Research Areas
Security Policy, Intrusion Detection and Response, Security Architecture, Computer Forensics,Vulnerability Analysis, Counterintelligence/Counterespionage.
Key Areas
Risk Management, Policies, Laws
Trusted Social and Human Interaction
Security Awareness, Education, Training
Enclave and Nework Security
Incident Detection, Response, Investigation
Notable Experience
Former chair of the ACM's U.S. Public Policy Committee and of its Advisory Committee on Computer Security and Privacy. Member of the Board of Directors of the Computing Research Association. Former member of the US Air Force Scientific Advisory Board. Member of Sandia National Laboratory advisory boards.
Notable Awards
NIST/NCSC National Computer Systems Security Award (2000). Named a recipient of the "Charles B. Murphy" award (2001) and a Fellow of the Purdue Teaching Academy, the University's two highest awards for outstanding undergraduate teaching. Elected to the ISSA Hall of Fame (2001). Awarded U.S. Air Force medal for Meritorious Civilian Service (2003). ACM President's Award (2017). SANS Lifetime Achievement Award (2011). Purdue University Morrill Professor Award (2012). The William Hugh Murray medal of the NCISSE for contributions to research and education in InfoSec. Inducted to the Cyber Security Hall of Fame (2013). Kristian Beckman Award, IFIP Technical Committee TC 11 (2017). The IEEE Computer Society's Taylor Booth medal (2004). CRA's Distinguished Service Award (2008). ISE Luminary Leadership Award (2018).
Notable Affiliations
Fellow of the ACM, Fellow of the AAAS, Fellow of the IEEE, Fellow of the ISA2, AAAS, and American Academy of Arts and Sciences. Distinguished Fellow of the ISSA.
Biography
Eugene H. Spafford is a professor of Computer Sciences at Purdue University, where he has been on the faculty for 38 years. He is also a professor of Electrical and Computer Engineering (courtesy appointment), Philosophy (courtesy), a professor of Communication (courtesy), a professor of Political Science (courtesy). He is the founder and Executive Director Emeritus of the Center for Education and Research in Information Assurance and Security.
Dr. Spafford received his undergraduate degree from the State University of New York at Brockport, and his MS and Ph.D. from Georgia Institute of Technology.
Spaf has written and spoken extensively about information security, cybercrime, software engineering, and professional ethics. He has published over 150 articles and reports on his research, has written or contributed to over a dozen books, and serves on the editorial boards of several major infosec-related journals. In his career to date, Professor Spafford and his students are credited with several security "firsts," including the first open security scanner, the first widely-available intrusion detection tool, the first integrity-based control tool, the first multistage firewall, the first formal bounds on intrusion detection, the first reference model of firewalls, and some of the first work in vulnerability classification databases. Much of the current security product industry can therefore be viewed as based partly on his past research; some of his ideas directly led to establishing two commercial firms: Tripwire and Signacert. His current research is directed towards public policy and information security issues, construction of highly trusted systems, OY/real-time security, and cyberforensic technologies.
Soaf has served as a senior advisor to US and International agencies, companies, and organizations. This has included advising corporate boards, consulting in judicial actions, and serving on study commissions. He has worked extensively with the US Air Force, the US Naval Academy, FBI, DOE National Labs, the National Science Foundation, the ACM, Microsoft, Intel, Unisys, and the Computing Research Association — among others.
In his spare time, Spaf wonders why he has no spare time.