In our laboratory, Web Security (WebSec) Lab, we conduct research and develop technologies aimed at enhancing the security of the universal interface—the Web. Our primary goal is to contribute to the global effort of ensuring the security of the world's web by proactively detecting and reporting web threats. We achieve this through various cutting-edge technologies, including penetration testing, fuzz testing, static analysis, and artificial intelligence.

In addition, our lab conducts research on AI security from two complementary perspectives: security for AI and AI for security. For security for AI, we study emerging security threats in AI agents, such as prompt injection and jailbreak attacks, and develop systematic methods to understand, detect, and prevent them. For AI for security, we investigate how AI can be used to enhance security testing, vulnerability analysis, defense mechanisms, and automated patch generation.