My research is in the field of Information Security. Specifically, I am interested in host-based attack, intrusion, and misuse prevention/detection, as well as the design and construction of audit sources that can supply information for the detection/prevention of the same. I am also interested in computer forensics and the application of machine learning techniques to the analysis of audit information.
I maintain a list of my research publications online.
Current projects include:
A cross-disciplinary project looking at the application of clustering and phylogenetic tools to examine the interconnections between a number of Uto-Aztecan Languages
This project is a collaborations with Jason Haugen from Anthropology and Michael Everdell '13.
|Open Source Audit Systems||
An investigation into the current state of open source audit systems. We are looking at initial configuration, runtime overhead, and performance under load.
Currently examining the audit systems in GNU/Linux, SELinux, Solaris, Mac OS X.
Using modern VM technology to create a virtual laboratory of machines that students can use for "hands-on" security exercises. Students (or groups of students) can have an identical set of machines where they have full control, but are encapsulated from the each other and the rest of the network. Also, security exercises that use flaws in a particular OS version can remain viable for longer periods.
We are collaborating with folks at Iowa State and SUNY Oswego on this project.
I sponsor and help out with Prestissimo -- a student inspired and implemented search engine that combines the information from the Oberlin Schedule of Classes with the Course Catalog so that students can more easily search by time, level, department, instructor, or course attributes.
An interposable library to generate audit information from existing applications.
Building tailored audit sources to supply information directed towards one or more of attack, intrusion, or misuse detection.
Past research projects include:
- Browser-Level Event Logging - Collecting user activity and web browser logs, along with web server response time information by instrumenting the web browser through the use of a plugin.
- Trackle - An integrated system for tracking trouble tickets and the changes needed to resolve them. This system is designed to be used in a training environment where new admins are hired without necessarily being experts, but allow them to learn from past instances of similar problems.
- SmashGuard - A hardware modification to detect and prevent attacks on saved return address pointers (buffer overflow or "stack smashing" attacks).
- AAFID - Autonomous Agents for Intrusion Detection
- Vulnerability Database (VDB) - precursor project to the CVE and later the NVD
- Hewlett-Packard's IDS/9000 (now HP-UX HIDS)- I was one of the software engineers and designer/author of the initial release's detection logic.
|Pledge of the Computing Professional||
Modeled after the Order of the Engineer, The Pledge of the Computing Professional is an organization designed to promote responsible behavior in computing professionals through a public ceremony near the time of graduation. The Pledge asks students to recognize that they have moral and ethical responsibilities to society, that the work they do can affect people's lives, and that they should use their computing skills honorably and for the public good. Graduating students are invited to take The Pledge, and those that choose to do so take The Pledge at a public ceremony.
I am one of the founding members and currently serve as the Secretary
on the Board of Directors.
I was the Poster and WiPs chair for the Annual Computer Security Applications Conference (ACSAC) from 2010-2012.
The Midstates Conference For Undergraduate Research in Computer Science and Mathematics (MCURCSM) is designed to showcase undergraduate student research in computer science and mathematics. I was one of the co-chairs (along with Alexa Sharp and Kevin Woods) when Oberlin College hosted the conference in 2009.
I've been an AP Computer Science reader off-and-on since 2008.
|ACM||I'm a member of the Association for Computing Machinery and involved with SIGCSE and SIGSAC.|
- Ph.D. Computer Sciences, Purdue University, 2004
- M.S. Computer Sciences, Purdue University, 1999
- B.S.E. Computer Science and Engineering, University of Toledo, 1997
- B.S. Mathematics, University of Toledo, 1997