Su Yong Kim is a senior member of the engineering staff in the affiliated institute of ETRI. His research focuses on finding and fixing vulnerabilities in softwares. He presented his papers at the Blackhat and CanSecWest conferences.
[Abstract]
==========
This talk will cover results of collaborative research between SSLab in Georgia Tech and the affiliated institute of ETRI. Our research focused on finding security bugs in commodity software by using concolic testing. We could automatically disclose many crashes in Windows kernel drivers using our practical concolic testing tool, CAB-Fuzz. We reported all crashes to venders. Microsoft and ESET confirmed that four of them are new vulnerabilities to be fixed. In this talk, we will explain problems and solutions of concolic testing in Windows kernel drivers.