Sophie Engle Sophie Engle

Curriculum Vitae

Row of Books, Dagstuhl, Germany

Education

Ph.D. in Computer Science
University of California, Davis, March 2010
Emphasis in computer security; minor emphasis in information visualization.

B.S. in Computer Science
University of Nebraska at Omaha, May 2002
Summa cum laude. Major in computer science; minor in mathematics.

Dissertation

A Policy-Based Vulnerability Analysis Framework
Sophie Engle, Ph.D. Dissertation, Technical Report CSE-2010-06, Department of Computer Science, University of California, Davis, 2010. [pdf]

Publications

Network-Theoretic Classification of Parallel Computation Patterns
Sean Whalen, Sophie Engle, Sean Peisert, and Matt Bishop, to appear in International Journal of High Performance Computing Applications (IJHPCA), 2012. [doi]

A Taxonomy of Buffer Overflow Characteristics
Matt Bishop, Sophie Engle, Sean Whalen, and Damien Howard, in IEEE Transactions on Dependable and Secure Computing (TDSC), Volume 9, Issue 3, p305–317, June 2012. [doi]

Modeling and Analyzing Faults to Improve Election Process Robustness
Borislava I. Simidchieva, Sophie Engle, Michael Clifford, Alicia Clay Jones, Sean Peisert, Matt Bishop, Lori A. Clarke, and Leon J. Osterweil, in Proceedings of the USENIX Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE), June 2010. [pdf]

Case Studies of an Insider Framework
Matt Bishop, Sophie Engle, Sean Peisert, Sean Whalen, and Carrie Gates, in Proceedings of the 42nd Hawaii International Conference on System Sciences (HICSS), p1–10, 2009. [doi]

We Have Met the Enemy and He is Us
Matt Bishop, Sophie Engle, Sean Peisert, Sean Whalen, and Carrie Gates, in Proceedings of the 2008 New Security ParadigmsWorkshop (NSPW), p1–12, 2008. [doi]

The Software Assurance CBK and University Curricula
Matt Bishop and Sophie Engle, in Proceedings from the Tenth Colloquium on Information Systems Security Education (CISSE), p14–21, 2006. [url]

Book Chapters

A Risk Management Approach to Insider Threat
Matt Bishop, Sophie Engle, Deborah A. Frincke, Carrie Gates, Frank L. Greitzer, Sean Peisert, and Sean Whalen, to appear in Insider Threats in Cybersecurity, Springer-Verlag, Berlin, 2010. [url]

Technical Reports

A Taxonomy of Buffer Overflow Preconditions
Matt Bishop, Damien Howard, Sophie Engle, and Sean Whalen, Technical Report CSE-2010-01, Department of Computer Science, University of California, Davis, 2010. [pdf]

Modeling Computer Insecurity
Sophie Engle, Sean Whalen, and Matt Bishop, Technical Report CSE-2008-14, Department of Computer Science, University of California, Davis, 2008. [pdf]

A Model for Vulnerability Analysis and Classification
Sophie Engle and Matt Bishop, Technical Report CSE-2008-05, Department of Computer Science, University of California, Davis, 2008. [pdf]

Tree Approach to Vulnerability Classification
Sophie Engle, Sean Whalen, Damien Howard, and Matt Bishop, Technical Report CSE-2006-10, Department of Computer Science, University of California, Davis, 2006. [pdf]

A Practical Formalism for Vulnerability Comparison
Sophie Engle, Sean Whalen, Damien Howard, Adam Carlson, Elliot Proebstel, and Matt Bishop, Technical Report CSE-2006-11, Department of Computer Science, University of California, Davis, 2006. [pdf]

Protocol Vulnerability Analysis
Sean Whalen, Sophie Engle, and Matt Bishop, Technical Report CSE-2005-04, Department of Computer Science, University of California, Davis, 2005. [pdf]

Professional Reports

Source Code Review of the Sequoia Voting System
Matt Blaze, Arel Cordero, Sophie Engle, Chris Karlof, Naveen Sastry, Micah Sherr, Till Stegers, and Ka-Ping Yee, for the California Secretary of State's Top-to-Bottom Review of California Voting Systems, June 2007. [pdf]

Presentations

Understanding the Insider Threat
Computer Science Colloquium, Department of Computer Science, Sonoma State University, April 2012. [pdf]

Exit Seminar: A Policy-Based Vulnerability Analysis Framework
SecLab Seminar, Department of Computer Science, University of California, Davis, April 2010. [url]

We Have Met the Enemy and He is Us
New Security Paradigms Workshop (NSPW), Lake Tahoe, California, September 2008. [pdf]

Modeling and Classifying Security Vulnerabilities
Countering Insider Threats, Schloss Dagstuhl, Germany, July 2008. [pdf]

Modeling Vulnerabilities: From Buffer Overflows to Insider Threat
NSF I/UCRP Center for Information Protection Meeting, Department of Computer Science, University of California, Davis, June 2008. [pdf]

Professional Service

International Conference on Computers and Their Applications (CATA) 2012
Program Committee, Las Vegas, Nevada, March 12–14, 2012.

New Security Paradigms Workshop (NSPW) 2011
Local Chair, Marin County, California, September 12–14, 2011.

Center of Academic Excellence (CAE) Workshop on Insider Threat (WIT) 2010
Review Committee, St. Louis, Missouri, November 14, 2010.

Honors and Awards

Information Visualization Contest Creative Winner
Sophie Engle, James Shearer, Michael Ogawa, Steve Haroz, and Kwan-Liu Ma, "Free Your Data! Cenimation: Visualization for Constrained Displays," in IEEE InfoVis Visualization Contest, 2006. [url] [pdf] [wmv] [mov]

Research Experience

UC Davis Computer Security Lab
Postdoctoral Researcher, Davis, California, April 2010 to August 2010
Research Assistant, Davis, California, 2004 to 2010
Projects include vulnerability analysis, insider threat, and electronic voting.

Nebraska University Center For Information Assurance (NUCIA)
Researcher, Omaha, Nebraska, Fall 2007
Collaborated with Pacific Northwest National Labs (PNNL) to examine security requirements for a Secure Service-Oriented Architecture (SOA) in a Protection Level 3 (PL3) environment.

University Of California, Berkeley
Senior Public Administration Analyst, Berkeley, California, Summer 2007
Participated in the California Secretary of State's Top to Bottom Review of certified electronic voting systems as part of the Sequoia Source Code Review team.

Teaching Experience

ECS 120: Introduction to the Theory of Computation
Teacher Assistant, University of California, Davis, Fall 2006 and Fall 2007
Average reviews were 9.52 and 9.16 out of 10 points, respectively.

ECS 20: Discrete Mathematics
Teacher Assistant, University of California, Davis, Spring 2007
Average review was 8.87 out of 10 points.

ECS 150: Operating Systems
Teacher Assistant, University of California, Davis, Fall 2003 and Winter 2004
Average reviews were 9.42 and 9.08 out of 10 points, respectively.

CIST 1400: Introduction to Computer Programming
Student Instructor, University of Nebraska at Omaha, Spring 2002

CSCI 3550: Communication Networks
Teacher Assistant, University of Nebraska at Omaha, Spring 2001 and Fall 2001

See this page for my teaching experience at the University of San Francisco.

Industry Experience

Sandia National Laboratories
Information Security Intern, Livermore, California, Summer 2006
Part of the Center for Cyber Defenders (CCD) team.

Lockheed Martin Mission Systems
Information Assurance Intern, Bellevue, Nebraska, Summer 2002
Part of the Computing Environment STRATCOM Architecture (CESAR) team at the United States Strategic Command (USSTRATCOM). Obtained Secret clearance for duration of internship. Awarded Certificate of Excellence.

Orillion USA, Incorporated
Systems Engineering Intern, Tulsa, Oklahoma, Summer 2001
Primary customer contact for the OVantage Constraint Engine.

Ameritrade Holding Corporation
Technology Intern, Omaha, Nebraska, May 2000 to November 2000
Worked with the Data Network Services Department in the Ameritrade Technology Group (ATG). Team lead for Asset Management project.

First Technology Solutions
Network Analyst Intern, Omaha, Nebraska, January 2000 to April 2000
Responsible for daily backup status reports and workstation installation and configuration. Assisted with network helpdesk.

PKS Information Services
Intern, Omaha, Nebraska, 1997 to 1999
Worked with multiple departments, including Telecom, Network, Intranet, Desktop Services, and Enterprise Services.

References available upon request.