Publications (selected)

We list selected publications only. For a full publication list, please click here.

(Here papers are restricted to academic use within not-for-profit institutions.)


  • “End-to-End Evaluation of Federated Learning and Split Learning for Internet of Things”, Yansong Gao, Minki Kim, Sharif Abuadbba, Yeonjae Kim, Chandra Thapa, Kyuyeon Kim, Seyit A. Camtepe, Hyoungshick Kim, and Surya Nepal, SRDS: The 39th International Symposium on Reliable Distributed Systems, Shanghai, China, 2020. (accepted)
  • “On the Security and Usability Implications of Multiple Authentication Choices”, Geumhwan Cho, Jun Ho Huh, Soolin Kim, Junsung Cho, Heesung Park, Yenah Lee,  Konstantin Beznosov, and Hyoungshick Kim, ACM Transactions on Privacy and Security, 2020. (accepted)
  • “Can We Use Split Learning on 1D CNN Models for Privacy Preserving Training?”, Alsharif Abuadbba, Kyuyeon Kim, Minki Kim, Chandra Thapa, Seyit A. Camtepe, Yansong Gao, Hyoungshick Kim, and Surya Nepal, ASIACCS: The 13th ACM Asia Conference on Computer and Communications Security, Taipei, Taiwan, 2020. (accepted)
  • “A Graphical-Textual Hybrid Fallback Authentication System”, Joon Kuy Han, Simon Woo, and Hyoungshick Kim, ASIACCS: The 13th ACM Asia Conference on Computer and Communications Security, Taipei, Taiwan, 2020. (accepted)
  • “Void: A fast and light voice liveness detection system”, Muhammad Ejaz Ahmed, Ilyoup Kwak, Jun Ho Huh, Iljoo Kim, Taekkyung Oh, and Hyoungshick Kim, USENIX Security: The 29th USENIX Security Symposium, Boston, USA, 2020. pdf

(There’s press coverage. [techAU, Jun. 22, 2020][FutureFive, Jun. 23, 2020][ZDNet, Jun. 22, 2020])

  • “Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policies”, Eun yong Cheon, Yonghwan Shin, Jun Ho Huh, Hyoungshick Kim, and Ian Oakley, S&P: The 41th IEEE Symposium on Security and Privacy, San Francisco, USA, 2020. pdf video 1 video 2
  • “I’ve Got Your Packages: Harvesting customers’ delivery order information using package tracking number enumeration”, Simon Woo,  Hanbin Jang, Woojung Ji, and Hyoungshick Kim, WWW: The 29th Web Conference, Taipei, Taiwan, 2020. pdf
  • “ACIDroid: A Practical App Cache Integrity Protection System on Android Runtime”, Jusop Choi, Soolin Kim, Junsung Cho, Kuyju Kim, Seok Hong, and Hyoungshick Kim, SAC: The 35th ACM/SIGAPP Symposium On Applied Computing, Brno, Czech Republic, 2020. pdf video
  • “IBCS: Intent-Based Cloud Services for Security Applications”, Jinyong (Tim) Kim, Eunsoo Kim, Jinhyuk Yang, Jaehoon (Paul) Jeong, Hyoungshick Kim, Sangwon Hyun, Hyunshik Yang, Jaewook Oh, Younghan Kim, Susan Hares, and Linda Dunbar, IEEE Communications Magazine, 2020. pdf
  • “LocAuth: A Fine-grained Indoor Location-based Authentication System using Wireless Networks Characteristics”, Mohsen Alawami and Hyoungshick Kim, Computers & Security, 2019. pdf
  • “On the robustness of Lightning Network in Bitcoin”, Seungjin Lee and Hyoungshick Kim, Pervasive and Mobile Computing, 2019. pdf


  • “An Eye for an Eye: Economics of Retaliation in Mining Pools”, Yujin Kwon, Hyoungshick Kim, Yung Yi and Yongdae Kim, AFT: The 1st ACM conference on Advances in Financial Technologies, Zurich, Switzerland, 2019. pdf
  • “Understanding Users’ Risk Perceptions about Personal Health Records Shared on Social Networking Services”, Yuri Son, Geumhwan Cho, Hyoungshick Kim, and Simon Woo, ASIACCS: The 12th ACM Asia Conference on Computer and Communications Security, Auckland, New Zealand, 2019. pdf
  • “O2TR: Offline OTR Messaging System under Network Disruption”, Mahdi D Firoozjaei, Minchang Kim, Jaeseung Song and Hyoungshick Kim, Computers & Security, 2019. pdf
  • “Digital forensic analysis of encrypted database files in instant messaging applications on Windows operating systems”, Jusop Choi, Jaegwan Yu, Sangwon Hyun, and Hyoungshick Kim, DFRWS EU: Digital Forensic Research Workshop EU, 2019. pdf
  • “Statistical Application Fingerprinting for DDoS Attack Mitigation”, Muhammad Ejaz Ahmed, Saeed Ullah, and Hyoungshick Kim, IEEE Transactions on Information Forensics and Security, 2019. pdf
  • “Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash?”, Yujin Kwon, Hyoungshick Kim, Jinwoo Shin, and Yongdae Kim, S&P: The 40th IEEE Symposium on Security and Privacy, San Francisco, USA, 2019. pdf video


  • “The Other Side of the Coin: A Framework for Detecting and Analyzing Web-based Cryptocurrency Mining Campaigns”, Julian Rauchberger, Sebastian Schrittwieser, Tobias Dam, Robert Luh, Damjan Buhov, Gerhard Pötzelsberger, and Hyoungshick Kim, ARES: The 13th International Conference on Availability, Reliability and Security, Hamburg, Germany2018. pdf
  • “Two-Thumbs-Up: Physical Protection for PIN Entry Secure against Recording Attacks”, DaeHun Nyang, Hyoungshick Kim, Woojoo Lee, Sung-bae Kang, Geumhwan Cho, Mun-Kyu Lee, and Aziz Mohaisen, Computers & Security, 2018. pdf
  • “The Personal Identification Chord: A Four Button Authentication System for Smartwatches”, Ian Oakley, Jun Ho Huh, Junsung ChoGeumhwan Cho, MD. Rasel Islam and Hyoungshick Kim, ASIACCS: The 11th ACM Asia Conference on Computer and Communications Security, Incheon, Korea, 2018. pdf video
  • “I’m Listening to your Location! Inferring User Location with Acoustic Side Channel”, Youngbae Jeon, Minchul Kim, Hyunsoo Kim, Hyoungshick Kim, Jun Ho Huh, and Ji Won Yoon, WWW: The 27th Web Conference, Lyon, France, 2018. pdf
  • “No Silk Road for Online Gamers!: Using Social Network Analysis to Unveil Black Markets in Online Games”, Eunjo Lee, Jiyoung Woo, Hyoungshick Kim and Huy Kang Kim, WWW: The 27th Web Conference (Industry track), Lyon, France, 2018. pdf
  • “Interface to Network Security Functions for Cloud-based Security Services”, Sangwon Hyun, Jinyong Kim, Hyoungshick Kim, Jaehoon Jeong, Susan Hares, Linda Dunbar and Adrian Farrel, IEEE Communications Magazine, 2018. pdf video code


  • “Preventing DNS amplification attacks using the history of DNS queries with SDN”, Soyoung Kim, Sora Lee, Geumhwan Cho, Muhammad Ejaz Ahmed, Jaehoon Paul Jeong and Hyoungshick Kim, ESORICS: The 22th European Symposium on Research in Computer Security, Oslo, Norway, 2017. pdf
  • “SysPal: System-guided Pattern Locks for Android”, Geumhwan Cho, Jun Ho Huh, Junsung Cho, Seongyeol Oh, Youngbae Song and Hyoungshick Kim, S&P: The 38th IEEE Symposium on Security and Privacy, San Jose, USA, 2017. pdf presentation
  • “I’m too busy to reset my LinkedIn password: On the effectiveness of password reset emails”, Jun Ho Huh, Hyoungshick Kim, Rakesh B. Bobba, Konstantin Beznosov and Swathi Sri V Rayala, CHI: The 35th ACM SIGCHI Conference on Human Factors in Computing Systems, Denver, USA, 2017. pdf
  • “Boosting the Guessing Attack Performance on Android Lock Patterns with Smudge Attacks”, Seunghun ChaSungsu Kwag, Hyoungshick Kim and Jun Ho Huh, ASIACCS: The 10th ACM Asia Conference on Computer and Communications Security, Abu Dhabi, UAE, 2017. pdf
  • “Wrong Siren! A location spoofing attack on indoor positioning systems: the Starbucks case study”, Junsung Cho, Jaegwan Yu, Sanghak Oh, Jungwoo Ryoo, Jaeseung Song and Hyoungshick Kim, IEEE Communications Magazine, 2017. pdf video
  • “I Don’t Use Apple Pay Because It’s Less Secure …: Perception of Security and Usability in Mobile Tap-and-Pay”, Jun Ho Huh, Saurabh Verma, Swathi Sri V Rayala, Rakesh Bobba, Konstantin Beznosov and Hyoungshick Kim, USEC: The 5th Usable Security Conference, San Diego, USA, 2017. pdf
  • “Privacy-Preserving Nearest Neighbor Queries Using Geographical Features of Cellular Networks”, Mahdi D Firoozjaei, Jaegwan Yu, Hyoungkee Choi and Hyoungshick Kim, Computer Communications, 2017. pdf


  • “PassBYOP: Bring Your Own Picture for Securing Graphical Passwords”, Andrea Bianchi, Ian Oakley and Hyoungshick Kim, IEEE Transactions on Human-Machine Systems, Vol. 46(3), 2016. pdf video
  • “You are a Game Bot!: Uncovering game bots in MMORPGs via self-similarity in the wild”, Eunjo Lee, Jiyoung Woo, Hyoungshick Kim, Aziz Mohaisen and Huy Kang Kim, NDSS: The 23th Network and Distributed System Security Symposium, San Diego, USA, 2016. pdf


  • “Surpass: System-initiated user-replaceable passwords”, Jun Ho Huh, Seongyeol Oh, Hyoungshick Kim, Konstantin Beznosov, Apurva Mohan, and S. Raj Rajagopalan, CCS: The 22th ACM  Conference on Computer and Communications Security, Denver, USA, 2015. pdf
  • “On the Memorability of System-generated PINs: Can Chunking Help?”, Jun Ho Huh, Hyoungshick Kim, Rakesh B. Bobba, Masooda Bashir and Konstantin Beznosov, SOUPS: The 11st Symposium On Usable Privacy and Security, Ottawa, Canada, 2015. pdf
  • “Enhancing Conformance Testing using Symbolic Execution for Network Protocols”, Jaeseung Song, Hyoungshick Kim, and Soojin Park, IEEE Transactions on Reliability, 2015. pdf
  • “Design and analysis of enumeration attacks on finding friends with phone numbers: a case study with KakaoTalk”, Eunhyun Kim, Kyungwon Park, Hyoungshick Kim and Jaeseung Song, Computers & Security, 2015. pdf
  • “On the Effectiveness of Pattern Lock Strength Meters – Measuring the Strength of Real World Pattern Locks”, Youngbae Song, Geumhwan Cho, Seongyeol Oh, Hyoungshick Kim and Jun Ho Huh, CHI: The 33th ACM SIGCHI Conference on Human Factors in Computing Systems, Seoul, Korea, 2015. pdf video


  • “I’ve Got Your Number: Harvesting users’ personal data via contacts sync for the KakaoTalk messenger”, Eunhyun Kim, Kyungwon Park, Hyoungshick Kim and Jaeseung Song, WISA: The 15th International Workshop on Information Security Applications, Jeju Island, Korea, 2014.  (selected as “best paper”) pdf
  • “Finding Influential Neighbors to Maximize Information Diffusion in Twitter”, Hyoungshick Kim, Konstantin Beznosov and Eiko Yoneki, SIMPLEX: The 6th Annual Workshop on Simplifying Complex Networks for Practitioners, held in conjunction with WWW, Seoul, Korea, 2014. (selected as “runner-up”) pdf


  • “Social network analysis of patent infringement lawsuits”, Hyoungshick Kim and Jaeseung Song, Technological Forecasting & Social Change, 2013. pdf
  • “An Experimental Evaluation of Robustness of Networks”, Hyoungshick Kim and Ross Anderson, IEEE Systems Journal, 2013. pdf


  • “What’s in Twitter: I Know What Parties are Popular and Who You are Supporting Now!”, Antoine Boutet, Hyoungshick Kim and Eiko Yoneki, ASONAM: The 4th IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, Istanbul, Turkey, 2012. pdf
  • “Influential Neighbours Selection for Information Diffusion in Online Social Networks”, Hyoungshick Kim and Eiko Yoneki, ICCCN: The 21st IEEE International Conference on Computer Communication Networks, Munich, Germany, 2012. pdf
  • “Efficient Channel Selection Using Hierarchical Clustering”, Hyoungshick Kim, Jon Crowcroft and Fernando M.V. Ramos, WoWMoM: The 13th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, San Francisco, USA, 2012. pdf
  • “STOP: Socio-Temporal Opportunistic Patching of Short Range Mobile Malware”, John Tang, Hyoungshick Kim, Cecilia Mascolo and Mirco Musolesi, WoWMoM: The 13th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, San Francisco, USA, 2012. pdf
  • “What’s in Your Tweets? I Know Who You Supported in the UK 2010 General Election”, Antoine Boutet, Hyoungshick Kim and Eiko Yoneki, ICWSM: The 6th International AAAI Conference on Weblogs and Social Media, Dublin, Ireland, 2012. pdf
  • “PIN selection policies: Are they really effective?”, Hyoungshick Kim and Jun Ho Huh, Computers & Security, 2012. pdf
  • “Social Authentication: Harder than it Looks”, Hyoungshick Kim, John Tang and Ross Anderson, FC: The 16th IFCA International Conference on Financial Cryptography and Data Security, Kralendijk, Bonaire, 2012. pdf

(There’s press coverage. [New Scientist, Jan. 25, 2012][Light Blue Touchpaper, Feb. 22, 2012])

  • “Centrality Prediction in Dynamic Human Contact Networks”, Hyoungshick Kim, John Tang, Ross Anderson and Cecilia Mascolo, Computer Networks, 2012. pdf
  • “Temporal Node Centrality in Complex Networks”, Hyoungshick Kim and Ross Anderson, Physical Review E, 2012. pdf

(There’s press coverage. [University of Cambridge Research News, Feb. 20, 2012][Light Blue Touchpaper, Jan. 18, 2012])

  • “Network Analysis of Temporal Trends in Scholarly Research Productivity”, Hyoungshick Kim, Ji Won Yoon and Jon Crowcroft, Journal of Informetrics, 2012. pdf


  • “RAD: Recipient-Anonymous Data Delivery based on Public Routing Proxies”, Hyoungshick Kim and Jaehoon Jeong, Computer Networks, 2011. pdf
  • “Detecting DNS Poisoning Based Phishing Attacks from their Network Performance Characteristics”, Hyoungshick Kim and Jun Ho Huh, Electronics Letters, 2011. (selected as a research highlight in briefpdf
  • “A Perfect Collision-free Pseudonym System”, Ji Won Yoon and Hyoungshick Kim, IEEE Communications Letters, 2011. pdf


  • “Hybrid Spam Filtering for Mobile Communication”, Ji Won Yoon, Hyoungshick Kim and Jun Ho Huh, Computers & Security, 2010. pdf
  • “On the Security of Internet Banking in South Korea”, Hyoungshick Kim, Jun Ho Huh and Ross Anderson, Oxford University Technical Report, RR-10-01, 2010. pdf [Another Version]

(There’s press coverage. [Light Blue Touchpaper, May 12, 2012][etnews, May 3, 2010][boan news, Apr. 29. 2010][itnews, Apr. 29. 2010][edaily, Apr. 29. 2010][MK business News, Apr. 29. 2010][Mozilla in Asia, Apr. 28. 2010][etnews, Mar. 15, 2010][Yonhap News, Mar. 15, 2010][inews, Mar. 14, 2010][JoongAng Sunday, Feb. 28, 2010][Seoul Newspaper, Feb. 20, 2010][etnews, Feb. 8, 2010])