CheolJun Park

• Assistant professor (Sep. 2024 ~) in the School of Computing and Graduate School of Security Convergence @ Kyung Hee University
• I received my Ph.D. from the school of electrical engineering (EE) at Korea Advanced Institute of Science and Technology (KAIST) under the supervision of Prof. Yongdae Kim. Also, I received my MS and BS degrees from KAIST EE in 2019 and 2017, respectively.
• Previously, I worked as a postdoc researcher at KAIST EE in 2024, an intern at Qualcomm product security initiative (QPSI) in 2023 and a visiting researcher at CISPA Helmholtz Center for Information Security in 2022.

---

Office: (KR) 경기도 용인시 기흥구 덕영대로 1732 경희대학교 국제캠퍼스 우정원 7034호 (EN) #7034, Woojungwon, Kyung Hee University Global Campus, 1732 Deokyeong-daero, Giheung-gu, Yongin-si, Gyeonggi-do, Repub. of Korea

Email: cheoljunp@khu.ac.kr | Tel: +82-31-201-3771

---

Talks

• Finding memory bugs in the cellular baseband via over-the-air interface
  Qualcomm Product Security Summit (QPSS), San Diego, May. 2024

• Finding implementation vulnerabilities in cellular baseband
  • KICS winter conference 2025, Pyeongchang, Feb. 2025
  • Tech session at .HACK conference, Seoul, May. 2024
  • Invited seminar at Korea Air Force Academy, Cheongju, Apr. 2024
  • Invited seminar at National Security Research Institute, Daejeon, Mar. 2024
  • Invited seminar at Haboob (cybersecurity company), Riyadh, Feb. 2024

• Research Trends on Physical Signal and Communication Channel-Based Soft Kill Techniques for Anti-Drone Systems Workshop on Automotive and Unmanned Vehicle Security @ KIISC, Seoul, Aug. 2024

• Finding memory bugs in the cellular baseband using over-the-air framework
  Security at KAIST, Daejeon, Nov. 2023

• Security attacks against the LTE network
  Invited seminar at Sungshin Women’s University, Seoul, Nov. 2022

• SigOver + alpha: Signal overshadowing attack on LTE and its applications
  Chaos Communication Congress (CCC) Conference (36C3), Leipzig, Dec. 2019

Honors & awards

CVEs

• CVE-2024-23385: Qualcomm baseband chipsets, “Transient DOS as modem reset occurs when an unexpected MAC RAR (with invalid PDU length) is seen at UE” [ Qualcomm acknowledgements ]

• CVE-2024-20076, CVE-2024-20077: MediaTek baseband chipsets, “Improper restriction of operations within the bounds of a memory buffer in Modem” [ Mediatek acknowledgements ]

• CVE-2023-43551: Qualcomm baseband chipsets, “Cryptographic issue while performing attach with an LTE network, FBS can skip the authentication phase” (Internal report) [ Qualcomm Security Bulletins ]

• CVE-2024-20039: MediaTek baseband chipsets, “Memory crash vulnerability in NAS EMM protocol message” [ Mediatek acknowledgements ]

• CVE-2023-37366: Pixel devices, “Pixel 7 crash due to incorrect handling of malformed NAS message”, $5,000 [ Android security acknowledgements ]

• CVE-2023-32890: MediaTek baseband chipsets, “Modem crash due to incorrect handling of RRC DLInformationTransfer message” [ Mediatek acknowledgements ]

• Acknowledgement from Apple: Apple devices, “Misimplementation on handling LTE test mode procedure messages” [ iOS16.4 updates ]

• CVE-2022-40521, CVE-2022-40536: Qualcomm baseband chipsets, “Transient DOS due to improper authorization handling LTE test mode procedure messages” [ Qualcomm Security Bulletins ]

• CVE-2022-23425: Samsung baseband chipsets, “LTE NAS authentication bypass”, $14,760

• CVE-2021-25516: Samsung baseband chipsets, “Not standard-compliant behavior on handling RRC MeasurementReport message, which can result in location tracking”, $2,310

• CVE-2021-30826: Apple devices, “Authentication and key agreement (AKA) bypass issue that disables integrity and ciphering protection” [ iOS15 updates ]

• CVE-2019-2289: Qualcomm baseband chipsets, “Lack of integrity check allowing modem to accept any LTE NAS messages, which can result in authentication bypass of NAS”, $15,000

Awards

1. Best Paper Award, Ministry of the Interior and Safety of South Korea, Conference on Information Security and Cryptography, Nov. 2022
2. Best Paper Award, Conference on Information Security and Cryptography, Nov. 2021
3. Grand Prize, KIISC-KAIS Research Paper Competition Oct. 2021
4. Best Paper Award, NSR Director, Conference on Information Security and Cryptography, Nov. 2020
5. Best Paper Award, ETRI President, Conference on Information Security and Cryptography, Jul. 2020

Patents

• KR 10-2022-0182441 (Filed)
  Stateful Black Box Testing for 5G Standalone Cellular Network

• US18472021 (Filed), KR 10-2022-0120586 (Filed)
  Method for IMEI verification and unauthorized device detection using control plane message and the system thereof

• US17960246 (Filed), KR 10-2514797 (Granted)
  Security analysis system and method based on negative testing for protocol implementation of LTE device

• KR 10-254946 (Granted)
  Method and system for automatically analyzing bugs in cellular baseband software using comparative analysis based on cellular specifications

• KR 10-2020-0133926 (Filed)
  Method to prevent mapping of user identifiers in the mobile communication system

• US17451123 (Filed), KR 10-2450114 (Granted)
  FBS redirection attack method using unicast message injection in LTE and the system thereof

• KR 10-2514809 (Granted)
  Video identification method in LTE networks and the system thereof

• KR 10-2287190 (Granted)
  Method for measuring induced electromotive force, method for tracking marker position using induced electromotive force, and apparatus for performing the same

• PCT/KR2018/015731 (Filed), KR 10-2092445-0000 (Granted)
  Powerless electromagnetic sensor and surgical navigation system including same

Service

• Review: IEEE Transactions on Information Forensics and Security, IEEE Transactions on Privacy, NDSS AEC, CCS AEC, Journal of Information Processing Systems, CISC
• External reviewers: NDSS, USENIX, ACM CCS, IEEE S&P, ACM WiSec, ACM ASICCS, ACM WOOTS
• KIISC(정보보호학회) 이사(2025)