Spaf's Students, Past and Present


In the News & On the WWW

Short Bio

Full C.V. PDF indicator

Selected Firsts

Notable Activities

My Tumblr Log (Blog)

My CERIAS Blog Posts

Spaf & the US Gov

Courses & Teaching

Information for Grad Students

Students Past and Present

Research and Papers

Selected Quotes

Miscellaneous Items

• • •

if you are interested in working with me as a student, see my Grad info page for graduate students. Note that I have limited bandwidth because of my administrative duties, so students working with me need to be very motivated and self-directed.

Graduated PhD Students

Here is a "genealogy" of my 23 graduated PhD students. Eight of the 23 have gone into academic positions, and several of them have produced Ph.D. grads of their own. I also include details on several of my notable MS students.

Current Students

Boakya Dankwa

Boakya is a PhD candidate in CS who is working on IDS and response in real-time systems with massive data rates.

Alex Master

Alex is an Army office in the INSC program investigating anti-censorship technologies for his dissertation.

Robert Morton

Rob is working on measures of anomymity. He is a PhD candidate in the INSC program.

Douglas Rapp

Doug is a new INSC student who is initially looking into how deception may be employed to protect industrial control systems.

Selected Former Students

Here I've listed the students whose names you might find on research papers or software products out of my research projects. It is not a complete list of all the notable students who have worked with me, because the list would be too long to contain them all!

Sarika Agarwal

An MS thesis student, who worked with me in access control and trusted computing environments. She went on to become a senior engineer with Qualcomm in California.

Hiralal Agrawal

Hira received his PhD in 1991. He is now working at Peraton Labs (formerly Telcordia). His dissertation, Towards Automatic Debugging of Computer Programs, was done as part of the Spyder project in the SERC. Hira's co-advisor was Richard DeMillo.

Mohammed Almeshekah

Mohammed received his PhD in 2015, and was co-advised by Mike Atallah. His disserttion was on techniques and formalisms for using deception in cyber defense. He is now with Outliers Venture Capital in Saudi Arabia.

Taimur Aslam

Taimur received his MS degree in 1995 for his research with the COAST Project. His MS thesis, A Taxonomy of Security Faults in Operating Systems, explored how to classify faults in Unix that led to security compromises. The classification can be used for testing and software development. Taimur is a co-founder of Argole Systems, and Broadstone Technologies.

Jeff Avery

Jeff wast in CS, co-advised by Saurabh Bagchi. He graduated in 2017 and is now at Northrop Grumman. His thesis was on using deception to protect patching against reverse engineering.

Florian Buchholz

Florian and Spaf at graduation Aug 2005 Received his PhD in August 2005 and is on the faculty of James Madison University. His dissertation was on embedding forensic support in a general-purpose OS file system, and was entitled Pervasive Binding of Labels to System Processes.

Serdar Cabuk

I was Serdar's co-advisor, with Carla Brodley at Tufts. His PhD dissertation involved exploration of how to create covert timing channels in the IP protocol, and how to discover those same types of channel. Serdar graduated in December, 2006. He is a partner with Deloitte, in England.

Brian Carrier

Brian at graduation May 2006

Brian received his PhD in spring 2006 for his dissertation on a formal framework for digital forensic investigations. He is SVP and CTO at Basis Technology.

Steve Chapin

Steve at graduation in 1993Steve received his PhD in 1993.He did his dissertation, entitled Scheduling Support for an Internetwork of Heterogeneous, Autonomous Processors, as the core of the Messiahs Project.

Steve was an Associate Professor at Syracuse University. He was the first of my former students to produce Ph.D. graduates of his own. He is now a lead cybecybersecurity scientist at LLNL.

Mark Crosbie

Mark received his MS degree in 1995 working in the COAST Project. His research topic was in using "Artificial Life" to build active computer security defenses. He originated the idea of using numerous, autonomous agents for intrusion detection. Mark married Tanya Mastin, another former student. He is currently the data protection officer at Dropbox.

Thomas Daniels

Tom received his Ph.D. in December 2002 after completing his dissertation, Reference Models for the Concealment and Observation of Origin Identity in Store and Forward Networks. He is on the faculty of Iowa State University.

Bryn Dole

Bryn received his MS degree in 1995 while working in the COAST Project. He was involved with development of methods of testing security firewalls and screens in networks. After working for a while at Sun Microsystems, Bryn left to be one of the founders of the Open Directory Project and the TOPIX news site. He was one of the founders of Blekko, an innovative search engine firm.

Kevin Du

Kevin and Spaf at graduation August 2001 Kevin received his PhD in 2001. He is now on the faculty at Syracuse University. His thesis was entitled A Study Of Several Specific Secure Two-Party Computation Problems. His co-advisor was Mike Atallah.

James Early

Advised by myself and Professor Carla Brodley Jim and Spaf at graduation August 2005(formerly with Purdue ECE), Jim graduated in August 2005. His thesis was on detecting anomalies in network traffic, and his dissertation was entitled Behavioral Feature Extraction for Network Anomaly Detection. He is on the CS faculty at SUNY Oswego and is a senior engineer with Good Uncle.

Dan Farmer

Dan completed his undergraduate degree at Purdue in 1990. While at Purdue, he built the COPS static audit tool under my direction, and has achieved notoriety for many achievements since then, including being named to the ISSA Hall of Fame. He is currently a distinguished engineer with Mercedes-Benz R&D.

Rajeev Gopalakrishna

Rajeev at graduation May 2006 I was coadvisor for Rajeev with Jan Vitek. His thesis was about how to employ methods of static analysis to increase confidence in the secure operation of software. He received his Ph.D. in spring 2006. He initially joined the research staff at Intel Laboratories in Oregon, and is now an independent consultant in India.

Chris Gutierrez

Chris graduated in 2017. He was working in uses of deception in cyber defense, with a focus on protecting memory against wipers and ransomware. Saurabh Bagchi was co-advisor. Chris is now working at Intel.

Gene H. Kim

Gene completed his BS degree in 1993 and his MSCS at the University of Arizona.  He worked with me on the Tripwire project through COAST, released on November 2, 1992.  Gene is now CTO of Tripwire, Inc.  Since 1999, Gene has been capturing and codifying how "best in class" organizations have IT operations, security, audit, management, and governance working together to solve common business objectives.  This was codified in 2004, he co-wrote the Visible Ops Handbook, showing how IT organizations successfully transformed from good to great.

Gene was named as a 2007 Outstanding Alumnus by Purdue CS.

Ivan Krsul

Ivan completed his PhD on the topic of Software Vulnerability Analysis in 1998. He constructed a large-scale database of system vulnerabilities, and then used this to explore their characteristics. His research was part of the COAST Project. He is the founder and CEO of start-up company, Arte Xacta, in his native Bolivia.

Ivan also did his MS thesis under my direction, entitled Authorship Analysis: Identifying the Author of a Program.

Ivan is the only repeat winner of the Maurice Halsted Software Engineering Award, given at Purdue each year.

Sandeep Kumar

Sandeep received his Ph.D. in August, 1995. His dissertation, Classification and Detection of Computer Intrusions developed a new approach to intrusion detection. His research was part of the COAST Project. He is currently working for VMWare.

Benjamin (Kuperman) Bly

Ben graduated in August 2004 and then joined the faculty ofSpaf and Ben at graduation in August 2004 Swarthmore College then the CS faculty of Oberlin College. He is now a Senior Manager of Software Development with Adobe. His dissertation was entitled A Categorization of Computer Security Monitoring Systems and the Impact on the Design of Audit Sources.

Steve Lodin

Steve received his MS degree in 1996 while at Purdue as a GM Fellow. He worked with the COAST group while here, and is credited with discovering the Kerberos random number generator vulnerability - one of the 10 worst software bugs in history.

Tanya Mastin

Tanya completed her BS degree in the spring of 1997. While at Purdue, she worked with COAST to redesign the entire on-line archive, including introducing a new database format to keep track of entries.

Tanya married Mark Crosbie, another former student, and the two now live in Ireland. Tanya is currently running her own award-winning photography business there, named "Giggles and Smiles."

Pascal Meunier

Pascal came to Purdue with a Ph.D. in biological sciences. He completed his M.S. under my direction, and worked as a research scientist with CERIAS for nearly a decade. He was a member of the technical staff for Information Technology at Purdue (ITaP) until recently, and now doing consulting work.

Michael McFail

Mike completed his MS work and is now on the technical staff at MITRE Corporation. He worked on botnet research while at Purdue.

Stephanie Miller Bansal

Finished a M.S. thesis in security policy and infrastructure for a statewide education project in 1999. She has worked at Accenture, Deloitte, and HP, but is now hard at work as a stay-at-home mom.

Kelly Misata

Kelly finished her PhD. in the interdisciplinary Information Security program. She is interested in a number of areas of policy, including privacy protections and protections of at-risk populations online. Her dissertation was an analysis of the security expertise present in organizations that work with at-risk populations. She is the Founder and CEO of Sightline Security.

Sofie Nystrom

Sofie completed her MS degree while working with us on forensics and network security. She worked for a while in security and critical infrastructure protection in her native Norway. After some time a VP of security for Telenor in Norway, and head of the Center for Cyber and Information Security, she is now the Director General of the Norwegian National Security Authority.

Hsin (Sean) Pan

Sean received his PhD in 1993 and was co-founder and Executive Director of Rich House Global Technology Ltd., a company working in near-field communications. He is now a Senior Director at Foxconn. His dissertation, Debugging with Dynamic Instrumentation and Test-Based Information, was done as part of the Spyder project in the SERC. Hsin's co-advisor was Richard DeMillo.

Katherine Price

Kat completed an MS thesis in 1997 on the nature of audit trails in intrusion detection systems, entitled Host-based Misuse Detection and Conventional Operating Systems' Audit Data Collection. She is now a developer with SAS Institute in North Carolina.

Maja Pusara

I was Maja's co-advisor, with Carla Brodley at Tufts. Maja graduated in spring 2007 after completing a dissertation on the topic of dynamic reauthentication based on computer mouse activity. She is currently working for Ab Initio in Boston.

Christoph Schuba

Christoph's PhD topic involved the development of a reference model for firewalls, and an implementation of a proof-of-concept on native ATM technology. He received his PhD in 1997 for his dissertation On the Modeling, Design and Implementation of Firewall Technology. He was currently Head of Network Security Technology Strategy at Ericsson, and is now a Senior Security Architect at Apple Computer.

Christoph did his MS thesis under my direction, entitled Addressing Weaknesses in the Domain Name System.

Dannie Stanley

Dannie was co-advised by Dongyan Xu. His dissertation was on defenses against rootkits and unauthorized kernel modifications, and entitled Improved Kernel Security through Code Verification, Diversification, and Minimization. He graduated in 2013 and is now an associate professor at Taylor University.

Karyl Stein

Karyl completed his BS degree in 1998. While working with the COAST Project, he helped design our firewall testing testbed, as well as contributing to several other projects. He is currently a systems architect principal with FedEx.

Aurobindo (Robin) Sundaram

Robin completed his MS degree in 1997. He initially worked in corporate security for Schlumberger. He is currently the Vice President - Information Security Assurance & Data Protection at RELX Group.

Chonchanok Viravan

Nok received her PhD in 1994 for her dissertationNok at graduation Enhancing Debugging Technology. This was the final part of the Spyder project in the SERC. Nok has been President of IFBPW. She was named as a 2007 Outstanding Alumna by Purdue CS. She is currently President of Pathanasomdoon Co, Ltd. in Thailand.

Keith Watson

Keith received his BS degree in 1997. He worked with me on developing methods of testing security software and firewalls. After a while at Sun Microsystem Labs, Keith left and came back to CERIAS as a senior research engineer, working on our intrusion detection and security architecture projects. He is currently the director of threat management at Optiv, Inc.

Steve Weeber

Steve received his MS in 1992 and then took a job with the CIAC at LLNL. He worked with me on several COAST projects, including software forensics and OPUS. He is currently working as an IP architect at Windstream Communications.

Paul Williams

Paul retired from the US Air Force as a lieutenant colonel in 2015. His dissertation was on using a co-processor to monitor security-related behavior of a running system. His dissertation was entitled CUPIDS: Increasing Information System Security Through the Use of Dedicated Co-Processing. He graduated from Purdue in 2005. He is now Senior Vice President and Chief Security Officer, Teradata.

Diego Zamboni

Diego and Spaf at graduation in August 2001

Diego received his Ph.D. in 2001. His dissertation was entitled Using Internal Sensors for Computer Intrusion Detection. He is currently working as an author, and as Senior Enterprise Architect with Swisscom.