Digital Forensics

Dr. Yasinsac with students

School of Computing Digital Forensics Capabilities

The School of Computing has a primary interest in Digital Forensics and Security. USA is an NSA/DHS Center of Academic Excellence in Information Assurance/ Cyber Defense and a participant in NSF's CyberCorps Scholarships for Service. The following topics impact digital forensics investigations in both industry and law enforcement.

1. Computing Forensics and Digital Investigations

The Soc Digital Forensics Information Intelligence(DFII) Research Group meets weekly during the academic year. The research interest ranges from malware to cloud computing to SCADA devices, organizational investigations, hardware evolution, and the impact that all of these areas have on forensic tool, processes and investigations. Soc investigators collaborate to conduct basic and applied research that is brought into our classrooms.[Barnett, Black, Yasinsac, Johnsten, Damopoulos, Green]

2. Critical Infrastructure Protection 

Presidential Policy Directive 21(2013) established protecting the nation's critical infrastructure as a national priority. Soc researchers examine risks to end user oriented critical cyber infrastructure components such as automobiles, airplanes, and medical devices. We also study computer systems that control water flow and that regulate electrical grids, lighting systems, traffic signals, and analogous sensors, actuators and control devices.[Andel, McDonald, Damopoulos, Black, Green]

3.Advanced Persistent Threats 

Advanced Persistent Threats (APT) may be the greatest single threat to effective use of the internet today. Networks of rogue computers are created by attackers with vast resources, e.g. criminal and state-sponsored actors and are designed to carry out coordinated acts of malice. Soc researchers study technology that can prevent ATPs through malware analysis, reverse engineering, intrusion detection, secure software, and network security research. [McDonald, Andel]

4. Secure Software

 Most computing system threats manifest through implementation flaws resulting from poor software development practices. Soc researchers investigate techniques to improve rigor in software development, the impact of anti-forensic software, and potential detection solutions.[Andel, McDonald, Yasinsac]

 5. Insider Threats

Most Security approaches are based on the classic Maginot Line concept, where the defenders are inside the perimeter and the attackers are on the outside. Soc investigators study technology and man-machine interface sciences to prevent, detect, and respond to attacks made by trusted parties that violate privilege that is given to them. [Yasinsac]

6. Informatics ( Healthcare, Bio, etc.) 

The USA Health Informatics Research Group is currently focused on two major areas of research, education and outreach: Risk assessment of healthcare systems and health informatics curriculum development. the USA Health Informatics Group is emerging as a center of research for risk assessment of healthcare data and systems and pedagogical innovations in health informatics curriculum and education. We are seeking colleagues with mutual interests to pursue publication and grant opportunities in our identified research themes or closely related areas. [Campbell, Pardue, Bourrie, Sittig]

7. Big Data and Cloud Computing 

 The Volume and diversity of data being collected impacts an investigation. Rapid increases in computing and storage technologies have revolutionized the collection and processing of immense volumes of data. Soc investigators study advanced techniques to identify correlations in vast databases that can lead to improvements in cloud security, medical research, and other bog data applications. [Johnsten, Benton, Haung, Bourrie, Shropshire]

8. Internet Voting

Driven by the pervasive distribution of personal computing devices, there is strong inertia to engage internet voting in national elections in spite of spirited objections regarding security risks of counting electronically delivered ballots. Soc investigators study theoretical limitations that impacts voting system decisions along with security practices that may enable expanded engagement of technology in election processes. [Andel, Yasinsac]

 9. Cyber-STEM Education 

In 2012, Soc established a K-12 partner School Program to advance Cyber Stem research, education, and familiarization through local schools. This includes examining techniques for increasing STEM adoption by students in underrepresented groups and improving computing proficiency for K-12 teachers. [Chapman, Black, Barnett, Yasinsac, McDonald, Andel, Johnsten]