Research Interests

Computer security and privacy, computer networks, and code signing PKI.

Bio

I am a Ph.D student in the Department of Computer Science at University of Maryland. Before transferring to Maryland in June 2014 due to my previous advisor, Jonathan S. Turner's retirement, I was a Ph.D student in Department of Computer Science & Engineering at Washington University in St. Louis.

I received my M.S. in Computer Science at the University of Utah in May 2013. I have a B.S. degree in Computer Science and Engineering from HanKuk University of Foreign Studies. I worked in the Medical IT Convergence Research Center and Intelligent IT System Research Center at KETI (Korea Electronics Technology Institute) as a research intern from Feb. 2008 to Jul. 2011.


Publications Google Scholar Author Page

  1. Issued for Abuse: Measuring the Underground Trade in Code Signing Certificate.
    Kristián Kozák, Bum Jun Kwon, Doowon Kim, Christopher Gates, and Tudor Dumitraş.
    In WEIS 2018: The Workshop on the Economics of Information Security. May 2018.
  2. Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI.
    Doowon Kim, Bum Jun Kwon, and Tudor Dumitraș.
    In CCS 2017: ACM Conference on Computer and Communications Security. October 2017.
    Media: [Schneier on Security], [The Register], [The SSL Store], [Ars Technica], [Threatpost], [Tech Wire Asia], [End Game], [CPS-VO], [Systweak], [Fortuna's Corner], [Security Affairs], [The Hacker News], [Security Intelligence], [Tech Target]
  3. fFTP: a fast file transfer protocol for home N-screen platform.
    Doowon Kim, Jinsuk Baek, Paul S Fisher, Sangchul Kim.
    Personal and Ubiquitous Computing. October 2017. DOI: 10.1007/s00779-017-1082-5. October 2017.
  4. Lessons learned from using an online platform to conduct large-scale, online controlled security experiments with software developers.
    Christian Stransky, Yasemin Acar, Duc Cuong Nguyen, Dominik Wermke, Elissa M. Redmiles, Doowon Kim, Michael Backes, Simson Garfinkel, Michelle L. Mazurek, and Sascha Fahl.
    In CSET 2017: USENIX Workshop on Cyber Security Experimentation and Test. August 2017.
  5. Balancing security and usability in encrypted email.
    Wei Bai, Doowon Kim, Moses Namara, Yichen Qian, Patrick Gage Kelley, and Michelle L. Mazurek.
    In IEEE Internet Computing: 21 (3), 30-38. 2017.
  6. How Internet Resources Might Be Helping You Develop Faster but Less Securely.
    Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L Mazurek, Christian Stransky.
    In IEEE Security & Privacy, vol. 15, no. 2, pp. 50-60, 2017. doi: 10.1109/MSP.2017.24. (The authors are alphabetically ordered.)
  7. Comparing the usability of cryptographic APIs.
    Yasemin Acar, Michael Backes, Sascha Fahl, Simson Garfinkel, Doowon Kim, Michelle L. Mazurek, and Christian Stransky.
    In the 2017 IEEE Symposium on Security and Privacy. May 2017. (The authors are alphabetically ordered.)
  8. An inconvenient trust: User attitudes toward security and usability tradeoffs for key-directory encryption systems.
    Wei Bai, Doowon Kim, Moses Namara, Yichen Qian, Patrick Gage Kelley, and Michelle L. Mazurek.
    In SOUPS 2016: USENIX Symposium on Usable Privacy and Security. June 2016.
  9. You get where you're looking for: The impact of information sources on code security.
    * Awarded the 5th annual NSA Best Scientific Cybersecurity Paper.
    Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, and Christian Stransky.
    In the 2016 IEEE Symposium on Security and Privacy (Oakland). May 2016. (The authors are alphabetically ordered.)
  10. An Adaptive Primary Path Switching Scheme for Seamless mSCTP Handover.
    Jinsuk Baek, Doowon Kim, Paul S. Fisher, and Minho Jo.
    In the Smart Computing Review (Smart CR). March 2014. (Invited Paper)

Posters

  1. You get where you're looking for: The impact of information sources on code security.
    Yasemin Acar, Michael Backes, Sascha Fahl, Doowon Kim, Michelle L. Mazurek, and Christian Stransky.
    In SOUPS 2016: Symposium on Usable Privacy and Security. June 2016. (Previously published paper.)
  2. Adaptive Video Streaming over HTTP.
    Doowon Kim, Jinsuk Baek, and Paul S. Fisher.
    In the 49th ACM Southeast Conference (ACM SE 2014). March 2014. (poster session)
  3. Implementation of Framework to Identify Potential Phishing Websites.
    Doowon Kim, Chaitanya Achan, Jinsuk Baek, and Paul S. Fisher.
    In 2013 IEEE Intelligence and Security Informatics (IEEE ISI 2013). June 2013. (poster session)

Talks

  • You get where you're looking for: The impact of information sources on code security
    In HCIL Symposium 2016, University of Maryland, MD, May 2016.
  • You get where you're looking for: The impact of information sources on code security
    At Bowie State University, MD, April 2016.

Others

  • An Inconvenient Trust: User Attitudes toward Security and Usability Tradeoffs for Key-Directory Encryption Systems
    Wei Bai, Doowon Kim, Moses Namara, Yichen Qian, Patrick Gage Kelley, Michelle L. Mazurek. Black Hat USA, August 2016.