I served as a captain in the ROK Army for seven years, working in information security with AI.
I spent the first five years as a security researcher at the Agency for Defense Development (ADD), where I researched the application of deep learning in the field of cybersecurity. The next two years were spent at ROK Cyber Operations Command, where I contributed to military security by researching and analyzing operational applications which I was skilled at.
I earned a Master’s degree in Information Security at Korea University under the supervision of Seong-Jun Oh. My master’s thesis focused onLearning with noisy labels
through data sampling.
Major News
2024.11.29
Our team won the excellence prize(Chief of Staff, R.O.K Air Force) at MAICON(Military AI CONtest) 2024.2024.11.7
Out team won the 2nd prize at FSI(Financial Security Institute) AIxData Challenge 2024.2024.8.23
I received an M.S. degree at Korea University.June 2024
Co-TES has been accepted to Pattern Recognition Letters.September 2023
“Exploiting TTP Co-Occurrence via GloVe-Based Embedding With MITRE ATT&CK Framework” has been accepted to IEEE Access.
Education
2020.3 ~ 2024.8
M.S. degree in Information Security, Korea University, Seoul, Republic of Korea2014.3 ~ 2018.2
B.Eng. in Cyber Defense, Korea University, Seoul, Republic of Korea- Cybersecurity Circle
CyKor
(2015~2017)
- Cybersecurity Circle
2012.3 ~ 2014.2
Incheon Science High School, Incheon, Republic of KoreaMajored in
Chemistry / Mathematics
Experience
Work and Research Experience
2023.8 ~ 2025.5
Security Engineer/Team Leader, ROK Cyber Operations Command (ROK C.O.C.), Republic of Korea- Network log analysis and program development using AI and statistics
- Others:
Confidential
2018.7 ~ 2023.8
Cybersecurity Researcher, Agency for Defense Development (ADD), Seoul, Republic of Korea2020.11 ~ 2023.7
Techniques to disrupt nation-sponsored cyberattacks’ goals2018.11 ~ 2020.10
Techniques to improve fuzzing performance with deep learning
Other Experiences
- CCDCOE LockedShields 2024 Blue Team (2024.4)
- Member of
system hardening
anddev
team. Linux system hardening
,Window system hardening
,Automation with Ansible/Fabric
- Member of
- Next-generation security leader training program “Best of the Best” (2016.07 ~ 2017.01)
- Vulnerability detection track
Honors and Awards
2024.11.29
Excellence prize(Chief of Staff, R.O.K Air Force) at MAICON(Military AI CONtest) 2024.2024.11.20
Major General’s Commendation at ROK Cyber Operations Command (ROK C.O.C.) for Cyber Operation.2024.11.7
2nd prize at FSI(Financial Security Institute) AIxData Challenge 2024.2014.3 ~ 2018.2
Full Tuition Scholarship (Korea University)
from Ministry of National Defense, Republic of Korea
CVE
- CVE-2020-24240 (ADD, Seoul National University)
GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a ‘\0’ byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself,not that a crash may occur in code that is generated by Bison.
- CVE-2020-24241 (ADD, Seoul National University)
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
- CVE-2020-24242 (ADD, Seoul National University)
In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.
- CVE-2020-24977 (ADD, Seoul National University)
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.
- CVE-2020-24978 (ADD, Seoul National University)
In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c.
Reject
CVE-2020-24979 (ADD, Seoul National University)Reject
CVE-2020-24980 (ADD, Seoul National University)
Publications
International Journals and Conferences
- [J3] Co–TES: Learning noisy labels with a Co-Teaching Exchange Student method
Chanho shin and Seong-jun Oh
Pattern Recognition Letters - [J2] Exploiting TTP Co-Occurrence via GloVe-Based Embedding With MITRE ATT&CK Framework
Chanho shin, Insup Lee, and Changhee Choi
IEEE Access 2023 - [J1] Performance evaluation method of cyber attack behaviour forecasting based on mitigation
Changhee Choi, Sunguk Shin, and Chanho Shin
The 12th international conference on ICT convergence (2021 ICTC)
Patent
- [P3] Method for training attack prediction model and device therefor
Changhee Choi, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Insup Lee
U.S. Patent Number. US20230308462A1, September 28th, 2023. [link] - [P2] METHOD FOR TRAINING ATTACK PREDICTION MODEL AND DEVICE THEREFOR
Changhee Choi, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Insup Lee
Republic of Korea. Patent Number. 10-2022-0037634, March 25th, 2023. - [P1] Method And Apparatus For Scheduling Seed File In Fuzzing
Pilkeun Park, Chanho Shin, Seounghun Jeong, and Taein Kang
Republic of Korea. Patent Number. 10-2020-0102581, January 14th, 2022. [link]
Domestic Journals and Conferences
- Insup Lee, Chanho Shin, and Changhee Choi, “Mutating Cyber Camapaign With TTP Word Replacement,” in Proc. of the KIMST Annual Conference, Jun. 2023.
- Chanho Shin, Insup Lee, and Changhee Choi, “Towards GloVe-Based TTP Embedding With ATT&CK Framework,” in Proc. of the KIMST Annual Conference, Jun. 2023.
- Changhee Choi, Insup Lee, Chanho Shin, and Sungho Lee, “Cyber Threat Campaign Analysis Based on PEGASUS and RoBERTa Model,” in Proc. of the KIMST Annual Conference, Jun. 2023.
- Insup Lee, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Changhee Choi, “Analyzing Cyberattack Campaign Similarity via TTP Sequence Embedding,” in Proc. of the KIMST Annual Conference, Jun. 2022.
- Sunguk Shin, Insup Lee, Chanho Shin, Seongyeon Seo, and Changhee Choi, “Cyber Campaign Analysis With TTP Embedding Using TF-IDF,” in Proc. of the KIMST Annual Conference, Jun. 2022.
- Chanho Shin, Sunguk Shin, Insup Lee, Seongyeon Seo, and Changhee Choi, “Classifying TTP Based on CIA Labeling,” in Proc. of the KIMST Annual Conference, Jun. 2022.
- Changhee Choi, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Insup Lee, “Cyber Attack Group Classification Using Siamese LSTM,” in Proc. of the KIMST Annual Conference, Jun. 2022.
- Chan Ho Shin and Changhee Choi, “Cyberattack Goal Classification Based on MITRE ATT&CK: CIA Labeling”, Journal of Internet Computing and Services, Dec. 2022.
- Changhee Choi, Chanho Shin, and Sunguk Shin, “Cyber attack group classification based on MITRE ATT&CK model”, Journal of Internet Computing and Services, Dec. 2022.
- Sungyoung Cho, Yongwoo Park, Kunho Lee, Changhee Choi, Chanho Shin, and Kyeongsik Lee, “An APT Attack Scoring Method Using MITRE ATT&CK”, Journal of The Korea Institute of Information Security and Cryptology, Aug. 2022.
- Chanho Shin, Sunguk Shin, and Changhee Choi, “Classifying the goal of cyber attack based on CIA labeling”, Korean Society for Internet Information Spring Conference, Apr. 2022.
- Sunguk Shin, Chanho Shin, and Changhee Choi, “Cyber threat country classification with attack technique embedding”, Korean Society for Internet Information Spring Conference, Apr. 2022.
- Changhee Choi, Chanho Shin, and Sunguk Shin, “Cyber attack group classification based on TTP Information”, Korean Society for Internet Information Spring Conference, Apr. 2022.
- Chanho Shin, Sunguk Shin, Seongyeon Seo, Insup Lee, and Changhee Choi, “Embedding and Training RNN to Estimating the Goal of Cyber Attack,” in Proc. of the KIMST Fall Conference, Nov. 2021.
- Sunguk Shin, Chanho Shin, Seongyeon Seo, Insup Lee, and Changhee Choi, “The Proposed Approach for Country Prediction With TTP-based Cyber Data Using GCN,” in Proc. of the KIMST Fall Conference, Nov. 2021.
- Changhee Choi, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Insup Lee, “Deep Learning for Estimating Next Action of Cyber Attack,” in Proc. of the KIMST Fall Conference, Nov. 2021.
- Chan Ho Shin, “Analysis of Research Trends on Fuzzing Seeds Files”, Korean Institute of Information Scientists and Engineers, Dec. 2019.
Skills
Programming / CS
python, C, AI/ML, fuzzingLanguage
Korean, English, Japanese
Last Update: December 2024