David Brumley

Please consider using my BiBTeX file if you reference one of my papers.

Goto:

Peer Reviewed

  1. Theory and Techniques for Automatic Generation of Vulnerability-Based Signatures.
    By David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha.
    IEEE Transactions on Dependable and Secure Computing, Volume 5, Issue 4. October 2008. Pages, 224-241.
  2. Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications.PDF
    By David Brumley, Pongsin Poosankam, Dawn Song, and Jiang Zheng.
    Proceedings of the IEEE Security and Privacy Symposium, May, 2008.
  3. Towards Automatic Discovery of Deviations in Binary Implementations with Applications to Error Detection and Fingerprint Generation. PDF
    By David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
    Proceedings of the 2007 USENIX Security Conference, 2007.
    * Conference Best Paper Award
  4. Creating Vulnerability Signatures Using Weakest Pre-conditions. PDF
    By David Brumley, Hao Wang, Somesh Jha, Dawn Song
    Proceedings of the 2007 Computer Security Foundations Symposium, 2007.
  5. Sweeper: A Lightweight End-to-End System for Defending Against Fast Worms. PDF
    By Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, Yuanyuan Zhou and Dawn Song
    In the Proceedings of the 2007 EuroSys Conference, 2007.
  6. A Generic Application-Level Protocol Analyzer and its Language. PDF
    Nikita Borisov, David Brumley, Helen Wang, John Dunagan, Pallavi Joshi, and Chuanxiong Guo.
    In the Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 07)
  7. Efficient and Accurate Detection of Integer-based Attacks. PDF
    David Brumley, Tzi-cker Chiueh, Robert Johnson, Huijia Lin, and Dawn Song
    In the Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS 07)
  8. Replayer: Automatic Protocol Replay by Binary Analysis. PDF James Newsome and David Brumley and Jason Franklin and Dawn Song.
    In the Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS 06)
  9. Towards Attack-Agnostic Defenses. PDF
    David Brumley and Dawn Song.
    In the Proceedings of the First Workshop on Hot Topics in Security (HOTSEC 06)
  10. Towards Automatic Generation of Vulnerability-Based Signatures. PDF
    David Brumley, James Newsome, Dawn Song, Hao Wang, and Somesh Jha.
    In the Proceedings of the 2006 IEEE Symposium on Security and Privacy.
    * Selected by program committe for recommendation to IEEE Transactions on Dependable and Secure Computing
  11. Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software. PDF
    James Newsome, David Brumley, and Dawn Song.
    In the Proceedings of the 13th Annual Network and Distributed Systems Security Symposium (NDSS 2006).
  12. Design Space and Analysis of Worm Defense Strategies. PDF
    David Brumley, Li-Hao Liu, Pongsin Poosankam, and Dawn Song.
    In the Proceedings of the 2006 ACM Symposium on Information, Computer, and Communication Security (ASIACCS 2006).
  13. Remote timing attacks are practical. PDF
    David Brumley and Dan Boneh.
    Journal of Computer Networks, 2005.
    * This is the updated and more complete journal version of the 2003 USENIX Security paper.
  14. Privtrans: Automatically Partitioning Programs for Privilege Separation. PDF
    David Brumley and Dawn Song.
    In the Proceedings of the 13th USENIX Security Symposium, August 2004.
  15. Virtual appliances for deploying and maintaing software. PDF
    C. Sapuntzakis, D. Brumley, R. Chandra, N. Zeldovich, J. Chow, M. S. Lam, and M. Rosenblum
    In the Proceedings of the 17th Large Installation System Administration Conference (LISA 2003), October 2003.
  16. Remote timing attacks are practical. PDF PS David Brumley and Dan Boneh
    In the Proceedings of the 12th USENIX Security Symposium, August 2003.
    * Conference Best Paper Award

Book Chapters

Articles/Unreviewed

Patents