Eugene H. Spafford (born 1956) (known colloquially as "Spaf") is a professor of computer science at Purdue University and a leading computer security expert. A historically significant Internet figure, he is renowned for first analyzing the Morris Worm, one of the earliest computer worms, and his participation in the Usenet backbone cabal. Spafford is a member of the President's Information Technology Advisory Committee (PITAC), has been an advisor to the National Science Foundation (NSF), and serves as an advisor to over a dozen other government agencies and major corporations.
Spafford received his B.A. with a double major in mathematics and computer science from the State University of New York at Brockport. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology. He received his M.S. in 1981, and Ph.D. in 1986 for his design and implementation of the original Clouds distributed operating system kernel.
During the early formative years of the Internet, Spafford made significant contributions to establishing semi-formal processes to organize and manage Usenet, then the primary channel of communcation between users, as well as being influential in defining the standards of behavior governing its use.
At Purdue, Spafford has a joint appointment as a professor of computer science and as professor of electrical and computer engineering, where he has served on the faculty since 1987. He is also a professor of philosophy (courtesy), and a professor of communication (courtesy). He is also Executive Director of the Purdue CERIAS (Center for Education and Research in Information Assurance and Security) and was the founder and director of COAST Laboratory, which preceded CERIAS.
He is involved in a number of professional societies and activities outside Purdue including serving on the Board of Directors of the Computing Research Association and as co-chair of the ACM's US Public Policy Committee. He serves on a number of advisory and editorial boards and is internationally known for his writing, research, and speaking on issues of security and ethics. Spafford has authored or co-authored four books on computer and computer security, including Practical Unix and Internet Security for O'Reilly, as well as over a hundred research papers, chapters and monographs.
Spafford has stated that his research interests have focused on "the prevention, detection, and remediation of information system failures and misuse, with an emphasis on applied information security. This has included research in fault tolerance, software testing and debugging, intrusion detection, software forensics, and security policies."
Among notable software designed and/or supervised by Spafford include the freeware Tripwire tool coded by his student Gene Kim (Spafford was later the chief external technical advisor to the Tripwire company during their first few years), and the freeware COPS tool coded by his student Dan Farmer. He initiated the Phage List as a response to the Morris Worm. Some of his research also helped inspire the creation of the MITRE CVE service and the NIST ICAT database. Research by other graduate students of his has resulted in tools for software testing and debugging, distributed processing, cyber forensics, firewalls, intrusion detection, auditing, and network traceback.
Homepage http://www.cerias.purdue.edu/homes/spaf/