Daejin Lee (이대진)
 |
Security Engineer Work at Samsung Electronics ✉ starlight0x0 at protonmail.com 📄 [LinkedIn] [X] [PGP Key] |
✏️ Research Interest
Software Security, fuzzing, binary analysis and exploit development.🎓 Education
- Sep. 2019 - Aug. 2021, M.S. in Graduate School of Information Security, KAIST SoftSec (Advisor : Sang Kil Cha)
- Mar. 2015 - Feb. 2019, B.S. in Cyber Defense, Korea University
💼 Professional Experience
- Oct. 2024 - Present, Security Engineer at Samsung Electronics, APC Security&Privacy Team
- Sep. 2021 - Oct. 2024, Senior Security Researcher at S2W, R&D Team
- Dec. 2017 - Apr. 2019, Research Intern at Theori, R&D Team
- Feb. 2014 - July 2014, Research Intern at GrayHash, WhiteHash Program
🏆 Awards
- TyphoonPwn 2026, Successfully pwned Windows LPE target, Seoul, Korea, 2026
- DEF CON CTF 26 Final, 1st place as Team DEFKOR00t, Las Vegas, USA, 2018
- Korea University Research Scholarship, 2018
- DEF CON CTF 25 Final, 4th place as Team DEFKOR, Las Vegas, USA, 2017
- Korea University Research Scholarship, 2017
- Belluminar WCTF, 2nd place as Team CyKor ($30,000 award), Beijing, China, 2016
- DEF CON CTF 24 Final, 3rd place as Team DEFKOR, Las Vegas, USA, 2016
- DEF CON CTF 23 Final, 1st place as Team DEFKOR, Las Vegas, USA, 2015
- MSIT Minister Prize in Information Security Education Program (₩20,000,000 award), KITRI BoB, 2015
- Google Security Hall of Fame, 2012
- Facebook Security Hall of Fame, 2011-2012
📝 Publications
| [1] |
NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis Jaeseung Choi, Kangsu Kim, Daejin Lee, and Sang Kil Cha. IEEE Symposium on Security and Privacy (S&P, Oakland), 2021 [PDF] [GitHub] |
| [2] |
Protecting against Data-Reuse Attacks Daejin Lee, Junoh Lee, and Sang Kil Cha. Conference on Information Security and Cryptography-Summer(Best Paper Award), 2021 [LINK] |
🔒 Vulnerability Reports
- CVE-2024-29996, Local Privilege Escalation in Windows Kernel, 2024
- Chrome Issue 40070680, Memory Corruption in ChromeOS Virtual OpenGL, 2024
- Chrome Issue 299444876, Memory Corruption in ChromeOS Virtual OpenGL, 2024
- Chrome Issue 300891542, Memory Corruption in ChromeOS Virtual OpenGL, 2024
- CVE-2022-24548, Denial of Service in Windows Defender, 2022 [LINK]
- N/A, Remote Code Execution in Blizzard Games(Reported to Hackerone), 2022
- N/A, Remote Code Execution in Riot Games(Reported to Hackerone), 2022
- CVE-2020-1053, Local Privilege Escalation in Windows Kernel, 2020
- CVE-2020-1246, Local Privilege Escalation in Windows Kernel, 2020
- CVE-2020-17004, Local Privilege Escalation in Windows Kernel, 2020
- CVE-2020-7335, Local Privilege Escalation in McAfee Antivirus(Reported to ZDI, ZDI-20-1388), 2020
- NBB-1025, Local Privilege Escalation in Naver Antivirus(Reported to Naver bug bounty), 2020
- N/A, Memory Corruptions in Mruby Interpreter(Reported to Hackerone, $20,000 award), 2017
- N/A, Remote Code Execution in Blizzard Games(Reported to Hackerone), 2017
- CVE-2015-5685, Denial of Service in uTorrent/BitTorrent Bootstrap Server(Reported to ZDI, ZDI-15-366), 2015
- CVE-2015-5685, Denial of Service in uTorrent/BitTorrent Bootstrap Server(Reported to ZDI, ZDI-15-367), 2015
- CVE-2014-8509, Denial of Service in uTorrent/BitTorrent Bootstrap Server(Reported to ZDI, ZDI-14-370), 2014
- N/A, Stored Cross-Site Scripting in Facebook(Reported to Facebook bug bounty), 2012
- N/A, Stored Cross-Site Scripting in Google(Reported to Google bug bounty), 2012
- N/A, Windows Application Vulnerabilities (Reported to KISA bug bounty):
CMS, Active X, Antivirus, etc.