Intelligence, Tech Target, Cyber Defense Magazine, ENISA, INTEZER

  • fFTP: a fast file transfer protocol for home N-screen platform.
    Doowon Kim, Jinsuk Baek, Paul S Fisher, Sangchul Kim.
    Personal and Ubiquitous Computing. October 2017. DOI: 10.1007/s00779-017-1082-5.J

  • Lessons learned from using an online platform to conduct large-scale, online controlled security experiments with software developers.
    Christian Stransky, Yasemin Acar, Duc Cuong Nguyen, Dominik Wermke, Elissa M. Redmiles, Doowon Kim, Michael Backes, Simson Garfinkel, Michelle L. Mazurek, and Sascha Fahl.
    CSET 2017: Workshop on Cyber Security Experimentation and Test. W

  • Balancing security and usability in encrypted email.
    Wei Bai, Doowon Kim, Moses Namara, Yichen Qian, Patrick Gage Kelley, and Michelle L. Mazurek.
    IEEE Internet Computing: 21 (3), 30-38. 2017. J

  • How Internet Resources Might Be Helping You Develop Faster but Less Securely.
    Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L Mazurek, Christian Stransky. (The authors are alphabetically ordered.)
    IEEE Security & Privacy, vol. 15, no. 2, pp. 50-60, 2017. doi: 10.1109/MSP.2017.24. J

  • Comparing the usability of cryptographic APIs.
    Yasemin Acar, Michael Backes, Sascha Fahl, Simson Garfinkel, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. (The authors are alphabetically ordered.)
    IEEE Security and Privacy (S&P) 2017. Acceptance rate: 14.3% (60 out of 419). C

2016

  • An inconvenient trust: User attitudes toward security and usability tradeoffs for key-directory encryption systems.
    Wei Bai, Doowon Kim, Moses Namara, Yichen Qian, Patrick Gage Kelley, and Michelle L. Mazurek.
    SOUPS 2016: Symposium on Usable Privacy and Security. C

  • You get where you’re looking for: The impact of information sources on code security.
    Awarded the 5th annual NSA Best Scientific Cybersecurity Paper.
    Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, and Christian Stransky. (The authors are alphabetically ordered.)
    IEEE Security and Privacy (S&P) 2016. Acceptance rate: 13.4% (55 out of 411). C

2014

  • An Adaptive Primary Path Switching Scheme for Seamless mSCTP Handover.
    Jinsuk Baek, Doowon Kim, Paul S. Fisher, and Minho Jo. Smart Computing Review (Smart CR) 2014. (Invited Paper) J

Posters

  • Poster: Analysis of Reused Private Keys in the Code Signing PKI.
    Doowon Kim, S. Gokberk Karaca and Tudor Dumitras.
    Network and Distributed System Security Symposium (NDSS 2019). Feb. 2019.

  • You get where you’re looking for: The impact of information sources on code security.
    Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, and Christian Stransky.
    Symposium on Usable Privacy and Security (SOUPS 2016). June 2016. (Previously published paper.)

  • Adaptive Video Streaming over HTTP.
    Doowon Kim, Jinsuk Baek, and Paul S. Fisher.
    The 49th ACM Southeast Conference (ACM SE 2014). March 2014.

  • Implementation of Framework to Identify Potential Phishing Websites.
    Doowon Kim, Chaitanya Achan, Jinsuk Baek, and Paul S. Fisher.
    2013 IEEE Intelligence and Security Informatics (IEEE ISI 2013). June 2013.


Others

  • An Inconvenient Trust: User Attitudes toward Security and Usability Tradeoffs for Key-Directory Encryption Systems. Wei Bai, Doowon Kim, Moses Namara, Yichen Qian, Patrick Gage Kelley, Michelle L. Mazurek.
    Black Hat USA, August 2016.