C. Schuba and E. H. Spafford. A Reference Model for Firewall Technology. In Proceedings of the 13th Annual Computer Security Applications Conference (ACSAC), IEEE Computer Society, pages 133-145, San Diego, California, December 1997.
M. A. Bashar, G. Krishnan, M. G. Kuhn, E. H. Spafford, and S. S. Wagstaff. Low-Threat Security Patches and Tools. In M. J. Harrold and Giuseppe Visaggio, editors, Proceedings of the 1997 IEEE International Conference on Software Maintenance, pages 306-313, Bari, Italy, September 29-October 3, 1997.
H. Pan, R. A. DeMillo, and E. H. Spafford. Failure and Fault Analysis for Software Debugging. In Proceedings of COMPSAC 97, Washington, D.C., August 1997.
S. Garfinkel and E. H. Spafford. Secure CGI/API Programming. World Wide Web Journal, 2(3):187-200, June 1997. Special issue on Web Security.
S. Garfinkel and E. H. Spafford. Cryptography and the Web. World Wide Web Journal, 2(3):113-126, O'Reilly & Associates, June 1997. Special issue on Web Security.
C. Schuba, I. Krsul, M. G. Kuhn, E. H. Spafford, A. Sundaram, and D. Zamboni. Analysis of a Denial of Service Attack on TCP. In Proceedings of the 1997 IEEE Symposium on Security and Privacy, pages 208-223, May 1997.
S. Lodin, B. Dole, and E. H. Spafford. Misplaced Trust: Kerberos 4 Random Session Keys. In Proceedings of Internet Society Symposium on Network and Distributed System Security, pages 60-70, February 1997.
G. Kim and E. H. Spafford. Tripwire: A Case Study in Integrity Monitoring. In D. Denning and P. Denning, editors, Internet Beseiged: Countering Cyberspace Scofflaws, Addison-Wesley, 1997.
E. H. Spafford, K. Heaphy, and D. J. Ferbrache. Security. In A. Kocikowski, T. W. Bynum, and K. Gorniak-Kocikowska, editors, Wprowadzenie do etyki informatycznej, Humaniora, Adam Mickiewicz University, Poznan, Poland, January 1997.
E. H. Spafford, K. Heaphy, and D. J. Ferbrache. Programmed Threats. In Andrzej Kocikowski, Terrell Ward Bynum, and Krystyna Gorniak-Kocikowska, editors, Wprowadzenie do etyki informatycznej, Humaniora, Adam Mickiewicz University, Poznan, Poland, 1997.
I. Krsul and E. H. Spafford. Authorship Analysis: Identifying the Author of a Program. Computers and Security, 16(3):248-259, 1997.
E. H. Spafford. Are Computer Break-Ins Ethical? In D. Denning and P. Denning, editors, Internet Beseiged: Countering Cyberspace Scofflaws, Addison-Wesley, 1997.
E. H. Spafford. Computer Viruses. In D. Denning and P. Denning, editors, Internet Beseiged: Countering Cyberspace Scofflaws, pages 73-95, Addison-Wesley, 1997.
S. Garfinkel and E. H. Spafford. Web Security & Commerce. O'Reilly & Associates, Inc., 1997.
E. H. Spafford. Computer Security. In R. Chadwick, editor, Encyclopedia of Applied Ethics, 1:571-577, Academic Press, 1997. Also appeared as Are Computer Break-Ins Ethical?
E. H. Spafford. Virus. In D. Denning and P. Denning, editors, Internet Beseiged: Countering Cyberspace Scofflaws, Addison-Wesley, 1997.
T. Aslam, I. Krsul, and E. H. Spafford. A Taxonomy of Security Vulnerabilities. In Proceedings of the 19th National Information Systems Security Conference, pages 551-560, Baltimore, Maryland, October 1996.
E. H. Spafford Biographical Information