Gene Spafford

Eugene Spafford talks about computer security at LinuxForum 2000 in Copenhagen, Denmark.

Eugene Howard Spafford (born 1956), commonly known as Spaf,^[1] is a professor of computer science at Purdue University and a leading computer security expert.

A historically significant Internet figure, he is renowned for first analyzing the Morris Worm, one of the earliest computer worms, and his prominent role in the Usenet backbone cabal. Spafford was a member of the President's Information Technology Advisory Committee 2003-2005,^[2] has been an advisor to the National Science Foundation (NSF), and serves as an advisor to over a dozen other government agencies and major corporations.

Biography

Education and early career

Spafford attended State University of New York at Brockport completing a double B.A. in both Mathematics and Computer Science in 3 years. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology. He received his M.S. in 1981, and Ph.D. in 1986 for his design and implementation of the original Clouds distributed operating system kernel.

During the early formative years of the Internet, Spafford made significant contributions to establishing semi-formal processes to organize and manage Usenet, then the primary channel of communication between users, as well as being influential in defining the standards of behavior governing its use.

Recent work

At Purdue, Spafford has a joint appointment as a professor of computer science and as professor of electrical and computer engineering, where he has served on the faculty since 1987. He is also a professor of philosophy (courtesy), and a professor of communication (courtesy). He is also Executive Director of the Purdue CERIAS (Center for Education and Research in Information Assurance and Security) and was the founder and director of COAST Laboratory, which preceded CERIAS.

He is involved in a number of professional societies and activities outside Purdue including serving on the Board of Directors of the Computing Research Association and as co-chair of the ACM's US Public Policy Committee. He serves on a number of advisory and editorial boards and is internationally known for his writing, research, and speaking on issues of security and ethics. Spafford has authored or co-authored four books on computer and computer security, including Practical Unix and Internet Security for O'Reilly, as well as over a hundred research papers, chapters and monographs.

Spafford has stated that his research interests have focused on "the prevention, detection, and remediation of information system failures and misuse, with an emphasis on applied information security. This has included research in fault tolerance, software testing and debugging, intrusion detection, software forensics, and security policies."

Among notable software designed and/or supervised by Spafford include the freeware Tripwire tool coded by his student Gene Kim (Spafford was later the chief external technical advisor to the Tripwire company during their first few years), and the freeware COPS tool coded by his student Dan Farmer. He initiated the Phage List as a response to the Morris Worm. Some of his research also helped inspire the creation of the MITRE CVE service and the NIST ICAT database. Research by other graduate students of his has resulted in tools for software testing and debugging, distributed processing, cyber forensics, firewalls, intrusion detection, auditing, and network traceback.

Spafford discusses a recent piece in the New York Times that looked at how the current Internet is a conduit for all types of "cybercrime" on C-SPAN.^[3][4]

Teaching

Courses taught at Purdue

Spaf teaches (or has taught) many different courses in the CS department. These are listed below:

• CS 626, Advanced Topics in Security

This is the Advanced Information Assurance class. The course is about the "big picture" of information security.

• CS 426, Computer Security

First offered Spring 1999. This is the undergraduate course in computer security, with some network security added in.

• CS 526, Introduction to Information Security

First offered as 590-I in Fall 1998. Taught as CS 526 in spring 2000.

• CS 590 T, Penetration Analysis

Offered Spring 1997 and Spring 1998.

• CS 555, Cryptography and Data Security

Regularly offered by various faculty. Spaf taught it in Spring 1996 and Spring 1997.

• CS 690 E, Computer Incident Detection and Response

Offered Spring 1995. I hope to teach it again in 2004 or 2005.

• CS 590 S, Ethics, Liability, Responsibility & the Computer Professional

A special seminar was offered in Fall 1988, Spring 1990, and Spring 1991.

PhD Students

• Hiralal Agrawal

Hira received his PhD in 1991. He is now working at Telcordia. His dissertation, Towards Automatic Debugging of Computer Programs, was done as part of the Spyder project in the SERC. Hira's co-advisor was Richard DeMillo.

• Florian Buchholz

Received his PhD in August 2005 and is now on the faculty of James Madison University. His dissertation was on embedding forensic support in a general-purpose OS file system, and was entitled Pervasive Binding of Labels to System Processes.

• Brian Carrier

Brian received his PhD in spring 2006 for his dissertation on a formal framework for digital forensic investigations. He is now a member of the research staff at Basis Technology.

• Steve Chapin

Steve received his PhD in 1993.He did his dissertation, entitled Scheduling Support for an Internetwork of Heterogeneous, Autonomous Processors, as the core of the Messiahs Project. Steve is now an Associate Professor at Syracuse University. He is the first of my former students to produce Ph.D. graduates of his own.

• Thomas Daniels

Tom received his Ph.D. in December 2002 after completing his dissertation, Reference Models for the Concealment and Observation of Origin Identity in Store and Forward Networks. He is on the faculty of Iowa State University.

• Kevin Du

Kevin received his PhD in 2001. He is now on the faculty at Syracuse University. His thesis was entitled A Study Of Several Specific Secure Two-Party Computation Problems. His co-advisor was Mike Atallah.

• Gene H. Kim

Gene completed his BS degree in 1993 and his MSCS at the University of Arizona. He worked with spaf on the Tripwire project through COAST, released on November 2, 1992. Gene is now CTO of Tripwire, Inc. Since 1999, Gene has been capturing and codifying how "best in class" organizations have IT operations, security, audit, management, and governance working together to solve common business objectives. This was codified in 2004, he co-wrote the Visible Ops Handbook, showing how IT organizations successfully transformed from good to great. Gene was named as a 2007 Outstanding Alumnus by Purdue CS.

• Ivan Krsul

Ivan completed his PhD on the topic of Software Vulnerability Analysis in 1998. He constructed a large-scale database of system vulnerabilities, and then used this to explore their characteristics. His research was part of the COAST Project. He is now working at a start-up company, Arte Xacta, in his native Bolivia. Ivan also did his MS thesis under spaf direction, entitled Authorship Analysis: Identifying the Author of a Program. Ivan is the only repeat winner of the Maurice Halsted Software Engineering Award, given at Purdue each year.

• Sandeep Kumar

Sandeep received his Ph.D. in August, 1995. His dissertation, Classification and Detection of Computer Intrusions developed a new approach to intrusion detection. His research was part of the COAST Project. He is currently working for RSA Security in Bangalore, India.

• Benjamin Kuperman

Ben graduated in August 2004 and then joined the faculty of Swarthmore College as a visiting assistant professor. Starting in the fall of 2006 he will be on the CS faculty of Oberlin College. His dissertation was entitled A Categorization of Computer Security Monitoring Systems and the Impact on the Design of Audit Sources.

• Pascal Meunier

Pascal came to Purdue with a Ph.D. in biological sciences. He completed his M.S. under my direction, and is now working as a research scientist with CERIAS.

Selected honors and awards

• 1992 Inducted in Sigma Xi, research scientists' honor society.^[5]
• 1992 Inducted in Upsilon Pi Epsilon, the Computer Sciences honor society.
• 1996 Awarded charter membership in the IEEE Computer Society's Golden Core for distinguished service to the Computer Society during its first 50 years.
• 1996 Award of Distinguished Technical Communication (highest award) and Award of Merit by the Society for Technical Communication for Practical Unix and Internet Security.
• 1997 Inducted as a Fellow of the Association for Computing Machinery.
• 1999 Inducted as a Fellow of the American Association for the Advancement of Science.
• 2000 NIST/NCSC National Computer Systems Security Award.
• 2000 Proclaimed a CISSP, honoris causa by (ISC)²
• 2000 Inducted as a Fellow of the Institute of Electrical and Electronics Engineers.
• 2001 Named to the ISSA (Information Systems Security Association) Hall of Fame.
• 2003 Awarded U.S. Air Force medal for Meritorious Civilian Service.
• 2005 Honorary D.Sc. from the State University of New York (SUNY)
• 2006 IEEE Computer Society Technical Achievement Award
• 2007 ACM President's Award
• 2009 Computing Research Association Distinguished Service Award

See also

• Usenet
• Purdue University
• Internet2
• The Morris Worm
• The Great Renaming
• Backbone Cabal / There is No Cabal

References

1. Gene Spafford's home page at Purdue
2. "President's Information Technology Advisory Committee - Archive". Retrieved 2011-10-03. 
3. "The Internet and Cyber-Security". Purdue University: C-SPAN. 2009-02-21. 
4. John Markoff (2009-02-14). "Do We Need a New Internet?". NY Times. 
5. Gene Spafford (2011-09-25). "Abridged Vita: Eugene H. Spafford". Retrieved 2011-10-03. 

External links

• Gene Spafford's home page at Purdue
• Greplaw interview
• PKI Forum interview (introduction) (very long)
  • Part 1: Gene Spafford on security threats, PKI, interoperability, privacy, wireless security and key management
  • Part 2: Gene Spafford on key escrow, backup and recovery, security education, digital certificate revocation, identity fraud, security trends and predictions
• CERIAS website
• Spafford's analysis of the Morris worm
• Practical Unix and Internet Security
• The Phage List"