Nisha Rathode (Editor)

David Brumley

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Name
  
David Brumley

Fields
  
Computer Science

Doctoral advisor
  
Dawn Song


David Brumley usersececmuedudbrumleyassetslocalassetsdb

Institutions
  
Carnegie Mellon University

Alma mater
  
Carnegie Mellon University Stanford University of Northern Colorado

Known for
  
software security and applied cryptography

Education
  
Stanford University, University of Northern Colorado, Carnegie Mellon University

David brumley network security protecting today s computers


David Brumley is a Professor and Director of CyLab Security and Privacy Institute at Carnegie Mellon University. He is a well-known researcher in software security, network security, and applied cryptography. Prof. Brumley also worked for 5 years as a Computer Security Officer for Stanford University.

Contents

David Brumley David Brumley 905 WESA

David brumley software security


Education

David Brumley David Brumley 905 WESA

Brumley obtained a Bachelor of Arts in Mathematics from the University of Northern Colorado in 1998. In 2003 he obtained an MS degree in Computer Science from Stanford University. In 2008 he obtained a PhD in computer science from Carnegie Mellon University, where his Advisor was Professor Dawn Song.

Career

David Brumley djb research team

Brumley was previously the Assistant Computer Security Officer for Stanford University. Brumley is the faculty advisor to the Plaid Parliament of Pwning (PPP), which is the Carnegie Mellon University competitive security team.

David Brumley CMUs Brumley Receives Prestigious PECASE Award for Cybersecurity

Some of his notable accomplishments include:

David Brumley David Brumley thedavidbrumley Twitter

  • In 2008, he showed the counter-intuitive principle that patches can help attackers. In particular, he showed that given a patch for a bug and the originally buggy program, a working exploit can be automatically generated in as little as a few seconds. This result shows that current patch distribution architectures that distribute patches on time-scales larger than a few seconds are potentially insecure. In particular, this work shows one of the first applications of constraint satisfaction to generating exploits.
  • In 2007, he developed techniques for automatically inferring implementation bugs in protocol implementations. This work won the best paper award at the USENIX Security conference.
  • His work on a Timing attack against RSA. The work was able to recover the factors of a 1024-bit RSA private key over a network in about 2 hours. This work also won the USENIX Security Best Paper award. As a result of this work, OpenSSL, stunnel, and others now implement defenses such as RSA blinding.
  • His work on Rootkit analysis.
  • His work on distributed denial of service attacks. In particular, he worked towards tracking down the attackers who brought down Yahoo in 2002.
  • He was a major contributor towards the arrest of Dennis Moran
  • US Patent 7373451, which is related to virtual appliance distribution and migration. This patent serves as part of the basis for founding moka5 by his co-authors.

    • David Brumley Queens Birthday honour for retired BHS physician Ballarat Health

    References

    David Brumley Wikipedia
    (Text) CC BY-SA