Vulnerability Analysis for Blockchain Software Security

  • 3,214

*bldg. 2  NO.102/ 16:00~


Heejo Lee is a professor at CSE, Korea University, Seoul, Korea and a director

of CSSA (Center for Software Security and Assurance). Before joining

Korea University, he was at AhnLab, Inc. as a CTO from 2001 to 2003.

From 2000 to 2001, he was a postdoc researcher at CERIAS,

Purdue University. In 2010, he was a visiting professor at CyLab/CMU.

Dr. Lee received his B.S., M.S., Ph.D. degree in CSE from POSTECH,

Pohang, Korea. He has been working on the consultation of

the cyber security in the Philippines (2006), Uzbekistan (2007), Vietnam (2009),

Myanmar (2011), Costa Rica (2013) and Cambodia (2015).

He is a recipient of the ISC^2 ISLA award of community service star in 2016.



Blockchain platforms are being developed as a piece of software and all

software security issues are linked together such as vulnerability propagation

through the code clones of open source software (OSS) and the existence

of same vulnerabilities in multiple locations via the code reuse of reference

implementations. Center for Software Security and Assurance (CSSA) is

established for developing an automated security analysis platform called

IoTcube for enabling even non-security professionals to examine security

vulnerabilities professionally. In this talk, the technologies in IoTcube

will be introduced, which include blackbox testing, whitebox testing,

and network testing. Preliminary analysis of popular blockchain projects

will show the statistics of OSS components and the importance of vulnerability

management for improving blockchain platform security.