About

Juhyun Song (송주현)

Education

M.S. in Electrical Engineering (Sep. 2024 - Present)
- Advisor: Insu Yun
- KAIST, Daejeon, Korea
B.S. in Computer Science (Mar. 2018 - Aug. 2024)
- Korea University, Seoul, Korea

Experience

Security Research Intern (Mar. 2023 - Jun. 2023)
- Samsung Electronics
Cyber Operations Specialist (Aug. 2021 - Feb. 2023)
- Republic of Korea Army
Vulnerability Assessment Trainee (Jul. 2020 - Mar. 2021)
- Best of the BEST 9th, KITRI
- Ranked in top 10 among all contestants (Hall of Fame)

Talks

Towards Comprehensive Fuzzing of TrustZone TAs
- .HACK Conference 2024, Seoul, Korea

Publications

International Conference

CROSS-X: Generalized and Stable Cross-Cache Attack on the Linux Kernel
- Dong-ok KimEqual Contribution, Juhyun SongEqual Contribution, and Insu Yun
- ACM Conference on Computer and Communications Security (CCS) 2025

International Journal

DTA: Run TrustZone TAs Outside the Secure World for Security Testing
- Juhyun Song, Eunji Jo, and Jaehyu Kim
- IEEE Access, vol. 12, pp. 16715-16727, 2024

Projects

Fuzzing I/O communications in Windows device drivers (Sep. 2020 - Dec. 2020)
- Contributed to fuzzer and exploit development, reported 20+ vulnerabilities

Honors and Awards

HACKSIUM BUSAN Hacking Competition (2025)
- 4th place award (Team 핵쉬움)
FIESTA: Financial Institutes’ Event on Security Threat Analysis (2023)
- 3rd place award (Team xerophthalmia)
MIST Minister Prize (2021)
- Awarded to top 10 contestants of KITRI Best of the Best 9th (10M KRW)

Vulnerability Disclosure

CVE-2021-27965 (collective work)
- Privilege escalation vulnerability in MSI Dragon Center
KVE-2020-1585, KVE-2020-1604 (collective work)
- Privilege escalation vulnerabilities in gaming software and keyboard security solution (Reported to KISA bug bounty)
NBB-1705
- Stored XSS vulnerability in kin.naver.com (Reported to Naver bug bounty)

Certifications

Craftsman Bartender (2024)
- National Certification, HRDK, Korea