Publications (selected)

We list selected publications only. For a full publication list, please click here.

(Here papers are restricted to academic use within not-for-profit institutions.)


  • “On the Long-Term Effects of Continuous Keystroke Authentication: Keeping User Frustration Low through Behavior Adaptation”, Jun Ho Huh, Sungsu Kwag, Iljoo Kim, Alexandr Popov, Younghan Park, Geumhwan Cho, Juwon Lee, Hyoungshick Kim, Choong-Hoon Lee, IMWUT: Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, 2023. (accepted)
  • “DID We Miss Anything?: Towards Privacy-Preserving Decentralized ID Architecture”, Siwon Huh, Myungkyu Shim, Jihwan Lee, Simon Woo, Hyoungshick Kim, and Hojoon Lee, IEEE Transactions on Dependable and Secure Computing, 2023. (accepted)
  • “Design and Evaluation of Highly Accurate Smart Contract Code Vulnerability Detection Framework”, Sowon Jeon, Gilhee Lee, Hyoungshick Kim, and Simon Woo, Data Mining and Knowledge Discovery, 2023. (accepted)
  • “An ICN-based data marketplace model based on a game theoretic approach using quality-data discovery and profit optimization”, Eunil Seo, Hyoungshick Kim, Bhaskar Krishnamachari, and Erik Elmroth, IEEE Transactions on Cloud Computing, 2023. (accepted)
  • “SmartMark: Software Watermarking Scheme for Smart Contracts”, Taeyoung KimYunhee JangChanjong Lee, Hyungjoon Koo, and Hyoungshick Kim, ICSE: The 45th International Conference on Software Engineering, Melbourne, Australia, 2023. pdf
  • “AppSniffer: Towards Robust Mobile App Fingerprinting Against VPN”, Sanghak Oh, Minwook Lee, Hyunwoo Lee, Elisa Bertino, and Hyoungshick Kim, WWW: The 32nd Web Conference, Austin, USA, 2023. pdf


  • “LocID: A secure and usable location-based smartphone unlocking scheme using Wi-Fi signals and light intensity”, Mohsen Alawami, Aishwarya Ram Vinay, and Hyoungshick Kim, IEEE Internet of Things, 2022. pdf
  • “Mutexion: Mutually Exclusive Compression System for Mitigating Compression Side-Channel Attacks”, Taegeun Moon, Hyoungshick Kim, and Sangwon Hyun, ACM Transactions on the Web, 2022. pdf
  • “Evaluation and Optimization of Distributed Machine Learning Techniques for Internet of Things”, Yansong Gao, Minki Kim, Chandra Thapa, Alsharif Abuadbba, Zhi Zhang, Seyit Camtepe, Hyoungshick Kim, and Surya Nepal, IEEE Transactions on Computers, 2022. pdf
  • “Design and Evaluation of a Multi-Domain Trojan Detection Method on Deep Neural Networks”, Yansong Gao, Yeonjae Kim, Bao Gia Doan, Zhi Zhang, Gongxuan Zhang, Surya Nepal, Damith C. Ranasinghe, and Hyoungshick Kim, IEEE Transactions on Dependable and Secure Computing, 2022. pdf


  • “Rocky: Replicating Block Devices for Tamper and Failure Resistant Edge-based Virtualized Desktop Infrastructure”, Beom Heyn Kim and Hyoungshick Kim, ACSAC: The 37th Annual Computer Security Applications Conference, Virtual, 2021. pdf
  • “ARGH!: Automated Rumor Generation Hub”, Larry Huynh, Manh Duy Thai Nguyen, Joshua Goh, Hyoungshick Kim, and Jin Hong, CIKM: The 30th ACM International Conference on Information and Knowledge Management [Applied research track][selected as “best paper nominations”], Virtual, 2021. pdf
  • “Peeler: Profiling Kernel-Level Events to Detect Ransomware”, Muhammad Ejaz Ahmed, Hyoungshick Kim, Seyit Camtepe, and Surya Nepal, ESORICS: The 26th European Symposium on Research in Computer Security, Virtual, 2021. pdf
  • “Towards Usable and Secure Location-based Smartphone Authentication”, Geumhwan Cho, Sungsu Kwag, Jun Ho Huh, Bedeuro Kim, Choong-Hoon Lee, and Hyoungshick Kim, SOUPS: The 17th Symposium On Usable Privacy and Security, Virtual, 2021. pdf
  • “Neural Network Laundering: Removing Black-Box Backdoor Watermarks from Deep Neural Networks”, William AikenHyoungshick Kim, Simon Woo, and Jungwoo Ryoo, Computers & Security, 2021. pdf
  • “Decamouflage: A Framework to Detect Image-Scaling Attacks on CNN”, Bedeuro Kim, Alsharif Abuadbba, Yansong Gao, Yifeng Zheng, Muhammad Ejaz Ahmed, Surya Nepal, and Hyoungshick Kim, DSN: The 51st IEEE/IFIP International Conference on Dependable Systems and Networks, 2021. pdf
  • “Fine with “1234”? An Analysis of SMS One-Time Password Randomness in Android Apps”, Siqi Ma, Juanru Li, Hyoungshick Kim, Elisa Bertino, Surya Nepal, Diet Ostry, and Cong Sun, ICSE: The 43rd International Conference on Software Engineering, Madrid, Spain, 2021. pdf
  • “FUMVar: A Practical Framework for Generating Fully-working and Unseen Malware Variants”, Beomjin Jin, Jusop Choi, Hyoungshick Kim and Jin B. Hong, SAC: The 36th ACM/SIGAPP Symposium On Applied Computing, Gwangju, Korea, 2021. pdf
  • “DeepiSign: Invisible Fragile Watermark to Protect the Integrity and Authenticity of CNN”, Sharif Abuadbba, Hyoungshick Kim and Surya Nepal, SAC: The 36th ACM/SIGAPP Symposium On Applied Computing, Gwangju, Korea, 2021. pdf


  • “Can We Use Split Learning on 1D CNN Models for Privacy Preserving Training?”, Alsharif Abuadbba, Kyuyeon Kim, Minki Kim, Chandra Thapa, Seyit A. Camtepe, Yansong Gao, Hyoungshick Kim, and Surya Nepal, ASIACCS: The 13th ACM Asia Conference on Computer and Communications Security, Taipei, Taiwan, 2020. pdf
  • “PassTag: A Graphical-Textual Hybrid Fallback Authentication System”, Joon Kuy Han, Simon Woo, and Hyoungshick Kim, ASIACCS: The 13th ACM Asia Conference on Computer and Communications Security, Taipei, Taiwan, 2020. pdf
  • “End-to-End Evaluation of Federated Learning and Split Learning for Internet of Things”, Yansong Gao, Minki Kim, Sharif Abuadbba, Yeonjae Kim, Chandra Thapa, Kyuyeon Kim, Seyit A. Camtepe, Hyoungshick Kim, and Surya Nepal, SRDS: The 39th International Symposium on Reliable Distributed Systems, Shanghai, China, 2020. pdf video code
  • “On the Security and Usability Implications of Providing Multiple Authentication Choices on Smartphones: The More, the Better?”, Geumhwan Cho, Jun Ho Huh, Soolin Kim, Junsung Cho, Heesung Park, Yenah Lee,  Konstantin Beznosov, and Hyoungshick Kim, ACM Transactions on Privacy and Security, 2020. pdf
  • “Void: A fast and light voice liveness detection system”, Muhammad Ejaz Ahmed, Ilyoup Kwak, Jun Ho Huh, Iljoo Kim, Taekkyung Oh, and Hyoungshick Kim, USENIX Security: The 29th USENIX Security Symposium, Boston, USA, 2020. pdf video

(There’s press coverage. [techAU, Jun. 22, 2020][FutureFive, Jun. 23, 2020][ZDNet, Jun. 22, 2020])

  • “Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policies”, Eun yong Cheon, Yonghwan Shin, Jun Ho Huh, Hyoungshick Kim, and Ian Oakley, S&P: The 41st IEEE Symposium on Security and Privacy, San Francisco, USA, 2020. pdf video 1 video 2
  • “I’ve Got Your Packages: Harvesting customers’ delivery order information using package tracking number enumeration”, Simon Woo,  Hanbin Jang, Woojung Ji, and Hyoungshick Kim, WWW: The 29th Web Conference, Taipei, Taiwan, 2020. pdf
  • “ACIDroid: A Practical App Cache Integrity Protection System on Android Runtime”, Jusop Choi, Soolin Kim, Junsung Cho, Kuyju Kim, Seok Hong, and Hyoungshick Kim, SAC: The 35th ACM/SIGAPP Symposium On Applied Computing, Brno, Czech Republic, 2020. pdf video
  • “IBCS: Intent-Based Cloud Services for Security Applications”, Jinyong (Tim) Kim, Eunsoo Kim, Jinhyuk Yang, Jaehoon (Paul) Jeong, Hyoungshick Kim, Sangwon Hyun, Hyunshik Yang, Jaewook Oh, Younghan Kim, Susan Hares, and Linda Dunbar, IEEE Communications Magazine, 2020. pdf
  • “LocAuth: A Fine-grained Indoor Location-based Authentication System using Wireless Networks Characteristics”, Mohsen Alawami and Hyoungshick Kim, Computers & Security, 2020. pdf
  • “On the robustness of Lightning Network in Bitcoin”, Seungjin Lee and Hyoungshick Kim, Pervasive and Mobile Computing, 2020. pdf


  • “An Eye for an Eye: Economics of Retaliation in Mining Pools”, Yujin Kwon, Hyoungshick Kim, Yung Yi and Yongdae Kim, AFT: The 1st ACM Conference on Advances in Financial Technologies, Zurich, Switzerland, 2019. pdf
  • “Understanding Users’ Risk Perceptions about Personal Health Records Shared on Social Networking Services”, Yuri Son, Geumhwan Cho, Hyoungshick Kim, and Simon Woo, ASIACCS: The 12th ACM Asia Conference on Computer and Communications Security, Auckland, New Zealand, 2019. pdf
  • “O2TR: Offline OTR Messaging System under Network Disruption”, Mahdi D Firoozjaei, Minchang Kim, Jaeseung Song and Hyoungshick Kim, Computers & Security, 2019. pdf
  • “Digital forensic analysis of encrypted database files in instant messaging applications on Windows operating systems”, Jusop Choi, Jaegwan Yu, Sangwon Hyun, and Hyoungshick Kim, DFRWS EU: Digital Forensic Research Workshop EU, 2019. pdf
  • “Statistical Application Fingerprinting for DDoS Attack Mitigation”, Muhammad Ejaz Ahmed, Saeed Ullah, and Hyoungshick Kim, IEEE Transactions on Information Forensics and Security, 2019. pdf
  • “Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash?”, Yujin Kwon, Hyoungshick Kim, Jinwoo Shin, and Yongdae Kim, S&P: The 40th IEEE Symposium on Security and Privacy, San Francisco, USA, 2019. pdf video


  • “The Other Side of the Coin: A Framework for Detecting and Analyzing Web-based Cryptocurrency Mining Campaigns”, Julian Rauchberger, Sebastian Schrittwieser, Tobias Dam, Robert Luh, Damjan Buhov, Gerhard Pötzelsberger, and Hyoungshick Kim, ARES: The 13th International Conference on Availability, Reliability and Security, Hamburg, Germany2018. pdf
  • “Two-Thumbs-Up: Physical Protection for PIN Entry Secure against Recording Attacks”, DaeHun Nyang, Hyoungshick Kim, Woojoo Lee, Sung-bae Kang, Geumhwan Cho, Mun-Kyu Lee, and Aziz Mohaisen, Computers & Security, 2018. pdf
  • “The Personal Identification Chord: A Four Button Authentication System for Smartwatches”, Ian Oakley, Jun Ho Huh, Junsung ChoGeumhwan Cho, MD. Rasel Islam and Hyoungshick Kim, ASIACCS: The 11th ACM Asia Conference on Computer and Communications Security, Incheon, Korea, 2018. pdf video
  • “I’m Listening to your Location! Inferring User Location with Acoustic Side Channel”, Youngbae Jeon, Minchul Kim, Hyunsoo Kim, Hyoungshick Kim, Jun Ho Huh, and Ji Won Yoon, WWW: The 27th Web Conference, Lyon, France, 2018. pdf
  • “No Silk Road for Online Gamers!: Using Social Network Analysis to Unveil Black Markets in Online Games”, Eunjo Lee, Jiyoung Woo, Hyoungshick Kim and Huy Kang Kim, WWW: The 27th Web Conference (Industry track), Lyon, France, 2018. pdf
  • “Interface to Network Security Functions for Cloud-based Security Services”, Sangwon Hyun, Jinyong Kim, Hyoungshick Kim, Jaehoon Jeong, Susan Hares, Linda Dunbar and Adrian Farrel, IEEE Communications Magazine, 2018. pdf video code


  • “Preventing DNS amplification attacks using the history of DNS queries with SDN”, Soyoung Kim, Sora Lee, Geumhwan Cho, Muhammad Ejaz Ahmed, Jaehoon Paul Jeong and Hyoungshick Kim, ESORICS: The 22th European Symposium on Research in Computer Security, Oslo, Norway, 2017. pdf
  • “SysPal: System-guided Pattern Locks for Android”, Geumhwan Cho, Jun Ho Huh, Junsung Cho, Seongyeol Oh, Youngbae Song and Hyoungshick Kim, S&P: The 38th IEEE Symposium on Security and Privacy, San Jose, USA, 2017. pdf presentation
  • “I’m too busy to reset my LinkedIn password: On the effectiveness of password reset emails”, Jun Ho Huh, Hyoungshick Kim, Rakesh B. Bobba, Konstantin Beznosov and Swathi Sri V Rayala, CHI: The 35th ACM SIGCHI Conference on Human Factors in Computing Systems, Denver, USA, 2017. pdf
  • “Boosting the Guessing Attack Performance on Android Lock Patterns with Smudge Attacks”, Seunghun ChaSungsu Kwag, Hyoungshick Kim and Jun Ho Huh, ASIACCS: The 10th ACM Asia Conference on Computer and Communications Security, Abu Dhabi, UAE, 2017. pdf
  • “Wrong Siren! A location spoofing attack on indoor positioning systems: the Starbucks case study”, Junsung Cho, Jaegwan Yu, Sanghak Oh, Jungwoo Ryoo, Jaeseung Song and Hyoungshick Kim, IEEE Communications Magazine, 2017. pdf video
  • “Privacy-Preserving Nearest Neighbor Queries Using Geographical Features of Cellular Networks”, Mahdi D Firoozjaei, Jaegwan Yu, Hyoungkee Choi and Hyoungshick Kim, Computer Communications, 2017. pdf


  • “PassBYOP: Bring Your Own Picture for Securing Graphical Passwords”, Andrea Bianchi, Ian Oakley and Hyoungshick Kim, IEEE Transactions on Human-Machine Systems, Vol. 46(3), 2016. pdf video
  • “You are a Game Bot!: Uncovering game bots in MMORPGs via self-similarity in the wild”, Eunjo Lee, Jiyoung Woo, Hyoungshick Kim, Aziz Mohaisen and Huy Kang Kim, NDSS: The 23th Network and Distributed System Security Symposium, San Diego, USA, 2016. pdf


  • “Surpass: System-initiated user-replaceable passwords”, Jun Ho Huh, Seongyeol Oh, Hyoungshick Kim, Konstantin Beznosov, Apurva Mohan, and S. Raj Rajagopalan, CCS: The 22nd ACM  Conference on Computer and Communications Security, Denver, USA, 2015. pdf
  • “On the Memorability of System-generated PINs: Can Chunking Help?”, Jun Ho Huh, Hyoungshick Kim, Rakesh B. Bobba, Masooda Bashir and Konstantin Beznosov, SOUPS: The 11th Symposium On Usable Privacy and Security, Ottawa, Canada, 2015. pdf
  • “Enhancing Conformance Testing using Symbolic Execution for Network Protocols”, Jaeseung Song, Hyoungshick Kim, and Soojin Park, IEEE Transactions on Reliability, 2015. pdf
  • “Design and analysis of enumeration attacks on finding friends with phone numbers: a case study with KakaoTalk”, Eunhyun Kim, Kyungwon Park, Hyoungshick Kim and Jaeseung Song, Computers & Security, 2015. pdf
  • “On the Effectiveness of Pattern Lock Strength Meters – Measuring the Strength of Real World Pattern Locks”, Youngbae Song, Geumhwan Cho, Seongyeol Oh, Hyoungshick Kim and Jun Ho Huh, CHI: The 33rd ACM SIGCHI Conference on Human Factors in Computing Systems, Seoul, Korea, 2015. pdf video


  • “An Experimental Evaluation of Robustness of Networks”, Hyoungshick Kim and Ross Anderson, IEEE Systems Journal, 2013. pdf


  • “Efficient Channel Selection Using Hierarchical Clustering”, Hyoungshick Kim, Jon Crowcroft and Fernando M.V. Ramos, WoWMoM: The 13th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, San Francisco, USA, 2012. pdf
  • “STOP: Socio-Temporal Opportunistic Patching of Short Range Mobile Malware”, John Tang, Hyoungshick Kim, Cecilia Mascolo and Mirco Musolesi, WoWMoM: The 13rd IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, San Francisco, USA, 2012. pdf
  • “What’s in Your Tweets? I Know Who You Supported in the UK 2010 General Election”, Antoine Boutet, Hyoungshick Kim and Eiko Yoneki, ICWSM: The 6th International AAAI Conference on Weblogs and Social Media, Dublin, Ireland, 2012. pdf
  • “PIN selection policies: Are they really effective?”, Hyoungshick Kim and Jun Ho Huh, Computers & Security, 2012. pdf
  • “Social Authentication: Harder than it Looks”, Hyoungshick Kim, John Tang and Ross Anderson, FC: The 16th IFCA International Conference on Financial Cryptography and Data Security, Kralendijk, Bonaire, 2012. pdf

(There’s press coverage. [New Scientist, Jan. 25, 2012][Light Blue Touchpaper, Feb. 22, 2012])

  • “Centrality Prediction in Dynamic Human Contact Networks”, Hyoungshick Kim, John Tang, Ross Anderson and Cecilia Mascolo, Computer Networks, 2012. pdf
  • “Temporal Node Centrality in Complex Networks”, Hyoungshick Kim and Ross Anderson, Physical Review E, 2012. pdf

(There’s press coverage. [University of Cambridge Research News, Feb. 20, 2012][Light Blue Touchpaper, Jan. 18, 2012])

  • “Network Analysis of Temporal Trends in Scholarly Research Productivity”, Hyoungshick Kim, Ji Won Yoon and Jon Crowcroft, Journal of Informetrics, 2012. pdf


  • “RAD: Recipient-Anonymous Data Delivery based on Public Routing Proxies”, Hyoungshick Kim and Jaehoon Jeong, Computer Networks, 2011. pdf
  • “Detecting DNS Poisoning Based Phishing Attacks from their Network Performance Characteristics”, Hyoungshick Kim and Jun Ho Huh, Electronics Letters, 2011. (selected as a research highlight in briefpdf


  • “Hybrid Spam Filtering for Mobile Communication”, Ji Won Yoon, Hyoungshick Kim and Jun Ho Huh, Computers & Security, 2010. pdf
  • “On the Security of Internet Banking in South Korea”, Hyoungshick Kim, Jun Ho Huh and Ross Anderson, Oxford University Technical Report, RR-10-01, 2010. pdf [Another Version]

(There’s press coverage. [Light Blue Touchpaper, May 12, 2012][etnews, May 3, 2010][boan news, Apr. 29. 2010][itnews, Apr. 29. 2010][edaily, Apr. 29. 2010][MK business News, Apr. 29. 2010][Mozilla in Asia, Apr. 28. 2010][etnews, Mar. 15, 2010][Yonhap News, Mar. 15, 2010][inews, Mar. 14, 2010][JoongAng Sunday, Feb. 28, 2010][Seoul Newspaper, Feb. 20, 2010][etnews, Feb. 8, 2010])