Lujo Bauer
Professor, Electrical and Computer Engineering Carnegie Mellon University
Biography
Dr. Bauer's research examines many aspects of computer security and privacy, including developing high-assurance access-control systems, building systems in which usability and security co-exist, and designing practical tools for identifying software vulnerabilities. Bauer and fellow CMU researchers Lujo Bau and Larry Pileggi are calling on the research and policy communities to develop more comprehensive and accurate grid evaluation frameworks and datasets, and for updating threat models and grid resiliency requirements to match cyber attackers realistic capabilities. His other recent work focuses on developing tools and guidance to help users stay safer online and on examining how advances in machine learning can (or might not) lead to a more secure future.
Dr. Bauer served as the program chair for the flagship computer security conferences of the IEEE (S&P 2015) and the Internet Society (NDSS 2014) and is an associate editor of ACM Transactions on Privacy and Security.
Areas of Expertise
Media Appearances
CMU Experts at the Intersection of Energy and Innovation
CMU News online
2025-07-11
From reimagining AI data centers to modernizing and securing the electric grid, CMU researchers are working on practical solutions to pressing challenges in how the U.S. produces, moves and secures energy.
Lujo Bauer, Larry Pileggi and Vyas Sekar are calling on the research and policy communities to develop more comprehensive and accurate grid evaluation frameworks and datasets, and for updating threat models and grid resiliency requirements to match cyber attackers realistic capabilities.
Researchers develop adversarial training methods to improve machine learning-based malware detection software
CyLab online
2023-09-13
"For some of the newest machine learning technologies, like generative AI, we don't fully understand how they can be attacked, so the first step is to figure out what the threat model looks like," said Lujo Bauer, professor in Carnegie Mellon’s Electrical and Computer Engineering
Q&A with Lujo Bauer on how the pandemic is affecting individuals' privacy and security
Tech Xplore online
2020-04-17
Many Americans have been working remotely for over a month now in response to the COVID-19 pandemic, which has resulted in new paradigms in their own and their employers' cybersecurity and privacy. CyLab's Lujo Bauer, a professor in the department of Electrical and Computer Engineering and the Institute for Software Research, has been monitoring the situation.
Learning to Attack the Cyberattackers Can’t Happen Fast Enough
The New York Times online
2018-11-14
Lujo Bauer, director of the university’s Cyber Autonomy Research Center, within CyLab, said his research showed that to avoid being hacked, a computer user’s passwords had not only to be complex, but long.
New Technology Cracks 'Strong' Passwords -- What You Need To Know
Forbes online
2015-04-21
In a previous article I discussed how many common recommendations about passwords actually undermine security because they don’t account for limitations of human memory; the Carnegie Mellon study led by Professors Lorrie Faith Cranor, Nicolas Christin, and Lujo Bauer delves even deeper.
Media
Social
Industry Expertise
Education
Princeton University
Ph.D.
Computer Science
2003
Yale University
B.S.
Computer Science
1997
Affiliations
- CyLab
- Societal Computing
Articles
RS-Del: Edit distance robustness certificates for sequence classifiers via randomized deletion
Advances in Neural Information Processing Systems2023
Randomized smoothing is a leading approach for constructing classifiers that are certifiably robust against adversarial examples. Existing work on randomized smoothing has focused on classifiers with continuous inputs, such as images, where -norm bounded adversaries are commonly studied. However, there has been limited work for classifiers with discrete or variable-size inputs, such as for source code, which require different threat models and smoothing mechanisms. In this work, we adapt randomized smoothing for discrete sequence classifiers to provide certified robustness against edit distance-bounded adversaries. Our proposed smoothing mechanism randomized deletion (RS-Del) applies random deletion edits, which are (perhaps surprisingly) sufficient to confer robustness against adversarial deletion, insertion and substitution edits.
Widespread Third-Party Tracking On Hospital Websites Poses Privacy Risks For Patients And Legal Liability For Hospitals
Health Affairs2023
Computer code that transfers data to third parties (third-party tracking) is common across the web and is subject to few federal privacy regulations. We determined the presence of potentially privacy-compromising data transfers to third parties on a census of US nonfederal acute care hospital websites, and we used descriptive statistics and regression analyses to determine the hospital characteristics associated with a greater number of third-party data transfers. We found that third-party tracking is present on 98.6 percent of hospital websites, including transfers to large technology companies, social media companies, advertising firms, and data brokers. Hospitals in health systems, hospitals with a medical school affiliation, and hospitals serving more urban patient populations all exposed visitors to higher levels of tracking in adjusted analyses. By including third-party tracking code on their websites, hospitals are facilitating the profiling of their patients by third parties. These practices can lead to dignitary harms, which occur when third parties gain access to sensitive health information that a person would not wish to share. These practices may also lead to increased health-related advertising that targets patients, as well as to legal liability for hospitals.
Deceiving ML-Based Friend-or-Foe
Cyber Deception: Techniques, Strategies, and Human Aspects2023
Deceiving an adversary who may, eg, attempt to reconnoiter a system before launching an attack, typically involves changing the system's behavior such that it deceives the attacker while still permitting the system to perform its intended function. For example, if a system hosting a database is using deception to defend against attack, it may employ measures that cause the attacker to believe that the system is running a different version of a database or that it is running other services. At the same time, legitimate clients of the system should continue to be able to interact with the database.
Prevalence of third-party tracking on abortion clinic web pages
JAMA Internal Medicine2022
In this cross-sectional study, we extracted the uniform resource locator (URL) of each National Abortion Federation member facility on May 6, 2022. 5 We visited each unique URL using webXray (Timothy Libert), 4 which detects third-party tracking (eAppendix and eFigure in the Supplement). For each web page, we recorded data transfers to thirdparty domains. Transfers typically include a user’s IP (internet protocol) address and the web page being visited. We also recorded the presence of third-party cookies, data stored on a user’s computer that can facilitate tracking across multiple websites. In accordance with the Common Rule, this study was exempt from institutional review board review because it did not involve human participant research. We followed the STROBE reporting guideline.
“Did you know this camera tracks your mood?”: Understanding Privacy Expectations and Preferences in the Age of Video Analytics
Proceedings on Privacy Enhancing Technologies2021
Cameras are everywhere, and are increasingly coupled with video analytics software that can identify our face, track our mood, recognize what we are doing, and more. We present the results of a 10-day in-situ study designed to understand how people feel about these capabilities, looking both at the extent to which they expect to encounter them as part of their everyday activities and at how comfortable they are with the presence of such technologies across a range of realistic scenarios. Results indicate that while some widespread deployments are expected by many (e.g., surveillance in public spaces), others are not, with some making people feel particularly uncomfortable. Our results further show that individuals’ privacy preferences and expectations are complicated and vary with a number of factors such as the purpose for which footage is captured and analyzed, the particular venue where it is captured, and whom it is shared with. Finally, we discuss the implications of people’s rich and diverse preferences on opt-in or opt-out rights for the collection and use (including sharing) of data associated with these video analytics scenarios as mandated by regulations. Because of the user burden associated with the large number of privacy decisions people could be faced with, we discuss how new types of privacy assistants could possibly be configured to help people manage these decisions.
