Selected Publications by Spaf

Home

In the News & On the WWW

Short Bio

Full C.V. PDF indicator

Selected Firsts

Notable Activities

My Tumblr Log (Blog)

My CERIAS Blog Posts

Spaf & the US Gov

Courses & Teaching

Information for Grad Students

Students Past and Present

Research and Papers

Selected Quotes

Miscellaneous Items

• • •


Research Interests

My research interests are focused in reliable computing, and in the consequences of computer failure and misuse. The increasing use of computer technology in the world around us presents difficult and sometimes dangerous situations when the computers and their programs fail to operate as intended. These failures can range from the unnoticeable to the catastrophic, including large losses of money and even life.

Computer-related failures may be the results of accident, as when a power failure or fire cause a system to cease functioning. Or, they may be caused by faults present in software that was poorly designed and inadequately tested. Failures may also occur when the systems are developed by individuals with insufficient understanding of the situation and potential dangers. Additionally, failures can occur because of malicious activity by individuals, or through the application of vandalware such as worms and viruses.

Thus, my interests may be summarized as:

Selected Publications

The following are a selection of the items I have authored over the last 25+ years. It is not a complete list, but is intended to list some of the items that have been cited more frequently than the rest, or that otherwise have some particular significance.

A note about author name order: A policy I have maintained in my research groups since 1990 has been to list authors by alphabetic order rather than trying to determine relative contributions. This has eliminated some of the debate and difficulties I have heard about in other research groups. However, this sometimes results in students with last names starting far into the alphabet (e.g., Zamboni) not appearing as first author even in cases where they did most of the work, and it also means my name is seldom listed first even in those cases where I did most of the development. So it goes. Simply be aware that all authors listed made significant, material contributions to the papers where they are listed, and the order of names is not necessarily significant.

A note about conference papers: I have been a keynote or featured speaker at many conferences. Usually, those invitations include an opportunity to submit a paper. Unfortunately, I have been suffering from a combination of RSI (repetitive stress injury) and arthritis in my fingers since 1996: preparing papers is painful and slow. Thus, you will not find submitted papers for many of the more recent conferences where I have spoken because I have not been able to type them. And yes, I have tried voice recognition and various therapies, to little avail.

Books

Eugene H. Spafford, Kathleen A. Heaphy, and D. J. Ferbrache; Computer Viruses: Dealing with Electronic Vandalism and Programmed Threats; ADAPSO (now ITAA), Arlington, VA; 123 pages; 1989. 

Simson L. Garfinkel and Gene Spafford; Practical UNIX Security; O'Reilly & Associates; 512 pages; May 1991; 2nd edition, renamed Practical UNIX and Internet Security; 1000 pages, May 1996; 3rd edition, with S. Garfinkel and A. Schwartz; 954 pages, February 2003. 

Simson L. Garfinkel with Gene Spafford; Web Security & Commerce; O'Reilly & Associates; 483 pages; 1997 2nd edition, renamed Web Security, Privacy & Commerce; 756 pages; Jan 2002. 

Books Edited

K. A. Seger, W. R. VonStorch and D. J. Icove; Computer Crime: A Crime-Fighters Handbook; Contributing editor; O'Reilly & Associates; 1995. 

Editorial advisor (associate editor); A. B. Tucker, editor-in-chief; CRC Handbook of Computer Science and Engineering; CRC Press; Boca Raton, FL; 1996. 

Major Reports and Book Chapters

A. B. Tucker, B. H. Barnes, R. M. Aiken, K. Barker, K. M. Bruce, J. T. Cain, S. E. Conry, G. L. Engel, R. G. Epstein, D. K. Lidtke, M. C. Mulder, J. B. Rogers, E. H. Spafford, and A. J. Turner; Computing Curricula 1991; IEEE Press and ACM; 160 pages; Feb 1991. 

Eugene H. Spafford; Virus, entry in the Encyclopedia of Software Engineering; edited by John Marciniak; John Wiley & Sons; 1994. 

  • Reprinted in Internet Beseiged: Countering Cyberspace Scofflaws; Dorothy and Peter Denning, eds.; Addison-Wesley, 1997. 

Gene Kim and Eugene H. Spafford; Tripwire: A Case Study in Integrity Monitoring in Internet Beseiged: Countering Cyberspace Scofflaws; edited by Dorothy and Peter Denning; Addison-Wesley; 1997. 

E. Eugene Schultz and Eugene H. Spafford; Intrusion Detection: How to Utilize a Still Immature Technology in Information Security Management (4th Edition); edited by H. Tipton and M. Krause; Auerbach/CRC; 2000. 

M. J. Atallah, K. N. Pantazopoulos, J. R. Rice, and Eugene H. Spafford; Secure Outsourcing of Scientific Computations; in Advances in Computers; Academic Press; Chap. 6, pp 215-272; August 2001. 

James B. D. Joshi, Walid G. Aref, Arif Ghafoor and Eugene H. Spafford; Security and Privacy Challenges of a Digital Government in Advances in Digital Government: Technology, Human Factors, and Policy; Eds. W. J. McIver, Jr., A. K. Elmagarmid; Kluwer Academic Publishers, 2002; pp. 121-136. 

Eugene H. Spafford; One View of Protecting the National Information Infrastructure in Science and Technology in a Vulnerable World; AAAS, 2002; pp. 41-50. 

As a member of the PITAC; Report to the President on Revolutionizing Health Care Through Information Technology PDF indicator ; US Government Printing Office; May 2004.

As a member of the PITAC; Report to the President on Cyber Security: A Crisis of Prioritization PDF indicator ; US Government Printing Office; February 2005.

As a member of the PITAC; Report to the President on Computational Science: Ensuring America's Competitiveness PDF indicator ; US Government Printing Office; June 2005.

As a member of the USAF Scientific Advisory Board; Implications of Cyber Warfare, Vols. 1-3; SAB-TR-07-02; ed. T. Saunders and A. Levis; US Air Force; August 2007. (Note: Volumes 1 &2 Distribution FOUO; Volume 3 Classified Secret)

Eugene H. Spafford and Annie I. Antón; The Balance Between Security and Privacy; chapter 8, pp. 152–168 in Controversies in Science and Technology, Volume II; ed. D. L. Kleinman, K. A. Cloud-Hansen, C. Matta, and J. Handelsman; Mary Ann Liebert, Inc., New York, NY; 2008.

Bingrui Foo, Matthew W. Glause, Gaspar M. Howard, Yu-Sung Wu, Saurabh Bagchi, Eugene H. Spafford; Intrusion Response Systems: A Survey; chapter 13 in Information Assurance: Dependability and Security in Networked Systems; Morgan Kaufmann Publishers; pp 377-416; 2008.

Karthik Kannan, Jackie Rees, Eugene H. Spafford; Unsecured Economies: Protecting Vital Information PDF indicator ; ed. Red Consultancy; McAfee, Inc.; January 2009.

Journal Articles

ACM DL Author-ize serviceCrisis and aftermath;
E. H. Spafford; Communications of the ACM, 1989
  • Reprinted (and translated into Japanese) in bit (Tokyo); Kyöritsu Publishing, Co.; Tokyo, Japan; v. 21(14) pp. 1830-1842; Dec 1989. 
  • Reprinted as chapter 12 (pp. 223-243) in Computers Under Attack: Intruders, Worms and Viruses; Peter J. Denning, editor; ACM Press; 1990. 
  • Reprinted in Crime, Deviance and the Computer (volume in the International Library of Criminology, Criminal Justice and Penology); R. Hollinger, editor; Dartmouth Publishing Company; Hampshire, England; 1997. 

Eugene H. Spafford; Extending Mutation Testing to Find Environmental Bugs; Software Practice & Experience, v. 20(2) pp.181-189; Feb 1990. 

Hiralal Agrawal, Richard A. DeMillo and Eugene H. Spafford; An Execution Backtracking Approach to Program Debugging; IEEE Software, pp. 21-26; May 1991. 

Eugene H. Spafford; Are Computer Break-Ins Ethical?; Journal of Systems and Software; v. 17(1) pp. 41-48; Jan 1992. 

  • Reprinted (pp. 125-134) in Compuers, Ethics, & Social Values; D. G. Johnson and H. Nissenbaum, editors; Prentice-Hall; 1995. 
  • Reprinted in The Moral Foundations of Intellectual Property; Adam D. Moore, editor; 1997. Reprinted in Computers, Ethics and Society; M. David Ermann, Mary B. Williams, and Michele S. Shauf, eds.; Oxford University Press; 1997. 
  • Reprinted in the Encyclopedia of Applied Ethics; Ruth Chadwick, editor; pp. 571-577; Academic Press; 1997. 
  • Reprinted in Internet Beseiged: Countering Cyberspace Scofflaws; Dorothy and Peter Denning, editors; pp. 73-95; Addison-Wesley, 1997. 

Eugene H. Spafford; OPUS: Preventing Weak Password Choices; Computers & Security; v. 11(3) pp. 273-278; May 1992. 

Hiralal Agrawal, Richard A. DeMillo and Eugene H. Spafford; Debugging with Dynamic Slicing and Backtracking; Software Practice & Experience; v. 23(6) pp. 589-616; June 1993. 

Eugene H. Spafford and Stephen A. Weeber; Software Forensics: Tracking Code to its Authors; Computers & Security; v. 12(6) pp. 585-595; Dec. 1993. 

Eugene H. Spafford; Computer Viruses as Artificial Life; Journal of Artificial Life; v. 1(3) pp. 249-265; 1994. 

  • Reprinted (pp. 249-266) in Artificial Life: An Overview; ed Chris Langton; 1995. 

Steve J. Chapin and Eugene H. Spafford; Support for Implementing Scheduling Algorithms Using MESSIAHS; Scientific Programming; volume 3, pp. 325-340; 1994. 

Ivan Krsul and Eugene H. Spafford; Authorship Analysis: Identifying the Author of a Program; Computers & Security; v. 16(3) pp. 248-259; 1997. 

Simson Garfinkel and Eugene H. Spafford; Cryptography and the Web; World Wide Web Journal; v. 2(3) pp. 113-126; Summer 1997. 

Simson Garfinkel and Eugene H. Spafford; Secure CGI/API Programming; World Wide Web Journal; v. 2(3) pp. 187-200; Summer 1997. 

Steve J. Chapin and Eugene H. Spafford; Dissemination of State Information in Distributed, Autonomous Systems; Computer Communications; v. 21(11), pp. 969-979, Oct 1998. 

Christoph Schuba, Berry Kercheval, and Eugene H. Spafford; Prototyping Experiences with Classical IP and ARP over Signaled ATM Connections; Journal of Systems and Software; #44, pp. 31-43; April 1998 . 

Thomas E. Daniels and Eugene H. Spafford; Identification of Host Audit Data to Detect Attacks on Low-level IP Vulnerabilities; Journal of Computer Security; v. 7(1). pp. 3-35; 1999. 

Eugene H. Spafford and Diego Zamboni; Intrusion Detection Using Autonomous Agents; in Computer Networks (Elsevier); v. 34(4) pp. 547-570; 2000. 

James Joshi, Arif Ghafoor, Walid G. Aref and Eugene H. Spafford; Digital Government Security Infrastructure Design Challenges; in IEEE Computer; v. 34(2) pp. 66-72; 2001. 

Florian Kerschbaum, Eugene H. Spafford, and Diego Zamboni; Embedded Sensors and Detectors for Intrusion Detection; Journal of Computer Security; v. 10(1/2) pp. 23-70; 2002. 

ACM DL Author-ize servicePFIRES: a policy framework for information security;
Jackie Rees, Subhajyoti Bandyopadhyay, Eugene H. Spafford; Communications of the ACM - A game experience in every application, 2003

Brian Carrier and Eugene H. Spafford; Getting Physical with the Digital Investigation Process; in International Journal of Digital Evidence; v 2(2); Fall 2003.

Brian Carrier and Eugene H. Spafford; Defining Digital Event Reconstruction of Digital Crime Scenes; in Journal of Forensic Sciences; v 49(6), Nov. 2004.

Florian Buchholz and Eugene H. Spafford; On the Role of File System Metadata in Digital Forensics; in Digital Investigation; v. 1(4); pp. 298-309; Dec. 2004.

Brian Carrier and Eugene H. Spafford; Categories of Digital Investigation Analysis Techniques Based On the Computer History Model; in Digital Investigation; v. 3(S), pp. 121-130, Aug. 2006.

Paul Williams and Eugene H. Spafford; CuPIDS: An Exploration of Highly Focused, Coprocessor-based Information System Protection; Computer Networks; Elsevier; v 51(5); pp. 1284-1298; April 2007.

Yu-Sung Wu, Bingrui Foo, Yu-Chun Mao, Saurabh Bagchi, Eugene H. Spafford; Automated Adaptive Intrusion Containment in Systems of Interacting Services; Computer Networks; Elsevier; v 51(5); pp. 1334-1360; April 2007.

Florian Buchholz and Eugene H. Spafford; Run-time Label Propagation for Forensic Audit Data; Computers &Security; Elsevier; 26(7-8); pp. 496-513; Dec 2007.

Xuxian Jiang, Florian Buchholz, Aaron Walters, Dongyan Xu, Yi-Min Wang, Eugene H. Spafford, Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach; IEEE Transactions on Parallel and Distributed Systems; 19(7); pp. 890-902; Jul 2008.

Travis D. Breaux, Annie I. Antón, and Eugene H. Spafford; A Distributed Requirements Management Framework For Legal Compliance And Accountability; Computers &Security; Elsevier; 28(1); pp. 8-17; Jan 2009.

Benjamin A. Kuperman and Eugene H. Spafford; Audlib: A Configurable, High-Fidelity Application Audit Mechanism; Software Practice & Experience; John Wiley & Sons; 40(11); pp. 989–1005; Oct. 2010.

Fariborz Farahmand, Mikhail Atallah, and Eugene H. Spafford; Incentive Alignment and Risk Perception: An Information Security Application ; IEEE Transactions on Engineering Management; IEEE; 60(2), pp. 238-246; May 2012.

Kyungroul Lee, Kangbin Yim, and Eugene H. Spafford; Reverse-safe authentication protocol for secure USB memories ; Security and Communication Networks; John Wiley & Sons; 5(8); pp. 834_845; August 2012.

Fariborz Farahmand and Eugene H. Spafford; Understanding Insiders: An Analysis of Risk-Taking Behavior ; Information Systems Frontiers; Springer; 15(1), March 2013; pp. 5-15.

Fariborz Farahmand, Aman Yadav, and Eugene H. Spafford; Risks and Uncertainties in Virtual Worlds: An Educators’ Perspective ; Journal of Computing in Higher Education; Springer; August 2013, 25(2), pp 49-67.

Conference and Workshop Papers

Hiralal Agrawal and Eugene H. Spafford; An Execution Backtracking Approach to Program Debugging; in Proceedings of the 6th Pacific Northwest Software Quality Conference; pp. 283-300; Oct. 1988. 

Eugene H. Spafford; Some Musings on Ethics and Computer Break-ins (invited paper); in Proceedings of the Winter 1989 Usenix Conference; Usenix Association; pp. 305-311; Feb 1989.

Eugene H. Spafford; An Analysis of the Internet Worm; in Proceedings of the European Software Engineering Conference 1989 (Lecture Notes in Computer Science #387); Springer-Verlag; pp. 446-468; Sep 1989.

  • Reprinted as chapter 18 in Rogue Programs: Viruses, Worms, and Trojan Horses; Lance Hoffman, editor; Van Nostrand Reinhold, New York; 1990.

Eugene H. Spafford; Computer Viruses: A Form of Artificial Life? (invited contribution); in Artificial Life II, Studies in the Sciences of Complexity, vol. XII, eds. D. Farmer, C. Langton, S. Rasmussen, and C. Taylor; Addison-Wesley; pp. 727-747; 1991. 

Dan Farmer and Eugene H. Spafford; The COPS Security Checker System; in Proceedings of the Summer 1990 Usenix Conference; Usenix Association; pp. 165-170; Jun 1990. 

Mehmet Sahinoglu and Eugene H. Spafford; A Bayes Sequential Statistical Procedure for Approving Software Products; in Proceedings of the IFIP Conference on Approving Software Products (ASP-90); Elsevier Science; pp. 43-56; Sep 1990.

Eugene H. Spafford; Preventing Weak Password Choices; in 14th National Computer Security Conference; pp. 446-455; Oct 1991.

ACM DL Author-ize serviceDynamic slicing in the presence of unconstrained pointers;
Hiralal Agrawal, Richard A. DeMillo, Eugene H. Spafford; TAV4 Proceedings of the symposium on Testing, analysis, and verification, 1991

Mehmet Sahinoglu, I. Baltaci, and Eugene H. Spafford; Monte Carlo Simulation on Software Mutation Testcase Adequacy; in Proceedings of COMPSTAT '92, International Association of Statistical Computing; Springer-Verlag; pp. 47-52; Aug 1992.

Eugene H. Spafford; Observing Reusable Password Choices; in 3rd Usenix UNIX Security Symposium; Usenix Association; pp. 299-312; 14-16 Sep 1992.

Eugene H. Spafford and Stephen A. Weeber; Software Forensics: Can We Track Code to its Authors?; in 15th National Computer Security Conference; pp. 641-650; Oct 1992. 

Hsin Pan and Eugene H. Spafford; Towards Automatic Localization of Software Faults; in Proceedings of the 10th Pacific Northwest Software Quality Conference; pp. 192-209; Oct 1992.

Sandeep Kumar and Eugene H. Spafford; A Generic Virus Scanner in C++; in Proceedings of the 8th Computer Security Applications Conference; IEEE Press; pp. 210-219; Dec 1992.

Steve J. Chapin and Eugene H. Spafford; Constructing Distributed Schedulers Using the Messiahs Interface Language; in Proceedings of the 27th Hawaii International Conference on Systems and Software HICSS); IEEE Press; pp. 425-434, Vol. II; 1994.

Gene H. Kim and Eugene H. Spafford; Experiences With Tripwire: Using Integrity Checkers for Intrusion Detection; in Proceedings of the SANS III: System Administration, Networking, and Security Conference; Open Systems Board, SAGE and Usenix; Usenix Association; April 1994.

Gene H. Kim and Eugene H. Spafford; Writing, Supporting, and Evalutaing Tripwire: A Publically Available Security Tool; in Proceedings of the USENIX Unix Applications Development Symposium; Usenix Association; pp. 89-107; 1994.

Steve J. Chapin and Eugene H. Spafford; Support for Security in Distributed Systems Using MESSIAHS; in Proceedings of the National Computer Security Conference; pp. 339-447; Oct. 1994. 

Sandeep Kumar and Eugene H. Spafford; A Pattern-Matching Model for Intrusion Detection; in Proceedings of the National Computer Security Conference; pp. 11-21; Oct. 1994.

ACM DL Author-ize serviceThe design and implementation of tripwire: a file system integrity checker;
Gene H. Kim, Eugene H. Spafford; CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security, 1994

Sandeep Kumar and Eugene H. Spafford; A Software Architecture to Support Misuse Intrusion Detection; in Proceedings of the 18th National Information Security Conference; pp. 194-204; Oct, 1995.

Ivan Krsul and Eugene H. Spafford; Authorship Analysis: Identifying the Author of a Program; in Proceedings of the 18th National Information Security Conference; Oct, 1995.

Mark Crosbie and Eugene H. Spafford; Genetic Programming Applied to Intrusion Detection; in Proceedings of the AAAI Genetic Programming Symposium; November 1995.

Mark Crosbie and Eugene H. Spafford; Evolving Event-Driven Programs; in Proceedings of the First Annual Conference on Genetic Programming; pp. 273-278; July 1996.

Taimur Aslam, Ivan Krsul and Eugene H. Spafford; A Taxonomy of Security Vulnerabilities; in Proceedings of the 19th National Information Systems Security Conference; pp. 551-560; Oct 1996.

Steve Lodin, Bryn Dole, and Eugene H. Spafford; Misplaced Trust: Kerberos 4 Random Session Keys; in Proceedings of Internet Society Symposium on Network and Distributed System Security; pp. 60-70; Feb 1997.

Christoph Schuba, Ivan Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo Sundaram, Diego Zamboni; Analysis of a Denial of Service Attack on TCP; in Proceedings of the 1997 IEEE Symposium on Security and Privacy; pp. 208-233; May 1997.

Hsin Pan, Richard A. DeMillo, and Eugene H. Spafford; Failure and Fault Analysis for Software Debugging; in Proceedings of COMPSAC 97; 1997.

Mohd A. Bashar, Ganesh Krishnan, Markus G. Kuhn, Eugene H. Spafford, and S. S. Wagstaff, Jr.; Low-Threat Security Patches and Tools; in Proceedings of the 1997 IEEE International Conference on Software Maintenance; pp. 306-313; Oct 1997.

Christoph Schuba and Eugene H. Spafford; A Reference Model for Firewall Technology; in Proceedings of the 13th IEEE Computer Security Applications Conference; pp. 133-145; Dec 1997.

Eugene H. Spafford and Diego Zamboni; AAFID: Autonomous Agents for Intrusion Detection; in Proceedings of the RAID'98 Workshop; September, 1998.

Jai Sundar Balasubramaniyan, Jose Omar Garcia-Fernandez, David Isacoff, Eugene H. Spafford, and Diego Zamboni; An Architecture for Intrusion Detection using Autonomous Agents; in Proceedings of the 14th IEEE Computer Security Applications Conference; pp. 13-24; Dec 1998.

Christoph Schuba and Eugene H. Spafford; Modeling Firewalls Using Hierarchical Colored Petri Nets; in NATO Symposium on Protecting Information Systems in the 21st Century; October 1999.

ACM DL Author-ize serviceNetwork traffic tracking systems: folly in the large?
Thomas E. Daniels, Eugene H. Spafford
NSPW '00 Proceedings of the 2000 workshop on New security paradigms, 2001

Thomas E. Daniels and Eugene H. Spafford; Subliminal Traceroute in TCP/IP; in Proceedings of the National Information Systems Security Conference; Sep 2000.

Thomas E. Daniels, Benjamin A. Kuperman and Eugene H. Spafford; Penetration Analysis of XEROX Docucenter DC 230ST: Assessing the Security of a Multi-Purpose Office Machine; in Proceedings of the National Information Systems Security Conference; Sep 2000.

Florian Kerschbaum, Eugene H. Spafford and Diego Zamboni; Using embedded sensors for detecting network attacks; in Proceedings of the 1st ACM Workshop on Intrusion Detection Systems; Nov 2000.

Eugene H. Spafford and Diego Zamboni; Design and implementation issues for embedded sensors in intrusion detection; in Proceedings of the RAID'2000 Workshop; October, 2000.

Thomas E. Daniels and Eugene H. Spafford; A Network Audit System for Host-based Intrusion Detection (NASHID) in Linux; Proceedings of the 16th Annual Computer Security Applications Conference; Dec 2000.

Eugene H. Spafford; A Failure to Learn from the Past PDF indicator ; in Proceedings of the 19th Annual Computer Security Applications Conference; Dec 2003.

Eric Bryant, James Early, Rajeev Gopalakrishna, Gregory Roth, Eugene H. Spafford, Keith Watson, Paul Williams and Scott Yost; Poly2 Paradigm: A Secure Network Service Architecture; in Proceedings of the 19th Annual Computer Security Applications Conference; Dec 2003.

Brian Carrier and Eugene H. Spafford; An Event-Based Digital Forensic Investigation Framework; in Proceedings of the Digital Forensics Research Workshop; 2004.

Saurabh Bagchi, Bingrui Foo, Yu-Sung Wu, Yu-Chun Mao and Eugene H. Spafford; ADEPTS: Adaptive Intrusion Response using Attack Graphs in an E-Commerce Environment; in Proceedings of the DSN-DCC Symposium 2005; Yokohama, Japan; June 2005.

Paul D. Williams and Eugene H. Spafford; CuPIDS Enhances StUPIDS: Exploring a Coprocessing Paradigm Shift in Information System Security; in Proceedings of the IEEE Workshop on Information Assurance and Security; West Point, NY; June 2005.

X. Jiang, D. Xu, H. J. Wang, and E. H. Spafford; Virtual Playgrounds for Worm Behavior Investigation; in Procedings of the RAID 2005 Symposium; Seattle, WA; Sept 2005.

Brian Carrier and Eugene H. Spafford; Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence; in Proceedings of the Digital Forensics Research Workshop (DRFWS); Aug. 2005.

X. Jiang, A. Walters, F. Buchholz, D. Xu, Y. Wang, and E. H. Spafford; Provenance-Aware Tracing of Worm Break-ins and Contaminations: A Process Coloring Approach; in Proceedings of the IEEE International Conference on Distributed Computing Systems (ICDCS 2006); Lisbon, Portugal, July 2006.

Eugene H. Spafford; Some Challenges in Digital Forensics; in Research Advances in Digital Forensics – II – Proceedings of the IFIP Conference on Digital Forensics; Springer; Aug 2006.

Yu-Sung Wu, Bingrui Foo, Gaspar Modelo-Howard, Saurabh Bagchi, and Eugene H. Spafford; The Search for Efficiency in Automated Intrusion Response for Distributed Applications; Proceedings of the 27th IEEE Symposium on Reliable and Distributed Systems (SRDS 2008); October 2008; Napoli, Italy.

Fariborz Farahmand and Eugene H. Spafford; Insider Behavior: An Analysis of Decision under Risk; First International Workshop on Managing Insider Security Threats, International Federation for Information Processing (IFIP) International Conference on Trust Management, Jun 2009, Purdue University.

Brent Roth and Eugene H. Spafford; Implicit Buffer Overflow Protection Using Memory Segregation; ARES 2012 Conference; Aug 2011; Vienna, Austria.

Mohammed H. Almeshekah, Mikhail J. Atallah, and Eugene H. Spafford; Layering Authentication Channels to Provide Covert Communication; in Proceedings of the 21st International Workshop on Security Protocols; 2013; Springer-Verlag; Cambridge, England.

Mohammed Almeshekah and Eugene H. Spafford; The Case of Using Negative (Deceiving) Information in Data Protection; in Proceedings of the 9th Conference on Cyber Warfare and Security; pp. 235–244; 2014; West Lafayette, IN.

ACM DL Author-ize servicePlanning and Integrating Deception into Computer Security Defenses
Mohammed H. Almeshekah, Eugene H. Spafford
NSPW '14 Proceedings of the 2014 workshop on New Security Paradigms Workshop, 2014

Other Selected Published Works

ACM DL Author-ize serviceThe internet worm program: an analysis;
Eugene H. Spafford; ACM SIGCOMM Computer Communication Review, 1989
ACM DL Author-ize serviceRisks of total surveillance;
Barbara Simons, Eugene H. Spafford; Communications of the ACM, 2003
ACM DL Author-ize serviceInspiration and trust;
Eugene H. Spafford; Communications of the ACM - 50th anniversary issue: 1958 - 2008, 2008
ACM DL Author-ize serviceUSACM's policy role;
Eugene H. Spafford; Communications of the ACM - Inspiring Women in Computing, 2009
ACM DL Author-ize servicePrivacy and security: Answering the wrong questions is no answer;
Eugene H. Spafford; Communications of the ACM - One Laptop Per Child: Vision vs. Reality, 2009
ACM DL Author-ize serviceWe are out of balance
Gene Spafford
ACM SIGCAS Computers and Society - Special Issue on Women in Computing, 2014

Top

Updated: 12/19/15

© 2004-2013 E. H. Spafford

spaf@purdue.edu
Valid CSS!   Valid XHTML 1.0! Level Double-A, 
          W3C-WAI Web Accessibility Guidelines 1.0