Yu Seung Kim
Cyber-Physical System Security (Medical Devices, Automotive Platforms, Data Privacy, IoT, Cloud, Wireless, Mobile)
I have been working on the analysis of threats in mission-critical systems including telecommunication systems, medical devices, connected-automated vehicles, mobility services, and the development of countermeasures. I received PhD in Electrical and Computer Engineering from Carnegie Mellon University with a dissertation titled “Securing Wi-Fi Access By Using Location-Aware Controls”. I was a member of the Mobile, Embedded, Wireless Security group led by Dr. Patrick Tague.
Recent Publication
- Cho, Kyong-Tak, Kang Shin, Yu Seung Kim, and Byung-Ho Cha. “Off is Not Off: On the Security of Parked Vehicles.” In 2020 IEEE Conference on Communications and Network Security (CNS), pp. 1-9. IEEE, 2020
- Yieh, Pierson, Aaron Otis, Andrew R. Li, Sean Bayley, Atticus Liu, Chin Chao, Daniel Kim, Bruce DeBruhl, and Yu Seung Kim. “Multi-Radio-Based Vehicle Pseudonym Association.” In 2019 IEEE 90th Vehicular Technology Conference (VTC2019-Fall)
- Kim, Yu Seung. “Secure and Safe In-Vehicle Device Pairing Using Accelerometer Sensor.” In 2019 IEEE 90th Vehicular Technology Conference (VTC2019-Fall)
- Li, Huaxin, Di Ma, Brahim Medjahed, Yu Seung Kim, and Pramita Mitra. “Data Privacy in the Emerging Connected Mobility Services: Architecture, Use Cases, Privacy Risks, and Countermeasures.” SAE International Journal of Transportation Cybersecurity and Privacy, No. 11-02-01-0004 (2019)
- Li, Huaxin, Di Ma, Brahim Medjahed, Yu Seung Kim, and Pramita Mitra. “Analyzing and Preventing Data Privacy Leakage in Connected Vehicle Services.” SAE International Journal of Advances and Current Practices in Mobility, No. 2019-01-0478 (2019)
- Li, Huaxin, Di Ma, Brahim Medjahed, Qianyi Wang, Yu Seung Kim, and Pramita Mitra. “Secure and privacy-preserving data collection mechanisms for connected vehicles.” No. 2017-01-1660. SAE Technical Paper, 2017.
* The full list can be found here.
Experience
Corporate Vice President / Head of Security Lab. at Samsung Electronics, Suwon, South Korea (Jan 2024 - current)
- Product Cybersecurity for vRAN, O-RAN, and next-gen telecommunication systems
Staff Product Security Engineer at Intuitive Surgical, Sunnyvale, CA (Jul 2020 - current)
- Cyber threat modeling and cybersecurity architecture design on medical devices including surgical robots and networking components
- Vulnerability assessment on products before market release
- Regulatory cybersecurity compliance (e.g. FDA, EU-MDR)
- Cloud, container, virtual machine security
- Device to infrastructure authentication with TPM and PKI
- SBOM, SAST, DAST, fuzz testing
Automotive Cybersecurity Research Scientist at Ford Greenfield Labs, Palo Alto, CA (Mar 2015 - Jul 2020)
- Threat analysis and risk assessment of autonomous and connected vehicles
- In-vehicle network security (CAN, CAN-FD, Auto Ethernet)
- Automotive IDS (CAN IDS, smartphone-aided vehicle IDS)
- Attack analysis and mitigation of vehicle access (keyfob/keyless systems, WiFi, Bluetooth)
- Privacy study on wireless interfaces of modern vehicles
- Privacy study on connected mobility services
- Secure vehicle software development process (SAST/DAST/SCA)
- Sensor-based secure pairing between vehicle and in-cabin devices
- Cellular-V2X security
Graduate Research Assistant at Carnegie Mellon University CyLab, NASA AMES Reserach Park, Moffett Field, CA (Aug 2010 - Dec 2014)
- User tracking and user privacy protection in Wi-Fi networks
- Statistical attack detection over anonymized wireless networks
- Android phone Wi-Fi mesh network
- Advanced jamming attack on wireless mesh networks and mitigation
- Secure localization under jamming attack
- Stochastic optimization of jamming attack on network flows
Research Intern in CTO team at Narus Inc., Sunnyvale, CA (May 2014 - Aug 2014)
- IoT sensor-based group sentiment analysis system
Research Intern at Cisco Cystems, San Jose, CA (May 2012 - Aug 2013)
- Detection and localization of Wi-Fi AP impersonation
- Vulnerability analysis of Cisco Adaptive Wireless Intrusion Prevention System
Research Assistant at Korea University, Seoul, Korea (Mar 2008 - Feb 2010)
- DDoS attack testbed based on NetFPGA
- Jamming approach to prevent information leakage on wireless networks
- IRC/P2P botnet traffic analysis
Senior System Software Engineer at Samsung Electronics, Suwon, Korea (Jul 2002 - Jul 2010)
- Traffic forwarding and routing design in telecommunication products (CDMA, WCDMA, M-WiMax, LTE).
- Linux system middleware (TCP/IP socket, IPC, synchronization, multi-thread management, remote debugging & logging facility).
- Linux kernel modules and device drivers to satisfy the inter-process communication and security requirements.
- Real-time/post-mortem process monitoring tools for debugging and traffic test tools for large-scale system stress test.
Education
- Carnegie Mellon University, PhD in ECE, 2010-2014
- Korea University, ME in CS, 2008-2010
- Korea University, BS in CS, 1996-2002