services

Main editor of International Standard

in ITU-T SG17 (Security)/WP2/Q13 (Intelligent Transportation Systems)

• ITU-T X.1377 (formerly X.ipscv) Guidelines for an intrusion prevention system for connected vehicles, Approved in Oct 2022, ITU-T work programme—itu.int

Program Committee

Workshop on AI Dependability (AID’25), IEEE PRDC 2025

Serving as a Program Chair for the Workshop on AI Dependability (AID’25), co-located with IEEE PRDC 2025. The workshop focuses on AI safety, robustness, and trustworthiness in critical systems.

Conference on Information Security and Cryptography Winter 2025

A Program committee for the domestion conference “한국정보보호학회 2025년 동계학술대회 (CISC-W’25)”.

KSAE Automotive Cybersecurity Workshop 2025

Serving as a Session Chair for the 1st KSAE Automotive Cybersecurity Research Group Workshop (한국자동차공학회 자동차 사이버보안연구회 워크숍). The workshop brings together industry experts to share the latest cybersecurity trends, international regulations and standards, and real-world response cases for connected and autonomous vehicles.

Cyber Security Challenge 2021—Infotainment Hacking and Defense

A domestic event “사이버 보안 챌린지 2021: 자동차 해킹공격&방어”

Live feeds at Youtube—Call for challenge (in Korean), CSC2021: the Final Round (in Korean)

Worked for:
Competition design. In-vehicle infotainment testbed setup, attack vector investigation, penetration test, event log collection framework for the final stage
Evaluation. proof of concept exploit codes submitted by 102 researchers

I am grateful to Han Eol Lee and Dong Young Kim, who dedicated a significant amount of time preparing for the event with me.

Maintainer of the in-vehicle intrusion datasets

1. CAN Dataset for intrusion detection (OTIDS)

Available at ocslab.hksecurity.net.

2. Automotive Ethernet Intrusion Dataset

Available at IEEE DataPort. doi: 10.21227/1yr3-q009

3. X-CANIDS Dataset (In-Vehicle Signal Dataset)

Available at IEEE DataPort. doi: 10.21227/epsj-y384

Vulnerability disclosure

CVE-2022-24595

Impact: Remote Code Execution, Information Disclosure, and Denial of Service
/usr/bin/afb-daemon of Automotive Grade Linux 11.0.0–11.0.5 (Kooky Koi)

CVE-2022-24596

Impact: Denial of Service
/usr/bin/afb-daemon of Automotive Grade Linux 11.0.0–11.0.5 (Kooky Koi)

CVE-2022-24597

Impact: Information Disclosure, Denial of Service
agl-service-weather of Automotive Grade Linux 11.0.0–11.0.5 (Kooky Koi)

External reviewer

• Elsevier Computers & Security
• IEEE Networking Letters
• IEEE Transactions on Vehicular Technology
• Elsevier Internet of Things
• SAE International Journal