System and Network Security Lab. (SNSec Lab.)

Division of Artificial Intelligence Engineering, Sookmyung Women's University

SNSecLab_2026.JPG

SNSec Lab. members (Feb 27, 2026)

Welcome to SNSec Lab

SNSec Lab. investigates and addresses cybersecurity challenges in Internet service applications through a data-driven approach that utilizes machine learning and deep learning methodologies. Our team analyzes massive live data streams to secure computer systems and networks from evolving threats, leveraging experience with diverse datasets including commercial server-side logs, root DNS servers, mobile payment transactions, and car hacking activities.

We specialize in identifying and explaining intrusions in connected vehicles, notably employing anomaly detection techniques trained solely on benign data.

Key Research Areas

  • Trustworthy Network Intrusion Detection: We aim to move beyond simple classification accuracy to build systems that are robust, adaptive, and explainable using Foundation Models.
    • Multi-modal Traffic Representation & Pre-training: Integrating payload bytes, packet sequences, and protocol metadata to learn comprehensive traffic representations without information loss.
    • Drift Resilience & Efficient Adaptation: Developing unsupervised metrics to detect concept drift in real-time and utilizing parameter-efficient fine-tuning (PEFT) to adapt models to new environments with minimal cost.
    • Generative & Causal Reasoning: Applying generative AI to not only detect threats but also explain their causes (causal reasoning) and suggest response scenarios.

  • Automotive Security: We are developing an Explainable Unsupervised IDS for Automotive Ethernet and researching standardized intrusion prevention systems for connected vehicles to offer practical solutions for both industry and academia.

  • Advanced Threat Detection: We are developing DRIFT (Drift-Resilient Invariant-Feature Transformer), an advanced DGA detector that uses a hybrid tokenization strategy and multi-task self-supervised pre-training to maintain robustness against evolving domain generation algorithms.

  • AI-driven Proactive Resilience: We engineer autonomous solutions that transform reactive defense into proactive resilience by bridging the gap between deep system telemetry (Linux, Windows, macOS) and multi-modal Foundation Models. Our goal is to automate the real-time situational assessment of live systems and identify potential cybersecurity issues before they escalate. Read more about our research vision here.

Research and collaborations in progress

  • Bi-modal Enhanced Explainable IDS for Controller Area Network (with Dr. Hyunjae Kang)
  • Explainable IDS for Automotive Ethernet (with Jisoo Kim)
  • Meta-learning based few-shot IDS for IoT devices (with the University of Queensland)
  • J1939 based IDS for connected vehicles (with Korea University)

news

Apr 27, 2026 Launching the snsec-net GitHub Organization
Apr 27, 2026 Following the mandatory shepherding phase, our paper “DRIFT: Drift-Resilient Invariant-Feature Transformer for DGA Detection” by Chaeyoung Lee and Chaeri Jung (Equal Contribution) has received final acceptance for IEEE/IFIP DSN’26.
Apr 21, 2026 Our patent, “Generative Adversarial Network Model and Training Method to Generate Message ID Sequence on Unmanned Moving Objects” (US Reg. No. 12,608,603), has been granted by the USPTO. The work proposes a GAN-based approach for synthesizing realistic CAN message ID sequences in unmanned moving objects.
Apr 10, 2026 Prof. Jeong’s faculty office has moved to Saehim Hall (새힘관) Room 512. The graduate student lab remains at Myeongsin Hall (명신관) 508A.
Mar 31, 2026 Our paper entitled “The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol” has been accepted for presentation at the escar USA 2026 conference. escar is recognized as a premier automotive cybersecurity conference. This year’s acceptance rate was approximately 30%.

latest posts

Apr 27, 2026 Second Dinner Party with Semin
Apr 23, 2026 US Patent Allowed: Lightweight Real-Time CAN Anomaly Detection
Mar 30, 2026 Lab Seminar Highlights: Recent Presentations (March 2026)

selected publications

  1. AERO: Automotive Ethernet Real-Time Observer for Anomaly Detection in In-Vehicle Networks
    Seonghoon Jeong, Huy Kang Kim, Mee Lan Han, and 1 more author
    IEEE Transactions on Industrial Informatics, 2024
    DOI
  2. X-CANIDS: Signal-Aware Explainable Intrusion Detection System for Controller Area Network-Based In-Vehicle Network
    Seonghoon Jeong, Sangho Lee, Hwejae Lee, and 1 more author
    IEEE Transactions on Vehicular Technology, 2024
    DOI
  3. Infotainment System Matters: Understanding the Impact and Implications of In-Vehicle Infotainment System Hacking with Automotive Grade Linux
    Seonghoon Jeong, Minsoo Ryu, Hyunjae Kang, and 1 more author
    In ACM Conference on Data and Application Security and Privacy (ACM CODASPY 2023), Apr 2023
    Awarded DOI