Some lightly curated, archived news:
I've joined the faculty at LSU and am currently setting up shop!
We recently completed the 2016 GenCyber cybersecurity training camp for high school teachers at the University of New Orleans, which was the third edition of this program. Thanks to all the attendees and watch for information regarding the planned 2017 camp.
Invited to be a member of the Editorial Board of Computers and Security (Elsevier). Thanks, Spaf!
Best paper award for "Rapid Forensic Imaging of Large Disks with Sifting Collectors" at DFRWS 2015.
Keynote, 3rd International Workshop on Digital Forensics Curriculum Standards, Philadelphia, PA, 2015.
At the 2014 annual meeting of the American Academy of Forensic Sciences (AAFS) in Seattle, I was promoted to AAFS Fellow. The next annual meeting of the AAFS is in Orlando, FL, in 2015.
Best paper award for "In Lieu of Swap: Analyzing Compressed RAM in Mac OS X and Linux" at DFRWS 2014.
From July 7-18, 2014, I offered a free, intensive, two week IA training program for high school teachers. This effort was funded by a grant from the GenCyber program (a collaboration between NSA and NSF). The training program was Linux-centrix, conducted on Chromebooks, and covered a number of aspects of computer security, including digital forensics, malware analysis, social engineering, reverse engineering, penetration testing, and secure software design. We hope to repeat the program in the future, subject to funding availability--stay tuned for more details.
I was recently invited by the local chapter of the IEEE to give a talk at Tulane on the foundations of digital forensics, privacy impacts, and current research efforts. The talk covered basic investigative methods, data leakage, live forensics analysis, some trends in both storage and computer architectures that have a serious impact on next-generation digital forensics tools. The technical level of the talk is intermediate. Click for a copy of the slides from the talk.
Our paper "Integrity Checking of Function Pointers in Kernel Pools via Virtual Machine Introspection" (co-authored with Irfan Ahmed, Aleks Zoranic, and Vassil Roussev) received the best paper award at the 2013 International Security Conference in Dallas, TX. The paper has also been invited to be presented at The Next Generation Malware Attacks and Defense Workshop (NGMAD) at ACSAC 2013.
I've been selected, along with my former students (and friends and collaborators) Andrew Case, Lodovico Marziale, and Joe Sylve, to be included in the Silicon Bayou 100, "...a list of 100 people who have done the coolest stuff in Louisiana entrepreneurship and tech and have most influenced Louisiana’s startup, entrepreneurial, tech, and digital communities this year..." Thanks!
In December 2013, I offered a tutorial at ACSAC 2013 entitled "An Introduction to Reverse Engineering Malware". This is a (very) short version of my full semester course on reverse engineering malware (CSCI 4622), which I teach at the University of New Orleans roughly each year. The full course, as well as the much condensed tutorial, covers basic foundations of reverse engineering, as well as static and dynamic analysis techniques, handling complex malware with anti-analysis features, unpacking, etc.
I recently gave the keynote address at the 1st International Workshop on Digital Forensics Curriculum Standards, held at UIUC in Urbana-Champaign, IL in 2013. My angle, as you might guess, is that digital forensics education (and practice, and research) needs to focus on deeper technical skills, more advanced and more accurate analysis, to deal with increasing volumes of data and the impact of malware. Click for a copy of the slides from the talk.