Spafford receives IEEE Security and Privacy Test-of-Time Award
At the IEEE Symposium and Privacy —generally considered the preeminent research conference in cybersecurity — an IEEE Security and Privacy Test-of-Time Award has been given to the authors of the paper entitled “Analysis of a denial of service attack on TCP.” The paper was produced in 1997 at the COAST Laboratory (the precursor to CERIAS). The COAST Laboratory was in the CS Department from 1992-1998, run by Professors Eugene Spafford and Samuel Wagstaff.
The authors of the paper were Christoph L. Schuba, Ivan V. Krsul, Markus G. Kuhn, Eugene H. Spafford, Aurobindo (Robin) Sundaram, and Diego Zamboni. Their paper is one of nine honored from the years 1995 through 2006. The award is intended to recognize papers published at IEEE’s flagship security conference that have made a lasting impact on the field.
The paper described a new method of defeating network denial of service attacks. It resulted in a tool named “synkill.” In addition to the conference paper, Purdue University and the authors were issued a patent on the technology.
Thereafter, Christoph received his PhD in CS in 1997 and went on to a career leading to his current position as a Senior Security Architect at Apple Computer. Ivan received his PhD in CS in 1998 and currently runs a company, Artexacta, that he founded in Bolivia. Markus finished his MS in CS in 1997, and after completing his PhD at Cambridge, joined the faculty there. Robin finished his MS in CS in 2017 and is now the Head of Information Assurance and Data Protection at RELX (formerly Reed Elsevier). Diego finished his PhD in CS in 2001 and is now an Enterprise Security Architect at Swisscomm in Switzerland. All five students were advised by Professor Spafford.
COAST, a laboratory within the Computer Sciences department, was transitioned into a university-wide institute in May 1998, and was led by Professor Spafford for the next 18 years. He is currently the executive director emeritus and continues as a professor within the CS department.
The 1996 paper can be viewed here, Analysis of a Denial of Service Attack on TCP.