Your one-stop web resource providing safety and security information to manufacturers

Yonghwi Kwon is the real thing when it comes to cracking cases in the insidious world of cybercrime.

In his first 11 months at the University of Virginia (UVA) Engineering, Kwon secured $937,000 in grants and awards. He received three National Science Foundation grants worth more than $800,000 to study and develop methods to identify and protect systems from hacking and malware, as well as build a reliable and robust data information-sharing network.

The John Knight Career Enhancement Assistant Professor of Computer Science also received $125,000 from the U.S. Office of Naval Research to work on new forensic capabilities that can track fine-grained activities in complex modern applications, like today’s web browsers, to help understand damages attackers cause and then protect the systems from future assault.

Digital attacks are on the rise. As our world becomes more digitally connected, attack surfaces on systems and devices become more vulnerable. A 2018 report by the Center for Strategic and International Studies and software security company McAfee estimated nearly $600 billion is lost annually to cybercrime, up from $445 billion in 2014. The report said one of the reasons for the increase is because of more sophisticated malware technologies.

Schneider Bold

“Manually patching the vulnerabilities cannot keep up with the emerging cyber-attack trend,” Kwon said in a report on UVA Today. “In the Department of Computer Science at UVA, we are developing automated techniques that analyze insecure programs and make them secure.”

Yonghwi Kwon is developing automated systems for detecting and halting malware.
Photo: Chris Tyree

Understanding how to build sophisticated, automated response systems to counter malicious intent means understanding how hackers think and what motivates them. In addition, Kwon studies the forensics about how attacks happen in the first place. Like a true detective, he analyzes attackers’ intentions and combs code to look for digital fingerprints that might point to a culprit. “We are developing precise information-flow techniques for forensic analysis to uncover such details,” he said.

‘Doctor WHO’
One of Kwon’s projects, involving collaborators at Georgia Tech and the University of Georgia, is titled “Doctor WHO: Investigation and Prevention of Online Content Management System Abuse.”

Kwon and his colleagues will analyze web content management system frameworks for sinister malware that lies in wait inside the systems, virtually invisible until it unleashes its destruction. In a three-pronged approach, the team will develop a prediction framework called TARDIS, which will discover attacks and pinpoint their origins. The team will then create Torchwood, an engine that can analyze highly dynamic malware targeting content management systems. Finally, the team will create UNIT, which will build a fortress around content management systems by automatically hardening and securing the systems, protecting them from future attacks.

Kwon’s work also is aimed at improving the quality and reliability of data analysis. This is increasingly important in today’s society, where the continuous advancement of technology brings the possibility of more collaborations between researchers, businesses and health care organizations through shared data and analysis.

“While the outcomes of this kind of collaboration have the potential to paint clearer pictures, there are also many risks,” Kwon said.

Growing Risk
As an example, medical professionals can boost their understanding of clinical trial results by examining various trials from multiple organizations using many different data collection sources, like digital sensors and surveys, and then pooling that data for analysis. This has the potential to improve treatment options and accelerate research.

“While a vast amount of data collected from various sources brings us benefits, it imposes, at the same time, an important challenge of ensuring trustworthiness and quality of data due to the integration of data from various sources,” Kwon said. “Faulty, improperly configured, or broken sensors, as well as buggy or compromised data, can severely affect the quality of data and the analyzed results.”

Kwon and his team are working to develop an infrastructure that protects the integrity of data, and the subsequent analyses, coming from multiple sources. They will track the communication of data as it’s moving from system to system so they can understand how information is shared, accessed and manipulated across multiple devices, networks and organizations.

In addition to securing funding to launch his lab, Kwon also advised UVA’s National Collegiate Cyber Defense Competition student team. Last March, the team earned its second consecutive national championship.

“We have seen many cold cases in real-world crime investigations because of, mostly, missing and weak evidence,” he said. “We definitely do not want to see those in the cyber world. We want to provide fundamental capabilities to catch cyber criminals and secure society in the end.

“My ultimate goal is to make our society safer and resilient to advanced attackers.”

Pin It on Pinterest

Share This