Computer security rocks!

Schedule

Fall 2009 - Spring 2010
On mid-probationary research leave

(AKA Fourth year sabbatical)

Research

My research is in the field of Information Security. Specifically, I am interested in host-based attack, intrusion, and misuse prevention/detection, as well as the design and construction of audit sources that can supply information for the detection/prevention of the same. I am also interested in computer forensics and the application of machine learning techniques to the analysis of audit information.

I maintain a list of my research publications online.

Current projects include:

Audlib

An interposable library to generate audit information from existing applications.

Building tailored audit sources to supply information directed towards one or more of attack, intrusion, or misuse detection.
Using Virtual Machines for Security Education

Using modern VM technology to create a virtual laboratory of machines that students can use for "hands-on" security exercises. Students (or groups of students) can have an identical set of machines where they have full control, but are encapsulated from the each other and the rest of the network. Also, security exercises that use flaws in a particular OS version can remain viable for longer periods.

We are collaborating with folks at Iowa State and SUNY Oswego on this project.
Trackle

An integrated system for tracking trouble tickets and the changes needed to resolve them. This system is designed to be used in a training environment where new admins are hired without necessarily being experts, but allow them to learn from past instances of similar problems.

http://www.sccs.swarthmore.edu/org/trackle/

SmashGuard

A hardware modification to detect and prevent attacks on saved return address pointers (buffer overflow or "stack smashing" attacks).

SmashGuard Website

Past research projects include:

Education

Past Course Websites

Spring 2009
Fall 2008
Spring 2008
Fall 2007
Spring 2007
Fall 2006

Fun Links