David Brumley is a professor in the Electrical and Computer Engineering Department at Carnegie Mellon University with an additional courtesy in the Computer Science Department. He was previously the director of CyLab, the CMU Security and Privacy Institute. His research focuses on software security.
Brumley received his Ph.D. in Computer Science from Carnegie Mellon University, an M.S. in Computer Science from Stanford University, and a B.A. in Mathematics from the University of Northern Colorado. He served as a computer security officer for Stanford University from 1998-2002 and handled thousands of computer security incidents in that capacity. He is the faculty mentor for the Carnegie Mellon Hacking Team Plaid Parliament of Pwning (PPP), which is ranked internationally as one of the top teams in the world according to ctftime.org. The team was ranked #1 in 2011, #2 in 2012, and #1 in 2013, and won DefCon 2013. Brumley received the USENIX Security Best Paper Award in 2003 and 2007, and an ICSE Distinguished Paper Award in 2014.<
Brumley’s honors include being selected for the 2010 DARPA CSSP program and 2013 DARPA Information Science and Technology Advisory Board, a 2010 NSF CAREER award, a 2010 United States Presidential Early Career Award for Scientists and Engineers (PECASE) from President Obama (the highest award in the US for early career scientists), and a 2013 Sloan Foundation Award.
Network Security: Protecting Today's Computers
2008 Ph.D., Computer Science, Carnegie Mellon University
2003 MS, Computer Science, Stanford University
1998 BA, Mathematics, University of North Colorado
- AI and ML for security
- Applications of security and privacy
- cyber physical systems security and privacy
- cyberphysical systems (CPS)
- embedded systems security
- emerging applications security
- Formal methods
- formal methods for security
- hardware security
- Internet of Things (IoT)
- IoT security and privacy
- language-based security
- malware analysis and detection
- ML and AI
- network security
- secure systems
- security of AI and ML
- software security
- systems security
First round of Secure and Private IoT Initiative funded projects announced
CyLab’s Secure and Private IoT Initiative (IoT@CyLab) has broken ground as the first round of funded proposals have been announced. Twelve selected projects will be funded for one year, and results will be presented at the IoT@CyLab annual summit next year.
The Washington Post
Brumley on Nielsen’s departure and cybersecurity
In an article from The Washington Post, cybersecurity experts discussed the consequences of Kirstjen Nielsen’s ouster from the Department of Homeland Security. “Nielsen’s departure is another sad indication that the government lacks the will to make real cybersecurity and safety improvements,” said ECE’s David Brumley.
The Washington Post
Brumley on offensive cyber operations
ECE/CyLab’s David Brumley was interviewed by the The Washington Post about the Trump administration’s goal for loosening constraints on offensive cyber operations. He believes the move is “common sense” on an operational level.
CyLab researchers win NSA's Best Scientific Cybersecurity Paper competition
Two CyLab researchers led a study that has been named 2017's Best Scientific Cybersecurity Paper by NSA's Science of Security initiative.
Overcoming the human bottleneck with autonomy
On August 4, 2016, the mission of cyber autonomy was declared accomplished. Meanwhile, back in Pittsburgh, a CyLab graduate student quietly hacked away at her own research in cyber autonomy.
Brumley featured on SciTech Now
Recently, CyLab/ECE's David Brumley was featured on an episode of SciTech Now, where he talked about the importance of understanding basic cybersecurity concepts.
College of Engineering's 2017 game changers
From engineering new materials to constructing smart systems, researchers in the College of Engineering are innovating for the future. Read some of our highlights from 2017.
PPP: The strongest team in DefCon history
CMU’s hacking team won its fourth “World Series of Hacking” title at the DefCon security conference in Las Vegas.
Hacking team looks to take unprecedented fourth win at DefCon “World Series of Hacking”
At a time when cybersecurity pervades news headlines on a daily basis, a team of cybersecurity experts from Carnegie Mellon University may grab an unprecedented win this weekend in Las Vegas.
picoCTF featured on WESA
CMU’s picoCTF, a computer security game targeted at middle and high school students, was recently featured on 90.5 WESA. The two-week contest features a series of challenges, which participants must solve either by decryption, breaking, reverse engineering, or hacking—whatever it takes.