- Software Security
- Performance Engineering
- Security Software Engineer
Edge Browser Vulnerability Research.
Apr 2020 -
- Software Engineer
Worked on AI (deep learning models) serving platform at Search team.
Nov 2018 - Oct 2019
- Security Engineer
Worked on Naver product security.
June 2017 - Nov 2018
- M.S. Computer Science
Korea Advanced Institute of Science and Technology (KAIST)
Software Security Lab
March 2015 - Febraury 2017
- B.S., Computer Science and Engineering,
Ulsan National Institue of Science and Technology (UNIST)
March 2011 - February 2015
 Jaeseung Choi, Joonun Jang, Choongwoo Han, and Sang Kil Cha, “Grey-box Concolic Testing on Binary Code”, In Proceedings of the International Conference on Software Engineering (ICSE) 2019, Technical Track.
 Joohyun Lee, Kyunghan Lee, Choongwoo Han, Taehoon Kim, and Song Chong, “Resource-efficient Mobile Multimedia Streaming with Adaptive Network Selection”, IEEE Transactions on Multimedia (IF: 2.536), 2016.
- binch/binch-go: A ELF binary patch tool in console. This makes binary patch works easy and quick for small fixes.
- Chow: Rough static analysis tool with micro-grammar written in Haskell.
(Selected) Vulnerability Reports [more]
- Heap buffer overflow in Skia (CVE-2020-6548) (link)
- Type Confusion in Chrome V8 (reward $5,000 / CVE-2019-5791) (link)
- Out-of-bounds read in Chrome V8 (reward $4,500 / CVE-2018-6142) (link)
- Out-of-bounds write in Chrome V8 (reward $5,000 / CVE-2016-5200) (link)
- Memory Corruption in Chrome V8 (reward $5,000 / CVE-2016-5172) (link)
- Unauthorized branch access on GitHub (reward $5,000 + bonus $1,000) (link)
- Heap Buffer Overflow in Chrome V8 (reward $3,000 / CVE-2016-1669) (link)
- Out-of-bounds write in Chrome V8 (reward $5,000 / CVE-2016-1653) (link)
- Remote Code Execution in Dr.Soft Netclient5 PMS (reward XXX / KISA 14-084)
Hacking Competition Awards
- Finalist, DEFCON CTF 27, Las Vegas (team CGC)
- Finalist, DEFCON CTF 26, Las Vegas (team C.G.K.S)
- 3rd place, Cyber Conflict Exercise & Contest 2017 (team 쿠앤크, award $4,000)
- Finalist, DEFCON CTF 25, Las Vegas (team RRR)
- Finalist, SECCON CTF 2015 (team CodeRed), Japan
- 2nd place, HDCON 12 (team CodeRed) by KISA, South Korea (award $4,000)
- 5th place, HDCON 11 (team CodeC) by KISA, South Korea (award $2,000)
- 2nd place, Incognito CTF (team CodeRed, award $600)
- Finalist, DEFCON CTF 22, Las Vegas (team CodeRed)
- 1st place, Holyshield CTF (team CodePink) by Catholic University of Korea (award $1,000)
- 3rd place, Whitehat Hacking Contest (team HeXA) by MND, South Korea (award $8,000)
- KaisHack (2016)
- CodeRed (2013 ~)
- HeXA, UNIST Computer Security Club (2011 ~ 2014)
- 개발자가 꼭 알아야 할 보안 이야기 D2 Campus Seminar 2 Febraury 2015