Golden Richard,
Associate Professor
Department of Computer Science
University of New Orleans
“Digital Forensics: An Introduction”
“Digital Forensics: Current Practices”
“Next Generation Digital Forensics”
Dr. Golden G. Richard III is currently an Associate Professor in the Department of Computer Science and Visiting Associate Professor at the University of Texas at Austin, having fled Hurricane Katrina. He is the co-founder of Digital Forensics Solutions, a private digital forensics corporation, and technical advisor to the Gulf Coast Computer Forensics Laboratory (GCCFL), a consortium of local, state, and federal law enforcement agencies, located in the University of New Orleans Research and Technology Park. Dr. Richard is a GIAC-certified digital forensics investigator, chairman of the non-profit foundation supporting the Digital Forensics Research Workshop, and teaches digital forensics and computer security courses at the University of New Orleans.
DECEMBER 5 - 7, 2005 - 4:30 pm cst
Taylor Hall Room 3.128
Department of Computer Sciences
The University of Texas at Austin
Watch the video:
"Digital Forensics: An Introduction"
"Next Generation Digital Forensics"
Abstract:
This series of three lectures provides an introduction to digital forensics, the art (and science) of discovering and preserving digital evidence. Digital evidence exists on a wide variety of devices, from traditional computers, to PDAs, voice recorders, and cell phones. The first lecture is a broad introduction, describing the goals of digital forensics investigation, some of the legal issues, challenges, and what is (and isn't) generally recoverable. The listener is assumed to have only a basic computer science background.
The second lecture examines current best practices in digital forensics investigation, discussing commonly available tools, techniques, and interesting filesystem/device characteristics which provide challenges for investigators. This talk also includes a brief look at data hiding techniques, including low-level manipulation of filesystem structures, steganography, and encryption schemes. The talk concludes with a discussion of some of the limitations of current-generation digital forensics techniques, foreshadowing the main topic of the third lecture.
The third (and last) lecture in this series provides an overview of next generation digital forensics, examining both recent and needed research. The punch line of the talk is that digital forensics investigators are in a desperate situation: with nearly ubiquitous access to high-speed network services and 300GB+ storage devices available for under $200, investigators now encounter huge forensic targets, often with over a terabyte of storage. Current generation tools, executing on single workstations, are simply unable to cope with forensic targets of this size. A number of solutions have been proposed, including distributed digital forensics, partial acquisition, automatic evidentiary outlier discovery, and better processing of multimedia files, among others. All of these techniques are sampled in the talk, which concludes with a list of research directions.