Today, Internet security problems impact practical aspects of our everyday lives. Even though there is a considerable corpus of knowledge regarding tools and techniques to protect systems, information about real, emerging vulnerabilities and how they are exploited is not generally available. This situation hampers the effectiveness of security research and practice. Understanding the details of attacks is a prerequisite for the design and implementation of secure systems.

The Systems Security Lab at Northeastern University is a young group that was founded in 2011; however, its members have been around for quite a while. Its roots go back to the SecLab at the Technical University of Vienna, the SecLab at Eurecom in France, and the SecLab at UCSB. We are one of the founding members of iSecLab. We research tools and techniques for making the Internet a safer place, and we also hack around a little. We believe in teaching the attacker's mindset, and teach courses on practical aspects of systems and network security.

Our main research focus is on applied computer security, with a recent emphasis on web security, malware analysis, intrusion detection, and vulnerability analysis. The results of our research have been published in well-respected, international security conferences such as the IEEE Symposium on Security and Privacy, ACM CCS, NDSS, USENIX Security Symposium, and the World Wide Web Conference.