My research focuses on software security. My overall approach to security research is to first design techniques for reasoning about security, then build systems to demonstrate how those techniques...
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications (2008)
David Brumley, Pongsin Poosankam, Dawn Song, Jiang Zheng
The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P ′ , automatically generate an exploit for the potentially unknown vulnerability...
Abstract Towards Attack-Agnostic Defenses (2008)
Internet attackers control hundreds of thousands to perhaps millions of computers, which they can use for a variety of different attacks. Common attacks include spam delivery, phishing, and DDoS. The...
Abstract Remote Timing Attacks are Practical (2008)
Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against...
Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against...
1 Automatically Identifying Trigger-based Behavior in (2008)
David Brumley, Cody Hartwig, Zhenkai Liang, James Newsome, Dawn Song, Heng Yin
Malware often contains hidden behavior which is only activated when properly triggered. Well known examples include: the MyDoom worm which DDoS’s on particular dates, keyloggers which only log...
Sting: An End-to-End Self-Healing System for Defending against Internet Worms (2008)
David Brumley, James Newsome, Dawn Song
We increasingly rely on highly available systems in all areas of society, from the economy, to military, to the government. Unfortunately, much software, including critical applications, contains...
David Brumley, Hao Wang, Somesh Jha, Dawn Song, Inparticular Weneedautomatic
techniqueswhichgeneratesoundsignatures—signatures whichwillnotmistakenlyblocklegitimatetrafficorraise falsealarms. Inaddition,weneedsignaturestohavefew...
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
Different implementations of the same protocol specification usually contain deviations, i.e., differences in how they check and process some of their inputs. Deviations are commonly introduced as...
RICH: Automatically protecting against integer-based vulnerabilities (2007)
David Brumley, Tzi-cker Chiueh, Robert Johnson, Huijia Lin, Dawn Song
We present the design and implementation of RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time. C integer bugs, a popular avenue...
BitScope: Automatically dissecting malicious binaries (2007)
David Brumley, Cody Hartwig, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, ...
Automatic analysis of malicious binaries is necessary in order to scale with the rapid development and recovery of malware found in the wild. The results of automatic analysis are useful for creating...
A Binary-Centric Approach to Vulnerability Analysis and Defense Abstract (2007)
This thesis takes a binary-centric approach for defending against vulnerabilities. A binary-centric approach is attractive for two reasons. First, most users only have access to programs in binary...
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
Different implementations of the same protocol specification usually contain deviations, i.e., differences in how they check and process some of their inputs. Deviations are commonly introduced as...
David Brumley, Juan Caballero, Zhenkai Liang, James Newsome, Dawn Song
Different implementations of the same protocol specification usually contain deviations, i.e., differences in how they check and process some of their inputs. Deviations are commonly introduced as...
RICH: Automatically protecting against integer-based vulnerabilities (2007)
David Brumley, Tzi-cker Chiueh, Robert Johnson, Huijia Lin, Dawn Song
We present the design and implementation of RICH (Run-time Integer CHecking), a tool for efficiently detecting integer-based attacks against C programs at run time. C integer bugs, a popular avenue...
Sweeper: A lightweight end-to-end system for defending against fast worms (2007)
Joseph Tucek, James Newsome, Shan Lu, Chengdu Huang, Spiros Xanthos, David Brumley, ...
The vulnerabilities which plague computers cause endless grief to users. Slammer compromised millions of hosts in minutes; a hit-list worm would take under a second. Recently proposed techniques...
Towards Practical Automatic Generation of Multipath Vulnerability Signatures (2007)
David Brumley, Zhenkai Liang, James Newsome, Dawn Song
Signature-based defense systems are one of the most popular architectures for defending against exploits of vulnerabilities. At the heart of a signature-based defense system is the signature...
Replayer: Automatic Protocol Replay by Binary Analysis (2006)
James Newsome, David Brumley, Jason Franklin, Dawn Song
We address the problem of replaying an application dialog between two hosts. The ability to accurately replay application dialogs is useful in many security-oriented applications, such as replaying...
Towards automatic generation of vulnerability-based signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work...
Towards automatic generation of vulnerability-based signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work...
Replayer: Automatic Protocol Replay by Binary Analysis (2006)
James Newsome, David Brumley, Jason Franklin, Dawn Song
We address the problem of replaying an application dialog between two hosts. The ability to accurately replay application dialogs is useful in many security-oriented applications, such as replaying...
Towards automatic generation of vulnerability-based signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
In this paper we explore the problem of creating vulnerability signatures. A vulnerability signature matches all exploits of a given vulnerability, even polymorphic or metamorphic variants. Our work...
Theory and Techniques for Automatic Generation of Vulnerability-Based Signatures (2006)
David Brumley, James Newsome, Dawn Song, Hao Wang, Somesh Jha
01-1-0708. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and
Towards automatically eliminating integer-based vulnerabilities (2006)
David Brumley, Dawn Song, Joseph Slember
Over 100 C integer vulnerabilities have been publicly identified to date, some of which have resulted in serious disasters such as rocket malfunction. C integer vulnerabilities can arise when one...
Design space and analysis of worm defense strategies (2006)
David Brumley, Li-hao Liu, Pongsin Poosankam, Dawn Song
We give the first systematic investigation of the design space of worm defense system strategies. We accomplish this by providing a taxonomy of defense strategies by abstracting away...
Taxonomy and Effectiveness of Worm Defense Strategies (2005)
David Brumley, Li-Hao Liu, Pongsin Poosankam, Dawn Song
While it is important to develop effective worm defense techniques, most previous work has focused on a single point in the design space. The sheer complexity and size of the design space of worm...
Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software (2005)
James Newsome, David Brumley, Dawn Song
Exploits for new vulnerabilities, especially when incorporated within a fast spreading worm, can compromise nearly all vulnerable hosts within a short amount of time. This problem demonstrates the...
Taxonomy and Effectiveness of Worm Defense Strategies (2005)
David Brumley, Li-Hao Liu, Pongsin Poosankam, Dawn Song
While it is important to develop effective worm defense techniques, most previous work has focused on a single point in the design space. The sheer complexity and size of the design space of worm...
Taxonomy and effectiveness of worm defense strategies (2005)
David Brumley, Li-hao Liu, Pongsin Poosankam, Dawn Song
While it is important to develop effective worm defense techniques, most previous work has focused on a single point in the design space. The sheer complexity and size of the design space of worm...
James Newsome, David Brumley, Dawn Song
Complex computer systems are plagued with bugs and vulnerabilities. Worms such as SQL Slammer and hit-list worms exploit vulnerabilities in computer programs and can compromise millions of vulnerable...
Remote timing attacks are practical (2003)
Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against...
Remote timing attacks are practical (2003)
Timing attacks are usually used to attack weak computing devices such as smartcards. We show that timing attacks apply to general software systems. Specifically, we devise a timing attack against...
Virtual Appliances for Deploying and Maintaining Software (2003)
Constantine Sapuntzakis David, David Brumley, Ramesh Chandra, Nickolai Zeldovich, Jim Chow, Monica S. Lam, ...
This paper attempts to address the complexity of system administration by making the labor of applying software updates independent of the number of computers on which the software is run. Complete...
Virtual Appliances for Deploying and Maintaining Software (2003)
Constantine Sapuntzakis David, David Brumley, Ramesh Chandra, Nickolai Zeldovich, Jim Chow, Monica S. Lam, ...
This paper attempts to address the complexity of system administration by making the labor of applying software updates independent of the number of computers on which the software is run. Complete...
Th Usenix Security, David Brumley, Dan Boneh
Timingattacks areusb)VG usb to attack weak computing devices ses as ssjbIVN5G Wes5 w that timing attacks apply to generalsner areseb5MjN Specifically, we devis a timing attack agains OpenSSL. Our...