Home
Security Researcher & Developer
Research Interest
- System security
- Trusted Execution Environments (TrustZone, ARM CCA, SGX, Secure Processor) and confidential computing
- OS Security
- Side-channel attacks and defenses
- Bug finding and Exploitations
- Machine learning security (e.g., federated learning, LLM security)
- Applied cryptography (e.g., Zero Knowledge Proof)
About me
I’m one of (passionate) security researchers and developers. I got B.S degree in Department of Software at Gachon University in 2013. Also, I was in Samsung Software Membership (at Gangnam) from 2011 to 2013. Since 2013, I’ve been working for Samsung Research. Here is my CV which details each of what I’ve done so far.
Links
blog, GitHub, LinkedIn, Google Scholar, Instagram
Projects
2023-present
- Islet: An on-device confidential computing platform (based on ARM CCA) [code]
2021-2022
- A federated learning framework for mobile devices
2020-2021
- Rust-based full-stack OS for secure element (from kernel to application framework)
2018
- Real-time Kernel Protection (RKP)
- Tiny hypervisor + hypervisor-based kernel monitoring solution on ARM64 arch.
2014-2016
- System Integrity Monitor (SIM) Version 1.0 ~ 3.0
[CC certification report]
- SIM is a kernel integrity monitoring solution based on ARM TrustZone and Custom hardware IP for security.
- SIM takes a part of Samsung Smart TV Security Solution GAIA.
2013-2014
- Samsung DRM (SDRM)
- Developed Samsung DRM to protect sensitive contents
- Used in Samsung Smart TV
Publications
- EdgeShield: A Security Monitor Framework For On-Device Confidential Computing
- Jinbum Park, Bokdeuk Jeong, Sunwook Eom, Taesoo Kim
- Under submission
- TikTag: Breaking ARM’s Memory Tagging Extension with Speculative Execution [paper]
- Juhee Kim, Jinbum Park, Sihyeon Roh, Jaeyoung Chung, Youngjoo Lee, Taesoo Kim, Byoungyoung Lee
- 46th IEEE Symposium on Security and Privacy (IEEE S&P 2025) (to appear)
- PeTAL: Ensuring Access Control Integrity against Data-only Attacks on Linux
- Juhee Kim, Jinbum Park, Yoochan Lee, Chengyu Song, Taesoo Kim, Byoungyoung Lee
- ACM CCS 2024
- ViK: Practical Mitigation of Temporal Memory Safety Violations through Object ID Inspection [paper]
- Haehyun Cho, Jinbum Park, Adam Oest, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupé, Gail-Joon Ahn
- The 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS ‘22)
- In-Kernel Control-Flow Integrity on Commodity OSes using ARM Pointer Authentication
[paper, code]
- Sungbae Yoo(*), Jinbum Park(*), Seolheui Kim, Yeji Kim, Taesoo Kim (*: co-leading authors)
- The 31st USENIX Security Symposium (USENIX Security 2022)
- Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers
[paper, code]
- Haehyun Cho, Jinbum Park, Joonwon Kang, Tiffany Bao, Ruoyu Wang, Yan Shoshitaishvili, Adam Doupe, Gail-Joon Ahn
- The 14th USENIX Workshop on Offensive Technologies (WOOT ‘20)
- SmokeBomb: Effective Mitigation Method against Cache Side-channel Attacks on the ARM Architecture
[paper, code]
- Haehyun Cho, Jinbum Park, Donguk Kim, Ziming Zhao, Yan Shoshitaishvili, Adam Doupe, Gail-Joon Ahn
- The 18th ACM International Conference on Mobile Systems, Applications, and Services (MobiSys 2020)
- Prime+Count: Novel Cross-world Covert Channels on ARM TrustZone
[paper, code]
- Haehyun Cho, Penghui Zhang, Donguk Kim, Jinbum Park, Choong-Hoon Lee, Ziming Zhao, Adam Doupé, and Gail-Joon Ahn
- Annual Computer Security Applications Conference (ACSAC) 2018
- A Snoop-Based Kernel Introspection System against Address Translation Redirection Attack
[paper]
- Donguk Kim, Jihoon Kim, Jinbum Park, Jinmok Kim
- Journal of The Korea Institute of Information Security & Cryptology VOL.26, NO.5, Oct. 2016
- An Efficient Kernel Introspection System using a Secure Timer on TrustZone
[paper]
- Jinmok Kim, Donguk Kim, Jinbum Park, Jihoon Kim, Hyoungshick Kim
- Journal of The Korea Institute of Information Security & Cryptology VOL.25, NO.4, Aug. 2015
Talks (Industry conferences)
- On-Device Confidential Computing: Updates on Our Activities and Future Potential [video]]
- Jinbum Park, Heeill Wang
- Samsung Security Tech Forum 2024 (SSTF 2024)
- Breaking ARM MTE with Speculative Execution
- Jinbum Park
- Zer0Con 2024
- Taking Kernel Hardening to the Next Level
[slide, video]
- Jinbum Park, Haehyun Cho, Sungbae Yoo, Seolheui Kim, Yeji Kim, Bumhan Kim, Taesoo Kim
- Blackhat ASIA 2022
- Cache Attacks on Various CPU Architectures
[slide, video]
- Jinbum Park
- POC 2020
- Micro-architectural attack and defense on Linux kernel
[slide]
- Jinbum Park, Joonwon Kang
- Samsung Open Source Conference (SOSCON) 2019
- Leak kernel pointer by exploiting uninitialized uses in Linux kernel
[slide, code]
- Jinbum Park
- Zer0Con 2019
- Attack and Defense on Linux kernel
[slide, code]
- Jinbum Park
- Samsung Open Source Conference (SOSCON) 2018
- Exploit Linux kernel eBPF with side-channel
[slide, code]
- Jinbum Park
- KIMCHICON 2018
- Host-based DRDoS Defense Model proposed and implemented
- Jinbum Park
- Conference on Information Security and Cryptology. Winter 2012 (CISC-W’12)
Opensource Projects
-
KSPP Study: Analysis on Kernel Self-Protection: Understanding Security and Performance Implication [white paper]
-
CSCA: Crypto Side Channel Attack [code]
Opensource Contributions
Linux kernel (selected)
-
arm: Makes ptdump reusable and add WX page checking [patch]
Ubuntu kernel
Contact
- E-mail : jinb.park7@gmail.com