I was hired in the department for the fall semester of 1984. At that time, the department was not nearly as large and well-known as it is now. My Ph.D. Advisor, Terry Pratt, was the author of one of the early influential books on programming languages and I thought that would be my research area for my entire career. As it turned out, programming languages research at that time was shifting from academia to industry and there was little funding to support research in that area, so things turned out somewhat differently.
Soon after I came to UF, Gerhard Ritter transferred to our department from Mathematics, and I joined his research program. He was developing an algebraic notation that would give a firm foundation to image processing. The Image Algebra project, funded by the Armament Laboratory at Eglin AFB, was productive for a number of years. One of our students on that project was Paul Gader, who went on to work at the University of Missouri in Columbia.
Some time after Paul left, Gerhard was appointed as the chair of the department, and I took on the unenviable role of Associate Chair. In those days, it was a comprehensive job including all assignment of space, assigning teaching assistants, and dealing with accreditation. In the academic circus, there are many roles. The Associate Chair role of that era was best described as the one who walked behind the elephant with a shovel.
In about 2001, Paul Gader came back to work at UF from Columbia and told me he could use some help on a project that was funded by the Countermine Division at Ft. Belvoir. I joined him in working on detecting landmines and other buried explosive hazards using data from a variety of sensors for about the next 20 years. Systems we helped develop led route clearance personnel in Afghanistan to write to us letting us know that, for the first time, they were able to find a buried IED without their vehicle being blown up. Working on these projects was a wonderful experience because all of us were interested in just solving the problem. In the landmine group, we would talk about things, laugh at jokes we made, and realize that there were only a few hundred people worldwide who would understand why they were funny.
For many years, I was the chair of the Facilities and Equipment committee. I was the liaison for just about every CISE system administrator from Andy Wilcox up through Dan Eicher. This was an especially active role for the years between about 1985 through 2005 when the university network was still being created. For many years the ufl.edu domain was maintained by the CISE Department. Many of our students and system administrators went on to become valued members of the University IT administration and information security personnel. During those years, numerous UF network denizens would meet at the Salty Dog on Wednesdays and the notorious dog (email) list of which I am a charter member became an important communication medium for that community.
In 2011 I procured the book Secure Coding in C and C++ by Robert Seacord and taught a class based on that text. I believe our former system administrator Jim Hranicky, now of Infosec Compliance, recommended it to me. This book discussed then-current programming practices and the various ways the security of programs could be breached and also preserved. I realized our students were writing the malware-ready code of the future and I thought the best way to get them interested in addressing security vulnerabilities was to give them a hands-on introduction to them. In 2012 I used my sabbatical to take courses from SANS that trained network and web penetration testing as well as malware reverse engineering. I took the knowledge I gained and employed it directly in the security classes I began teaching and continued to teach until now.
During that sabbatical, I reached out to the UF Student Infosec Team (UF-SIT) which, at the time, was a group of about 8 to 12 people who would play CTFs (information security capture-the-flag tournaments) as the Kernel Sanders team. The members of this organization were suspicious that a faculty member had come to their meeting, but I told them if they became a student government recognized organization, not only could they get money, but I figured they would be able to get at least 100 members in the next four years. (It turned out to be true.) We created the organization and about two years later, at the urging of John Sawyer (co-founder of UF-SIT with Jordan Wiens), they started participating in the Collegiate Cyber Defense Competition (CCDC) and later DoE CyberForce and the Collegiate Penetration Testing Competition (CPTC). The team has gone on to do well at these competitions, logging second place finishes nationally and globally in DoE CyberForce and CPTC. I am proud of these teams and everything they’ve accomplished. I know that their successes depend very little on my efforts, though, because UF has been able to recruit the best students both from Florida and across the country. The thing that has given me the most satisfaction, however, has been introducing students who, like me, had no idea information security existed when they started school but then have gone on to rewarding careers working to improve our information infrastructure in critical ways.
In addition to the work with the UF-SIT team, I led our effort to be recognized as an NSA/DHS Center of Academic Excellence in Cyber Security Research and was its point of contact at UF since we were granted the designation since June of 2015.
People have asked what I expect to do in retirement. One plan I have is to retool in Industrial Control System security so that I can learn enough to help rural utility cooperatives protect themselves against the Advanced Persistent Threat posed by nation-state attackers. This is a real and current problem, and these organizations have neither the talent nor the expertise necessary to effectively address the problem. I hope to be able to help them avoid the disastrous consequences of remaining insecure. Whether or not I succeed in this endeavor is yet to be determined, but I’ve learned that when I embark on a long-term project, good things usually happen. I hope that continues into the future.
Joseph N. Wilson, Ph.D.