CRCS Lunch Seminar
Date: Monday, October 1, 2012
Time: 12:00pm – 1:30pm
Place: Maxwell Dworkin 119
Speaker: Simson L. Garfinkel, Associate Professor, Naval Postgraduate School
Title: Digital Forensics Innovation: Searching A Terabyte of Data in 10 minutes
Abstract: Most digital forensics tools follow a simple model of “visibility, filter and report” – the tool extracts all of the information on a subject’s disk drive, this information is filtered according to search terms, and finally a detailed report is created by a trained examiner. The problem with this model is that it cannot keep up with the growing amount of storage on desktops and in the cloud, the increasing diversity of data formats, or the growing perniciousness of malware.
This talk present a new approach that allows rapid triage of digital storage devices using random sampling, bulk data analysis, and the presence of distinct, recognizable sectors that are commonly found in user-generated documents, multimedia, and encrypted files. It shows how a 30MB piece of video hidden on a 1TB hard drive can be found in less than 10 minutes, even if the video deleted and partially overwritten so that no file headers, footers, or metadata can be recovered. We show how we can deploy this technique on a laptop in the field with a custom-built database with a billion rows that can perform more than a thousand lookups per second.
Bio: Simson L. Garfinkel is an Associate Professor at the Naval Postgraduate School. Based in Arlington VA, Garfinkel’s research interests include computer forensics, the emerging field of usability and security, personal information management, privacy, information policy and terrorism. He holds six US patents for his computer-related research and has published dozens of journal and conference papers in security and computer forensics.
Garfinkel is the author or co-author of fourteen books on computing. He is perhaps best known for his book Database Nation: The Death of Privacy in the 21st Century. Garfinkel’s most successful book, Practical UNIX and Internet Security (co-authored with Gene Spafford), has sold more than 250,000 copies and been translated into more than a dozen languages since the first edition was published in 1991.
Garfinkel is also a journalist and has written more than a thousand articles about science, technology, and technology policy in the popular press since 1983. He started writing about identity theft in 1988. He has won numerous national journalism awards, including the Jesse H. Neal National Business Journalism Award two years in a row for his “Machine shop” series in CSO magazine. Today he mostly writes for Technology Review Magazine and the technologyreview.com website.
As an entrepreneur, Garfinkel founded five companies between 1989 and 2000. Two of the most successful were Vineyard.NET, which provided Internet service on Martha’s Vineyard to more than a thousand customers from 1995 through 2005, and Sandstorm Enterprises, an early developer of commercial computer forensic tools.
Garfinkel received three Bachelor of Science degrees from MIT in 1987, a Master’s of Science in Journalism from Columbia University in 1988, and a Ph.D. in Computer Science from MIT in 2005.
LOCATION:Maxwell Dworkin 119 STATUS:CONFIRMED DTSTART:20121001T160000Z DTEND:20121001T173000Z END:VEVENT END:VCALENDAR