David Brumley Carnegie Mellon University Wean Hall #8116 5000 Forbes Avenue Pittsburgh, PA 15213 My Email via reCAPTCHA CV (updated 1/23/2008): PDF PS

• An article on our work has appeared in Technology Review
• I have accepted an offer to be an Assistant Professor at CMU in the Electrical and Computer Engineering Department, and will also be a member of CyLab.
• Our work on patch-based exploit generation was slashdotted and in Bruce Schneier's recent cryptogram.

Publications

1. Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications.PDF
   By David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng.
   Proceedings of the IEEE Security and Privacy Symposium, May, 2008.
   
2. Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation. PDF BiBTeX
   By David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
   Proceedings of the 2007 USENIX Security Conference, 2007.
   * Conference Best Paper Award
3. Creating Vulnerability Signatures Using Weakest Pre-conditions. PDF BiBTeX
   By David Brumley, Hao Wang, Somesh Jha, Dawn Song
   Proceedings of the 2007 Computer Security Foundations Symposium, 2007.
4. Sweeper: A Lightweight End-to-End System for Defending Against Fast Worms. PDF BiBTeX
   By Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, Yuanyuan Zhou and Dawn Song
   In the Proceedings of the 2007 EuroSys Conference, 2007.
5. A Generic Application-Level Protocol Analyzer and its Language. PDF BiBTeX
   Nikita Borisov, David Brumley, Helen Wang, John Dunagan, Pallavi Joshi, and Chuanxiong Guo.
   In the Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 07)
6. Efficient and Accurate Detection of Integer-based Attacks. PDF BiBTeX
   David Brumley, Tzi-cker Chiueh, Robert Johnson, Huijia Lin, and Dawn Song
   In the Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 07)
7. Replayer: Automatic Protocol Replay by Binary Analysis. PDF BiBTeX
   James Newsome and David Brumley and Jason Franklin and Dawn Song.
   In the Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 06)
8. Towards Attack-Agnostic Defenses. PDF BiBTeX
   David Brumley and Dawn Song.
   In the Proceedings of the First Workshop on Hot Topics in Security (HOTSEC 06)
9. Towards Automatic Generation of Vulnerability-Based Signatures. PDF BibTeX
   David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha.
   In the Proceedings of the 2006 IEEE Symposium on Security and Privacy.
   * Selected by program committe for recommendation to IEEE Transactions on Dependable and Secure Computing
10. Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software. PDF BiBTeX
    James Newsome, David Brumley, and Dawn Song.
    In the Proceedings of the 13th Annual Network and Distributed Systems Security Symposium (NDSS 2006).
11. Design Space and Analysis of Worm Defense Strategies. PDF BiBTeX
    David Brumley, Li-Hao Liu, Pongsin Poosankam, and Dawn Song.
    In the Proceedings of the 2006 ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2006).
12. Remote timing attacks are practical. PDF BiBTeX
    David Brumley and Dan Boneh.
    Journal of Computer Networks, 2005.
    * This is the updated and more complete journal version of the 2003 USENIX Security paper.
13. Privtrans: Automatically Partitioning Programs for Privilege Separation. PDF BiBTeX
    David Brumley and Dawn Song.
    In the Proceedings of the 13th USENIX Security Symposium, August 2004.
14. Virtual appliances for deploying and maintaing software. PDF BiBTeX
    C. Sapuntzakis, D. Brumley, R. Chandra, N. Zeldovich, J. Chow, M. S. Lam, and M. Rosenblum
    In the Proceedings of the 17th Large Installation System Administration Conference (LISA 2003), October 2003.
15. Remote timing attacks are practical. PDF PS BiBTeX
    David Brumley and Dan Boneh
    In the Proceedings of the 12th USENIX Security Symposium, August 2003.
    * Conference Best Paper Award

• Sting: An End-to-End Self-Healing System for Definding against Internet Worms.
  by David Brumley, James Newsome, and Dawn Song.
  In Malware Detection, Springer Publications, 2007.

• Alias analysis for assembly. PDF PS BiBTeX
  David Brumley and James Newsome
  Carnegie Mellon University School of Computer Science Technical Report. CMU-CS-06-180. December, 2006.
• A Crash Course in Managing Security.PDF
  USENIX ;login, 2001
• Repeatable Security.PDF
  USENIX ;login, 2000.
• Rootkits - How Intruders Hide.HTML
  USENIX ;login, 1999.
• Tracking Hackers on IRC. HTML
  In USENIX ;login, 1999.

Patents

• Apparatuses, Systems, and Methods for Malware Detection and Analysis, and for Protection from Malware. 2006. (Patent Pending.)
• Virtual Appliance Management. 2006. (Patent Pending. )
• Generic Application Level Protocol Analyzer. 2005. (Patent Pending)
• A Cache-Based System Management Architecture with Virtual Appliances, Network Repositories, and Virtual Appliance Transceivers. With Monica Lam, Constantine Sapuntzakis, Ramesh Chandra, Nickolai Zeldovich, Mendel Rosenblum, and James Chow. Issued May 13, 2008. Patent #7373451
  Licensed to Moka5

Professional Activities

• 16th Annual Network and Distributed System Security Symposium (NDSS 2009), San Diego, CA.
• 4th European Conference on Computer Network Defense (EC2ND). Dublin, Ireland.
• 2008 European Workshop on System Security (EUROSEC). Glasgow, Scotland.
• Recent Advances in Intrusion Detection (RAID) 2008. Boston, MA.
• Fifth Conference on Detection and Malware and Vulnerability Assesment (DIMVA 2008), Paris, France.
• 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, CA.
• Second Workshop on Security Network Protocols (NPSEC), 2006 (Held in conjunction with ICNP)
• Applied Cryptography and Network Security (ACNS), 2005
• First Workshop on Secure Network Protcols (NPSEC), 2005 (Held in conjunction with ICNP)

• Teaching assistant for Introduction to Compilers, CMU 15-411, Fall 2004
• Teaching assistant for Secure Software Systems, CMU 18-732, Fall 2005
• Introduction to Computer Security, Universidad Francisco Marroquin, Guatemala, 1999 & 2001

Other Information

• I run the Security Reading Group at CMU.
• I have taken quite a few courses
• My Erdos number is 4 (Dan Boneh -> Richard J Lipton -> Noga Alon -> Paul Erdos)
• I am currently in charge of the CMU CSD intermural hockey, and play for the CMU Tartans.

When I was a security officer for Stanford, I worked on several thousand incidents. A few of these have ended up in the news.

• New York Times
• San Francisco Chronicle
• Wired Magazine 1
• Wired Magazine 2
• CNN
• Wall Street Journal