Personal information

No personal information available

Activities

Employment (1)

Carnegie Mellon University: Pittsburgh, PA, US

2008-07-01 to present | Professor (Electrical and Computer Engineering)
Employment
Source: Self-asserted source
David Brumley

Education and qualifications (1)

Carnegie Mellon University: Pittsburgh, PA, US

2003-08-01 to 2008-07-31 | PhD (Computer Science)
Education
Source: Self-asserted source
David Brumley

Works (38)

The Mayhem Cyber Reasoning System

IEEE Security and Privacy
2018 | Journal article
Part of ISSN: 15584046
Contributors: Avgerinos, T.; Brumley, D.; Davis, J.; Goulden, R.; Nighswander, T.; Rebert, A.; Williamson, N.
Source: Self-asserted source
David Brumley

How Shall We Play a Game?: A Game-theoretical Model for Cyber-warfare Games

Proceedings - IEEE Computer Security Foundations Symposium
2017 | Conference paper
Part of ISBN: 9781538632161
Part of ISSN: 19401434
Contributors: Bao, T.; Shoshitaishvili, Y.; Wang, R.; Kruegel, C.; Vigna, G.; Brumley, D.
Source: Self-asserted source
David Brumley

Scaling up dpll(T) string solvers using context-dependent simplification

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
2017 | Book
Contributors: Reynolds, A.; Woo, M.; Barrett, C.; Brumley, D.; Liang, T.; Tinelli, C.
Source: Self-asserted source
David Brumley

Your Exploit is Mine: Automatic Shellcode Transplant for Remote Exploits

Proceedings - IEEE Symposium on Security and Privacy
2017 | Conference paper
Part of ISBN: 9781509055326
Part of ISSN: 10816011
Contributors: Bao, T.; Wang, R.; Shoshitaishvili, Y.; Brumley, D.
Source: Self-asserted source
David Brumley

Enhancing symbolic execution with veritesting

Communications of the ACM
2016 | Journal article
Part of ISSN: 15577317
Contributors: Avgerinos, T.; Rebert, A.; Cha, S.K.; Brumley, D.
Source: Self-asserted source
David Brumley

Automatic problem generation for capture-the-flag competitions

2015 USENIX Summit on Gaming, Games, and Gamification in Security Education, 3GSE 2015
2015 | Conference paper
Contributors: Burket, J.; Chapman, P.; Becker, T.; Ganas, C.; Brumley, D.
Source: Self-asserted source
David Brumley

Automatically deriving pointer reference expressions from binary code for memory dump analysis

2015 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, ESEC/FSE 2015 - Proceedings
2015 | Conference paper
Part of ISBN: 9781450336758
Contributors: Fu, Y.; Lin, Z.; Brumley, D.
Source: Self-asserted source
David Brumley

Program-adaptive mutational fuzzing

Proceedings - IEEE Symposium on Security and Privacy
2015 | Conference paper
Part of ISBN: 9781467369497
Part of ISSN: 10816011
Contributors: Cha, S.K.; Woo, M.; Brumley, D.
Source: Self-asserted source
David Brumley

Automatic exploit generation

Communications of the ACM
2014 | Journal article
Part of ISSN: 00010782
Contributors: Avgerinos, T.; Cha, S.K.; Rebert, A.; Schwartz, E.J.; Woo, M.; Brumley, D.
Source: Self-asserted source
David Brumley

Enhancing symbolic execution with veritesting

Proceedings - International Conference on Software Engineering
2014 | Conference paper
Part of ISSN: 02705257
Contributors: Avgerinos, T.; Rebert, A.; Cha, S.K.; Brumley, D.
Source: Self-asserted source
David Brumley

PicoCTF: A Game-Based Computer Security Competition for High School Students

2014 USENIX Summit on Gaming, Games, and Gamification in Security Education (3GSE 14)
2014-08 | Conference paper
URI:

https://www.usenix.org/conference/3gse14/summit-program/presentation/chapman

Contributors: Peter Chapman; Jonathan Burket; David Brumley
Source: Self-asserted source
David Brumley

An empirical study of cryptographic misuse in Android applications

Proceedings of the ACM Conference on Computer and Communications Security
2013 | Conference paper
Part of ISBN: 9781450324779
Part of ISSN: 15437221
Contributors: Egele, M.; Brumley, D.; Fratantonio, Y.; Kruegel, C.
Source: Self-asserted source
David Brumley

Native x86 Decompilation using Semantics-Preserving Structural Analysis and Iterative Control-Flow Structuring

Proceedings of the USENIX Security Symposium
2013 | Conference paper
URI:

http://users.ece.cmu.edu/$\sim$ejschwar/

Contributors: Schwartz, Edward J; Lee, Jonghyup; Woo, Maverick; Brumley, David
Source: Self-asserted source
David Brumley

Scheduling black-box mutational fuzzing

Proceedings of the ACM Conference on Computer and Communications Security
2013 | Conference paper
Part of ISBN: 9781450324779
Part of ISSN: 15437221
Contributors: Woo, M.; Cha, S.K.; Gottlieb, S.; Brumley, D.
Source: Self-asserted source
David Brumley

Scheduling Black-box Mutational Fuzzing

Proceedings of the ACM Conference on Computer and Communication Security
2013 | Conference paper
Part of ISBN: 9781450324779
Contributors: Woo, Maverick; Gottlieb, Samantha; Cha, Sang Kil; Brumley, David
Source: Self-asserted source
David Brumley

GPS software attacks

Proceedings of the ACM Conference on Computer and Communications Security
2012 | Conference paper
Part of ISBN: 9781450316507
Part of ISSN: 15437221
Contributors: Nighswander, T.; Ledvina, B.; Diamond, J.; Brumley, R.; Brumley, D.
Source: Self-asserted source
David Brumley

ReDeBug : Finding Unpatched Code Clones in Entire OS Distributions

Proceedings of the IEEE Symposium on Security and Privacy
2012 | Conference paper
URI:

http://www.computer.org/csdl/proceedings/sp/2012/4681/00/4681a048-abs.html

Contributors: Jang, Jiyong; Agrawal, Abeer; Brumley, David
Source: Self-asserted source
David Brumley

ReDeBug: Finding unpatched code clones in entire OS distributions

Proceedings - IEEE Symposium on Security and Privacy
2012 | Conference paper
Part of ISBN: 9780769546810
Part of ISSN: 10816011
Contributors: Jang, J.; Agrawal, A.; Brumley, D.
Source: Self-asserted source
David Brumley

Unleashing Mayhem on binary code

Proceedings - IEEE Symposium on Security and Privacy
2012 | Conference paper
Part of ISBN: 9780769546810
Part of ISSN: 10816011
Contributors: Cha, S.K.; Avgerinos, T.; Rebert, A.; Brumley, D.
Source: Self-asserted source
David Brumley

AEG : Automatic Exploit Generation

Proceedings of the Network and Distributed Systems Security Symposium
2011 | Conference paper
Contributors: Avgerinos, Thanassis; Cha, Sang Kil; Lim Tze Hao, Brent; Brumley, David
Source: Self-asserted source
David Brumley

BitShred: Feature hashing malware for scalable triage and semantic analysis

Proceedings of the ACM Conference on Computer and Communications Security
2011 | Conference paper
Part of ISBN: 9781450310758
Part of ISSN: 15437221
Contributors: Jang, J.; Brumley, D.; Venkataraman, S.
Source: Self-asserted source
David Brumley

SplitScreen: Enabling efficient, distributed malware detection

Journal of Communications and Networks
2011 | Journal article
Part of ISSN: 12292370
Contributors: Cha, S.K.; Moraru, I.; Jang, J.; Truelove, J.; Brumley, D.; Andersen, D.G.
Source: Self-asserted source
David Brumley

A Contractual Anonymity System

Proceedings of the Network and Distribution System Security Symposium
2010 | Conference paper
Contributors: Schwartz, Edward J; Brumley, David; Mccune, Jonathan M
Source: Self-asserted source
David Brumley

All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)

Proceedings - IEEE Symposium on Security and Privacy
2010 | Conference paper
Part of ISBN: 9780769540351
Part of ISSN: 10816011
Contributors: Schwartz, E.J.; Avgerinos, T.; Brumley, D.
Source: Self-asserted source
David Brumley

Platform-independent programs

Proceedings of the ACM Conference on Computer and Communications Security
2010 | Conference paper
Part of ISBN: 9781450302449
Part of ISSN: 15437221
Contributors: Cha, S.K.; Pak, B.; Brumley, D.; Lipton, R.J.
Source: Self-asserted source
David Brumley

Automatic patch-based exploit generation is possible: Techniques and implications

Proceedings - IEEE Symposium on Security and Privacy
2008 | Conference paper
Part of ISBN: 9780769531687
Part of ISSN: 10816011
Contributors: Brumley, D.; Poosankam, P.; Song, D.; Zheng, J.
Source: Self-asserted source
David Brumley

Automatically identifying trigger-based behavior in malware

Advances in Information Security
2008 | Book
Contributors: Brumley, D.; Hartwig, C.; Liang, Z.; Newsome, J.; Song, D.; Yin, H.
Source: Self-asserted source
David Brumley
grade
Preferred source (of 2)‎

BitBlaze: A new approach to computer security via binary analysis

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
2008 | Book
Contributors: Song, D.; Brumley, D.; Yin, H.; Caballero, J.; Jager, I.; Kang, M.G.; Liang, Z.; Newsome, J.; Poosankam, P.; Saxena, P.
Source: Self-asserted source
David Brumley
grade
Preferred source (of 2)‎

Theory and techniques for automated generation of vulnerability-based signatures

IEEE Transactions on Dependable and Secure Computing
2008 | Journal article
Part of ISSN: 15455971
Contributors: Brumley, D.; Newsome, J.; Song, D.; Wang, H.; Jha, S.
Source: Self-asserted source
David Brumley

Creating vulnerability signatures using weakest preconditions

Proceedings - IEEE Computer Security Foundations Symposium
2007 | Conference paper
Part of ISBN: 0769528198
Part of ISSN: 19401434
Contributors: Brumley, D.; Wang, H.; Jha, S.; Song, D.
Source: Self-asserted source
David Brumley

Sweeper: A lightweight end-to-end system for defending against fast worms

Operating Systems Review (ACM)
2007 | Conference paper
Part of ISBN: 159593636X
Part of ISSN: 01635980
Contributors: Tucek, J.; Lu, S.; Huang, C.; Xanthos, S.; Zhou, Y.; Newsome, J.; Brumley, D.; Song, D.
Source: Self-asserted source
David Brumley

Design space and analysis of worm defense strategies

Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS '06
2006 | Conference paper
Part of ISBN: 1595932720
Contributors: Brumley, D.; Liu, L.-H.; Poosankam, P.; Song, D.
Source: Self-asserted source
David Brumley

Replayer: Automatic protocol replay by binary analysis

Proceedings of the ACM Conference on Computer and Communications Security
2006 | Conference paper
Part of ISSN: 15437221
Contributors: Newsome, J.; Brumley, D.; Franklin, J.; Song, D.
Source: Self-asserted source
David Brumley

Towards Attack-agnostic defenses

1st USENIX Workshop on Hot Topics in Security, HotSec 2006
2006 | Conference paper
Contributors: Brumley, D.; Song, D.
Source: Self-asserted source
David Brumley

Towards automatic generation of vulnerability-based signatures

Proceedings - IEEE Symposium on Security and Privacy
2006 | Conference paper
Part of ISBN: 0769525741
Part of ISSN: 10816011
Contributors: Brumley, D.; Newsome, J.; Song, D.; Wang, H.; Jha, S.
Source: Self-asserted source
David Brumley

Remote timing attacks are practical

Computer Networks
2005 | Journal article
Part of ISSN: 13891286
Contributors: Brumley, D.; Boneh, D.
Source: Self-asserted source
David Brumley

Virtual appliances for deploying and maintaining software

17th Large Installation Systems Administration Conference, LISA 2003
2003 | Conference paper
Contributors: Sapuntzakis, C.; Brumley, D.; Chandra, R.; Zeldovich, N.; Chow, J.; Lam, M.S.; Rosenblum, M.
Source: Self-asserted source
David Brumley

Towards Attack-Agnostic Defenses Defenses

Proceedings of the USENIX Workshop on Hot Topics in Computer Security
Conference paper
Contributors: Brumley, David; Song, Dawn
Source: Self-asserted source
David Brumley