Guy Helmer, Ph.D.

Since May 2000 I have worked at Palisade Systems, Inc., where my current title is Principal Systems Architect. I have designed and developed the Content Surety framework, and PacketSure (formerly PacketHound) and PacketDecoy (formerly SmokeDetector) network management and security appliances. I have also assisted design and development of the other components of the Palisade Security Suite, the PacketGuard (formerly FireBlock) network security appliance and the FireMarshal suite manager application.

The PacketSure identifies network applications based on the application-layer communications seen on the network.  A Windows-based administration utility allows users to define actions to be taken on network connections identified with particular applications.  Applications can be managed based on time of day, day of week, bandwidth used, and network endpoints. Over sixty network applications are identified and managed by PacketHound.

The PacketDecoy can simultaneously emulate a number of different operating systems and network devices.  Each emulation appears to be a system running (possibly vulnerable) network services, thereby attracting attention of would-be attackers. A careful design & implementation combined with extensive use of FreeBSD security features results in a hardened system that attackers can chew on while their actions are recorded.All network transactions with the SmokeDetector are recorded into a database and reported via email, syslog, and SNMP traps.  

From 1989 to 1996, I was a Senior Systems Programmer in the Computing Services Department at Dakota State University . I had been involved in various ways with the development of the computing environment at DSU since the mission of the university changed in 1984 to focus on integration of computing technology into curriculum.

A partial list of my favorite activities:

Porting applications to various UNIX platforms

Managing world-wide web services, including:

Installing, configuring, and maintaining various HTTP servers

Writing and enhancing CGIs

Troubleshooting

Writing HTML documents, and fixing documents written by others

UNIX system administration

UNIX system security issues

Kerberos installation and use

Novell Netware server installation, maintenance, and administration

Specifying the design and installation of new LANs

Specifying the installation of leased-line WAN segments

Troubleshooting WAN segments and dealing with leased-line vendors

Troubleshooting and improving or replacing existing LANs

IP & IPX routing over LANs and WANs

Dealing with telecommunications vendors

TCP/IP network security issues

For many years I have consulted for various companies in Internet services and databases. My most interesting private work has been assisting Internet service providers solve technically difficult problems including Domain Name Service and security issues.

Graduate School

From August 1996 to December 2000 I was a graduate student in the Iowa State University Department of Computer Science. I completed my Ph.D. in December 2000 after successfully completing my research program and taking these graduate courses:
 

Advanced Concepts in Operating Systems Advanced Topics in Artificial Intelligence Advanced Topics in Computer Architecture Algorithms Artificial Intelligence Computer Architecture Computer Network Architectures

Computer System Security I Computer System Security II Implementation of Operating Systems Programming Languages I Theory of Computation Topics in Distributed Operating Systems

My personal research interests are operating systems, networks, and security. I received my M.S. in Computer Science in August, 1998. For my master's degree, I designed an intrusion detection system based on intelligent agents and have developed a prototype of the system in Java using ObjectSpace 's Voyager package for mobile, autonomous agents. For my Ph.D. degree, I examined requirements and design modeling for the agent-based intrusion detection system.

Research areas include:

• Intelligent Multi-Agents for Intrusion Detection and Countermeasures in the ISU Department of Computer Science
• High Performance Computing and the Atanasoff Berry Computer in the Ames Laboratory
• Software Safety and Reliability

Publications and Presentations

Papers and articles

• Guy Helmer, Johnny Wong, Mark Slagell, Vasant Honavar, Les Miller, Yaxin Wang, Xia Wang, and Natali Stakhanova. Software Fault Tree and Colored Petri Net Based Specification, Design and Implementation of Agent-Based Intrusion Detection Systems.  International Journal of Information and Computer Security, Vol. 1. No. 1/2, 2007, pp. 109-142.(PDF)
• Yanxin Wang, Smruti Ranjan Behera, Johnny Wong, Guy Helmer, Vasant Honavar, Les Miller, and Robyn Lutz. Towards the Automatic Generation of Mobile Agents for a Distributed Intrusion Detection System.  To appear, Journal of Systems and Software.
• Guy Helmer, Johnny Wong, Mark Slagell, Vasant Honavar, Les Miller, and Robyn Lutz. A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System. Requirements Engineering Journal, Volume 7 Number 4, 2002, pp. 207-220. (Postscript)  
• Guy Helmer, Johnny Wong, Mark Slagell, Vasant Honavar, Les Miller, and Robyn Lutz. A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System. Proceedings of the  1st Symposium on Requirements Engineering for Information Security, March, 2001. (Postscript)  
• Guy Helmer, Johnny Wong, Vasant Honavar, and Les Miller. Lightweight Agents For Intrusion Detection. To appear, Journal of Systems and Software. (Postscript)
• Guy Helmer, Johnny Wong, Vasant Honavar, and Les Miller. Automated Discovery of Concise Predictive Rules for Intrusion Detection. Journal of Systems and Software. Volume 60 Number 2, 2002, pp. 165-175. (Postscript)  
• Guy Helmer, Johnny Wong, Subhasri Madaka. Anomalous Intrusion Detection System for Hostile Java Applets. Journal of Systems and Software, Volume 55, 2001, pp. 273-286. (Postscript)
• Johnny Wong, Guy Helmer, Venkatraman Naganathan, Sriniwas Polavarapu, Vasant Honavar, and Les Miller. SMART Mobile Agent Facility. Journal of Systems and Software, Volume 56, 2001, pp. 9-22. 
• Guy Helmer, Johnny S. K. Wong, Vasant Honavar, and Les Miller. Feature Selection Using a Genetic Algorithm for Intrusion Detection. Proceedings, Genetic and Evolutionary Computation Conference, Orlando, FL, July 1999. (Postscript)
• Guy Helmer, Johnny Wong, Vasant Honavar, and Les Miller. Automated Discovery of Concise Predictive Rules for Intrusion Detection. Department of Computer Science Technical Report 99-01, January, 1999. (Postscript)
• Guy Helmer, Johnny S. K. Wong, Vasant Honavar, and Les Miller. Intelligent Agents for Intrusion Detection. Proceedings, IEEE Information Technology Conference, Syracuse, NY, September, 1998, pp. 121-124. (Postscript)
• Guy Helmer. Security Tools in FreeBSD. SysAdmin: The Journal for UNIX Systems Administrators. Volume 7 Number 5, May 1998.
• Stephen Elbert, Quinn Snell, Armin Mikler, Guy Helmer, Chris Csanady, Kim Stearns, Brian MacLeod, Matt Johnson, Bryan Osborn, Iain Verigin. Gigabit Ethernet and Low-Cost Supercomputing. Ames Laboratory Technical Report IS-5126. November, 1997. (html)
• Robyn Lutz, Guy Helmer, Michelle Moseman, David Statezni, and Steve Tockey. Safety Analysis of Requirements for a Product Family. Proceedings, Third IEEE International Conference on Requirements Engineering, April 1998, Colorado Springs, Colorado. (Postscript)
• Guy Helmer.  Safety Checklist for Four Variable Requirements Methods.  Iowa State University Department of Computer Science Technical Report 98-01.

Presentations

Network Security in a Patched Environment, CERT2004 Conference, Omaha, NE, August 2004.
DECIMAL: A requirements engineering tool, on behalf of Prasana Padmanabhan and Robyn Lutz, Requirements Engineering for Product Lines Workshop (REPL02) in conjunction with 10th International Requirements Engineering Conference (RE02), Essen, Germany, September 2002.
Internal Security: Improving Security Inside the Organization, CERT2002 Conference, Omaha, NE, August 2002.
Intrusion Detection Systems, Midwest Information Assurance Workshop, Ames, IA, July 2002.
User Experiences, GEC '98: Gigabit Ethernet Conference, San Jose, CA, February 1998.

Undergraduate Experience

While an undergrad, I interned at ETA Systems (RIP, 1989), working on their supercomputers and testing Fortran compilers and vectorizers on big codes, and having fun with fractals while waiting for my jobs to complete. ETA Systems was a subsidiary of Control Data Corp. that, in the late 1980s, built some of the fastest vector-processing computers in the world, with a peak of 180 MFLOPS on the low-end $1-million ETA10-P and 10 GFLOPS on the top-end ETA10-G. After ETA Systems ran up losses of 300E6 dollars, and Control Data found it needed to refinance $150E6 of its debt, Control Data was forced to close the doors of ETA Systems almost a month to the day before I was to start working full-time for the company.

Other previous work included internships at Dakota State University, working on the long-forgotten Dakota State Teacher's Assistant Series of computer aided instruction software, and part-time work at SDSM&T in the Computer Center and President's Office, where my duties included supporting computer users and developing admissions progress reports.

Education

Ph.D. in Computer Science, Fall 2000, Iowa State University
Honors: Boeing Dissertation Fellowship

Master of Science in Computer Science, 1998, Iowa State University
Honors: Phi Kappa Phi, Upsilon Pi Epsilon

B.S. in Computer Science with honors, 1989, South Dakota School of Mines and Technology

---

Guy Helmer <ghelmer@palisadesys.com> - Last Updated 03/24/2006