David Brumley
David Brumley | |
---|---|
Fields | computer science |
Institutions | Carnegie Mellon University |
Alma mater |
Carnegie Mellon University Stanford University of Northern Colorado |
Doctoral advisor | Dawn Song |
Known for | software security and applied cryptography |
David Brumley is a Professor and Director of CyLab Security and Privacy Institute at Carnegie Mellon University. He is a well-known researcher in software security, network security, and applied cryptography. Prof. Brumley also worked for 5 years as a Computer Security Officer for Stanford University.
Some of his notable accomplishments include:
- In 2008, he showed the counter-intuitive principle that patches can help attackers. In particular, he showed that given a patch for a bug and the originally buggy program, a working exploit can be automatically generated in as little as a few seconds. This result shows that current patch distribution architectures that distribute patches on time-scales larger than a few seconds are potentially insecure.[1] In particular, this work shows one of the first applications of constraint satisfaction to generating exploits.[2]
- In 2007, he developed techniques for automatically inferring implementation bugs in protocol implementations. This work won the best paper award at the USENIX Security conference.
- His work on a Timing attack against RSA. The work was able to recover the factors of a 1024-bit RSA private key over a network in about 2 hours. This work also won the USENIX Security [3] Best Paper award. As a result of this work, OpenSSL, stunnel,[4] and others now implement defenses such as RSA blinding.
- His work on Rootkit analysis.[5]
- His work on distributed denial of service attacks. In particular, he worked towards tracking down the attackers who brought down Yahoo in 2002.[6]
- He was a major contributor towards the arrest of Dennis Moran[7]
- US Patent 7373451, which is related to virtual appliance distribution and migration. This patent serves as part of the basis for founding moka5 [8] by his co-authors.
Education
- PhD, Computer Science, 2008. Carnegie Mellon University. Advisor: Dawn Song.
- MS, Computer Science, 2003. Stanford University. Advisor: Boneh and Monica Lam
- BA, Mathematics, 1998. University of Northern Colorado
References
External links
- Brumley's Home Page
- Additional articles mentioning Brumley's work: Wired Magazine, CNN, and the Wall Street Journal
This article is issued from Wikipedia - version of the Wednesday, April 13, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.