Ray Vaughn - [ CSE Faculty and Staff ]

Phone: (662) 325-2756
Email: vaughn@cse.msstate.edu

Biographical Information:

Professor
Ph.D., Kansas State University
William L. Giles Distinguished Professor
Personal Home Page

Research Areas:
Software Engineering and Computer Security

Courses Taught

I work in the areas of Software Engineering and Information Assurance (IA) - two highly related areas. Most of my work today is in the area of IA and in overseeing the our Cyber Corps activities sponsored by the Federal Government (Scholarship for Service program) and the Department of Defense (Information Assurance Scholarship Program).

The primary course I teach is Information and Computer Security CSE 4243/6243. This is what we refer to as a "split level" course meaning that it can be taken as an upper level undergraduate course or a graduate level course. The requirements for graduate students in the class are more than for undergraduates and involve some independent research. More on this course and others can be found at our departmental web site or by emailing me for a syllabus (vaughn@cse.msstate.edu).

I also teach a graduate level only class in information assurance (CSE 8990) titled "Current Topics in Information Assurance". This class is offered only to those graduate students that have completed CSE 4243/6243 and have an interest in this area. There is no text book for this class and we review current research in the area of IA by reading and discussing peer reviewed research papers. Topics vary in each class offering.

In the Software Engineering area, I also teach a graduate level course in Requirements Engineering - CSE 8273. During this class, we explore a very important part of the software engineering lifecycle - that of obtaining and understanding the requirements for the system under development. During this class, we examine techniques involved in requirements elicitation, specification, analysis, verification and validation, and management.

Other courses I have taught at MSU include Software Engineering I, Operating Systems, and the Software Engineering Practicum (a year long senior design project).

For any additional information on these courses, feel free to contact me.

Personal Information

I was born in Regensburg Germany as the first son of a career Army man. Having grown up all over the United States and Europe as my family moved with the military, I never established roots any one place. My high school years were spent at East Anchorage High School in Anchorage Alaska where I first developed a strong interest in computing. I entered the University of Southern Mississippi after high school where I completed a BS degree in Computer Science and graduated as a distinguished military graduate in the ROTC program. I was commissioned an officer in the Army where I spent the next 26 years serving in Alaska, Vietnam, Belgium, Washington DC, and a variety of other places. The Army sent me away to obtain a Masters and PhD degree in Computer Science at Kansas State University where I was introduced to and began a life long interest in computer security. Following the award of the PhD from KSU - the Army allowed me to serve at the National Security Agency's National Computer Security Center, the US Naval Academy, the Pentagon, and gave me command of the Army's largest software development Center - the Information Systems Software Command at Fort Belvoir VA. After retiring in 1995 at the grade of Colonel, I accepted a position with the world class computer services firm, EDS, as Vice President, DISA Integration Services where I as given responsibility for a number of government contracts and customer satisfaction with deliverables.

In October 1997, I was offered a faculty position with the Department of Computer Science and Engineering at Mississippi State University where I currently serve as a Professor of Computer Science and I oversee the Computer Security Research Program.

Publications

Books

Cattoi, R; Longuemare, N.; Arnold, H.; Bowes, W; Buss, S.; Cosgrove, J.; Dill, F.; Dougherty, L.; Gawron, V.; Heebner, D.; Hitt, E.; Kronecki, A.; Porzio, R.; Sutton, G.; Tuttle, W.; Vaughn, R.; Wright, B., Aging Avionics in Military Aircraft, National Academy Press, ISBN: 0-309-07449-5, Washington, DC, 2001.
Boehm,B; Baker,T; Embry,W; Fox,J; Hilfinger,P; Holden,M; Moss,J; Royce,W; Scherlis,W; Taft,T; Vaughn,R; Wasserman,A, Ada and Beyond, Software Policies for the Department of Defense, National Academy Press, ISBN 0-309-05597-0, Washington DC, 1997

Book Chapters

Vaughn, R. "Teaching Undergraduate Information Assurance", Security Education and Critical Infrastructures, ed. by C. Irvine and H. Armstrong, Kluwer Academic Publishers, 2003.
Vaughn, R. "Advances in the Provision of System and Software Security - Thirty Years of Progress.", Advances in Computers, ed. M. Zelkowitz, volume 58, 2003, Elsesiver.
Li, W., Vaughn, R., and Saiedian, H., "Pre-Requirements Traceability", Encyclopedia of Software Engineering, ed. John Marciniac, Wiley 2001.

Refereed Journal Papers

Florez, G., Liu, Z, Bridges, S., Skjellum, A., and Vaughn, R., "Detecting Anomalies in High-Performance Parallel Programs" The Journal of Digital Information Management, vol 2, no 2, June 2004, pp. 44-47.
Florez, G., Liu, Z, Bridges, S., Skjellum, A., and Vaughn, R. "Lightweight Monitoring of MPI Programs in Real-time," Journal of Concurrency and Computation: Practice and Experience, (Accepted 2004).
Kudikyala, K. and Vaughn, R. "Software Requirements Understanding using Pathfinder Networks " Discovering and Evaluating Mental Models", Journal of Systems and Software (Accepted 2003: To be published 2004)
Siraj, A., Vaughn, R. and Bridges, S. "Decision Making for Network Health Assessment in an Intelligent Intrusion Detection System Architecture", International Journal of Information Technology and Decision Making (IT&DM) Vol.3, No.2, June 2004, PP 281-306.
Siraj, A. and Vaughn, R., "Information Assurance in Wireless Residential Networking Technology: A Survey of IEEE 802.11b and Bluetooth", CROSSTALK, The Journal of Defense Software Engineering, vol 17, no 2, February 2004.
George, V. and Vaughn, R., "Application of Lightweight Formal Methods in Requirement Engineering", CROSSTALK, The Journal of Defense Software Engineering, vol 16, no 1, January 2003, p. 30.
Vaughn, R., "Ware to Start?", The George Washington University Journal of Information Security, Volume, 1. Number 2 , July 2002 (published on CD-ROM)
Dampier, D. and Vaughn, R., "The Use of Intrusion Detection in Securing Information Assests", World Market Series Business Briefing " Global Information Security, World Markets Research Centre, London, England, July 2002, pp. 38-43.
Vaughn, R. Siraj, A, and Dampier, D., "Information Security System Rating and Ranking", CROSSTALK, The Journal of Defense Software Engineering, May 2002, pp. 30-32.
Vaughn, R., Henning, R., and Fox K., "An Empirical Study of Industrial Security- Engineering Practices", Journal of Systems and Software, vol 61, issue 3, Jun 2002, pp. 225-232.
Vaughn, R. and Dampier, D., "Just What Is Intrusion Detection And How Do You Use It?" World Market Series Business Briefing " Global Information Security, World Markets Research Centre, London, England. December 2001.
Vaughn, R., Henning, R., and Fox, K. "The Practice of Industrial Security Engineering " An Empirical View PART I", Journal of Cyber Security Management, Japan Cyber Security Institute, vol 2, number 21, pp. 28-31, July 2001.
Vaughn, R., Henning, R., and Fox, K. "The Practice of Industrial Security Engineering " An Empirical View PART II", Journal of Cyber Security Management, Japan Cyber Security Institute, vol 2, number 22, pp. 61-65, August 2001.
Vaughn, R., "Teaching Industrial Practices in an Undergraduate Software Engineering Course", Journal of Computer Science Education, Swets & Zeitlinger, vol 11, no. 1, pp. 21-32, March 2001.
Vaughn, R., "Software Engineering Degree Programs", CROSSTALK, The Journal of Defense Software Engineering, March 2000, vol. 13, no. 3, pp. 7-9.
Vaughn, R., "Coping with the Software Engineering Faculty Shortage - A Viewpoint", Invited Article, Forum for Advancing Software Engineering Education (FASE), Vol. 10, no 1, January 2000 (Electronic Journal, http://www.cs.ttu.edu/fase/)
Vaughn, R. and Boggess, E., "Integration of Computer Security into Software Engineering and Computer Science Programs", The Journal of Systems and Software, Elsevier Science, North Holland, vol 49, pp 149-153, Dec 99.
Vaughn, R.,"The Ada Recommendation " was it Heard?", CROSSTALK, The Journal of Defense Software Engineering, December 1998, vol 11, no 12
Vaughn, R., "The Ada Recommendation - A Year Later", ACM Ada Letters, vol 18, no 4, July/Aug 1998, ACM Press, pp 95-100.
Vaughn, R., Saiedian, H, and Unger, E., A Proposed Mechanism for Implementation of Non-discretionary Access Controls in a Network Environment. Computer Networks and ISDN Systems, volume 26, 1994, 1523-1531, North Holland Elsevier.
Vaughn, R. and Angaye, C., Small Computers and Security - an Oxymoron? SIGICE Bulletin (formerly SIGSMALL/PC Notes), volume 20, number 1, July 1994 (pp 15-26). ACM Press.
Vaughn,R., Saiedian,H, and Unger,E., A Survey of Issues in Office Computation and the Application of Secure Computing Models to Office Systems. Computers and Security, volume 12(1), Feb 1993 (pp 79-97). North Holland Elsevier.

Refereed Conferences

Vaughn, R. Dampier, D., and Warkentin, M. "Building an Information Assurance Program", Proceedings of the 2004 Information Security Curriculum Development Conference, Kennesaw State University, Sept 17-18, 2004 (Accepted).
Kudikyala, U.K. and Vaughn, R.B. "Software Requirements Understanding Using Pathfinder Networks As Mental Models", Proceedings of the 2004 ASEE Southeastern Section Conference, Auburn, Alabama, April 4-6 2004.(To Appear)
Florez, G.,Liu, Z, Bridges S., Vaughn R, and Skjellum A. "Detecting Anomalies in High-Performance Parallel Programs". Proceedings of the International Conference on Information Technology ITCC 2004, Las Vegas, NV. April 2004 (To Appear)
Siraj, A., Vaughn, R., and Bridges S., "Decision Making for Network Health Assessment in an Intelligent Intrusion Detection System Architecture", Proceedings of the Hawaii International Conference on System Sciences (HICSS-37), Waikoloa, Hawaii, January 5-8,2004.
Hossain, M., Bridges S., and Vaughn. R. "Adaptive Intrusion Detection with Data Mining" 2003 IEEE International Conference on Systems, Man & Cybernetics. Washington, D.C. October 5-8, 2003.
Torres, M. and Vaughn, R., "Software Requirements and its Application to the Reengineering Process, " Proceeding of the International Conference on Computer, Communications, and Control Technologies (CCCT03), vol 1, pp. 440-442, Orlando, FL, July31-Aug 2, 2003. (Best session paper award)
Fox, K, Henning, R., Farrell, J. and Vaughn, R."A Prototype Next Generation Information Assurance Tool -A Data Fusion Model for Information Systems Defense-", Proceeding of the 7th World Multiconference on Systemics, Cybernetics and Informatics (SCI 2003), vol 1, pp. 284-289, Orlando, FL, July 27-30,2003. (Best session paper award)
Torres, M., Vaughn, R., Florez, G., Liu, Z., and Bridges, S. "Attacking a High Performance Computing Cluster" Proceedings of the 15th Annual Canadian Information Technology Security Symposium, Ottawa Canada, May 12-16, 2003.
Liu, Zhen, Susan M. Bridges, and Rayford B. Vaughn, "Classification of Anomalous Traces of Privileged and Parallel Programs by Neural Networks," FUZZIEEE 2003, St. Louis Missouri, May 25-28, 2003
Vaughn, R., Henning, R., and Siraj, A. "Information Assurance Measures and Metrics " State of Practice and Proposed Taxonomy", Proceedings of the Hawaii International Conference on System Sciences (HICSS-36), Waikoloa, Hawaii, January 6-9,2003.
Bridges, S., Vaughn, R. and Siraj, A. "AI Techniques Applied to High Performance Computing Intrusion Detection" Proceeding of the Tenth International Conference on Telecommunication Systems, Modeling and Analysis, Monterey CA, October 3-6, 2002.
Vaughn, R. and Henning, R. "A Report from the Workshop on Information Security System Rating and Ranking" Proceedings of the 14th Annual Canadian Information Technology Security Symposium, Ottawa Canada, May 13-17, 2002.
Florez, G., Bridges, S., and Vaughn, R. "An Improved Algorithm for Fuzzy Data Mining for Intrusion Detection", North American Fuzzy Information Processing Society Conference (NAFIPS 2002), New Orleans, LA, June 27-29:
Vaughn, R. "Changing Conditions for Undergraduate Software Engineering Programs", Panel Presentation, Proceeding of the Conference on Software Engineering Education and Training, page 250, Covington, KY, Feb 25-27, 2002.
Luo, J., Bridges, S., and Vaughn, R., "Fuzzy Frequent Episodes for Real-Time Intrusion Detection", FUZZ-IEEE 2001, December 2-5, 2001,Melbourne, Australia.
Li, Wei and Vaughn, R., "Toward Requirements Traceability", 5th World Multiconference on Systemics, Cybernetics and Informatics SCI 2000, July 2001, Orlando, Florida.
Liu, Zhen and Vaughn, R., "Bridging the Gap between Informal and Formal Requirements Specification Languages", 5th World Multiconference on Systemics, Cybernetics and Informatics SCI 2000, July 2001, Orlando, Florida.
Yong, W. & Vaughn, R., "Inconsistency Management in Requirement Engineering Process", 5th World Multiconference on Systemics, Cybernetics and Informatics SCI 2000, July 2001, Orlando, Florida.
Vaughn, R., "Ware to Start?", Fifth Annual Colloquium on Information Systems Security Education, George Mason University, May 22-24, 2001.
Pollard, J., Vaughn, R., and Kidwai, S. "Exploring Security In High Performance Computing", 13th Annual Canadian Information Technology Security Symposium, June 11-15, 2001, Ottawa Canada.
Vaughn, R., Ammala, D., and Henning, R. " An Application IEEE Std 1362 Towards Security Requirements Engineering", 13th Annual Canadian Information Technology Security Symposium, June 11-15, 2001, Ottawa Canada.
Siraj, A, Bridges, S., and Vaughn R., "Fuzzy Cognitive maps for Decision Support in Intrusion Detection Systems", 9th International Fuzzy Systems Association/North American Fuzzy Information Processing Society (IFSA / NAFIPS) 2001 Conference, July 2001, Vancouver, Canada.
Vaughn, R., and Henning, R., "Thoughts and Experiences in Provision of Sufficient Security - Reflections on Paths Well Traveled", 2d Annual International Systems Security Engineering Conference, pp. 179-184, Orlando, Florida, Feb 28 - Mar 2, 2001.
Vaughn, R., "Issues in High Performance Computer Security", Panel Chair and presentation, 23d National Information Systems Security Conference, October 2000, Baltimore, Maryland.
Bridges, S. and Vaughn, R., "Fuzzy Data Mining and Genetic Algorithms Applied to Intrusion Detection", 23d National Information Systems Security Conference, October 2000, Baltimore, Maryland.
Huang, Y. and Vaughn, R., "Using Ontology for Software Requirements Engineering", 4th World Multiconference on Systemics, Cybernetics and Informatics SCI 2000, July 2000, Orlando, Florida.
Vaughn, R. and Henning, R., "A Pragmatic Applications Oriented Approach to Information Assurance", 12th Annual Canadian Information Technology Security Symposium, June 2000, Ottawa, Canada
Vaughn, R., "Building a Computer Security Emphasis in Academic Programs", Fourth Annual National Colloquium for Information Systems Security Education, May 23-25, 2000, Washington, DC.
Vaughn, R., " A Report on Industrial Transfer of Software Engineering to the Classroom Environment", Thirteenth Conference on Software Engineering Education and Training, March 6-8, 2000, Austin TX.
Vaughn, R., "Application of Security to the Computing Science Classroom - Lessons Learned", SIGCSE 2000 Technical Symposium, Austin TX, March 8-12, 2000.
Vaughn, R., "Information Security Education for the Next Millennium - Building the Next Generation of Practitioners", Panel Discussion, 1999 Annual Computer Security Applications Conference, December 1999, Scottsdale Arizona.
Vaughn, R., " Computer Security Training and Emerging Software Engineering Degree Programs", Panel Chair and presentation, 22nd National Information Systems Security Conference, October 1999.
Vaughn, R., "Software Engineering and Security Engineering: An Argument for Merger", Panel Chair, 12th Conference on Software Engineering Education and Training (CSEE&T'99) March 22--24, 1999, New Orleans, LA
Vaughn, R., "Sufficiency in Information Security", Proceedings of the 21st National Information Systems Security Conference, Crystal City, VA, Oct 5-9, 1998.
Vaughn, R. and Unger E., Implementation of Non-discretionary Access Control Mechanisms in a Distributed Environment, Eleventh Annual Department of Energy Computer Security Conference, May 1988.

Referred Conference Papers

Vaughn, R., "Teaching Undergraduate Information Assurance at MSU", Conference on Computer Security Education, Naval Postgraduate School, Monterrey CA, June 26-28, 2003.
Vaughn, R. and Beiber, G. "A DOD Untapped Resource - Centers of Excellence in Information Assurance Education" , Fifteenth Annual Software Technology Conference, Salt Lake City, UT, Apr 28 - May 1, 2003.
Vaughn, R. and Henning, R. "A Report from the Workshop on Information Security System Rating and Ranking", Fourteenth Annual Software Technology Conference, Salt Lake City, UT, Apr 29 - May 2, 2002.
Vaughn, R. and Lever, J. "Third Party Walkthrough Inspections: A Joint Navy/University Empirical Software Engineering Project", Fourteenth Annual Software Technology Conference, Salt Lake City, UT, Apr 29 - May 2, 2002.
Vaughn, R. and Henning, R. " Are Measures and Metrics for Trusted Information Systems Possible?" Sixth IEEE International Symposium on HIGH ASSURANCE SYSTEMS ENGINEERING, October 22-24, 2001. Boca Raton, Florida.
Vaughn, R and Dampier, D. "A Report on the Software Engineering BS Degree - One of the First!", Thirteenth Annual Software Technology Conference, Salt Lake City, UT, Apr 29 - May 4, 2001.
Vaughn, R. and Boehm, B. "A National Center for Empirical Software Engineering - A New National Science Foundation Initiative", Thirteenth Annual Software Technology Conference, Salt Lake City, UT, Apr 29 - May 4, 2001.
Vaughn, R. and Kidwai, S. "Providing an Information Security Service Offering through Academic Leveraging", Thirteenth Annual Software Technology Conference, Salt Lake City, UT, Apr 29 - May 4, 2001.
Bridges, S. and Vaughn, R., "Intrusion Detection via Fuzzy Data Mining", 12th Annual Canadian Information Technology Security Symposium, June 2000, Ottawa, Canada.
Vaughn, R. and Wolfe, L., "Teaching Software Engineering - Implementation of the Industrial View", Twelfth Annual Software Technology Conference, Salt Lake City, UT, Apr 30 - May 4, 2000.
Vaughn, R. and Pollard, J., "The Provision of Security in a High Performance Computing Environment", Twelfth Annual Software Technology Conference, Salt Lake City, UT, Apr 30 - May 4, 2000.
Vaughn, R. "The New Software Engineering Graduate", Eleventh Annual Software Technology Conference, Salt Lake City, UT, May 2-7, 1999.
Vaughn, R., Skjellum A. Dimitrov, R., and Chakravarthi, S., " New Challenges in High Performance Computing", Eleventh Annual Software Technology Conference, Salt Lake City, UT, May 2-7, 1999.
Vaughn, R. and Fonash, P., "The Practice of Software Code Component Reuse - DoD and Commercial Perspectives", Tenth Annual Software Technology Conference, Salt Lake City, UT, April 19-23, 1998.
Vaughn, R. and Sloper, M., "A New Paradigm for Outsourcing Defense Information Technology Support - The DEIS II Vehicle", Tenth Annual Software Technology Conference, Salt Lake City, UT, April 19 " 23, 1998.
Vaughn, R, The National Research Council's Ada Mandate Study: Insights and Recommendations, Department of Defense Software Technology Conference, April 1997.
Vaughn, R. and Erwin, D, INFOSEC Applied to Electronic Commerce Resources, Department of Defense Software Technology Conference, April 1997.
Vaughn, R., A Practical Approach to Sufficient INFOSEC, Department of Defense Software Technology Conference, April 1996.
Vaughn, R., Software Reuse in Army Systems, Department of Defense Software Technology Conference, April 1993.