Professional Services

This page describes my external academic activities.

Main editor of International Standard

in ITU-T SG17 (Security)/WP2/Q13 (Intelligent Transportation Systems)

• ITU-T X.1377 (formerly X.ipscv) Guidelines for an intrusion prevention system for connected vehicles, Approved in Oct 2022, ITU-T work programme—itu.int

Program Committee

Cyber Security Challenge 2021—Infotainment Hacking and Defense

A domestic event “사이버 보안 챌린지 2021: 자동차 해킹공격&방어”
Live feeds at Youtube—Call for challenge (in Korean), CSC2021: the Final Round (in Korean)

Worked for:
Competition design. In-vehicle infotainment testbed setup, attack vector investigation, penetration test, event log collection framework for the final stage
Evaluation. proof of concept exploit codes submitted by 102 researchers

I am grateful to Han Eol Lee and Dong Young Kim, who dedicated a significant amount of time preparing for the event with me.

Maintainer of the in-vehicle intrusion datasets

1. CAN Dataset for intrusion detection (OTIDS)

Available at ocslab.hksecurity.net.

2. Automotive Ethernet Intrusion Dataset

Available at IEEE DataPort. doi: 10.21227/1yr3-q009

3. X-CANIDS Dataset (In-Vehicle Signal Dataset)

Available at IEEE DataPort. doi: 10.21227/epsj-y384

Vulnerability disclosure

CVE-2022-24595

Impact: Remote Code Execution, Information Disclosure, and Denial of Service
/usr/bin/afb-daemon of Automotive Grade Linux 11.0.0–11.0.5 (Kooky Koi)

CVE-2022-24596

Impact: Denial of Service
/usr/bin/afb-daemon of Automotive Grade Linux 11.0.0–11.0.5 (Kooky Koi)

CVE-2022-24597

Impact: Information Disclosure, Denial of Service
agl-service-weather of Automotive Grade Linux 11.0.0–11.0.5 (Kooky Koi)

External reviewer

• Elsevier Computers & Security
• IEEE Networking Letters
• IEEE Transactions on Vehicular Technology
• Elsevier Internet of Things
• SAE International Journal