Hi, my name is Changhoon

I am a Ph.D. student at KAIST, currently working with my advisor Dr.Seungwon Shin. I got my master's degree in information security at KAIST and bachelor's degree in computer engineering at University of Michigan.

Research interests

  • Software-defined networking (SDN) security

    I am interested in the next generation networking technologies, such as SDN/NFV. In particular, I've been discovering various security issues in SDN infrastructures to make them more secure, reliable, and highly available.

  • Network security services

    Leveraging SDN/NFV techniques, it is possible to design and implement innovative network services that are far more intelligent and efficient compared to existing services. I am also interested in such next-gen network security services.

  • Anonymity networks

    Anonymity networks, such as Tor, are also fun to play with. I am running my own version of Tor clients to explore the potentials of anonymity networks and hidden services.

Publications/Talks

Selected publications

Duo: Software Defined Intrusion Tolerant System using Dual Cluster
(to appear in) Security and Communication Networks (SCN) 2018
Yongjae Lee, Seunghyeon Lee, Hyunmin Seo, Changhoon Yoon, Seungwon Shin, Hyunsoo Yoon
A Security-Mode for Carrier-Grade SDN Controllers
Annual Computer Security Application Conference (ACSAC) 2017, Orlando, FL, USA
Changhoon Yoon, Seungwon Shin, Phillip Porras, Vinod Yegneswaran, Heedo Kang, Martin Fong, Brian O'Connor, Thomas Vachuska
Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks
IEEE/ACM Transaction on Networking 2017
Changhoon Yoon, Seungsoo Lee, Heedo Kang, Taejune Park, Seungwon Shin, Vinod Yegneswaran, Phillip Porras, Guofei Gu
DELTA: A Security Assessment Framework for Software-Defined Networks
The Network and Distributed System Security Symposium (NDSS) 2017, San Diego, CA, USA
Seungsoo Lee, Changhoon Yoon, Chanhee Lee, Seungwon Shin, Vinod Yegneswaran, Phillip Porras
The smaller, the shrewder: A simple malicious application can kill an entire SDN
ACM SDN-NFV Security 2016 (workshop), New Orleans, LA, USA
Seungsoo Lee, Changhoon Yoon, Seungwon Shin
SPIRIT: A Framework for Profiling SDN
IEEE ICNP-CoolSDN 2015 (workshop), San Francisco, CA, USA
Heedo Kang, Seungsoo Lee, Chanhee Lee, Changhoon Yoon, Seungwon Shin
Enabling Security Functions with SDN: A Feasibility Study
Elsevier Computer Networks
Changhoon Yoon, Taejune Park, Seungsoo Lee, Heedo Kang,
Seungwon Shin, Zonghua Zhang

Talks

Attacking SDN Infrastructure: Are We Ready for the Next-Gen Networking?
Blackhat USA 2016, Las Vegas, NV, USA
Tutorial: Software Defined Network Security – In Practice
IEEE NetSoft 2016, Seoul, South Korea
Security Mode ONOS
Open Networking Summit 2016 – ONOS Mini-Summit, Santa Clara, CA, USA
Security vulnerabilities in open-source SDN controllers
Open Networking Foundation – Member workday event, Santa Clara, CA, USA

Work experience

I was at SRI International in Winter 2014 and Summer&Winter 2015. I worked closely with Dr. Phillip Porras, who was my supervisor, and Dr. Vinod Yegneswaran. While I was there, I analyzed SDN operating systems to discover security issues in them, and designed/implemented Security-Mode ONOS (SM-ONOS), which is a security extension to ONOS. SM-ONOS protects the core of ONOS from third-party SDN applications by sandboxing the applications and enforcing security policies.

We also designed and implemented a security assessment framework for SDN, and this project is called DELTA. DELTA is now Open Networking Foundation's official open source project, and it was awarded BEST SDN solution showcase in Layer123-SDN World Congress 2016.

Other activities

Program Committee
ACM SDN-NFV Security 2016
ACM SDN-NFV Security 2017

2016
2017
Reviewer
IEEE Access
IEEE China Communications

2016
2015
Teaching Assistant
IS639 – Advanced network security
IS539 – Network security

Fall 2014, 2015
Spring 2014, 2015