Today, Internet security problems impact practical aspects of our everyday lives. Even though there is a considerable corpus of knowledge regarding tools and techniques to protect systems, information about real, emerging vulnerabilities and how they are exploited is not generally available. This situation hampers the effectiveness of security research and practice. Understanding the details of attacks is a prerequisite for the design and implementation of secure systems.

The Systems Security Lab at Northeastern University is a well-known group that was founded in 2011; however, its members have been around for quite a while. Its roots go back to the SecLab at the Technical University of Vienna, the SecLab at Eurecom in France, and the SecLab at UCSB. We are one of the founding members of iSecLab. In 2020, SecLab @ NEU officially merged with the RiS3 Lab from Long Lu that was originally founded at Stony Brook University and that moved to NEU in the summer of 2017. At SecLab, we research tools and techniques for making the Internet a safer place. We believe in teaching the attacker's mindset, and teach courses on practical aspects of systems and network security.

Our main research focus is on applied computer security, with a recent emphasis on web security, malware analysis, intrusion detection, and vulnerability analysis. The results of our research have been published in well-respected, international security conferences such as the IEEE Symposium on Security and Privacy, ACM CCS, NDSS, USENIX Security Symposium, and the World Wide Web Conference.