Long Lu

Long Lu

Associate Professor of Computer Science

Northeastern University

Long Lu is an Associate Professor in the Khoury College of Computer Sciences, and the Cybersecurity and Privacy Institute, at Northeastern University. He directs the RiS3 Lab (Research in Software and Systems Security). His research aims to secure low-level software in widely deployed or critical systems. He designs and builds novel program analysis and hardening techniques, hardware-backed primitives for security, and trusted/confidential computing environments. His recent work has focused on embedded and IoT/CPS systems.

Long has won an NSF CAREER Award, an Air Force Faculty Fellowship, a Google ASPIRE Award, etc. His research is supported by the National Science Foundation, the Office of Naval Research, the Army Research Office, and the industry.


  • System Software Security
  • Program Analysis
  • Embedded Systems, IoT/CPS


  • Ph.D. in Computer Science, 2013

    Georgia Institute of Technology

  • B.S. in Information Security, 2007

    Shanghai Jiao Tong University

To prospective students and postdocs:

I’m recruiting new Ph.D. students and postdocs. If you share my research interests, have solid experience in the related fields, and are passionate about making real impacts, please reach out.


Our DICE paper, on DMA-enabled embedded firmware analysis, is accepted by S&P/Oakland'21.
I’m awarded (early) tenure at Northeastern. I couldn’t have done it without my students, collaborators, and family. Thank you all!
Our MEUZZ paper is accepted by RAID 2020.
Our OAT paper, on operation integrity attestation, is accepted by S&P/Oakland'20.
Google will sponsor our research on mobile security via an ASPIRE Award.

Recent Publications

DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis

OAT: Attesting Operation Integrity of Embedded Devices

SAVIOR: Towards Bug-Driven Hybrid Testing

StreamBox-TZ: Secure Stream Analytics at the Edge with TrustZone

Current Fundings

Google ASPIRE Award

Internet-of-Things (IoT) and Cyber-Physical Systems (CPS) Security

Automated Protocol Specialization and Diversification for Individualized Defense

Enabling Secure Integration of Web and Mobile: A Principled Multi-Level Approach

Multi-layer Software Transformation for Attack Surface Reduction and Shielding