About Me

I am an Assistant Professor at the Department of Computer Science and Engineering (CSE), UNIST and am leading WebSec Lab. My current research interest spans mainly around software and web security, program analysis, and fuzz testing.
Room 301-8, E106 Building, UNIST
seongil.wi@unist.ac.kr

Education

• 2019 - 2023
  Ph.D @KAIST WSP Lab, Graduate School of Information Security, KAIST (Advisor: Sooel Son)


• 2017 - 2018
  M.S @KAIST SoftSec Lab, Graduate School of Information Security, KAIST (Advisor: Sang Kil Cha)


• 2013 - 2016
  B.S, School of Computer Science And Electrical Engineering, Handong Global University

Publications

1. DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement through Differential Testing (Paper)(GitHub)
   Seongil Wi, Trung Tin Nguyen, Jihwan Kim, Ben Stock, and Sooel Son
   In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2023 (Acceptance Rate: 16.2％)


2. HearMeOut: Detecting Voice Phishing Activities in Android (Paper)(GitHub)
   Joongyum Kim, Jihwan Kim, Seongil Wi, Yongdae Kim, and Sooel Son
   In Proceedings of the ACM International Conference on Mobile Systems, Applications, and Services (MobiSys), 2022 (Acceptance Rate: 21％)


3. HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs (Paper)(GitHub)(Slides)(Video)
   Seongil Wi, Sijae Woo, Joyce Whang, Sooel Son
   In Proceedings of the Web Conference 2022 (WWW), 2022 (Acceptance Rate: 17.7％)


4. Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning (Paper)(GitHub)(Slides)(Video)
   Soyoung Lee, Seongil Wi, Sooel Son
   In Proceedings of the Web Conference 2022 (WWW), 2022 (Acceptance Rate: 17.7％)


5. FUSE: Finding File Upload Bugs via Penetration Testing (Paper)(GitHub)(Slides)(Video)(Media)
   Taekjin Lee, Seongil Wi (co-leading author), Suyoung Lee, and Sooel Son
   In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2020 (Acceptance Rate: 17.4％)


6. FSF: Code Coverage-driven Fuzzing for Software-Defined Networking (Paper)
   Hyuntae Kim, Seongil Wi, Hyunjoo Lee, and Sooel Son
   In Proceedings of the World Conference on Information Security Applications (WISA), 2019


7. Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition (Paper)(GitHub)(Slides)
   Seongil Wi, Jaeseung Choi, and Sang Kil Cha
   In Proceedings of the USENIX Workshop on Advances in Security Education (USENIX ASE), 2018

Experience

• Academic Service: External Reviewer
  • Oakland (S&P) 2023
  • USENIX Security 2023, 2022, 2021
  • CCS 2022, 2021
  • NDSS 2022, 2021
  • WWW 2023, 2022
  • ACSAC 2021, 2020, 2018
  • ACNS 2021
  • IEICE 2020, 2021
• Patent
  • 10-2022-0047124: Method and System for Detecting Reflected Cross-Site Scripting Vulnerabilities using Reinforcement Learning
  • 10-2020-0138388: Method and Apparatus for Detecting Cross-Site Request Forgery Vulnerabilities for Web Interface of Software Defined Network
  • 10-2020-0001450: Algorithm for Detecting Bugs in Software-Defined Networking using Code Coverage
  • 10-2018-0094406: Git-based System and Method for Providing Attack and Defense Hacking Contests

Honors

• Dec. 2022, NAVER Ph.D. Fellowship 2022 by NAVER, South Korea.
• Feb. 2022, Participation Prize, Samsung Human Tech (삼성휴먼테크논문대상) 2022 by SAMSUNG, South Korea.
• Aug. 2019, 2nd Prize, Cybersecurity Research Competition 2019 by KIISC, South Korea.
• Feb. 2017, B.S Magna Cum Laude Graduate.
• Feb. 2015 - Feb. 2017, National Scholarship for Science & Engineering, from Korea Student Aid Foundation (KOSAF).
• 2014 Fall Semester, 2015 Spring Semester, Academic Excellence Scholarship (Top 1%).