Insup Lee
Researcher @ Abu Dhabi, UAE
Ph.D. Candidate @ Korea University

I am an AI & Security Researcher based in Abu Dhabi, UAE, working on generative models for cybersecurity and drones. Previously, I spent five years as a researcher at the Agency for Defense Development (ADD), conducting research in AI-driven cybersecurity. Currently, I serve as a Cyber Officer, leading AI-based security projects while my service is expected to conclude in May 2025.

I am also a Ph.D. candidate in Cybersecurity at Korea University, where I earned my B.E. in Cyber Defense (CYDF).

My research interests lie at the intersection of AI and cybersecurity, focusing on generative models, AI-driven security, adversarial machine learning, and secure communications

CV / Email / LinkedIn / Google Scholar / GitHub

News
  • 2025.03.11: I was awarded the ambassador’s commendation for excellence in defense cooperation with the UAE.
  • 2024.04.26: I arrived in Abu Dhabi, UAE, where I will be spending one year.
  • 2023.12.10: I received the 3rd prize as team leader for Cyber Talpiot Hackathon.
  • 2023.09.13: TMR has been accepted to IEEE Access.
  • 2023.08.18: BAN has been accepted to IEEE Access.
  • 2023.08.01: I joined R.O.K. Cyber Operations Command as a cyber officer.
  • 2023.05.26: Camp2Vec has been accepted to ICT Express.
  • 2023.03.21: UniQGAN has been accepted to IEEE Transactions on Dependable and Secure Computing (TDSC).
Research Interests
  • AI + Security: AI for cybersecurity, adversarial ML, NLP for threat intelligence, LLM for vulnerability detection
  • Generative Models: diffusion models with transformers, GANs, robustness via data augmentation
  • Network and Wireless Security: drones, robust communications, anomaly detection, network IDS, etc.
Education
  • Ph.D. Candidate in Cybersecurity,, Korea University, Seoul, Republic of Korea, 2019 - Present
    • Completed all required coursework and passed Ph.D. qualifying examination
    • Researched generative models to enhance robustness in communication systems
  • B.E. in Cyber Defense, Korea University, Seoul, Republic of Korea, 2014 - 2018
    • Studied computer science, cybersecurity, cryptography, and secure coding
Employment History
  • Research Intern, Indiana University, Bloomington, Indiana, USA, 2025.3 - Present
    • Researched robotic vehicles and drones
  • Cyber Officer, Ministry of National Defense, Republic of Korea, 2023.8 - 2025.5
    • Collaborated with international team members while working in the UAE
    • Executed cyber defense operations and developed automation tools at the Cyber Operations Command
  • Researcher, Agency for Defense Development (ADD), Seoul, Republic of Korea, 2018.7 - 2023.7
    • ADD is a South Korean government agency dedicated to defense R&D, including cybersecurity and AI
    • Carried out three AI-driven cybersecurity projects, conducting research and in-house software development
      (1) "Detection of Nation-Sponsored Cyber Attacks Using NLP Technologies" (Apr 2021 - Jul 2023)
      (2) "Generative Models for Cybersecurity Data Augmentation" (Jun 2019 - Oct 2020)
      (3) "IPADS: Integrated Proactive and Adaptive Defense Systems" (Aug 2018 - May 2019)
    • Published five international papers [C1, C2, J2, J3, J4], four patents, and 12 domestic papers
Research Experience
  • Diffusion Models for Enhanced Drone Communications, 2024.3 - Present
    • Keywords: diffusion models, vision transformers, drone communications, adversarial robustness
    • Frameworks/Tools: PyTorch
    • Publications: two papers are under review
  • Detection of Nation-Sponsored Cyber Attacks Using NLP Technologies, 2021.4 - 2023.7
    • Keywords: cyber threat intelligence, NLP, data augmentation, embedding, SOAR, MITRE ATT&CK
    • Frameworks/Tools: PyTorch, scikit-learn, Docker, Kubernetes, Git, PostgreSQL, FastAPI
    • Publications: [J2], [J3], [J4] & one paper is under review
  • Generative Adversarial Networks for Robust Modulation Classification, 2020.5 - 2022.12
    • Keywords: wireless communications, GANs, adversarial attacks, I/Q data augmentation, adversarial robustness
    • Frameworks/Tools: PyTorch, IBM ART
    • Publications: [J1], [J5]
  • Generative Models for Cybersecurity Data Augmentation, 2019.6 - 2020.10
    • Keywords: host IDS, sequence data, CycleGAN, SeqGAN, Seq2Seq, ADFA-LD
    • Frameworks/Tools: TensorFlow, Git, Node.js
    • Publications: [C1], [C2]
  • Network Intrusion Detection Systems Using Incremental Learning, 2019.9 - 2020.4
    • Keywords: network IDS, machine learning, encrypted traffic classification, incremental learning
    • Frameworks/Tools: scikit-learn
    • Publications: [C3]
  • IPADS: Integrated Proactive and Adaptive Defense Systems, 2018.8 - 2019.5
    • Keywords: anomaly detection, network IDS, in-vehicle network, MilCAN, CIC-IDS2017
    • Frameworks/Tools: scikit-learn
Awards & Honors
  • Ambassador’s Commendation for excellence in defense cooperation, March 2025
    Embassy of the Republic of Korea to the United Arab Emirates
  • The 3rd Prize, Military Cybersecurity Experts Hackathon (Cyber Talpiot), December 2023
    Ministry of Science and ICT, Republic of Korea
  • Full Tuition Scholarship (Korea University), 2014 - 2018
    Ministry of National Defense, Republic of Korea
Other Experience
  • AI Cyber Challenge (AIxCC), DARPA and ARPA-H, USA, 2024.4 - 2024.8
    • Participated in the semifinal round as a member of Team KORIA, submitting our cyber reasoning system that leverages LLMs for automated detection and patching of software vulnerabilities
  • SW Outsourcing Development, KCMVP-Certified Cryptographic Module, 2017.6 - 2018.3
    • Implemented a cryptographic module with 25,000 LoC in C while following secure coding conventions
    • Covered the ARIA block cipher (modes: ECB, CBC, CTR), hash functions (SHA-256, SHA-512), and HMAC-based DRBG for Windows (.dll) and Linux (.so), respectively
Technical Skills
  • Frameworks/Tools: PyTorch, Keras, TensorFlow, scikit-learn, pandas, Git, Streamlit
  • Programming Languages: Python, C, JavaScript, SQL
  • Languages: English, Korean
Publications
(J: journal / C: conference / P: patent)
Under Review
  • (Blind Review; research on diffusion transformers)
    Insup Lee
  • Enhancing Modulation Classification via Diffusion Transformers for UAV Video Signal Processing
    Insup Lee, Khalifa Alteneiji, and Mohammed Alghfeli
  • MuCamp: Generating Cyber Campaign Variants via TTP Synonym Replacement for Group Attribution
    Insup Lee and Changhee Choi
Journal Articles
[J5] UniQGAN: Towards Improved Modulation Classification With Adversarial Robustness Using Scalable Generator Design
Insup Lee and Wonjun Lee
IEEE Transactions on Dependable and Secure Computing (TDSC) 2024
(SCI 2023 I/F Top 5.30% in Computer Science, Software Engineering)
[J4] Camp2Vec: Embedding Cyber Campaign With ATT&CK Framework for Attack Group Analysis
Insup Lee and Changhee Choi
ICT Express 2023
(SCI 2023 Top 23.29% in Computer Science, Information Systems)
[J3] Exploiting TTP Co-occurence via GloVe-Based Embedding With ATT&CK Framework
Chanho Shin, Insup Lee, and Changhee Choi
IEEE Access 2023
(SCI 2023 Top 34.66% in Engineering, Electrical & Electronic)
[J2] BAN: Predicting APT Attack Based on Bayesian Network With MITRE ATT&CK Framework
Youngjun Kim, Insup Lee, Hyuk Kwon, Gyeongsik Lee, and Jiwon Yoon
IEEE Access 2023
(SCI 2023 Top 34.66% in Engineering, Electrical & Electronic)
[J1] UniQGAN: Unified Generative Adversarial Networks for Augmented Modulation Classification
Insup Lee and Wonjun Lee
IEEE Communications Letters 2022
(SCI 2023 Top 33.61% in Telecommunications)
Conference Proceedings
[C3] Encrypted Malware Traffic Detection Using Incremental Learning
Insup Lee, Heejun Roh, and Wonjun Lee
IEEE INFOCOM 2020 - Poster Session
[C2] Anomaly Dataset Augmentation Using Sequence Generative Models
Sunguk Shin, Insup Lee, and Changhee Choi
IEEE International Conference on Machine Learning and Applications (ICMLA) 2019
[C1] Opcode Sequence Amplifier Using Sequence Generative Adversarial Networks
Changhee Choi, Sunguk Shin, and Insup Lee
International Conference on ICT Convergence (ICTC) 2019
Patents
  • Method for Augmentating Cyber Attack Campaign Data to Identify Attack Group, and Security System Performing Same
    Changhee Choi and Insup Lee
    Korea Patent Application Number. 10-2024-0176082, December 2, 2024.
  • Information Identification Method and Electronic Apparatus Thereof
    Changhee Cho, Insup Lee, Chanho Shin, and Sungho Lee
    Korea Patent Application Number. 10-2024-0006106, January 15, 2024.
  • Method for Training Attack Prediction Model and Device Therefor
    Changhee Choi, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Insup Lee
    U.S. Patent Number. US20230308462A1, September 28, 2023.
  • Appratus, Method, Computer-readable Storage Medium and Computer Program for Generating Operation Code
    Changhee Choi, Sunguk Shin, and Insup Lee
    Korea Patent Number. 10-2246797, April 30, 2021.
Domestic Journals & Conferences (Korean)
  • Kangmun Kim and Insup Lee, “User Behavior Embedding via TF-IDF-BVC for Web Shell Detection,” Journal of The Korea Institute of Information Security & Cryptology (JKIISC), vol. 34, no. 6, pp. 1231-1238, Dec. 2024.
  • Insup Lee, Chanho Shin, and Changhee Choi, “Mutating Cyber Camapaign With TTP Word Replacement,” in Proc. of the KIMST Annual Conference, Jun. 2023.
  • Chanho Shin, Insup Lee, and Changhee Choi, “Towards GloVe-Based TTP Embedding With ATT&CK Framework,” in Proc. of the KIMST Annual Conference, Jun. 2023.
  • Changhee Choi, Insup Lee, Chanho Shin, and Sungho Lee, “Cyber Threat Campaign Analysis Based on PEGASUS and RoBERTa Model,” in Proc. of the KIMST Annual Conference, Jun. 2023.
  • Insup Lee, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Changhee Choi, “Analyzing Cyberattack Campaign Similarity via TTP Sequence Embedding,” in Proc. of the KIMST Annual Conference, Jun. 2022.
  • Sunguk Shin, Insup Lee, Chanho Shin, Seongyeon Seo, and Changhee Choi, “Cyber Campaign Analysis With TTP Embedding Using TF-IDF,” in Proc. of the KIMST Annual Conference, Jun. 2022.
  • Chanho Shin, Sunguk Shin, Insup Lee, Seongyeon Seo, and Changhee Choi, “Classifying TTP Based on CIA Labeling,” in Proc. of the KIMST Annual Conference, Jun. 2022.
  • Changhee Choi, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Insup Lee, “Cyber Attack Group Classification Using Siamese LSTM,” in Proc. of the KIMST Annual Conference, Jun. 2022.
  • Chanho Shin, Sunguk Shin, Seongyeon Seo, Insup Lee, and Changhee Choi, “Embedding and Training RNN to Estimating the Goal of Cyber Attack,” in Proc. of the KIMST Fall Conference, Nov. 2021.
  • Sunguk Shin, Chanho Shin, Seongyeon Seo, Insup Lee, and Changhee Choi, “The Proposed Approach for Country Prediction With TTP-based Cyber Data Using GCN,” in Proc. of the KIMST Fall Conference, Nov. 2021.
  • Changhee Choi, Chanho Shin, Sunguk Shin, Seongyeon Seo, and Insup Lee, “Deep Learning for Estimating Next Action of Cyber Attack,” in Proc. of the KIMST Fall Conference, Nov. 2021.
  • Yongbin Park, Sunguk Shin, and Insup Lee, “A Study on Evaluation Method of NIDS Datasets in Closed Military Network,” Journal of Internet Computing and Services (JICS), vol. 21, no. 2, pp. 121-130, Apr. 2020.
  • Insup Lee, Jingook Kim, and Jeongchan Park, “Analysis of Weight Setting in Incremental Learning to Improve Real-Time Intrusion Detection,” in Proc. of the KIMST Annual Conference, Jun. 2019.
Professional Activities
  • Reviewer, IEEE Transaction on Dependable and Secure Computing (TDSC), 2025
  • Reviewer, IEEE International Conference on Computer Communications (INFOCOM), 2023-2024
  • Reviewer, IEEE Communications Letters, 2022

Last Update: March 2025