Professor Seungsoo Lee’s research team

A research team led by Professor Seungsoo Lee of the Department of Computer Science and Engineering, Incheon National University has developed a framework that automatically generates least-privilege policies and performs real-time monitoring in serverless environments. The work has been accepted for presentation at the IEEE International Conference on Computer Communications (INFOCOM) 2026, one of the world’s most prestigious conferences in the field of computer networking.

Founded in 1982, IEEE INFOCOM is a flagship international conference with more than 40 years of history, showcasing world-class research in computer networking, cloud computing, and communications. In 2026, only 329 papers (approximately 19%) were accepted out of a total of 1,740 submissions.

The accepted paper, titled “ALPS: Automated Least-Privilege Enforcement for Securing Serverless Functions,” proposes a new direction for automating privilege management and strengthening real-time security in serverless environments. As the adoption of serverless computing rapidly increases, fine-grained, function-level permission configuration has become essential. However, conventional manual management approaches often result in excessive permissions (over-privilege), leading to serious security vulnerabilities. Moreover, prior studies have shown limitations in adequately reflecting the dynamic nature of serverless functions and multi-cloud environments.

To address these challenges, the proposed system introduces two innovative approaches by combining static code analysis with large language models (LLMs). First, it automatically extracts the minimum required privileges solely from a function’s source code and generates vendor-specific IAM policies. Second, by leveraging LLM-based code rewriting techniques, the system automatically inserts real-time permission verification logic into functions, enabling execution-time monitoring that immediately blocks unauthorized service calls. In addition, the system automatically adapts to post-deployment changes—such as code modifications or IAM policy updates—thereby consistently enforcing the principle of least privilege.

This study is significant in that it simultaneously achieves automation of privilege policy management and real-time security assurance in serverless environments. In particular, the developed system supports major cloud vendors, including AWS, Google Cloud, and Azure, as well as multiple programming languages, demonstrating high versatility. It is expected to become a new standard for security automation in increasingly complex serverless computing environments.

The authors are Changhee Shin (M.S. student, co-first author), Bom Kim (M.S. student, co-first author), and Seungsoo Lee (Associate Professor, corresponding author). The paper will be presented orally in May 2026 in Tokyo, Japan.