User:Hstenghsteng/sandbox

Henry S. Teng

Henry S. Teng (traditional Chinese: 鄧少林; simplified Chinese: 鄧少林； pinying: Deng Shao-lin) is a Cybersecurity mentor/advisor for SCORE, a non-profit organization affiliated with SBA serving small businesses in the United States.

(Portrait of Henry)

Career

Henry S. Teng started his career as a software engineer, primarily in the fields of computer security, network security, application security, and Artificial Intelligence. He has been an early practitioner of Cybersecurity protection since the early 1980s, working in the Secure Systems Group of Digital Equipment Corporation (DEC). Henry made his first lecture/talk^[1] on computer security led by Mr. Steven B. Lipnerr in 1984.

Education

Henry is a graduate of Northeastern University, Boston with summa cum laude and earned his Master of Science degree in Computer Science from Worcester Polytechnic Institute (WPI) in Massachusetts. He studied at the Graduate University of the Chinese Academy of Sciences (GUCAS).

He is a retired Certified Information Systems Security Professional (CISSP), and former Certified Information Security Manager (CISM).

Academic Achievements

Henry published his first research paper on the application of AI/Expert Systems to Cybersecurity at the 10th National Computer Security Conference^[2] in 1987.

He is the author and co-author of three U.S. patents^[3][4][5] on artificial intelligence and its applications in computer security, network security, and application security. Henry has published a number of conference papers^{[6] [7][8]}on AI/Cybersecurity and authored nine books.

Career

Henry has gained much of his security experience from working at several high-tech companies in the Greater Boston Area and Silicon Valley such as Digital Equipment Corporation, Fidelity Investments Company, Charles Schwab Corporation, eBay Inc., KPMG LLP, and Royal Philips of The Netherlands.

Henry has more than thirty years of experience as a Cybersecurity professional. During this period, he and his team became a victim of cyber attacks by Kevin Mitnick. Kevin Mitnick was able to break into several development systems including Henry's VAX/VMS development machine at Digital Equipment Corporation around 1988. The source code of XSAFE, a remote security vulnerability scanning tool written in Lisp was stolen. The break-in of Henry's computer became a section in a book titled "Cyberpunk - Outlaws and Hackers on the Computer Frontier"^[9].

In 1997, Henry joined Charles Schwab Corporation in San Francisco, California as their Security Engineering Managing Director, responsible for Schwab's Information Security Policies, computer security design including anti-virus signature updates, network firewall rules review and updates against the network security policies, and overall IT security architecture for confidentiality, integrity, and availability protection.

In 1998, Henry joined the Board of Self-Help for the Elderly in San Franciso, a non-profit organization, as a board member.

In 2000, Henry left Schwab and joined eBay, Inc. as their CISO/Director. He became the chair of an industry consortium against cyber attacks particularly focused on DDoS to promote the development of security tools and features against DDoS. The DDoS attack occurred two weeks after he joined eBay. eBay's network went offline for almost eight hours due to this DDoS attack. This is where millions and millions of network packets per second hit the network routers of eBay, making the network unavailable to thousands of customers who were conducting eCommerce transactions. The cyber attacks were also launched and successful in bringing down the network services of other eCommerce companies such as Yahoo!, Amazon.com, and CNN to list a few during that week in February 2000. After months of a federal investigation, it was determined that the DDoS attacks were launched by a Canadian teenager whose nick-name became the Mafiaboy. Later on, the victim companies of the DDoS cyber attacks plus other concerning companies such as Microsoft, Cisco, Checkpoint, Recourse, and a few other startups formed a consortium or forum named the RFC2267 DDoS Working Group^[10]. The working group was to work on an industry technical requirements for relevant security measurements against DDoS. Henry, as the chair for the forum, organized a networking event at the Networld+Interop Conference^[10][11] in Atlanta, GA in September 2000.

While working in Silicon Valley, Henry was nominated and elected to serve as a member of the Board of Directors for the ISSA / Silicon Valley Chapter, responsible for the Education Program from 2002-2005.

In 2002, Henry joined Philips Electronics Semiconductor Division in Sunnyvale California focusing on IT security for the division. In 2005, Henry was transferred to Eindhoven, The Netherlands to lead the Global IT Security effort of all product divisions and subsequently the Information Security Risk Management initiative as their Senior Director at Corporate IT.

After retirement, Henry has continued to teach technology classes and offer webinars on Cybersecurity topics at various non-profit organizations such as SCORE (www.score.org).

References

1. Computer Security for Users on Engineering Systems (VHS). Computer History Museum. 1984-03-06. Retrieved 2024-04-21 – via Computer History Museum Archive.
2. Teng, Henry S.; Brown, David C. (1987-09-21). "An Expert System Approach to Security Inspection of a VAX/VMS System in a Network Environment". 10th National Computer Security Conference: pp. 277. {{cite journal}}: |pages= has extra text (help)
3. US5812763A, Teng, Henry Shao-Lin, "Expert system having a plurality of security inspectors for detecting security flaws in a computer system", issued 1998-09-22 
4. US5222197A, Teng, Henry S.; Chen, Kaihu & Wilson, Matthew et al., "Rule invocation mechanism for inductive learning engine", issued 1993-06-22 
5. US5222197A, Teng, Henry S.; Chen, Kaihu & Wilson, Matthew et al., "Rule invocation mechanism for inductive learning engine", issued 1993-06-22 
6. Teng, Henry S.; Chen, Kaihu; Lu, Stephen C-Y (1990-05-07). "Adaptive Real-time Anomaly Detection Using Inductively Generated Sequential Pattern". 1990 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, California: pp. 278. {{cite journal}}: |pages= has extra text (help)
7. Teng, Henry S.; Chen, Kaihu; Lu, Stephen C-Y (1990-03-05). "Security Audit Trail Analysis Using Inductively Generated Predictive Rules". Proceedings of The Sixth Conference on Artificial Intelligence Applications: pp. 91. {{cite journal}}: |pages= has extra text (help)
8. Teng, H.S.; Brown D.C. (1987). XSAFE: A Prototype Expert System for Security Inspection of a VAX/VMS System in a Network Environment. Knowledge Based Expert Systems for Engineering: Classification, Education, and Control, Computational Mechanics Publications. p. 105. ISBN 0-931215-81-1.
9. Hafner, Katie; Markoff, John (1995-11-01). CYBERPUNK: Outlaws and Hackers on the Computer Frontier, Revised (Updated edition ed.). New York: Simon & Schuster. ISBN 978-0-684-81862-7. {{cite book}}: |edition= has extra text (help)
10. ZDNet Staff (2000-09-28). "Industry retaliates against DoS attacks". www.ZDNet.com.
11. Glascock, Stuart (2000-09-27). "Devastating DDoS Attacks Loom". Seclists.org. {{cite web}}: Check |archive-url= value (help)