Georgetown University home page Search: Full text search Site Index: Find a web site by name or keyword Site Map: Overview of main pages Directory: Find a person; contact us About this site: Copyright, disclaimer, policies, terms of use Georgetown University home page Home page for prospective students Home page for current students Home page for alumni and alumnae Home page for family and friends Home page for faculty and staff About Georgetown Learning and Teaching Research and Scholarship Campus and Community Services and Administration Law Center campus home page Medical Center campus home page Search: Full text search Site Index: Find a web site by name or keyword Site Map: Overview of main pages Directory: Find a person; contact us About this site: Copyright, disclaimer, policies, terms of use
spacer
spacer Georgetown University spacer
Navigation bar
Navigation bar
University News
Security Specialist
Clay Shields Helps Students Build Strong Networks

Sometimes the only way to catch a criminal is to think like one.

Though a little unconventional, encouraging students to think like computer hackers is an approach used by Clay Shields, associate professor of computer science. Shields believes that to effectively understand the field of network security, his students need to recognize what it takes to breach the system.

Within computer science, network security is a field that broadly focuses on protecting computer users from network attacks and other risks associated with usage. Shields asks his students in one of his courses to design password protection programs and then, as a class, test their security. That means they look for holes, design weaknesses and other ways to break into one another's programs, an exercise that offers students an intimate look at the challenges of establishing a secure network.

Shields notes that his courses are not breeding grounds for future hackers. Rather, they are opportunities for students to gain a new perspective by doing something they're seldom allowed to do.

"When you're setting up a defensive position, you have to walk out and look at it from the enemy point of view," says Shields, who served in the U.S. Army's 101st Airborne Division before pursuing his graduate degrees in computer engineering.

At the end of the semester, the students rewrite the programs, incorporating new intelligence, in the hopes of making a more secure program for a second round of peer "attacks." Repeating and correcting the process allows Shields to see that students really understand the problem and aren't just going through the motions.

"I think that one of the things Clay does best is that he works really hard to consider what will be difficult for his students to grasp, even when it's stuff that is as simple as breathing to him," says Rich Frankel (C'08), a student in Shields' Information Assurance course and a former teaching assistant in his Computer Science course.

Shields spends a lot of time thinking about his approach to teaching, says Mark Maloof, a friend and fellow professor in the computer science department.

"Part of the reason is Clay -- he cares about doing a good job in the classroom. But part of the reason is the students. They're very bright and work hard," he says.

Explaining technical concepts to an audience with varying skill sets can be challenging, so Shields often uses examples from his own research to demonstrate how the concepts play out in the real world.

"Academics really should be able to explain their research to anyone," Maloof says. "Clay does it quite well. His ability comes from experience. … He really wants people to understand -- and not just people in his specialized discipline."

In addition to looking at computer security from different points of view, he also looks for new developments in the field. He's found particular interest in computer forensics, in which investigators seek evidence for legal cases by recovering and analyzing electronic data found in personal computers.

Now a certified computer forensics examiner, Shields runs a consulting business for civil cases and testifies regularly on the information he obtains through his investigations.

"It's kind of fun," he says. "It's kind of more real world and gives me good examples to use in class."

A recent case involved a small company that suspected a former employee had set up a competing company prior to resigning and had illegally taken internal documents relating to ongoing projects. After investigating the case, Shields discovered that the former employee had, in fact, stolen the documents and testified accordingly.

"The thrust of my research is to hold people accountable for what they've done," Shields says. "At the same time, I don't want anyone to think that I'm an intrusive computer person. I actually really believe everyone should have their privacy until there's some reasonable suspicion that they've done something wrong."

With the growth of Internet popularity, Shields believes that computer attacks are not out-of-the-ordinary and should be expected. For computer users, the best form of self-protection is awareness.

"It's like a small town growing into a big city," Shields explains. "Maybe in the old days you could leave your car unlocked and your apple pie sitting in the window, but now it's such a huge community."

Shields hopes that his research -- and that of his students -- will help make the big city just a little bit safer.


Source: Blue & Gray
spacer
Photograph
'When you're setting up a defensive position, you have to walk out and look at it from the enemy point of view,' says Shields, who served in the U.S. Army's 101st Airborne Division before pursuing his graduate degrees in computer engineering.