Smothered in malware. What's new?
I recently collaborated with Andrew Case to develop Volatility plugins to support forensic analysis of of compressed RAM in Mac OS X Mavericks and Linux. The paper describing our work was presented at DFRWS 2014 and won the best paper award at the conference. The plugins mentioned in the paper are being integrated into the current Volatility release. Volatility 3 (coming someday) will support decompression transparently for all plugins using our work.
I'm the PI on a new NSF EAGER grant (with Carl Weems and Irfan Ahmed) that explores the relationship between psychological traits and both "good" and "bad" cyber behavior. The grant is approximately $250K and we'll complete the work over 2014-2015. We're excited about the work and the chance for the Departments of Computer Science and Psychology to work together for the first time.
Our $1.2M proposal, "TWC: Medium: Collaborative: Towards a Binary-Centric Framework for Cyber Forensics in Enterprise Environments", has been recommended for funding by the NSF. This is a collaboration between UNO and Purdue. All the graduate student positions for this grant are currently filled--thanks for all the interest!
DFRWS 2015 will be held in Philadelphia between August 9 and 13th. The call for papers is open until February 9th, as are the calls for tutorials and workshops. See you in Philadelphia!
The 2015 DFRWS Forensics Challenge has (finally) been released! Thanks for your patience as we worked through some challenging technical (and political) issues!
DFRWS Best Paper Award
New NSF EAGER Grant
New NSF Cyber Grant
DFRWS 2015 Challenge