That said, I tend to enjoy "problem solving" in many areas. The lower-level systems areas tend to be more appealing, since the connection is pretty direct. I'm less interested in software plumbing, in other words just connecting other people's half-assed, buggy libraries together and wonder why it only works sometimes. I'm not against using libraries and high-level languages—I feel no need to recreate everything from scratch—it's just that the many layers of abstraction tend to diminish the sense of accomplishment for me.
As a postdoc at Cornell and the Xerox Design Research Institute, I worked in the area of Heterogeneous Databases. As a side project with colleagues from grad school, I worked on Multicast Protocols and simulations. The four of us also wrote a textbook on Mobile and Pervasive Computing, published by McGraw-Hill.
At ATC-NY (formerly Odyssey Research Associates), I worked on numerous projects, serving as PI on many. A main focus area was Computer Security, which had a strong focus on Digital Forensics. The digital forensics area included live forensics, peer-to-peer forensics, network forensics, memory forensics, VM and cloud forensics, and more. Other security areas include intrusion detection, marked data/honeypots/honeynets, automated attack and damage assessment, red teaming, and stegonography tool detection. Other broad areas include networking, such as distributed routing protocols, wireless real-time protocols, ultrawideband (UWB) routing, wireless intrusion detection and physical location, red teaming and penetration testing. User interface design (web and other) worked into the projects and products I helped create, as well. I've created and taught several courses, including Live Forensics and Peer-to-Peer Forensics. I've also co-taught a USENIX Security course on Reverse Engineering.
At GrammaTech, I worked on machine-learning for intrusion detection, and automated security assessment based on analysis of high-level system designs, as well as some web based data presentation.
I have a lot of hands-on experience with systems, including email and web servers, and have built many software tools. I have also co-authored a textbook on The Fundamentals of Mobile and Pervasive Computing (ISBN: 0071412379) with Golden Richard, Loren Schwiebert, and Sandeep Gupta (more details on the book here). I'm on the board of directors of the Digital Forensic Research Workshop (DFRWS) and have been associated with it since its inception and helped organize it since 2005.
I also did some analyses of ATM networks (but that was a while ago, back when ATMs were a soon-to-be big thing).
I also wrote a web page "crawler" which would grab all the pages from a site, build a graph of them, and then present a tree representation of them, when you specify which node is the root. This was in the later '90s.
I also worked on designing protocols for UltraWide Band radios (kind of 802.15, but not exactly), for vehicle communication that had specific real-time constraints.
I've done some Red Team work, testing the security of a software system, and penetration testing on a web and mail interface of a large company's system, as well as vulnerability analysis of the whole information protection infrastructure (from physical to online).
In general, security and trust issues interest me, and I often find myself applying the same principles in the real world (or deciding to break the rules and trust someone, despite the lack of credentials).
I have gotten a bit cynical and paranoid about security. Mostly because it doesn't really exist, and people would rather have a sense of security and stick with convenience than have real security. And in many cases, it probably is the right choice. Just saying "don't do that" over and over gets tiring. Also, it's kind of an impossible problem too. That said, there are many ways to make security better, so there is some hope.
I have worked on a few different IDSs. When I started at Odyssey Research Associates, I worked on the tail end of a project involving using n-grams to detect abnormal behavior based on system calls.
I was the PI on a project involving creating marked data during a system scan and using that to correlate between the actors from the reconnaissance and exploit phases of an attack. This involved setting up test networks at a half-dozen sites using "dark networks" (unallocated IP space).
Recently, I worked on using machine learning techniques to detect malicious behaviors on a machine given sets of traces (lists of system calls).
I've worked on several digital forensics projects. One of the first was in the area of Live Forensics, helping to create the Mobile Forensic Platform (MFP)/Online Digital Forensics Suite (Online DFS), which did live forensics in the early 2000s back when the common practice was to simply pull the plug on a machine. I also worked in peer-to-peer forensics, helping create P2P Marshal, a tool that automated identification of P2P clients on a machine or disk image. This tool was widely used by law enforcement in the US and abroad. I worked in the area of memory forensics visualation, and detection of registry artifacts of steganography tools after they have been installed, used, and uninstalled on a computer.
I used to think the web was cool. I'm not so sure anymore. There area lot of neat things it can do, but I'm not sure it's the end-all and be-all of user-interfaces or ways to interact. And so many sites simply don't work. But that's more of a rant, so I'll leave it at that.
I've designed a number of sites and built user interfaces. Back in the day, I helped create EHFC.net for the East Hill Flying Club, and MyCause.com. I've made notfrank.com, and the site where it resided before that (streetcar.cc), and before that web pages at Xerox DRI, Cornell CS, and Ohio State CIS back in the early '90s (including having one of—but certainly not the—first cameras on the web).