To download a copy of my CV, click here.
I recently collaborated with Andrew Case to develop Volatility plugins to support forensic analysis of of compressed RAM in Mac OS X Mavericks and Linux. The paper describing our work was presented at DFRWS 2014 and won the best paper award at the conference. The plugins mentioned in the paper will be released in September 2014 and Volatility 3 (coming someday) will support decompression transparently for all plugins.
I'm the PI on a new NSF EAGER grant (with Carl Weems and Irfan Ahmed) that explores the relationship between psychological traits and both "good" and "bad" cyber behavior. The grant is approximately $250K and we'll complete the work over 2014-2015. We're excited about the work and the chance for the Departments of Computer Science and Psychology to work together for the first time.
Our $1.2M proposal, "TWC: Medium: Collaborative: Towards a Binary-Centric Framework for Cyber Forensics in Enterprise Environments", has been recommended for funding by the NSF. This is a collaboration between UNO and Purdue. All the graduate student positions for this grant are currently filled--thanks for all the interest!
Lots of activity at DFRWS 2014 in Denver, including workshops and a bunch of interesting papers. I presented a paper on memory analysis of compressed RAM, conducted a short workshop on reverse engineering, wrangled the forensic rodeo on GPU malware, and hung out with the fantastic crowd that attends this conference. See you in Philadelphia for DFRWS 2015, if not sooner!
Check here for exciting news about dumping GPU device memory on NVIDIA GPUs, GPU malware, and the 2014 DFRWS forensics challenge!
DFRWS Best Paper Award
New NSF EAGER Grant
New NSF Cyber Grant
DFRWS 2014 in Denver
GPU Memory Dumping!