Eugene H. Spafford

According to our database1, Eugene H. Spafford authored at least 116 papers between 1989 and 2018.

Collaborative distances:
  • Dijkstra number2 of two.
  • Erdős number3 of four.

Awards

ACM Fellow

ACM Fellow 1998, "For continuing scholarship and community service in promoting computing technology and networks, with particular emphasis on issues of security, ethics, safety, and responsible use.".

IEEE Fellow

IEEE Fellow 2001, "For leadership and contributions in the field of information security.".

Timeline

Legend:

Book 
In proceedings 
Article 
PhD thesis 
Other 

Links

Homepages:

On csauthors.net:

Bibliography

2018
Reactive redundancy for data destruction protection (R2D2).
Computers & Security, 2018

The case for disappearing cyber security.
Commun. ACM, 2018

A Hypergame Analysis for ErsatzPasswords.
Proceedings of the ICT Systems Security and Privacy Protection, 2018

2017
Ghost Patches: Fake Patches for Fake Vulnerabilities.
Proceedings of the ICT Systems Security and Privacy Protection, 2017

2016
Inhibiting and Detecting Offline Password Cracking Using ErsatzPasswords.
ACM Trans. Priv. Secur., 2016

The strength of encryption.
Commun. ACM, 2016

Cyber Security Deception.
Proceedings of the Cyber Deception, Building the Scientific Foundation, 2016

2015
Enhancing Passwords Security Using Deceptive Covert Communication.
Proceedings of the ICT Systems Security and Privacy Protection, 2015

ErsatzPasswords: Ending Password Cracking and Detecting Password Leakage.
Proceedings of the 31st Annual Computer Security Applications Conference, 2015

2014
We are out of balance.
SIGCAS Computers and Society, 2014

An interview with Gene Spafford on balancing breadth and depth in cybersecurity education.
Inroads, 2014

Using Deceptive Information in Computer Security Defenses.
IJCWT, 2014

Editorial.
Computers & Security, 2014

Planning and Integrating Deception into Computer Security Defenses.
Proceedings of the 2014 workshop on New Security Paradigms Workshop, 2014

2013
Incentive Alignment and Risk Perception: An Information Security Application.
IEEE Trans. Engineering Management, 2013

Risks and uncertainties in virtual worlds: an educators' perspective.
J. Computing in Higher Education, 2013

Understanding insiders: An analysis of risk-taking behavior.
Information Systems Frontiers, 2013

Editorial.
Computers & Security, 2013

Back Channels Can Be Useful! - Layering Authentication Channels to Provide Covert Communication.
Proceedings of the Security Protocols XXI, 2013

Improved kernel security through memory layout randomization.
Proceedings of the IEEE 32nd International Performance Computing and Communications Conference, 2013

2012
Reverse-safe authentication protocol for secure USB memories.
Security and Communication Networks, 2012

Editorial.
Computers & Security, 2012

Editorial.
Computers & Security, 2012

Editorial.
Computers & Security, 2012

Editorial.
Computers & Security, 2012

Editorial.
Computers & Security, 2012

USACM and U.S. legislation.
Commun. ACM, 2012

2011
Intrusion Detection Systems (IDSs): Implementation.
Proceedings of the Encyclopedia of Information Assurance, 2011

Editorial for 30/8.
Computers & Security, 2011

Editorial.
Computers & Security, 2011

Editorial.
Computers & Security, 2011

Security, technology, publishing, and ethics (part II).
Computers & Security, 2011

Editorial.
Computers & Security, 2011

Implicit Buffer Overflow Protection Using Memory Segregation.
Proceedings of the Sixth International Conference on Availability, 2011

2010
Audlib: a configurable, high-fidelity application audit mechanism.
Softw., Pract. Exper., 2010

Security, technology, publishing, and ethics (Part I).
Computers & Security, 2010

Editorial.
Computers & Security, 2010

Editorial.
Computers & Security, 2010

Remembrances of things pest.
Commun. ACM, 2010

2009
A distributed requirements management framework for legal compliance and accountability.
Computers & Security, 2009

Privacy and security - Answering the wrong questions is no answer.
Commun. ACM, 2009

USACM's policy role.
Commun. ACM, 2009


2008
Tracing Worm Break-In and Contaminations via Process Coloring: A Provenance-Preserving Approach.
IEEE Trans. Parallel Distrib. Syst., 2008

James P. Anderson: An Information Security Pioneer.
IEEE Security & Privacy, 2008

Inspiration and trust.
Commun. ACM, 2008

Cyber Security: Assessing Our Vulnerabilities and Developing an Effective Defense.
Proceedings of the Protecting Persons While Protecting the People, 2008

2007
Run-time label propagation for forensic audit data.
Computers & Security, 2007

Automated adaptive intrusion containment in systems of interacting services.
Computer Networks, 2007

CuPIDS: An exploration of highly focused, co-processor-based information system protection.
Computer Networks, 2007

2006
Desert Island Books.
IEEE Security & Privacy, 2006

Categories of digital investigation analysis techniques based on the computer history model.
Digital Investigation, 2006

Some Challenges in Digital Forensics.
Proceedings of the Advances in Digital Forensics II - IFIP International Conference on Digital Forensics, National Centre for Forensic Science, Orlando, Florida, USA, January 29, 2006

Provenance-Aware Tracing ofWorm Break-in and Contaminations: A Process Coloring Approach.
Proceedings of the 26th IEEE International Conference on Distributed Computing Systems (ICDCS 2006), 2006

2005
Efficient Intrusion Detection using Automaton Inlining.
Proceedings of the 2005 IEEE Symposium on Security and Privacy (S&P 2005), 2005

Virtual Playgrounds for Worm Behavior Investigation.
Proceedings of the Recent Advances in Intrusion Detection, 8th International Symposium, 2005

ADEPTS: Adaptive Intrusion Response Using Attack Graphs in an E-Commerce Environment.
Proceedings of the 2005 International Conference on Dependable Systems and Networks (DSN 2005), 28 June, 2005

Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence.
Proceedings of the Refereed Proceedings of the 5th Annual Digital Forensic Research Workshop, 2005

2004
Grand Challenges in Information Security: Process and Output.
IEEE Security & Privacy, 2004

On the role of file system metadata in digital forensics.
Digital Investigation, 2004

What starisstar information security?
Proceedings of the 35th SIGCSE Technical Symposium on Computer Science Education, 2004

2003
Getting Physical with the Digital Investigation Process.
IJDE, 2003

Risks of total surveillance.
Commun. ACM, 2003

PFIRES: a policy framework for information security.
Commun. ACM, 2003

A Failure to Learn from the Past.
Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), 2003

Poly2 Paradigm: A Secure Network Service Architecture.
Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), 2003

Practical Unix and internet security - securing Solaris, Mac OS X, Linux and FreeBSD: extensivley revised (3. ed.).
O'Reilly, ISBN: 978-0-596-00323-4, 2003

2002
Security and Privacy Challenges of a Digital Government.
Proceedings of the Advances in Digital Government - Technology, Human Factors, and Policy, 2002

Using Internal Sensors and Embedded Detectors for Intrusion Detection.
Journal of Computer Security, 2002

2001
Connectivity provisioning with security attributes.
Software Focus, 2001

Digital Government Security Infrastructure Design Challenges.
IEEE Computer, 2001

Security models for web-based applications.
Commun. ACM, 2001

Secure outsourcing of scientific computations.
Advances in Computers, 2001

The Hidden Meta-Requirements of Security and Privacy.
Proceedings of the 5th IEEE International Symposium on Requirements Engineering (RE 2001), 2001

2000
IC Online: Infosecurity Summit at the White House.
IEEE Internet Computing, 2000

Intrusion detection using autonomous agents.
Computer Networks, 2000

Network traffic tracking systems: folly in the large?
Proceedings of the 2000 Workshop on New Security Paradigms, 2000

A Network Audit System for Host-based Intrusion Detection (NASHID) in Linux.
Proceedings of the 16th Annual Computer Security Applications Conference (ACSAC 2000), 2000

1999
Identification of Host Audit Data to Detect Attacks on Low-level IP Vulnerabilities.
Journal of Computer Security, 1999

New directions for the AAFID architecture.
Recent Advances in Intrusion Detection, 1999

1998
Prototyping experiences with classical IP and ARP over signaled ATM connections.
Journal of Systems and Software, 1998

Dissemination of state information in distributed autonomous systems.
Computer Communications, 1998

An Architecture for Intrusion Detection Using Autonomous Agents.
Proceedings of the 14th Annual Computer Security Applications Conference (ACSAC 1998), 1998

1997
Secure CGI/API programming.
World Wide Web Journal, 1997

Cryptography and the Web.
World Wide Web Journal, 1997

Firewalls: An Expert Roundtable.
IEEE Software, 1997

Authorship analysis: identifying the author of a program.
Computers & Security, 1997

Analysis of a Denial of Service Attack on TCP.
Proceedings of the 1997 IEEE Symposium on Security and Privacy, 1997

Misplaced Trust: Kerberos 4 Session Keys.
Proceedings of the Network and Distributed System Security Symposium, 1997

Low-threat security patches and tools.
ICSM, 1997

Failure and Fault Analysis for Software Debugging.
Proceedings of the 21st International Computer Software and Applications Conference (COMPSAC '97), 1997

A Reference Model for Firewall Technology.
Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC 1997), 1997

Web security and commerce - risks, technologies, and strategies.
O'Reilly, ISBN: 978-1-56592-269-3, 1997

1996
Critical Slicing for Software Fault Localization.
Proceedings of the 1996 International Symposium on Software Testing and Analysis, 1996

Practical UNIX and internet security (2. ed.).
O'Reilly, ISBN: 978-1-56592-148-1, 1996

1995
UNIX and Security: The Influences of History.
Information Systems Security, 1995

Information Superhighway or Road to Ruin?
Proceedings of the Proceedings Supercomputing '95, San Diego, CA, USA, December 4-8, 1995, 1995

1994
Support for Implementing Scheduling Algorithms Using MESSIAHS.
Scientific Programming, 1994

Computer Viruses as Artificial Life.
Artificial Life, 1994

Experiences with Tripwire: The Evaluation and Writing of a Security Tool.
Proceedings of the USENIX Applications Development Symposium Proceedings 1994, 1994

Constructing Distributed Schedulers Using the MESSIAHS Interface Language.
Proceedings of the 27th Annual Hawaii International Conference on System Sciences (HICSS-27), 1994

The Design and Implementation of Tripwire: A File System Integrity Checker.
Proceedings of the CCS '94, 1994

1993
Debugging with Dynamic Slicing and Backtracking.
Softw., Pract. Exper., 1993

Software forensics: Can we track code to its authors?
Computers & Security, 1993

1992
Are computer hacker break-ins ethical?
Journal of Systems and Software, 1992

OPUS: Preventing weak password choices.
Computers & Security, 1992

A generic virus scanner for C++.
Proceedings of the Eighth Annual Computer Security Applications Conference, 1992

1991
An Execution-Backtracking Approach to Debugging.
IEEE Software, 1991

Dynamic Slicing in the Presence of Unconstrained Pointers.
Proceedings of the Symposium on Testing, Analysis, and Verification, 1991

1990
Extending Mutation Testing to Find Environmental Bugs.
Softw., Pract. Exper., 1990

Workshop on Experiences with Building Distributed and Multiprocessor Systems.
Operating Systems Review, 1990

The COPS Security Checker System.
Proceedings of the Usenix Summer 1990 Technical Conference, 1990

Methods of integrating the study of ethics into the computer science curriculum (panel session).
Proceedings of the 21st SIGCSE Technical Symposium on Computer Science Education, 1990

Networking in the nineties (panel session).
Proceedings of the 21st SIGCSE Technical Symposium on Computer Science Education, 1990

1989
Crisis and Aftermath.
Commun. ACM, 1989

The Internet Worm Incident.
Proceedings of the ESEC '89, 1989


  Loading...