From Simson Garfinkel
Simson L. Garfinkel, Ph.D.
Department of Computer Science
Naval Postgraduate School
(download external NPS Tenure CV)
- Massachusetts Institute of Technology, Cambridge, MA, 2005
- Ph.D. in Computer Science and Engineering
- Dissertation: Design Principles and Patterns for Computer Systems that are Simultaneously Secure and Usable
- Supervised by David D. Clark and Robert C. Miller
- Honorable mention for the 2005 George M. Sprowls award for the best doctoral theses in computer science.
- Columbia University School of Journalism, New York, 1988
- S.M. in Journalism with honors
- Master's thesis: Tenant Screening Services in the United States
- Supervised by Steven Ross.
- Winner of the 1988 Elisabbeta DiCagno Award "for the best investigative story on environmental protection or human rights."
- Massachusetts Institute of Technology, Cambridge, MA, 1987
- S.B. Chemistry; S.B. Political Science; S.B. program in Science, Technology and Society
- Bachelor's thesis: Radio Research, McCarthyism and Paul F. Lazarsfeld (OCR)
- Supervised by Peter Buck.
Research and Professional Experience
- Current Sponsored Research
- National Science Foundation, NPS 13 RCG0C, "Developing Materials to Teach Technical Privacy Auditing with Computer Forensic Tools and Realistic Computer Forensic Datasets," FY13-14
- Department of Homeland Security, NPS 13 RCFW6, "Detecting Threatening Insiders with Lightweight Media Forensics," FY13-16
- Federal Bureau of Investigation, NPS 13 RCFQT, "Packet Carving and Visualization", FY12-13
- Department of Homeland Security, NPS R6E5C, "Gaming Systems Monitoring and Analysis Project," FY12-13
- Department of Defense, NPS 13 RCG53, "DEEP FY13-FY14 RDTE", FY13-14
- Department of Defense, NPS 13 RCG5K, "DEEP FY13 OM", FY13
- Previous Sponsored Research
- Department of Defense, NPS 12 RCF4F, "ADOMEX Research and Development", FY12-13
- Department of Defense, NPS 12 RCF4P, "ADOMEX Research Cat I", FY12-13
- Department of Defense, NPS 12 VC6CP4, "Automated Media Exploitation Research 3", Oct 2010-Sept. 2012
- Federal Bureau of Investigation, NPS RCF37, "Random Sampling and Small BLock Forensics Innovation", FY12-13
- Department of Defense, NPS 11 R6DY9, "Automated Media Exploitation Applied Engineering", Oct 2010-Sept. 2012
- Department of Defense, NPS 11 RCF6X, "Automated Media Exploitation Support", FY12
- Department of Defense, NPS 11 R6CU5, "Automated Media Exploitation Research 3", FY10-11
- Department of Defense, NPS 11 R6E1G, "Direct Staff Support", FY11
- Defense Manpower Data Center, NPS 11 R6PY1, "Identity and Database Challenges for Force Protection," Oct 2010-May 2011.
- Department of Defense, NPS 11 R4ACU, "Automated Media Exploitation Research P&R," Oct 2010-Sept 2011.
- Department of Defense, NPS 11 R61FP, "Automated Media Exploitation Research 2," April 2010-Sept 2011.
- NSF Award DUE-0919593: "Creating Realistic Forensic Corpora for Undergraduate Education and Research," Simson L. Garfinkel and Dave Dittrich, PI. October 2009--Sept 2011.
- Department of Defense, NPS 10 RCSPP, "Automated Media Exploitation Research FY2010," July 2009--Sept 2010.
- United States Marine Corps (USMC), NPS JON 10 RCSOE, "Media Exploitation, Evaluation and Development," Oct 2009--Sept 2010.
- Department of Defense, NPS 10 R61IC, "Team Monterey," October 2009--Sept 2010.
- Department of Defense, NPS 10 R617V, "Cyber Policy Review," December 2009--Sept 2010.
- United States Marine Corps (USMC), NPS 09 RCSUP, "Media Exploitation, Evaluation and Development," June 2009--Sept 2009.
- DARPA Sector Discrimination Seedling, NPS 09 RCS70, November 2008--Sept 2009.
- Department of Defense, NPS 09 R9SKL, "Testing of Automated Media Exploitation Tools," December 2007--Sept 2008.
- NIST/NPS Interagency Agreement M92367, "Support of NIST Computer Forensics Testing Program," November 2008--January 2009.
- NPS/ITACS, "S/MIME Research," October 2008--September 2009.
- Department of Defense, NPS 08 R9FNL--106, "Detecting Network Membership with Cross-Drive Analysis," December 2007--September 2008.
- NSF Award 0730389, EXP-SA: Prediction and Detection of Network Membership through Automated Hard Drive Analysis, August 1, 2007--July 31, 2010. (Senior Research Staff; Patrick Wolfe, Principle Investigator.)
- Naval Postgraduate School, United States Navy Sept. 2006 --
- Associate Professor. Research includes computer forensics; security and usability; cyberlaw.
- School of Engineering and Applied Sciences, Harvard University Sept. 2008 --
- Research Associate.
- Center for Research on Computation and Society, Harvard University Sept. 2005 --- August 2008
- Post-doctoral fellow. Research include computer forensics; security and usability.
- Computer Science Department, University of Auckland, NZ August 2005
- Honorary Research Scholar. Research on cross-drive forensics.
- Computer Science and Artificial Intelligence Laboratory, MIT Sept. 2002 --- June 2005
- Doctoral student. Research on security and usability; secure messaging; computer forensics; and Radio Frequency Identification (RFID) policy.
- Broadband2Wireless, Inc. May 2000 --- July 2001
- Network Architect, Chief Scientist, and Advisory Board Member. Technical lead for startup nation-wide wireless ISP. Responsibilities included network design, implementation, automation, creation of proprietary technology and algorithms, hiring, and supervision of technical staff.
- MIT Lincoln Laboratory Spring 1998, Spring 1999
- Consultant. Developed novel Internet attacks for 1998 and 1999 DARPA Intrusion Detection Evaluations.
- Sandstorm Enterprises, Inc.
- Founder (1998), CTO (1998-2001), Treasurer (2000-2008)
- Conceived and organized Sandstorm Enterprises, a software development firm specializing in computer forensic tools. Negotiated startup funding. Lead architect and developer of two products.
- Daniel J. Evans School of Public Affairs, University of Washington, Seattle January 1997 --- June 1997
- Visiting Scholar. Completed Web Security, Privacy and Commerce and wrote Database Nation.
- Vineyard.NET, Inc July 1995 --- September 2002
- Co-Founder. Launched first Internet Service Provider on Martha's Vineyard with $5000 in personal investment. Grew company to 1500 subscribers with annual revenue of $500,000. Negotiated sale of company to Broadband2Wireless, Inc in January 2001.
- SunExpert Magazine, Computer Publishing Group 1994 --- 1995
- Senior Editor.
- Simson Garfinkel & Associates, Inc. May 1992 --- February 1993
- Founder. Conceived and organized company to develop and market SBook, an AI-based address book application for NeXTSTEP-based computers. Lead developer. Supervised two employees. Negotiated sale of company to Sarrus Software, Inc.
- NeXTWORLD Magazine June 1991 --- Sept. 1993
- Senior Editor. Wrote, Assigned, and Edited articles about NeXT Computers, Inc., object-oriented technology, and Unix.
- NeXT Computer, Inc. May 1990, August 1991
- Consultant. Created a kernel-resident CDROM subsystem (ISO 9660 with Rock Ridge extensions) for NeXTSTEP 2.0; updated for NeXTSTEP 3.0.
- Christian Science Monitor 1988 --- 1989
- Science Writer.
- N/Hance Systems, Dedham, MA, March 1988 --- June 1991
- Chief Scientist. Developed and marketed Write Once File System.
- IRIS Project, Brown University, June 1987 --- August 1987
- System programmer. Designed and implemented a CDROM File system NFS Server.
- Polaroid, Inc. January 1987 --- September 1990
- Consultant. Designed and implemented a physician's medical imaging workstation. Novel technology included a write-once file system, custom-built window system, and DSP image processing code. Demonstrated workstation at trade shows and deployed within Polaroid for supporting research. Produced a video of the working system.
- Weizmann Institute of Science, Israel June 1986 --- August 1986
- Summer Researcher. Designed and implemented a multitasking laboratory data acquisition system.
- MIT Media Laboratory February 1985 --- June 1987
- Undergraduate Researcher. Designed and a implemented file system for CDROM and WORM.
- Chemistry Department, MIT April 1984 --- August 1984
- Undergraduate Researcher. Designed and developed software for controlling an ultraviolet spectroscope and assisting in the analysis of experimental results for the Department's third-year undergraduate laboratory.
- Office of Computing Services, Bryn Mawr College September 1981 --- June 1982
- Undergraduate Researcher. Designed and implemented graphics libraries in APL and FORTRAN. Developed visualization software for the Physics department's molecular modeling package.
- CS3636: Data Fusion with Online Information Systems (Summer 2009)
- CS4922: Advanced Computer Architecture (Spring 2009)
- CS4920: Automated Document and Media Exploitation (Fall 2008; Fall 2009; Winter 2010)
- CS3610: Information Crime, Law and Ethics (Fall 2007; Fall 2008)
- CS3773: Java as a Second Language (Winter 2008; Winter 2009)
Usenix Association, Spring 2006--
- Network Forensics & Disk Forensics, LISA 2008, San Diego, CA
- Computer Forensics & Forensics Lab, USENIX Security 2008, San Jose, CA
- Computer Forensics, USENIX 2007, San Jose, CA
- Computer Forensics, LISA 2007, Dallas, TX
Symposium on Usable Security and Privacy (Summer 2005)
- Computer Security Tutorial, SOUPS 2005, Pittsburgh, PA
Harvard University Extension School (Fall 2004--Spring 2006)
- CSCI E-180: Building Programs with Graphical Interfaces (Spring 2006)
- CSCI E-170: Security, Privacy and Usability. (Fall 2004, Fall 2005)
Northeastern University School of Computer Science and Information Science (Summer 2004)
- CSG 357: Computer Security, Privacy and Usability (Summer 2004).
Massachusetts Institute of Technology (Fall 2003--Spring 2004)
- Teaching Assistant, 6.033: Computer System Engineering.
- Teaching Assistant, 6.857 Network and Computer Security.
University of Aizu, Japan (December 1993)
- Created and taught a one-week course on NeXTSTEP Programming
Refereed Journal Articles
- Garfinkel, Simson Simson, Digital media triage with bulk data analysis and bulk_extractor. Computers and Security 32: 56-72 (2013)
- Young J., Foster, K., Garfinkel, S., and Fairbanks, K., Distinct sector hashes for target file detection, IEEE Computer, December 2012
- Garfinkel, S. Digital Forensics XML and the DFXML toolset, Digital Investigation, 8 (2012), 161-174.
- Fairbanks, Kevin, and Simson Garfinkel, "Factors Affecting Data Decay", Journal of Digital Forensics, Security and Law, Vol. 7(2), 2012
- Garfinkel, S. File Cabinet Forensics, Journal of Digital Forensics, Security and Law, Vol 6(4).
- Garfinkel, S., and Dinolt, G. Operations with Degraded Security. IEEE Security & Privacy, pages 18–23, November/December 2011
- Garfinkel, S. Every Last Byte. J. of Digital Forensics, Security and Law, 6:7–8. Column
- Phillips, Kenneth N; Aaron Pickett; Simson Garfinkel, Embedded with Facebook: DoD Faces Risks from Social Media, CrossTalk, May/June 2011.
- Garfinkel, S., Parker-Wood, A., Huynh, D., and Migletz, J., A Solution to the Multi-User Carved Data Ascription Problem, IEEE Transactions on Information Forensics & Security, December 2010, pages 868--882.
- Garfinkel, S., and Cranor, L., Institutional Review Boards and Your Research, Communications of the ACM, June 2010.
- Garfinkel, S., and Migletz, J., New XML-Based Files: Implications for Forensics, IEEE Security & Privacy Magazine, March/April 2009 (Vol. 7, No. 2)
- Garfinkel, S., Providing Cryptographic Security and Evidentiary Chain-of-Custody with the Advanced Forensic Format, Library, and Tools, The International Journal of Digital Crime and Forensics, Volume 1, Issue 1, January-March 2009.
- Garfinkel, S. "Complete Delete vs. Time Machine Computing," Operating Systems Review, ACM Special Interest Group on Operating Systems, January 2007.
- Garfinkel, S., and Smith, M., "Data Surveillance" (Guest Editor's Introduction), IEEE Security & Privacy, November/December 2006
- Garfinkel, S., "AFF: A New Format for Storing Hard Drive Images," Communications of the ACM, February, 2006.
- The Common Evidence Format Working Group (Carrier, B., Casey, E., Garfinkel, S., Kornblum, J., Hosmer, C., Rogers., M., and Turner., P.,) "Standardizing Digital Evidence Storage," Communications of the ACM, February, 2006.
- Lorrie Faith Cranor and Simson Garfinkel. Guest Editor’s Introduction: Secure or Usable? 2(5), IEEE Security & Privacy, September/October 2004
- Garfinkel, S., Juels, A., Pappu, R., "RFID Privacy: An Overview of Problems and Proposed Solutions," IEEE Security & Privacy, Volume 3, Issue 3, pp. 34-43, May-June 2005.
- Garfinkel, S. Email-Based Identification and Authentication: An Alternative to PKI?, IEEE Security & Privacy, November/December 2003.
- Garfinkel, S. "Leaderless Resistance Today", First Monday, 8:3, March 3rd, 2003.
- Garfinkel, S. and Shelat, A., "Remembrance of Data Passed: A Study of Disk Sanitization Practices," IEEE Security & Privacy, January/February 2003.
- Garfinkel, S. L., "Public Key Cryptography," IEEE Computer, Volume 29, Issue 6, June 1996. pages 101-104.
- Garfinkel, S. "Risks of Social Security Numbers", Communications of the ACM, p. 146, October 1995.
- Stallman, R., and Garfinkel, S. "Against Software Patents", Communications of the ACM, Volume 35, Issue 1 (January 1992), pages 17-22, 121.
- Garfinkel, Simson L. and Richard M. Stallman, and Mitchell Kapor. Why Patents Are Bad for Software. Issues in Science and Technology, Fall 1991.
- Stallman, R., and Garfinkel, S. "Against User Interface Copyright", Communications of the ACM, Volume 33, Issue 11 (November 1990), pages 15-18.
- Garfinkel Simson L.. AIDS and the Soundex Code. IRB, 1988.
Refereed Book Chapters
- Poe, Mya & Simson Garfinkel. "Security and Privacy in the Wireless Composition Classroom," in Going Wireless; A Critical Exploration of Wireless and Mobile Technologies for Composition Teachers and Scholars. Ed. Amy C. Kimme Hae. Hampton Press. 2009.
- Garfinkel, S. "Using S/MIME," in Phishing and Countermeasures : Understanding the Increasing Problem of Electronic Identity Theft, Ed. Markus Jakobsson and Steven Myers. Wiley. 2006
- Garfinkel, S. "RFID in Ubiquitious Commerce," in Ubiquitous and Pervasive Commerce, Ed. George Roussos, Springer SMB, November 2005.
- Garfinkel, S. "Sanitization and Usability," in Usability and Security, Ed. Lorrie Cranor and Simson Garfinkel, O'Reilly, 2005.
Refereed Conference Papers
- Rowe, Neil, Schwamm, Riqui, Garfinkel, Simson. Language Translation for File Paths, to appear at DFRWS 2013, Aug 4-7, Monterey, CA
- Garfinkel, S., Nelson, A., Young, J., "A General Strategy for Differential Forensic Analysis", DFRWS 2012, Aug. 6-8, 2012, Washington, DC.
- Garfinkel, S., "Lessons Learned Writing Computer Forensics Tools and Managing a Large Digital Evidence Corpus", DFRWS 2012, Aug. 6-8, 2012, Washington, DC.
- N. C. Rowe and S. L. Garfinkel, Finding anomalous and suspicious files from directory metadata on a large corpus. 3rd International ICST Conference on Digital Forensics and Cyber Crime, Dublin, Ireland, October 2011. In P. Gladyshev and M. K. Rogers (eds.), Lecture Notes in Computer Science LNICST 88, Springer-Verlag, 2012, pp. 115-130.
- Beverly, Robert, Simson Garfinkel and Greg Cardwell, "Forensic Carving of Network Packets and Associated Data Structures", DFRWS 2011, Aug. 1-3, 2011, New Orleans, LA. BEST PAPER AWARD (Acceptance rate: 23%, 14/62)
- Rowe, Neil C., Simson L. Garfinkel, Robert Beverly, and Panayotis Yannakogeorgos, Steps towards Monitoring Cyberarms Compliance, 10th European Conference on Information Warfare and Security ECIW-2011, The Institute of Cybernetics at the Tallinn University of Technology, Tallinn, Estonia, 7-8 July 2011 (Acceptance rate: 65%, 54/83)
- Woods, Kam, Christoper Lee, Simson Garfinkel, Extending Digital Repository Architectures to Support Disk Image Preservation and Access, JCDL 2011, June 13-17, 2011, Ottawa, Canada. (Acceptance rate: 28%, 28/99 )
- Woods, K., Christopher Lee, Simson Garfinkel, David Dittrich, Adam Russel, Kris Kearton, Creating Realistic Corpora for Forensic and Security Education, 2011 ADFSL Conference on Digital Forensics, Security and Law (Acceptance rate: 50%, 32/16)
- Garfinkel, Simson, Vassil Roussev, Alex Nelson and Douglas White, Using purpose-built functions and block hashes to enable small block and sub-file forensics, DFRWS 2010, Portland, OR (Acceptance rate: 40%, 16/39)
- Garfinkel, Simson, Digital Forensics Research: The Next 10 Years, DFRWS 2010, Portland, OR, August 2010 (Acceptance rate: 40%, 16/39)
- Rowe, Neil and Simson Garfinkel, Global analysis of drive file times, Fifth International Workshop on Systematic Approaches to Digital Forensic Engineering, Oakland, CA, May 2010
- Garfinkel, Farrell, Roussev and Dinolt, Bringing Science to Digital Forensics with Standardized Forensic Corpora, DFRWS 2009, Montreal, Canada. (slides) BEST PAPER AWARD. (Acceptance rate: 36%, 15/41)
- M. I. Cohen, Simson Garfinkel and Bradley Schatz, Extending the Advanced Forensic Format to accommodate Multiple Data Sources, Logical Evidence, Arbitrary Information and Forensic Workflow, DFRWS 2009, Montreal, Canada. (Acceptance rate: 36%, 15/41)
- Roussev, Vassil, and Garfinkel, Simson, File Fragment Classification---The Case for Specialized Approaches, Systematic Approaches to Digital Forensics Engineering (IEEE/SADFE 2009), Oakland, California. (Acceptance rate: 32%, 7/22)
- Garfinkel, Simson., Automating Disk Forensic Processing with SleuthKit, XML and Python, Systematic Approaches to Digital Forensics Engineering (IEEE/SADFE 2009), Oakland, California. (Acceptance rate: 32%, 7/22)
- Farrell, P., Garfinkel, S., White, D. Practical Applications of Bloom filters to the NIST RDS and hard drive triage, Annual Computer Security Applications Conference 2008, Anaheim, California, December 2008. (Acceptance rate: 24%, 42/173)
- Palankar, M., Iamnitchi, A., Ripeanu, M., and Garfinkel, S. "Amazon S3 for Science Grids: a Viable Solution?", International Workshop on Data-Aware Distributed Computing (DADC'08), June 23-27, 2008, Boston, MA
- Garfinkel, S., IRBs and Security Research: Myths, Facts and Mission Creep, Usability, Psychology and Security 2008 (Co-located with the 5th USENIX Symposium on Networked Systems Design & Implementation (NSDI '08)), San Francisco, CA. April 2008. " (slides)
- Garfinkel, S., "Carving Contiguous and Fragmented Files with Fast Object Validation", Digital Forensics Workshop (DFRWS 2007), Pittsburgh, PA, August 2007. (Acceptance rate: 47%, 17/36)
- Kristic, I., and Garfinkel S. "The One Laptop per Child Security Model," Symposium on Usable Security and Privacy, Pittsburgh, PA, July 2007. ACM Press. (Acceptance rate: 32%, 13/41)
- Garfinkel, S., "Anti-Forensics: Techniques, Detection and Countermeasures", The 2nd International Conference on i-Warfare and Security (ICIW), Naval Postgraduate School, Monterey, CA, March 8-9, 2007. (Acceptance rate: 55%)
- Uri Braun, Simson Garfinkel, David A. Holland, Kiran-Kumar Muniswamy-Reddy, and Margo I. Seltzer, Issues in Automatic Provenance Collection International Provenance and Annotation Workshop (IPAW'06), Chicago, IL. May 3-5, 2006.
- Garfinkel, S., Forensic Feature Extraction and Cross-Drive Analysis,The 6th Annual Digital Forensic Research Workshop Lafayette, Indiana, August 14-16, 2006. (Acceptance rate: 43%, 16/37)
- Garfinkel, S., Malan, D,. One Big File is Not Enough: A Critical Evaluation of the Dominant Free-Space Sanitization Technique, The 6th Workshop on Privacy Enhancing Technologies, Robinson College, Cambridge, United Kingdom, June 28 - June 30, 2006. (Also in G. Danezis and P. Golle (Eds.): PET 2006, LNCS 4258, pp. 135--151, 2006, (c) Springer-Verlag Berlin Heidelberg 2006) (Acceptance rate: 26%, 24/91)
- Wu, M., Miller, R. C., Garfinkel, S., "Do Security Toolbars Actually Prevent Phishing Attacks?" CHI 2006, April 22-28, 2006, Montreal, Quebec, Canada. Nominated for best conference paper. (Acceptance rate: 23%)
- Garfinkel, S., Malan, D., Dubec, K., Stevens, C, Pham, C., Disk Imaging with the Advanced Forensics Format, Library and Tools The Second Annual IFIP WG 11.9 International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, USA January 29 - February 1 2006. (Acceptance rate: 54%, 27/50)
- Garfinkel, S., Miller, R., Johnny 2: A User Test of Key Continuity Management with S/MIME and Outlook Express presented at the Symposium on Usable Privacy and Security (SOUPS 2005), July 6-8, 2005, Pittsburgh, PA. (Acceptance Rate: 26%)
- Garfinkel, S., Schiller, J., Nordlander, E., Margrave, D., and Miller, R., "How To Make Secure Email Easier To Use", CHI 2005: Technology,Safety, Community, Portland, Oregon, April 2-7, 2005. (Acceptance rate: ~25%)
- Garfinkel, S., Schiller, J., Nordlander, E., Margrave, D., and Miller, R., "Views, Reactions and Impact of Digitally-Signed Mail in e-Commerce", Ninth International Financial Cryptography and Data Security Conference, February 28-March 3, 2005, Roseau, The Commonwealth of Dominica. (Acceptance rate: 26%, 24/90)
- Garfinkel, S. "Best Practices for Usable Security In Desktop Software", DIMACS Workshop on Usable Privacy and Security Software, July 7 - 8, 2004. DIMACS Center, CoRE Building, Rutgers University, Piscataway, NJ. (slides)
- Wu, M., Garfinkel, S., Miller, R., "Secure Web Authentication with Mobile Phones", DIMACS Workshop on Usable Privacy and Security Software, July 7 - 8, 2004. DIMACS Center, CoRE Building, Rutgers University, Piscataway, NJ.
- Garfinkel, S. Enabling Email Confidentiality through the use of Opportunistic Encryption", presented at the 2003 National Conference on Digital Government Research, May 2003, Boston, MA. (slides)
- Wu, M., Garfinkel, S., Miller, R., "Secure Web Authentication with Mobile Phones", Proceedings of the MIT Student Oxygen Workshop, 2003.
- Garfinkel, S. "Adopting Fair Information Practices to Low Cost RFID Systems", paper presented at Privacy in Ubicomp'2002 workshop, Gotenborg, Sweden, September 29th, 2002.
- Cunningham, Robert K., Richard P. Lippmann, David J. Fried, Simson L. Garfinkel, Isaac Graf, Kris R. Kendall, Seth E. Webster, Dan Wyschogrod, and Marc A. Zissman, Evaluating Intrusion Detection Systems without Attacking your Friends: The 1998 DARPA Intrusion Detection Evaluation, in Proceedings ID'99, Third Conference and Workshop on Intrusion Detection and Response, San Diego, CA: SANS Institute, 1999. (abstract) (PDF)
- Lippmann, R. P., R. K. Cunningham, D. J. Fried, S. L. Garfinkel, A. S. Gorton, I. Graf, K. R. Kendall, D. J. McClung, D. J. Weber, S. E. Webster, D. Wyschogrod, M. A. Zissman, "The 1998 DARPA/AFRL Off-Line Intrusion Detection Evaluation," First International Workshop on Recent Advances in Intrusion Detection, Louvain-la-Neuve, Belgium, 1998. , (abstract)
Book reviews in refereed journals
- Garfinkel, S., "Sharp Figures, Fuzzy Purpose" (review of Security Data Visualization: Graphical Techniques for Network Analysis by Greg Conti), IEEE Security & Privacy Magazine, March/April 2008 (Vol. 6, No. 2), p. 5
Invited Conference/Workshop Papers
- Garfinkel, S., and Cox, D., "Finding and Archiving the Internet Footprint," invited paper, British Library's Digital Lives Conference, London, England, February 2009.
- Garfinkel, S., "The Pure Software Act: A Proposal for Mandatory Software Labeling" (abstract), DIMACS Workshop on Usable Privacy and Security Software, July 7 - 8, 2004. DIMACS Center, CoRE Building, Rutgers University, Piscataway, NJ
Presentations and Tutorials(selected)
- Using bulk_extractor for digital forensics triage and cross-drive analysis, DFRWS 2012
- Digital Signatures: Current Barriers, Invited Talk, 10th Symposium on Identity and Trust on the Internet, Gaithersburg, MD, 2011.
- Cyber Security, presented for Cyber Security Awareness Month at NPS.
- Digital Forensics 1: Technology, Policy and Countermeasures, 2009 Annual Computer Security Applications Conference, Honolulu, Hawaii, December 2009.
- Automated Digital Forensics, MIT CSAIL, in 32-G449 (CSAIL Kiva) (slides), August 20, 2009
- "IRBs and Computer Science Research", presented at the Public Responsibility in Medicine and Research (PRIM&R) 2008 Advancing Ethical Research Conference, November 17--19, 2008, Orlando, FL.
- "Common-Mode Failures: What can you do with 236 used hard drives?", presented at FINSEC 2005, sponsored by the MSI Training Institute, New York, New York. December 7, 2005
- "Ensure Proper Data Management with Discarded IT Assets", presented to the Retail Data Systems Forum, November 3, 2005.
- Sanitization and Cross Drive Analysis, Naval Postgraduate School, Fall 2005.
- "Technology vs. Spam", presentation to the FCC Technological Advisory Council, February 23, 2004.
- "Speculating about Tomorrows's Threats," Workshop on Network Threats, Washington, DC. November 2003
- "Privacy in the Post-9/11 world", John Marshall Law School, January 2002.
- "Web Security: Is our Time Running out?" ISSA NE Annual Meeting, November 2001.
- "Privacy in the 21st Century," Pop!Tech, Camden, Maine, October 2001.
- "Wireless Threats to Privacy and Security," July 2001,
- "A Survey of Broadband ISP Privacy Policies," May 2001
- "Introduction to Online Privacy," New Orleans, December 2000.
- "Wireless Communication Security," Computer Security Day, Celebremos Juntos el D'ia Internacional de la Seguridad en C'omputo, Mexico City, Mexico, November 2000.
- "An Introduction to Privacy and Data Protection," October 2000.
- "Linux Security," O'Reilly Open Source Conference, June 2000.
- "Data Protection," May 2000.
- "Thirty Years of Spam," Brightlight Spam Summit, Washington, DC, May 2000
- "Biometrics and Privacy," April 2000.
- "Extending the Privacy Bubble," The Internet Security Conference, Boston, MA, October 1999.
- "Technical Solutions to Minimize Security Exposures," Information Systems Security Association, 14th Annual Meeting, California, September 27, 1999.
- "Linux Security", O'Reilly OpenSource Conference, Monterey, California, August 1999.
- "How to build a website that really sucks," VERIO/Hiway Webhosting Conference, June 1999.
- "Web Security and Privacy," Smart Card Forum, June 1999.
- "Information Warfare in the 21st Century," GartnerGroup Information Security Conference, April 12-14, 1999, Chicago.
- "What's Next for SPAM?" SPAM Roundtable, March 1999, California.
- "Combating Telephone Intrusions," SANS Intrusion Detection 99, February 1999, San Diego, California.
- "Introduction to Information Warfare," presented at the TTI Vanguard conference on Risk, Security and Trust, May 14-15, 1998, Trianon Palace Versailles, France.
- "Web Technology: Usability, Security, Reliability & Commerce," Thursday, November 20, 1997, Brown University Department of Computer Science, Industrial Partners Program.
- "Privacy In the Next Century", October 21, 1997, University of Oswego, featured speaker at the Digital Age conference at SUNY Oswego.
- "Computer Security Workshop", October 17, 1997, SUNY Oswego, day-long conference on computer security.
- "Berkeley Roundtable on Software Innovation", April 26, 1996, speaking about software patents.
- "Internet Service Providers", Sixth Conference on Computers, Freedom & Privacy, March 29, 1996.
- "Online Communities" and "Privacy", New York Macintosh User's Fair, March 23, 1996.
- "Information at Whose fingertips?" PC Expo 95, speaking on cryptography.
- "Managing Internet Security." I/S Analyzer Case Studies, June 8th, 1995. Chicago.
- "Roadmap to the Big 1995 Cyberstories," Telecommunication Policy Roundtable--Northeast, January 18, 1995.
- "The Future of Object-Oriented Programming," Object Oriented Computing for the Natural Sciences, EMBL, Germany, November 1994.
- "The Software Patent Crisis," Connecticut Patent Law Association, October 5, 1994.
- "Electronic Publishing Problems," MIT, December 1993.
Non-Refereed Technical Reports and Working Papers
- Garfinkel, Simson L. Programming Unicode. ;Login:, April 2012.
- Courrejou, Timothy and Simson Garfinkel. A comparative analysis of file carving software. Technical Report NPS-CS-11-006, Naval Postgraduate School, September 2011.
- Dinolt, George, Bruce Allen, David Canright, and Simson Garfinkel. Parallelizing SHA-256, SHA-1, MD5 and AES on the Cell Broadband Engine. Technical Report NPS-CS-10-11, Naval Postgraduate School, September 2010
- Courrejou, Timothy and Simson Garfinkel. A comparative analysis of file carving software. Technical Report NPS-CS-10-010, Naval Postgraduate School, September 2010.
- Garfinkel, Simson. Counter intelligence risks posed by information stored in DOD411—the DISA global directory service. Technical Report NPS-CS-10-004, Naval Postgraduate School, September 2010.
- Garfinkel, Simson. Residual data found on guardian edge-protected removable storage media. Technical Report NPS-CS-10-003, Naval Postgraduate School, September 2010
- Pietso, Loren E., and Garfinkel, Simson L., Methods for Creating Realistic Disk Images for Forensic Tool Testing and Education, Technical Report NPS-CS-09-003, Naval Postgraduate School, Monterey, CA March 2009.
- David Canright, George Dinolt, Simson Garfinkel, Jonathan Herzog, Bruce Allen, Implementing AES on the CellBE, Technical Report NPS-MA-09-001, Naval Postgraduate School, Monterey, CA January 2009.
- McLaren, S., and Garfinkel, S., A Field Study of an Iris Identification System Technical Report NPS-CS-08-008, Naval Postgraduate School, Monterey, CA, May 2008.
- Garfinkel, Simson L. Providing cryptographic security and evidentiary chain-of-custody with the advanced forensic format, library, and tools. Technical report, Technical Report NPS-CS-08-014, 2008
- Garfinkel, Simson L. An evaluation of amazon’s grid computing services: EC2, S3 and SQS. Technical Report TR-08-07, School for Engineering and Applied Sciences, Harvard University, July 2007.
- Garfinkel, S. "Commodity Grid and Computing with Amazon's S3 and EC2," ;LOGIN:, February 2007, pp. 7-13, Usenix.
- Garfinkel, S., Massively Multiplayer Games As a Source of Terrorist Simulant Data, August 2003.
- Garfinkel, Simson L. The story of the write once file system. Technical report, IRIS Project, Brown University.
- Garfinkel, Simson L. and J. Spencer Love. A file system for write-once media, MIT Media Lab Technical Report, October 1986
Published Open Source Software
- frag_find, a program for performing hash-based file carving. 2009--
- fiwalk, a program for creating Digital Forensics XML files from disk images. 2008--
- ATA Raw, a user-level implementation of the ATA command set, for Linux. 2008--
- bulk_extractor, a program for exporting email addresses, date stamps, and other information from disk images. 2008--
- NPSBloom, the NPS Bloom Filter implementation. 2007--
- AFFLIB, the Advanced Forensics Format Library and toolset. 2005--
- aimage, the advanced disk imager. 2005--
- SBook5, Simson Garfinkel's Address Book
- CDFS, the Compact Disk File System. 1985
- tcpflow, a TCP/IP session reassembler, 2006-
- The Real Data Corpus, 2000+ disk images of real data from real people, acquired all over the world. 2006--
- The Realistic Data Corpus, disk images, memory dumps, and packet captures created in the laboratory, free of PII, for digital forensics research and education. 2008--
- GOVDOCS1M, one million copyright-free documents downloaded from US Government web servers and distributed with metadata in Dublin Core format. 2009--
- Security and Usability, edited by Lorrie Cranor and Simson Garfinkel. 2005. (O'Reilly & Associates, Inc.)
- RFID : Applications, Security, and Privacy, edited by Simson Garfinkel and Beth Rosenberg. 2005. (Addison-Wesley Professional)
- Practical UNIX and Internet Security, 3rd Edition, co-authored with Gene Spafford and Alan Schwartz. 2003. (O'Reilly & Associates, Inc.)
- Building Cocoa Applications, with Michael K. Mahoney. 2002. (O'Reilly & Associates, Inc.)
- Web Security, Privacy and Commerce, with Gene Spafford. 2001. (O'Reilly & Associates, Inc.)
- Database Nation: The Death of Privacy in the 21st Century, 2000. (O'Reilly & Associates, Inc.)
- Architects of the Information Society, Edited by Hal Abelson. 1999 (MIT Press.) (chapter 1)
- Stopping Spam, co-authored with Alan Schwartz. 1998. (O'Reilly & Associates, Inc.)
- Web Security and Commerce, with Gene Spafford. 1997. (O'Reilly & Associates, Inc.)
- Practical UNIX and Internet Security, co-authored with Gene Spafford 1996. (O'Reilly & Associates, Inc.)
- PGP: Pretty Good Privacy. 1995. (O'Reilly & Associates, Inc.)
- The UNIX-HATERS Handbook, editor, with Daniel Weise and Steven Strassmann. 1994 (IDG Press)
- NeXTSTEP Programming, with Michael Mahoney. 1992 (Springer-Verlag)
- Practical UNIX Security, with Gene Spafford. 1991 (O'Reilly & Associates, Inc.)
Other Selected Publications
- Garfinkel, S. "The iPhone Has Passed a Key Security Threshold", Technology Review, August 13, 2012
- Garfinkel, S. Track Me Not: "Do not track" legislation could simply accelerate the monopolization of Internet advertising, Technology Review, December 14, 2010
- Garfinkel, S., Privacy Requires Security, Not Abstinence; Protecting an inalienable right in the age of Facebook, Technology Review Magazine, July/August 2009
- Garfinkel, S. Right on Time? The Security Implications of the Humble Computer Clock, CSO Magazine, March 2, 2009
- Garfinkel, S., and Rosenberg., B., "Face Recognition: Clever or Creepy?", Technology Review, February 27, 2009.
- Garfinkel, S. "Information of the World Unite! (Data Fusion)," Scientific American, September 2008.
- Garfinkel, S. "Document and Media Exploitation," ACM Queue, November/December 2007.
- Garfinkel, S. "An Evaluation of Amazon's Grid Computing Services: EC2, S3 and SQS", Technical Report TR-08-07, School for Engineering and Applied Sciences, Harvard University, Cambridge, MA. July 2007.
- Garfinkel, S., A Web Service for File Fingerprints: The Goods, the Bads, and the Unknowns, January 2003.
- Garfinkel, S., Robertson, H., Elledge, C., Levine, J., Syncframe: a Multi-Peer Synchronization Framework December 2002.
- Garfinkel, S., Network Forensics: Tapping the Internet, The O'Reilly Network, April 26, 2002.
- Shipley, P., Garfinkel, S., An Analysis of Dial-Up Modems and Vulnerabilities , Spring 2001.
- Garfinkel, S. "Patently Absurd: How could the Patent Office ever grant a patent to Compton's on its claim to have invented multimedia?" Wired Magazine, July 1994.
- Garfinkel, S. "The Story of the Write Once File System," IRIS Project, Brown University, August 1st, 1987
- Garfinkel, S. An Introduction to Computer Security, The Practical Lawyer, Volume 33, Number 6 and 7, September and October, 1987.
- Garfinkel, S. and Love, S., "A File System for Write-Once Media," MIT Media Laboratory, October 1985.
- Garfinkel, S."Game of LIFE on the IBM PC," Dr. Dobb's Journal, Volume 8, Issue 6, June 1983.
- United States Patent 8,433,959], (Granted April 30, 2013), Garfinkel and Nelson, Method for Determining Hard Drive Contents through Statistical Drive Sampling. Filed Sep. 7, 2010.
- United States Patent 7,779,032, (Granted August 17, 2010), Garfinkel, Forensic feature extraction and cross drive analysis. Filed September 6, 2006.
- United States Patent 7,023,854, (Granted April 4, 2006), Garfinkel, Packet interception system including arrangement facilitating authentication of intercepted packets. Filed November 17, 1999 (Continuation of Patent 6,678,270).
- United States Patent 6,993,661, (Granted January 31, 2006), Garfinkel, System and method that provides for the efficient and effective sanitizing of disk storage units and the like Filed August 9, 2001.
- United States Patent 6,744,864, (Granted June 1, 2004), Garfinkel, Adaptive Dialing System and Method. Filed May 18, 2000.
- United States Patent 6,678,270, (Granted January 13, 2004), Garfinkel, Packet interception system including arrangement facilitating authentication of intercepted packets. Filed March 12, 1999.
- United States Patent 6,490,349, (Granted December 3, 2002), Garfinkel et al., System and Method for Scan-Dialing Telephone Numbers and Classifying Equipment Connected to Telephone Lines Associated therewith. Filed December 19, 1998.
Fellowships, Honors and Awards
- 2012 Fellow, Association for Computing Machinery
- 2011 Information Systems Security Association Hall of Fame
- 2011 Department of Defense Value Engineering Achievement Award, Bulk Extractor Program.
- 2005 George M. Sprowls Award for the best doctoral theses in computer science, Honorable Mention, awarded for "Design Principles and Patterns for Computer Systems That Are Simultaneously Secure and Usable" supervised by Robert Miller and David Clark.
- 2005 Best Regular Column, Contributed (Gold) (Northeast Region, Under 80,000 circulation), awarded by the American Society of Business Publication Editors (ASBPE), for the "Machine shop" series in CSO Magazine. (Award granted for the July and September 2004 columns.)
- 2005 Jesse H. Neal National Business Journalism Award, for Best Regularly Featured Department or Column, awarded to CSO Magazine's "Machine Shop" column, by Simson Garfinkel (edited by Elaine Cummings, designed by Chandra Tallman with Steve Traynor).
- 2004 Best Regular Column, Contributed (Gold) (National, Under 80,000), awarded by the American Association of Business Publishers and Editors (ASBPE), for the "Machine shop" series in CSO Magazine. (Award granted for the April and May 2003 columns.)
- 2004 Best Regular Column, Contributed (Gold) (East Coast Region, Under 80,000 circulation), awarded by the American Society of Business Publication Editors] (ASBPE), East Coast Region, for the "Machine Shop" series in CSO Magazine.
- 2004 Jesse H. Neal National Business Journalism Award, for Best Regularly Featured Department or Column, awarded to CSO Magazine's "Machine Shop" column, by Simson Garfinkel (edited by Elaine Cummings, designed by Chandra Tallman with Steve Traynor). (front)(back)
- 2004 Jesse H. Neal National Business Journalism Award, Grand Neal Runner-up, 2nd place, CSO Magazine, "Machine Shop."
- 2003 Best Regular Column, Contributed (Silver) (East Coast Region, Under 80,000 circulation), awarded by the American Society of Business Publication Editors], (ASBPE) for the "Machine Shop" series in CSO Magazine.
- 2002-2005 MIT Presidential Fellowship, for study in the field of Computer Science at the Massachusetts Institute of Technology Laboratory for Computer Science.
- 2000 Best COMPUTERS IN SOCIETY book, Third Annual BookBytes Awards, awarded for Database Nation: The Death of Privacy in the 21st Century.
- 1999 Best Feature Series (West Coast Region, Circulation over 80,000), awarded by the awarded by the American Society of Business Publication Editors], for the "Privacy in the Internet Age" feature series appearing in PC World Magazine.
- 1997 Award of Merit for Practical UNIX and Internet Security, International Technical Publications Competition, awarded by the Society for Technical Communication.
- 1996 Award of Distinguished Technical Communication (highest award) for Practical UNIX and Internet Security, STC Boston/NNE Technical Publications Competition, awarded by the Society for Technical Communication
- Computers and Security, editorial board (2010--) Certificate
- NPS IT Task Force (2007--)
- NPS Institutional Review Board (IRB) (2007--)
- Symposium on Usable Security and Privacy (SOUPS) (2005--2009)
- Tutorial instructor, (2005)
- Co-coordinator, workshop on user studies. (2006)
- Program Co-chair, (2008--2009)
- IEEE Security and Privacy Magazine, (2003---)
- Co-editor, Special issue on Security and Privacy, 2004.
- Frequent reviewer for submitted articles
Program Committees (Inclusive)
- ACM Northeast Forensics Exchange (NeFX 2010)
- Cyber-security Research Ethics Dialogue & Strategy (CREDS) 2013
- Digital Forensics Research Workshop (DFRWS) 2007, 2008, 2009, 2010, 2011, 2012
- IDTrust 2009, 2010
- IEEE International Workshop on Security and Forensics in Communication Systems (SFCS 2012)
- International Workshop on Computational Forensics (IWCF 2010, 2012)
- IEEE International Conference on Big Data (IEEE Big Data 2013)
- National Academies Committee on the Usability, Security and Privacy of Computer Systems (A Workshop project) (2009)
- Privacy Enhancing Technologies Symposium (PETS 2007, 2008, 2011, 2012)
- RFID Privacy Workshop (2003)
- Second Annual IFIP WG 11.9 International Conference on Digital Forensics
- Symposium on Usable Security and Privacy (SOUPS 2006, 2007, 2008, 2009, 2010, 2011, 2012)
- Systematic Approaches to Digital Forensic Engineering (SADFE 2009, 2010, 2011)
- Usability, Psychology, and Security (USEC07; UPSEC 2008)
- WSDF 2013 (Workshop on Digital Forensics), held with ARES 2013
- Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop, National Academies Press, 2010. Member Steering Committee.
- Workshop on Data Surveillance and Privacy Protection (2006), Program Chair
- Institute Security Advisory Committee, MIT (2004---2005), Member
- RFID Privacy Workshop, August 2003 --- November 2003, Chair
- Liberty Science Center, Jersey City, NJ., Member, Advisory Board, Communication Exhibition (2003---2006)
- MIT Educational Council, Cambridge, MA., Educational Counselor (2003---2005)
- Information Technology Advisory Committee, Belmont, MA. (2002--2006), Secretary, appointed by Town Selectmen.
- The Computer Museum, Boston, MA. Volunteer (1992---1995), Volunteer
- Association of Computing Machinery (ACM), Fellow, Lifetime Member, 1984-
- International High Technology Crime Investigation Association (HTCIA), Member, 2006-
- Institute of Electrical and Electronic Engineers (IEEE), Senior Member, 2002-
- International Association of Privacy Professionals (IAPP), Member, 2002-
- Information Systems Security Association (ISSA), Member, 2001-
- National Association of Science Writers (NASW), Member, 1988-
- Sigma XI, The Scientific Research Society, Lifetime Member, 2003-
- American Association of Forensic Sciences, Member, 2009-
- Technology Review Magazine, Columnist, Contributing Editor (Web and Print) (1998---)
- Basis Technology, Consulting Scientist. (2003---2008)
- Sandstorm Enterprises, Inc., Founder, Treasurer, Member of the Board. (1998---2008)
- Intellivid, Inc., Member, Advisory Board (2003---2008)
- CSO Magazine, Editor At Large, "Machine Shop," (2002---2007)
- The Boston Globe, Columnist, "Simson Says," (August 1996---April 2000)
- ePrivacy Group, Founder, Advisor. (2000-2004)
- WIRED Magazine, Contributing Writer, (1993---2001)
- Privada, Member, Advisory Board. (1998-1999)
- HotWired, Technology Columnist, (1996---1997)
- Internet Underground, Editor At Large, (1996)
- SunExpert Magazine, Senior Editor, (1994---1996)
- NeXTWORLD Magazine, Senior Editor, (1991---1994)
- The Christian Science Monitor, Science & Technology staff writer, (1989---1990)
- The Jerusalem Post, Contributing Writer, (Summer 1986)