event
<(From Left) Ph.D candidate Jinseo Lee, Hobin Kim, Professor Min Suk Kang>
KAIST research team has made a new milestone in global security research, becoming the first Korean research team to identify a security vulnerability in Tor, the world's largest anonymous network, and propose a solution.
On September 12, our university's Professor Min Suk Kang's research team from the School of Computing announced that they had received an Honorable Mention Award at the USENIX Security 2025 conference, held from August 13 to 15 in Seattle, USA.
The USENIX Security conference is one of the world's most prestigious conferences in information security, ranking first among all security and cryptography conferences and journals based on the Google Scholar h-5 index. The Honorable Mention Award is a highly regarded honor given to only about 6% of all papers.
The core of this research was the discovery of a new denial-of-service (DoS) attack vulnerability in Tor, the world's largest anonymous network, and the proposal of a method to resolve it. The Tor Onion Service, a key technology for various anonymity-based services, is a primary tool for privacy protection, used by millions of people worldwide every day.
The research team found that Tor's congestion-sensing mechanism is insecure and proved through a real-world network experiment that a website could be crippled for as little as $2. This is just 0.2% of the cost of existing attacks. The study is particularly notable as it was the first to show that the existing security measures implemented in Tor to prevent DoS attacks can actually make the attacks worse.
In addition, the team used mathematical modeling to uncover the principles behind this vulnerability and provided guidelines for Tor to maintain a balance between anonymity and availability. These guidelines have been shared with the Tor development team and are currently being applied through a phased patch.
A new attack model proposed by the research team shows that when an attacker sends a tiny, pre-designed amount of attack traffic to a Tor website, it confuses the congestion measurement system. This triggers an excessive congestion control, which ultimately prevents regular users from accessing the website. The research team proved through experiments that the cost of this attack is only 0.2% of existing methods.
In February, Tor founder Roger Dingledine visited KAIST and discussed collaboration with the research team. In June, the Tor administration paid a bug bounty of approximately $800 in appreciation for the team's proactive report.
"Tor anonymity system security is an area of active global research, but this is the first study on security vulnerabilities in Korea, which makes it very significant," said Professor Kang Min-seok. "The vulnerability we identified is very high-risk, so it received significant attention from many Tor security researchers at the conference. We will continue our comprehensive research, not only on enhancing the Tor system's anonymity but also on using Tor technology in the field of criminal investigation."
The research was conducted by Ph.D. candidate Jinseo Lee (first author), and former master's student Hobin Kim at the KAIST Graduate School of Information Security and a current Ph.D. candidate at Carnegie Mellon University (second author).
The paper is titled "Onions Got Puzzled: On the Challenges of Mitigating Denial-of-Service Problems in Tor Onion Services."
This achievement was recognized as a groundbreaking, first-of-its-kind study on Tor security vulnerabilities in Korea and played a decisive role in the selection of Professor Kang's lab for the 2025 Basic Research Program (Global Basic Research Lab) by the Ministry of Science and ICT.
< Photo 2. Presentation photo of Ph.D cadidate Jinseo Lee from School of Computing>
Through this program, the research team plans to establish a domestic research collaboration system with Ewha Womans University and Sungshin Women's University and expand international research collaborations with researchers in the U.S. and U.K. to conduct in-depth research on Tor vulnerabilities and anonymity over the next three years.
< Photo 3. Presentation photo of Ph.D cadidate Jinseo Lee from School of Computing>
-
event Professor Youngjin Kwon's Team Wins Google Award 'Catches Bugs Without a Real CPU
< Professor Youngjin Kwon > Modern CPUs have complex structures, and in the process of handling multiple tasks simultaneously, an order-scrambling error known as a 'concurrency bug' can occur. Although this can lead to security issues, these bugs were extremely difficult to detect using conventional methods. Our university's research team has developed a world-first-level technology to automatically detect these bugs by precisely reproducing the internal operation of the CPU in a virt
2025-11-21 -
research 3D Worlds from Just a Few Phone Photos
<(From Left) Ph.D candidate Jumin Lee, Ph.D candidate Woo Jae Kim, Ph.D candidate Youngju Na, Ph.D candidate Kyu Beom Han, Professor Sung-eui Yoon> Existing 3D scene reconstructions require a cumbersome process of precisely measuring physical spaces with LiDAR or 3D scanners, or correcting thousands of photos along with camera pose information. The research team at KAIST has overcome these limitations and introduced a technology enabling the reconstruction of 3D —from tabletop obj
2025-11-10 -
research Refrigerator Use Increases with Stress, IoT Sensors Read Mental Health
<(From Left) Ph.D candidate Chanhee Lee, Professor Uichin Lee, Professor Hyunsoo Lee, Ph.D candidate Youngji Koh from School of Computing> The number of single-person households in South Korea has exceeded 8 million, accounting for 36% of the total, marking an all-time high. A Seoul Metropolitan Government survey found that 62% of single-person households experience 'loneliness', deepening feelings of isolation and mental health issues. KAIST researchers have gone beyond the limitations
2025-10-21 -
research KAIST Develops AI Crowd Prediction Technology to Prevent Disasters like the Itaewon Tragedy
<(From Left) Ph.D candidate Youngeun Nam from KAIST, Professor Jae-Gil Lee from KAIST, Ji-Hye Na from KAIST, (Top right, from left) Professor Soo-Sik Yoon from Korea University, Professor HwanJun Song from KAIST> To prevent crowd crush incidents like the Itaewon tragedy, it's crucial to go beyond simply counting people and to instead have a technology that can detect the real- inflow and movement patterns of crowds. A KAIST research team has successfully developed new AI crowd predicti
2025-09-17 -
research Batteries Make 12Minute Charge for 800km Drive a Reality
<Photo 1. (From left in the front row) Dr. Hyeokjin Kwon from Chemical and Biomolecular Engineering, Professor Hee Tak Kim, and Professor Seong Su Kim from Mechanical Engineering> Korean researchers have ushered in a new era for electric vehicle (EV) battery technology by solving the long-standing dendrite problem in lithium-metal batteries. While conventional lithium-ion batteries are limited to a maximum range of 600 km, the new battery can achieve a range of 800 km on a single charge
2025-09-04