# 김현욱 (Hyunwook Kim)
AI Summary
Purpose:
- Canonical profile of the wiki owner, 김현욱 (Hyunwook Kim): identity, education, research output, and professional career.
Key points:
- One-line identity: Data / Systems Engineer and data-part lead at Labradorlabs (2021.06-present); formerly an IoT firmware fuzzing / software vulnerability researcher (Sejong University M.S.).
- Two-phase career: (1) academic security research (~2018-2021) → (2) industry data/systems engineering (2021.06-present).
- Research output includes an M.S. thesis, a Korean conference paper (UART/firmware analysis), a fuzzer comparison line of work (FIRM-AFL / FirmAFL_K, AFL++), VulPredictor (k-NN), and 2 patents.
- Professional domains: data collection/crawlers, DB engineering, vulnerability & license data, binlog shipping service (internal BTS/log transfer), infra/monitoring/backup.
Relevant when:
- An agent needs the authoritative bio, education, role, skills, or career narrative of the owner.
- Generating portfolio/profile/intro text or attributing authorship of research.
Do not read full document unless:
- You need the detailed timeline, exact research artifacts, or skill enumeration.
Linked documents:
- [[career-timeline]]
- [[../academic/index]]
- ../../../human/portfolio/index.html
Open Questions
- Exact M.S. start/end dates and degree-conferral date — Needs confirmation (portfolio states research period "2018-2021"; precise enrollment/graduation dates not verified here).
- Exact patent numbers, titles, and grant dates for the 2 patents — Needs confirmation (see [[../academic/index]]).
- Exact venue/date metadata for the UART paper and VulPredictor presentation beyond "2019 winter / 2019 summer conference" as stated in the portfolio draft.
Details
One-line identity
김현욱 (Hyunwook Kim) — Data / Systems Engineer and data-part lead at Labradorlabs; previously an IoT firmware fuzzing and software vulnerability researcher (Sejong University M.S.). He bridges security research and large-scale data/systems engineering.
Education and research lab
- Sejong University, M.S. (graduate study). Research period stated as approximately 2018-2021. Exact enrollment/graduation dates: Needs confirmation.
- Lab theme: automated software vulnerability analysis and IoT firmware fuzzing — symbolic execution, hybrid fuzzing, and emulation-based firmware analysis.
- Tooling used in research: AFL, AFL++, Firm-AFL, Firm-AFL derivatives, angr, S2E, IDA Pro.
Research output
- M.S. thesis on automated vulnerability analysis / firmware fuzzing. Exact title: Needs confirmation. See [[../academic/index]].
- FIRM-AFL / FirmAFL_K work: integrated AFL++ with Firm-AFL to build
FirmAFL_K; comparative experiments on 7 real-world commercial firmware images reported up to ~2.2x more crashes than the baseline. (A related Korean-language paper / "FIRM-COV" line of work is referenced in the portfolio draft — exact paper title/venue: Needs confirmation; see [[../academic/index]].) - UART / embedded firmware analysis paper: systematic UART connection methodology used to obtain a root shell on a D-Link router; presented as a 2019 winter conference paper. Exact venue metadata: Needs confirmation.
- VulPredictor: machine-learning vulnerability-prediction system using binary system-call execution flow as features; k-NN achieved ~70.1% accuracy (best among tested algorithms); presented at a 2019 summer conference. Exact venue metadata: Needs confirmation.
- LAVA / LAVA-M: studied the LAVA methodology and built a LAVA-M benchmark dataset for evaluating vulnerability-detection tools.
- 2 patents. Numbers/titles/dates: Needs confirmation. See [[../academic/index]].
Professional career
Labradorlabs (LabradorLabs), 2021.06 - present. Data-part lead (데이터파트 파트리더). Owns the data backend of open-source security/license analysis products across the full collect → store → distribute → operate lifecycle.
Domains:
- Data collection / crawlers — language-specific library crawlers (e.g. Go, Swift, .NET added; legacy Java-based crawlers reimplemented in Python), covering 8 major languages; Airflow / Kubernetes-based pipelines.
- DB engineering — large commercial DB re-engineering and index optimization (reported 2.6TB → 1.2TB, ~53.8% reduction; install time 12h → 6h), MySQL replication, automated backup, distribution-DB instance separation, schema design and write-path standardization (
INSERT ... ON DUPLICATE KEY UPDATE). - Vulnerability & license data — LPP (Labrador Patch Priority) scoring using CVSS plus PoC, CWE Top 25 and other multi-dimensional signals; file/function-level vulnerability collection system (V4 redesign splitting URL vs. source-code collection); OS package vulnerability data (12 OS families); AI-based license collection (V3) using the ChatGPT API to replace external service dependency;
hash-genfunction-abstraction accuracy fixes. - Binlog shipping service (internal BTS/log transfer system) — central monitoring of customer-side sync-agent error logs, terminology standardization, API versioning.
- Infra / monitoring / backup — hybrid IDC + in-house + AWS architecture, AWS→IDC cost optimization, end-to-end pipeline (collect → distribute → dev → on-premise customer), Master-Replica replication, disaster recovery, monitoring.
- Team / process — data-part leadership and customer technical support.
Public portfolio wording note:
- Do not expose internal tool/source names such as Jira or Confluence in public portfolio copy. Use generic wording such as "issue management", "document management", "work tracking", or "document hub".
- Do not expose the internal service acronym BTS in public portfolio copy or URLs. Prefer "binary-log-based data synchronization" / "바이너리 로그 기반 데이터 동기화" for public pages. Explain the customer-security constraint generically: some customer environments could not use the provided DB replica connection, so a separate binlog-based synchronization path was built.
- Do not use "domestically first" / "국내 최초" in public portfolio copy unless externally verifiable. Use "multi-dimensional patch-priority model/system" instead.
- Avoid internal organization labels such as "data part", "analysis engine team", or "part leader" in public portfolio copy. Use "LabradorLabs" for affiliation and public role wording such as "Data / Systems Engineer" or "Data Engineering Lead".
- Avoid public project titles that depend on internal version codes such as V2/V3/V4 unless the version itself is externally meaningful. Prefer capability-based titles such as "pipeline redesign", "monitoring", "encryption transition", or "common execution package".
Core skills
- Data infrastructure architecture (hybrid cloud: IDC + in-house + AWS) and end-to-end pipeline design.
- Large-scale MySQL operation and optimization (replication, indexing, backup, high availability).
- Vulnerability and license data systems (scoring, collection pipelines, schema design).
- Security research methods: fuzzing (AFL/AFL++/Firm-AFL), symbolic execution (angr, S2E), firmware emulation, hardware analysis (UART), static/dynamic analysis (IDA Pro).
- Applied AI/ML: LLM API integration (ChatGPT API for license analysis), k-NN-based prediction modeling.
- Languages/stacks (from work above): Python, Go, Swift, .NET, SQL/MySQL; Airflow, Kubernetes.
Two-phase narrative
Phase 1 — Academic security research (~2018-2021, Sejong University M.S.): deep work on automated vulnerability discovery — firmware fuzzing, hybrid fuzzing, symbolic execution, ML-based vulnerability prediction, and benchmark dataset construction.
Phase 2 — Industry data/systems engineering (2021.06-present, Labradorlabs): designing and operating the data backend for security/license products at scale — crawlers, DB engineering, vulnerability/license data systems, binlog shipping / transfer systems, and infrastructure.
Through-line: both phases center on security data and systems. The research phase produced primary security knowledge (how vulnerabilities are found and characterized); the industry phase operationalizes that knowledge into production-grade data pipelines and DB systems that collect, analyze, and distribute vulnerability and license intelligence. The same instincts — automation, accuracy of derived signals, and systematic evaluation — carry across from fuzzing experiments to large-scale data engineering.