In a groundbreaking development, LSU’s cybersecurity team, under the leadership of experts Golden Richard and Aisha Ali-Gombe, has been awarded a significant grant of $1 million from the U.S. Department of Homeland Security. This substantial funding comes through the Criminal Investigations and Network Analysis Center, a Department of Homeland Security Center of Excellence at George Mason University, aimed at advancing the field of memory forensics. As per this news release from LSU, the focus of this research is to enhance digital investigations and recover elusive evidence related to criminal activities.
At the forefront of memory forensics development globally, LSU’s cybersecurity team specializes in documenting short-term memory on computers and digital devices, including cell phones. This innovative approach distinguishes itself from traditional digital forensics, which primarily deals with permanently stored data and long-term memory on hard drives. Drawing an analogy to a coroner autopsying a human brain versus documenting a person’s thoughts, memory forensics experts possess an almost supernatural ability to extract evidence.
The team’s prowess in memory forensics has garnered collaborations with state and federal agencies, as well as leading security and defense organizations, such as the National Security Agency, U.S. Secret Service, Louisiana State Police, and Louisiana National Guard. LSU’s recent recognition as a Center of Academic Excellence in Cyber Operations by the National Security Agency highlights the importance of their ability to teach hands-on memory forensics.
Golden Richard, a professor in the Division of Computer Science and Engineering at LSU, emphasizes the challenges posed by modern cyber threats. He notes, “Malware and cyberattacks now routinely leave no traces on non-volatile data storage devices,” putting immense pressure on investigators trained in traditional forensic techniques.
The urgency to address these challenges comes in the wake of major hacks by foreign adversaries targeting the safety and security of the United States. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated the use of memory forensics as part of incident response for affected agencies. However, the complexity of memory forensics poses accessibility and scalability issues for many agencies lacking user-friendly tools and a sufficient workforce. To tackle this, Richard’s project aims to make memory forensics more accessible. Integrating the Structured Threat Information Expression (STIX) language with the open-source Volatility Framework, the team envisions creating a more user-friendly and efficient toolset. This integration will enable investigators from diverse backgrounds to conduct accurate and efficient cyber operations.
The second project, led by Aisha Ali-Gombe, focuses on recovering code and reconstructing processes on Android devices, which command a 70 percent global market share. This initiative seeks to investigate illegal activities on Android smartphones, including cryptocurrency transactions and chat data between terrorists on encrypted social media platforms. Ali-Gombe explains, “Our framework will be able to reconstruct the execution path of a mobile application that clearly shows the most recent user activity, thus providing investigators with actionable evidence they can use in court.”
The collaborative efforts of both undergraduate and graduate LSU students contribute significantly to these research projects. Lauren Pace, a doctoral student, expresses excitement about impacting real investigations and speeding up information recovery. Meanwhile, Nicholas Tanet, a computer science senior, highlights his appreciation for the research process and newfound interest in memory analysis and reverse engineering.
In conclusion, LSU’s cybersecurity team emerges as a formidable force, seamlessly merging academic excellence with practical cybersecurity solutions. Their dedication to advancing memory forensics not only combats present threats but also positions LSU at the forefront of shaping the future of cybersecurity. As the digital landscape continually evolves, LSU remains a stalwart guardian, propelling the field forward with groundbreaking research and education initiatives.
For more education-related information, click here.