System and Network Security Lab. (SNSec Lab.)
Division of Artificial Intelligence Engineering, Sookmyung Women's University
SNSec Lab. members (Feb 27, 2026)
Welcome to SNSec Lab
SNSec Lab. investigates and addresses cybersecurity challenges in Internet service applications through a data-driven approach that utilizes machine learning and deep learning methodologies. Our team analyzes massive live data streams to secure computer systems and networks from evolving threats, leveraging experience with diverse datasets including commercial server-side logs, root DNS servers, mobile payment transactions, and car hacking activities.
We specialize in identifying and explaining intrusions in connected vehicles, notably employing anomaly detection techniques trained solely on benign data.
Key Research Areas
- Trustworthy Network Intrusion Detection: We aim to move beyond simple classification accuracy to build systems that are robust, adaptive, and explainable using Foundation Models.
- Multi-modal Traffic Representation & Pre-training: Integrating payload bytes, packet sequences, and protocol metadata to learn comprehensive traffic representations without information loss.
- Drift Resilience & Efficient Adaptation: Developing unsupervised metrics to detect concept drift in real-time and utilizing parameter-efficient fine-tuning (PEFT) to adapt models to new environments with minimal cost.
- Generative & Causal Reasoning: Applying generative AI to not only detect threats but also explain their causes (causal reasoning) and suggest response scenarios.
-
Automotive Security: We are developing an Explainable Unsupervised IDS for Automotive Ethernet and researching standardized intrusion prevention systems for connected vehicles to offer practical solutions for both industry and academia.
-
Advanced Threat Detection: We are developing DRIFT (Drift-Resilient Invariant-Feature Transformer), an advanced DGA detector that uses a hybrid tokenization strategy and multi-task self-supervised pre-training to maintain robustness against evolving domain generation algorithms.
- AI-driven Proactive Resilience: We engineer autonomous solutions that transform reactive defense into proactive resilience by bridging the gap between deep system telemetry (Linux, Windows, macOS) and multi-modal Foundation Models. Our goal is to automate the real-time situational assessment of live systems and identify potential cybersecurity issues before they escalate. Read more about our research vision here.
Research and collaborations in progress
- Bi-modal Enhanced Explainable IDS for Controller Area Network (with Dr. Hyunjae Kang)
- Explainable IDS for Automotive Ethernet (with Jisoo Kim)
- Meta-learning based few-shot IDS for IoT devices (with the University of Queensland)
- J1939 based IDS for connected vehicles (with Korea University)
news
| Jul 11, 2026 | Jisoo Kim (김지수), a member of SNSec Lab, has submitted her first journal manuscript to the IEEE Transactions on Industrial Informatics (TII), one of the most prestigious journals in the field. As TII operates a double-anonymous review policy, details of the paper are withheld while it is under review. Congratulations to Jisoo on this milestone — we wish her the best through the review process! |
|---|---|
| Jul 08, 2026 | A paper by Nayoung Kim (김나영) and Minjeong Kim (김민정), “NPP-ITA: Normal-Prototype Prior for Unsupervised Video Anomaly Detection with Inference-Time Adaptation”, has been accepted for presentation at the IEEE VTS Asia Pacific Wireless Communications Symposium (APWCS) 2026, to be held in Seoul, Korea in August 2026. Nayoung and Minjeong are undergraduate students whose graduation research was supervised by Prof. Seonghoon Jeong. Congratulations! |
| Jul 08, 2026 | We welcome Hyekyo Jung (정혜교) as a new member of SNSec Lab! |
| Jul 06, 2026 | Prof. Seonghoon Jeong, Chaeri Jung, and Chaeyoung Lee attended IEEE/IFIP DSN 2026 in Charlotte, North Carolina (June 22–25), where Chaeri gave her first oral presentation at an international conference, presenting “DRIFT: Drift-Resilient Invariant-Feature Transformer for DGA Detection”. Photos and a short recap are on the blog. |
| Jun 20, 2026 | A collaborative paper, “J1939DB-IDS: SAE J1939 Dual-Branch Intrusion Detection System against Novel Attacks”, has been accepted for publication in IEEE Transactions on Network and Service Management (TNSM). |
latest posts
| Jul 11, 2026 | DSN 2026 in Charlotte — Chaeri's First Conference Talk |
|---|---|
| May 31, 2026 | Second submission with Chaeri and Chaeyoung |
| Apr 27, 2026 | Second Dinner Party with Semin |
selected publications
- DRIFT: Drift-Resilient Invariant-Feature Transformer for DGA DetectionIn 56th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2026), 2026
- AERO: Automotive Ethernet Real-Time Observer for Anomaly Detection in In-Vehicle NetworksIEEE Transactions on Industrial Informatics, 2024
- X-CANIDS: Signal-Aware Explainable Intrusion Detection System for Controller Area Network-Based In-Vehicle NetworkIEEE Transactions on Vehicular Technology, 2024