David Brumley

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Dtkacik (talk | contribs) at 19:02, 20 May 2016 (Undid revision 721273727 by Dtkacik (talk)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

David Brumley
Alma materCarnegie Mellon University
Stanford
University of Northern Colorado
Known forsoftware security and applied cryptography
Scientific career
Fieldscomputer science
InstitutionsCarnegie Mellon University
Doctoral advisorDawn Song

David Brumley is a Professor and Director of CyLab Security and Privacy Institute at Carnegie Mellon University. He is a well-known researcher in software security, network security, and applied cryptography. Prof. Brumley also worked for 5 years as a Computer Security Officer for Stanford University.

Some of his notable accomplishments include:

  • In 2008, he showed the counter-intuitive principle that patches can help attackers. In particular, he showed that given a patch for a bug and the originally buggy program, a working exploit can be automatically generated in as little as a few seconds. This result shows that current patch distribution architectures that distribute patches on time-scales larger than a few seconds are potentially insecure.[1] In particular, this work shows one of the first applications of constraint satisfaction to generating exploits.[2]
  • In 2007, he developed techniques for automatically inferring implementation bugs in protocol implementations. This work won the best paper award at the USENIX Security conference.
  • His work on a Timing attack against RSA. The work was able to recover the factors of a 1024-bit RSA private key over a network in about 2 hours. This work also won the USENIX Security [3] Best Paper award. As a result of this work, OpenSSL, stunnel,[4] and others now implement defenses such as RSA blinding.
  • His work on Rootkit analysis.[5]
  • His work on distributed denial of service attacks. In particular, he worked towards tracking down the attackers who brought down Yahoo in 2002.[6]
  • He was a major contributor towards the arrest of Dennis Moran[7]
  • US Patent 7373451, which is related to virtual appliance distribution and migration. This patent serves as part of the basis for founding moka5 [8] by his co-authors.

Education

References

  1. ^ [1]
  2. ^ [2]
  3. ^ 2003
  4. ^ http://seclists.org/bugtraq/2003/Mar/0317.html
  5. ^ [3]
  6. ^ [4]
  7. ^ New York Times,
  8. ^ http://www.moka5.com

External links


Flag of United StatesScientist icon

This article about an American scientist in academia is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=David_Brumley&oldid=721275627"