CERT-SEI

Staff Profile

George M. Jones

George M. Jones

Key Responsibilities

George M. Jones is a Senior Member of the Technical Staff with the CERT Division of the Software Engineering Institute (SEI) at Carnegie-Mellon University. George is responsible for overseeing and participating in the development of analysis methods and tools in the area of network systems security. Specific projects have included training development and delivery [JW12], evaluation of security analysis tools and data, network security analysis [JKF12] [SJ13], data capture [JC12], leading research efforts [SJK13], and serving as general chair of FloCon George's interests include security, networking, systems operations and tool development and evaluation.

Professional Background

 George has experience in various industries including online services (CompuServe), education (Ohio State, Carnegie-Mellon), banking (BankOne), networking (UUNET, Compuserve Network Services), and research and development (MITRE, CERT). His past responsibilities have included systems administration (Unix, Linux, Bash), software development (Perl, C, Python), network security (log collection, incident response, policy devel- opment, router security, flow analysis), open source software development and project coordination (Center for Internet Securtiy, Router Audit Tool) [Jon02], standards development (IETF, RFC3871) [Jon04], training development and delivery, and research.

Publications (recent or significant)

[SJ13] Char Sample and George Jones. "Anomaly Detection". In: FloCon 2013 Proceedings. http://www.cert.org/flocon/2013/presentations/sample-char-intro-anomaly-detection.pdf, Accessed: 2013-04-06. Pittsburgh, PA, USA: CERT, 2013.

[SJK13] Dr. Timothy Shimeall, George M. Jones, and Derrick H. Karimi. "Quilt: A system for distributed queries of security-relevant data". In: IEEE Securtiy and Privacy, 2013. http://www.cert.org/images/quiltPoster-IEEE.pdf, Accessed: 2013-07-20. San Francisco, CA, USA: IEEE, 2013.

[JC12] George Jones and Paul Conrad. "Capture the Flag" Data Capture Experiences". In: GFIRST 2012 Proceedings. http://www.us-cert.gov/sites/default/files/gfirst/presentations/2012/capture_flag_jones_conrad.pdf, Accessed: 2013-04-06. Pittsburgh, PA, USA: CERT, 2012.

[JKF12] George Jones, Paul Krystosek, and Sid Faber. "From Bandwidth to Beacon Detection, Prism, and Touchpoints". In: FloCon 2012 Proceedings. http://www.cert.org/flocon/2012/presentations/jones-from-bandwidth-to-beacon-detection.pdf, Accessed: 2013-04-06. Pittsburgh, PA, USA: CERT, 2012.

[JW12] George Jones and Austin Whisnant. "Network Profiling with SiLK". In: FloCon 2012 Proceedings. http://www.cert.org/flocon/2012/presentations/jones-whisnant.pdf, Accessed: 2013-04-06. Pittsburgh, PA, USA: CERT, 2012.

[Jon04] G. Jones. Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure. RFC 3871 (Informational). http://www.ietf.org/rfc/rfc3871.txt, Accessed: 2013-04-06. Internet Engineering Task Force, Sept. 2004. url: http://www.ietf.org/rfc/rfc3871.txt.

[Jon02] George Jones. CIS Cisco Router Audit Tool. http://ncat.sourceforge.net/, Accessed: 2013-07-20. 2002.