Fellows
/Senior Distinguished
Researchers
/Distinguished
Researchers
- Distinguished Researcher
Yuhei Kawakoya
- NTT Social Informatics Laboratories
- Distinguished Researcher
More Distinguished Researchers
- Security
More researchers on the field
- Social Informatics Laboratories
More researchers belonging to the lab/center/dept
Fully automated software vulnerability discovery and assessment
Research on vulnerability discovery and assessment by applying advanced program analysis techniques, such as taint analysis or symbolic execution, to real-world problems in practical fields. My goal is to realize fully automated analysis technologies to find vulnerabilities and generate their exploit code.
In this page
Awards
- MWS2012 Best Paper Award
- IPSJ Specially Selected Paper 2013
- IPSJ Yamashita SIG Research Award 2013
- CSS2017 Best Paper Award
- JIP Specially Selected Paper 2018
Academic Activities
- IWSEC 2019 Program Committee
Professional Activities
- Security Camps Lecturer (2018-2019), Producer(2021-2023)
Publications
Books
- "Analyzing Malware: Fighting against infection incidents with free tools", O'Reilly Japan, 2010.
- Japanese translation of "Metasploit: The Penetration Tester's Guide", O'Reilly Japan, 2012.
- Japanese translation of "Black Hat Python: Python Programming for Hackers and Pentesters", O'Reilly Japan, 2015.
Papers
-
"SmmPack: Obfuscation for SMM Modules(co-author)", DIMVA, 2024
- "Xunpack: Cross-Architecture Unpacking for Linux IoT Malware", RAID, 2023
- "Script Tainting Was Doomed From The Start (By Type Conversion): Converting Script Engines into Dynamic Taint Analysis Frameworks(co-author)", RAID, 2022
-
"Automatic Reverse Engineering of Script Engine Binaries for Building Script API Tracers(co-author)", ACM DTRAP, 2021
- "EIGER: Automated IOC Generation for Accurate and Interpretable Endpoint Malware Detection (co-author)", ACSAC, 2019
- "Taint-assisted IAT Reconstruction against Position Obfuscation", JIP, 2018
- "Stealth Loader: Trace-free Program Loading for API Obfuscation", RAID, 2017
- "API Chaser: Anti-analysis Resistant Malware Analyzer", RAID, 2013
- "Tracing Malicious Code with Taint Propagation", IPSJ, 2013
Talks
-
"PkgFuzz Project: Yet Another Continuous Fuzzing for Open Source Software", CODE BLUE 2024
Keywords
- Vulnrabilities, Fuzzing, Malware Analysis