Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > securityjobs > 03 > 050772.html (Request Expert securityfocus.com Support)

Information Security Dr available

From: James Hoagland <jimlists(at)hoagland.org>
Date: Tue May 27 2003 - 01:22:22 EDT

Greetings all,

I am currently seeking network or system security employment in the Sacramento or SF Bay area. This could be an R&D position or anything else that is interesting or challenging.

I earned my Ph.D. in Computer Science from UC Davis while working in the well-respected UCD Computer Security Research Lab. I followed this with three years doing hands-on commercial R&D at Silicon Defense. Here I was involved with many of the company's (often quite innovative) products including Spade, Spice, SnortSnarf, CounterSleuth/CounterStealth, and CounterMalice. In addition, I found my time in network security analyst type roles quite valuable in grounding me with respect to practical Internet security considerations.

Additional information may be found in my resume below. If you have an appropriate position or know of one, please let me know. The address I prefer that you use for this subject matter is infosecdr at hoagland dot org.

Thank you,

   Jim Hoagland

Summary of Qualifications
* Nine years of computer security research background, both by academic 

     training at a top university and by creating innovative products in a
     commercial setting.


* Deep and varied experience in the area of intrusion detection and


     prevention, including creating novel IDS approaches, commercial and open
     source product development, operational use, signature/configuration
     creation and refinement, and product evaluation and testing.


* Significant experience examining network dumps, IDS logs, and other


     network information to analyze what has transpired, especially from the
     perspective of security.


* Twenty years of programming experience with varied languages.  Especially


     valuable with custom algorithms and data structures, ad hoc utility
     programs, and large projects.


* Practiced at research project activities, including developing approaches,


     experimentation, and interaction with sponsors/colleagues.


* Experienced with doing research toward operational use and making its real


     world use a reality.

* Extensive experience writing reports, papers, and proposals.
Do you need help?X

Education
Ph.D., Computer Science, University of California, Davis. March 2000. GPA:

     3.71/4.00. Advisors: Professors Karl Levitt and Raju Pandey.

Master of Science, Computer Science, University of California, Davis. June

     1996.

Bachelors of Science with Highest Honors, Computer Science, University of

     California, Davis. June 1993. GPA: 3.94/4.00.

Research Experience
Senior Security Researcher, Silicon Defense, 3/00 - 4/03 Engaged in varied activities at this small Internet security company, 

     primarily as part of government and commercial research and development
     projects.


* Worked on various Department of Defense sponsored research projects in the


     area of intrusion detection and response.  Interacted with people in
     other organizations, often as primary technical point of contact. Wrote
     status and research result reports to sponsors.


* Determined the approach, design and implementation requirements for


     Spade/Spice, a novel leading edge stealthy portscan detector based on
     anomaly detection.  Implemented it and oversaw its later extension to
     include new techniques and new domains of application.


* Key member of CounterMalice and CounterSleuth commercial product teams.


     CounterMalice operates inline to filter worms and is the first network

Do you need more help?X

     layer worm containment system.  CounterSleuth is an NIDS appliance
     focusing on stealthy portscan detection.


* Responsible for SnortSnarf (a popular Snort alert browser) and Spade (a


     statistical anomaly detector) open source releases from their initial
     public releases through their current widespread adoption.  This role
     involved planning product enhancements, implementing changes,
     documenting, releasing, supporting users, and coordinating with external
     developers.


* Monitored a client's network for indications of security probing and


     compromise, including distinguishing hostile and non-hostile events,
     following up with the remote site, documenting and explaining the
     incident to our client, and refining the IDS monitoring rules.  Examined
     large data sets from two government sites for security incidents.


* Gained familiarity with the Snort NIDS through plug-in creation (e.g.,


     Spade), being the primary developer of SnortSnarf, operational usage,
     mailing list participation, and signature writing.


* For qualitative and quantitative purposes, on different occasions led


     formal scientific experiments (as well as less formal experiments) from
     design through analysis and presentation.  This involved defining the
     measures and metrics to use and identifying casual relationships.


* On several occasions developed custom data structures and associated


     algorithms to meet certain performance and/or memory requirements.


* Created many ad hoc utility programs including a live-network worm


     simulator, processing scripts, experiment driving scripts, and tools to
     produce and introduce packets.


* Developed and gave presentations at meetings for a variety of settings and

Can we help you?X



     target audiences.  Participated in devising and giving technology
     demonstrations for sponsors and others.


* Wrote conference and journal papers.  Scouted for research project


     opportunities, and wrote research and commercial proposals.
Supervisor: Dr. Stuart Staniford.

Doctoral Research, UC Davis, 1/96 - 3/00 Dissertation: Specifying and Implementing Security Policies using LaSCO, the 

     Language for Security Constraints on Objects. Created and investigated a
     language based on directed graphs for the formal specification of
     security policy requirements. Developed a toolkit to apply LaSCO
     policies to Java programs, including manipulation of policies and
     enforcing policy requirement on a program. Applied LaSCO to GrIDS.
Advisors:  Professors Karl Levitt and Raju Pandey, Department of Computer
     Science.

Research Assistant, UC Davis Computer Security Research Laboratory, 4/94 -
     3/00

Conducted research for several research projects, including:
* Graph-based Intrusion Detection System: cooperatively designed, developed, 
     implemented, demonstrated, and analyzed the performance of GrIDS, a
     scalable distributed intrusion detection system for large networks.
     Primary developer of the rule-based report aggregation engine and the
     GrIDS simulation environment.


* Policy work: Investigated and developed mechanisms for enforcing LaSCO


     policies using GrIDS rulesets. Participant in an investigation into the
     projection of policy specifications to enforcement mechanisms,
     structuring the multifaceted nature of policy and reasoning about policy
     interaction and coverage.


* Visual Audit Browsing Toolkit: designed, developed, and implemented the


     set of audit log analysis tools for Sun Basic Security Module.
Wrote research proposals for NSA, Intel, and DARPA. Gave many presentations
     to colleagues and sponsors. Maintained lab web presence and mailing
     lists.
Supervisors:  Professors Karl Levitt and Matt Bishop, Department of Computer

Don't know where to look next?X

     Science.

Graduate Technical Intern, Intel Corporation Internet Security Lab, 6/97 -
     9/97
Designed and developed SCIPAD, a language based on DAGs to specify the
     relationship between what is meant by a security goal and how to achieve
     it for adjoining conceptual levels. Applied this language to ISAKMP and
     IP security. Implemented a generic SCIPAD query engine. Presented the
     language and its application to communication security.
Can't find what you're looking for?X

Honors Project, UC Davis, 1/93 - 6/93
Honors thesis: ALSUA: Another Lisp Source Utility for Analysis. Designed, 

     developed, and implemented a source code analyzer that optimizes LISP
     for run-time efficiency improvement and reports certain program errors.

Additional Experience
World Wide Web development, 4/94 - present Created and supported the Pipeline, HTML Form Processing Modules, and 

     Getcomments freeware web utilities.  Developed the SnortSnarf IDS alert
     browser.  Developed and maintained research lab, student organization,
     course, bridge tournament and personal web pages. Created online form
     creation utilities and online demos. Maintained the UCD Security Lab web
     server.

Graduate Mentor, Womens' Engineering Link, UC Davis, 4/96 - 6/96, 4/97 -
     6/97
Mentored for WEL, a program to help undergraduate engineering women decide
     on future career plans through exposure to graduate and research
     activities by means of close interaction with graduate students in their
     field.

Teaching Assistant, UC Davis, 9/93 - 3/94 Assisted in course instruction through leading discussion sections, 

     answering student questions, and grading homework and exams for courses
     on operating system design, programming languages, and software
     development.

Publications
Staniford, Stuart, James Hoagland and Joseph McAlerney. "Practical Automated 

     Detection of Stealthy Portscans". In Proceedings of the ACM CCS IDS
     Workshop, November 2000.  Updated version published in Journal of
     Computer Security, Volume 10:1-2. 2002.

Hoagland, James and Stuart Staniford. "Viewing IDS Alerts: Lessons from
     SnortSnarf". In Proceedings of DISCEX II, June 2001.

Confused? Frustrated?X


Bishop, M., S. Cheung, J. Frank, J. Hoagland, S. Samorodin, and C. Wee. "The
     Threat from the Net," IEEE Spectrum. August 1997.

Staniford-Chen, S., S. Cheung, R. Crawford, M. Dilger, J. Frank, J.
     Hoagland, K. Levitt, C. Wee, R. Yip, and D. Zerkle. "GrIDS: A Graph
     Based Intrusion Detection System for Large Networks." In Proceedings of
     the 19th National Information Systems Security Conference. October 1996.

Hoagland, James, "CGI FPI and Pipeline," WEBsmith, v.4, July 1996.

Additional Background
Some Graduate Courses
Cryptography and Data Security, Modern Cryptography, Operating Systems, 

     Networks, Concurrent Programming, Code Generation and Optimization,
     High-Performance Uniprocessing, Advanced Computer Architecture, Machine
     Learning and Discovery, Analysis of Algorithms, Graph Theory

Some High Level Programming Languages
C/C++, Perl, Java, Tcl/TK, Fortran, SR, ML, Prolog, Lisp, Scheme,

     Applescript, Mumps (M), Pascal, Basic 2.0

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365X

Some Standard Tools and Facilities 

Snort/Spade, SnortSnarf, CVS, POSIX threads (Pthreads), tcpreplay, netcat,
     Nmap, tcpdump, libpcap, XML, IDMEF, libidmef, GCC, GDB, gprof, Doxygen,
     Perl/TK, CPAN, Tex/Latex, FrameMaker, Word, Excel, PowerPoint, BBEdit,
     vi, emacs, ssh/scp

Operating Systems
Various UNIX/Unix-like operating systems including MacOS, Linux, Solaris,

     and OpenBSD; Windows Received on Tue May 27 11:33:42 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:29 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library