Gene Spafford
Encyclopedia
Eugene Howard Spafford (born 1956), commonly known as Spaf, is a professor of computer science
at Purdue University
and a leading computer security
expert.
A historically significant Internet
figure, he is renowned for first analyzing the Morris Worm, one of the earliest computer worm
s, and his prominent role in the Usenet
backbone cabal
. Spafford was a member of the President's Information Technology Advisory Committee 2003-2005, has been an advisor to the National Science Foundation
(NSF), and serves as an advisor to over a dozen other government agencies and major corporations.
for three years and completed his B.A.
with a double major in mathematics and computer science in that time. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology
. He received his M.S.
in 1981, and Ph.D.
in 1986 for his design and implementation of the original Clouds distributed operating system
kernel.
During the early formative years of the Internet, Spafford made significant contributions to establishing semi-formal processes to organize and manage Usenet, then the primary channel of communication between users, as well as being influential in defining the standards of behavior governing its use.
(Center for Education and Research in Information Assurance and Security) and was the founder and director of COAST Laboratory, which preceded CERIAS.
He is involved in a number of professional societies and activities outside Purdue including serving on the Board of Directors of the Computing Research Association and as co-chair of the ACM
's US Public Policy Committee. He serves on a number of advisory and editorial boards and is internationally known for his writing, research, and speaking on issues of security and ethics. Spafford has authored or co-authored four books on computer and computer security, including Practical Unix and Internet Security for O'Reilly
, as well as over a hundred research papers, chapters and monographs.
Spafford has stated that his research interests have focused on "the prevention, detection, and remediation of information system failures and misuse, with an emphasis on applied information security. This has included research in fault tolerance, software testing and debugging, intrusion detection, software forensics, and security policies."
Among notable software designed and/or supervised by Spafford include the freeware Tripwire tool coded by his student Gene Kim (Spafford was later the chief external technical advisor to the Tripwire company
during their first few years), and the freeware COPS
tool coded by his student Dan Farmer
. He initiated the Phage List as a response to the Morris Worm. Some of his research also helped inspire the creation of the MITRE
CVE service and the NIST ICAT database. Research by other graduate students of his has resulted in tools for software testing and debugging, distributed processing, cyber forensics, firewalls, intrusion detection, auditing, and network traceback.
Spafford discusses a recent piece in the New York Times that looked at how the current Internet is a conduit for all types of "cybercrime" on C-SPAN.
Computer science
Computer science or computing science is the study of the theoretical foundations of information and computation and of practical techniques for their implementation and application in computer systems...
at Purdue University
Purdue University
Purdue University, located in West Lafayette, Indiana, U.S., is the flagship university of the six-campus Purdue University system. Purdue was founded on May 6, 1869, as a land-grant university when the Indiana General Assembly, taking advantage of the Morrill Act, accepted a donation of land and...
and a leading computer security
Computer security
Computer security is a branch of computer technology known as information security as applied to computers and networks. The objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to...
expert.
A historically significant Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
figure, he is renowned for first analyzing the Morris Worm, one of the earliest computer worm
Computer worm
A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention. This is due to security shortcomings on the target computer. Unlike a computer virus, it does not need to attach...
s, and his prominent role in the Usenet
Usenet
Usenet is a worldwide distributed Internet discussion system. It developed from the general purpose UUCP architecture of the same name.Duke University graduate students Tom Truscott and Jim Ellis conceived the idea in 1979 and it was established in 1980...
backbone cabal
Backbone cabal
The backbone cabal was an informal organization of large-site administrators of the worldwide distributed Internet discussion system Usenet. It existed from about 1983 at least into the 2000s....
. Spafford was a member of the President's Information Technology Advisory Committee 2003-2005, has been an advisor to the National Science Foundation
National Science Foundation
The National Science Foundation is a United States government agency that supports fundamental research and education in all the non-medical fields of science and engineering. Its medical counterpart is the National Institutes of Health...
(NSF), and serves as an advisor to over a dozen other government agencies and major corporations.
Education and early career
Spafford attended State University of New York at BrockportState University of New York at Brockport
The College at Brockport: State University of New York, also known as SUNY Brockport, Brockport State, College at Brockport, or the State University of New York at Brockport, is a four-year liberal arts college located in Brockport, Monroe County, New York, United States, near Rochester...
for three years and completed his B.A.
Bachelor of Arts
A Bachelor of Arts , from the Latin artium baccalaureus, is a bachelor's degree awarded for an undergraduate course or program in either the liberal arts, the sciences, or both...
with a double major in mathematics and computer science in that time. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology
Georgia Institute of Technology
The Georgia Institute of Technology is a public research university in Atlanta, Georgia, in the United States...
. He received his M.S.
Master of Science
A Master of Science is a postgraduate academic master's degree awarded by universities in many countries. The degree is typically studied for in the sciences including the social sciences.-Brazil, Argentina and Uruguay:...
in 1981, and Ph.D.
Ph.D.
A Ph.D. is a Doctor of Philosophy, an academic degree.Ph.D. may also refer to:* Ph.D. , a 1980s British group*Piled Higher and Deeper, a web comic strip*PhD: Phantasy Degree, a Korean comic series* PhD Docbook renderer, an XML renderer...
in 1986 for his design and implementation of the original Clouds distributed operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
kernel.
During the early formative years of the Internet, Spafford made significant contributions to establishing semi-formal processes to organize and manage Usenet, then the primary channel of communication between users, as well as being influential in defining the standards of behavior governing its use.
Recent work
At Purdue, Spafford has a joint appointment as a professor of computer science and as professor of electrical and computer engineering, where he has served on the faculty since 1987. He is also a professor of philosophy (courtesy), and a professor of communication (courtesy). He is also Executive Director of the Purdue CERIASCERIAS
The Center for Education and Research in Information Assurance and Security of Purdue University, USA, is a center for research and education in areas of information security for computing and communication infrastructures....
(Center for Education and Research in Information Assurance and Security) and was the founder and director of COAST Laboratory, which preceded CERIAS.
He is involved in a number of professional societies and activities outside Purdue including serving on the Board of Directors of the Computing Research Association and as co-chair of the ACM
Association for Computing Machinery
The Association for Computing Machinery is a learned society for computing. It was founded in 1947 as the world's first scientific and educational computing society. Its membership is more than 92,000 as of 2009...
's US Public Policy Committee. He serves on a number of advisory and editorial boards and is internationally known for his writing, research, and speaking on issues of security and ethics. Spafford has authored or co-authored four books on computer and computer security, including Practical Unix and Internet Security for O'Reilly
O'Reilly Media
O'Reilly Media is an American media company established by Tim O'Reilly that publishes books and Web sites and produces conferences on computer technology topics...
, as well as over a hundred research papers, chapters and monographs.
Spafford has stated that his research interests have focused on "the prevention, detection, and remediation of information system failures and misuse, with an emphasis on applied information security. This has included research in fault tolerance, software testing and debugging, intrusion detection, software forensics, and security policies."
Among notable software designed and/or supervised by Spafford include the freeware Tripwire tool coded by his student Gene Kim (Spafford was later the chief external technical advisor to the Tripwire company
Tripwire (company)
Tripwire, Inc. is a software company based in Portland, Oregon that develops, markets and sells information technology security and compliance automation solutions. The company's products provide organizations control over physical and virtual IT infrastructure...
during their first few years), and the freeware COPS
COPS (software)
COPS was the first common Unix computer system security scanning tool,created by Dan Farmer; Gene Spafford helped him start it in 1989 while Dan was in summer school at Purdue University.-Features:...
tool coded by his student Dan Farmer
Dan Farmer
Dan Farmer is an American computer security researcher. In a summer course in 1989, in order to graduate from Purdue University he started the development of the COPS program for identifying security issues on Unix systems under Gene Spafford, first releasing it after leaving Purdue in late 1989...
. He initiated the Phage List as a response to the Morris Worm. Some of his research also helped inspire the creation of the MITRE
MITRE
The Mitre Corporation is a not-for-profit organization based in Bedford, Massachusetts and McLean, Virginia...
CVE service and the NIST ICAT database. Research by other graduate students of his has resulted in tools for software testing and debugging, distributed processing, cyber forensics, firewalls, intrusion detection, auditing, and network traceback.
Spafford discusses a recent piece in the New York Times that looked at how the current Internet is a conduit for all types of "cybercrime" on C-SPAN.
Selected honors and awards
- 1992 Inducted in Sigma XiSigma XiSigma Xi: The Scientific Research Society is a non-profit honor society which was founded in 1886 at Cornell University by a junior faculty member and a handful of graduate students. Members elect others on the basis of their research achievements or potential...
, research scientists' honor society. - 1992 Inducted in Upsilon Pi EpsilonUpsilon Pi EpsilonUpsilon Pi Epsilon : International Honor Society for the Computing and Information Disciplines, is the first and only existing one of its kind....
, the Computer Sciences honor society. - 1996 Awarded charter membership in the IEEE Computer SocietyIEEE Computer SocietyThe IEEE Computer Society is a professional society of IEEE. Its purpose and scope is “to advance the theory, practice, and application of computer and information processing science and technology” and the “professional standing of its members.” The CS is the largest of 38 technical societies...
's Golden Core for distinguished service to the Computer Society during its first 50 years. - 1996 Award of Distinguished Technical Communication (highest award) and Award of Merit by the Society for Technical Communication for Practical Unix and Internet Security.
- 1997 Inducted as a Fellow of the Association for Computing MachineryAssociation for Computing MachineryThe Association for Computing Machinery is a learned society for computing. It was founded in 1947 as the world's first scientific and educational computing society. Its membership is more than 92,000 as of 2009...
. - 1999 Inducted as a Fellow of the American Association for the Advancement of ScienceAmerican Association for the Advancement of ScienceThe American Association for the Advancement of Science is an international non-profit organization with the stated goals of promoting cooperation among scientists, defending scientific freedom, encouraging scientific responsibility, and supporting scientific education and science outreach for the...
. - 2000 NIST/NCSC National Computer Systems Security Award.
- 2000 Proclaimed a CISSP, honoris causa by (ISC)²
- 2000 Inducted as a Fellow of the Institute of Electrical and Electronics EngineersInstitute of Electrical and Electronics EngineersThe Institute of Electrical and Electronics Engineers is a non-profit professional association headquartered in New York City that is dedicated to advancing technological innovation and excellence...
. - 2001 Named to the ISSA (Information Systems Security Association) Hall of Fame.
- 2003 Awarded U.S. Air Force medal for Meritorious Civilian Service.
- 2005 Honorary D.Sc. from the State University of New York (SUNY)
- 2006 IEEE Computer Society Technical Achievement Award
- 2007 ACM President's Award
- 2009 Computing Research AssociationComputing Research AssociationThe Computing Research Association is an association of more than 220 North American academic departments of computer science, computer engineering, and related fields; laboratories and centers in industry, government, and academia engaging in basic computing research; and affiliated professional...
Distinguished Service Award
See also
- UsenetUsenetUsenet is a worldwide distributed Internet discussion system. It developed from the general purpose UUCP architecture of the same name.Duke University graduate students Tom Truscott and Jim Ellis conceived the idea in 1979 and it was established in 1980...
- Purdue UniversityPurdue UniversityPurdue University, located in West Lafayette, Indiana, U.S., is the flagship university of the six-campus Purdue University system. Purdue was founded on May 6, 1869, as a land-grant university when the Indiana General Assembly, taking advantage of the Morrill Act, accepted a donation of land and...
- Internet2Internet2Internet2 is an advanced not-for-profit US networking consortium led by members from the research and education communities, industry, and government....
- The Morris Worm
- The Great RenamingGreat RenamingThe Great Renaming was a restructuring of Usenet newsgroups that took place in 1987. B News maintainer and UUNET founder Rick Adams is generally considered to be the initiator of the Renaming.-Motivation:...
- Backbone CabalBackbone cabalThe backbone cabal was an informal organization of large-site administrators of the worldwide distributed Internet discussion system Usenet. It existed from about 1983 at least into the 2000s....
/ There is No Cabal