LSU Cybersecurity Team Awarded $1M from U.S. Department of Homeland Security to Help Fight Terrorism, Online Crime
Two separate research projects led by LSU cybersecurity experts Golden Richard and Aisha Ali-Gombe have each been awarded half a million dollars in defense funding through the Criminal Investigations and Network Analysis Center, a Department of Homeland Security Center of Excellence at George Mason University, to advance the state-of-the-art of memory forensics, which is a frontier field in digital investigations to recover elusive evidence of criminal activity.
LSU’s cybersecurity team is one of the leading developers of memory forensics in the world. The power of memory forensics lies in its ability to document short-term memory on computers and digital devices, including cellphones. Just like most coroners would know how to autopsy a human brain while few would be able to document a person’s thoughts, memory forensics experts can extract evidence in ways that seem almost supernatural compared to traditional digital forensics, which involves the discovery of permanently stored data and long-term memory on hard drives.
LSU cybersecurity faculty Golden Richard and Aisha Ali-Gombe have each received half a million dollars from the U.S. Department of Homeland Security through the Criminal Investigations and Network Analysis Center, or CINA.
The LSU team’s growing collaborations and partnerships with state and federal agencies and leading security and defense organizations, including the National Security Agency, U.S. Secret Service, Louisiana State Police, and Louisiana National Guard, are partly based on its frontier memory forensics capabilities, driven by the increasing need all around the world to gather irrefutable digital evidence to fight online crime and international cyberattacks and terrorism. LSU’s recent designation as a Center of Academic Excellence in Cyber Operations by the National Security Agency was contingent on its cybersecurity team’s ability to teach hands-on memory forensics.
“Malware and cyberattacks now routinely leave no traces on non-volatile data storage devices,” said Golden Richard, professor in the Division of Computer Science and Engineering in the LSU College of Engineering with a joint appointment in the LSU Center for Computation & Technology and interim director of the LSU Cyber Center. “This puts enormous pressure on investigators who might have been trained in traditional ‘pull-the-plug’ forensic techniques.”
Recent major hacks by foreign adversaries trying to undermine the safety and security of the United States led the Cybersecurity and Infrastructure Security Agency, or CISA, to mandate all affected agencies to use memory forensics as part of their incident response. Meanwhile, effective memory forensics requires deep technical expertise, which creates an accessibility and scalability problem for most agencies that often lack easy-to-use tools in combination with enough workforce.
Richard’s project will help solve this challenge.
The LSU cybersecurity team’s world-leading expertise in memory forensics helps national and state security agencies discover reliable evidence of criminal activity in the short-term memory on computers and digital devices, including mobile phones. Photo illustration created using Adobe Firefly.
“We want to make memory forensics more accessible, so it can be used to target new and evolving threats,” Richard said. “Our research will integrate the Structured Threat Information Expression, or STIX, language—one of the most common ways investigators describe, document, and communicate cyber incidents—with the open-source Volatility Framework, the most widely used memory forensics toolset. This way, investigators and even non-investigators from different backgrounds and in different working environments will be able to conduct and coordinate more accurate and efficient cyber operations.”
The second LSU project that’s been newly funded by the Department of Homeland Security aims to recover code and reconstruct processes on Android devices, which have at least a 70 percent global market share.
“What we’re working on can be used to investigate illegal activities on Android smartphones, including cryptocurrency transactions and chat data between terrorists on end-to-end encrypted social media platforms,” said Aisha Ali-Gombe, associate professor in the Division of Computer Science and Engineering in the LSU College of Engineering with a joint appointment in the LSU Center for Computation & Technology. “Also, we can help recover and provide context to deleted activities and messages. Our framework will be able to reconstruct the execution path of a mobile application that clearly shows the most recent user activity, thus providing investigators with actionable evidence they can use in court.”
Both undergraduate and graduate LSU students are assisting with the research.
Lauren Pace, a third-year doctoral student from Covington, Louisiana, is working with Richard on the STIX integration.
“It’s very exciting to think about my work impacting real investigations,” Pace said. “Knowing that I’m helping to speed up the recovery of information and increase the number of people who can do memory forensics is an excellent motivator.”
Nicholas Tanet, a computer science senior from New Orleans, Louisiana, is helping Ali-Gombe do memory dumps from Android smartphones and find patterns to build a code-recovery engine to help reconstruct user activity.
“I’ve grown an appreciation for the research process and found a great interest in memory analysis and reverse engineering,” Tanet said. “I have constant chances to learn new things and am also gaining many new friends.”
Latest LSU News
- International Team Including Two Pennington Biomedical Faculty Awarded $25 Million for Cancer ResearchSteven B. Heymsfield, M.D., and Justin C. Brown, Ph.D., of the Pennington Biomedical Research Center are part of a team that secured $25 million to take on cachexia, a debilitating condition responsible for up to 30 percent of cancer deaths.
- Pennington, LSU Health New Orleans Part of National Study to Create Personalized-Nutrition AlgorithmPennington Biomedical, in partnership with LSU Health New Orleans, is taking part in a study using machine learning to predict how an individual responds to a given diet, allowing physicians to offer patients personalized nutrition prescriptions.
- LSU Seeks Volunteers for Love the Boot Week Litter CleanupAs a Keep Louisiana Beautiful Affiliate, LSU will be participating in a litter cleanup event in celebration of Love the Boot Week. Love the Boot Week is Louisiana's largest cleanup and beautification event, hosted by Keep Louisiana Beautiful and held in conjunction with Earth Day activities across the planet.
- LSU Holding Spring Greening Day April 25Spring Greening Day is an annual half-day service project to beautify and green the LSU campus. On April 25, 2024, from 11 am - 2 pm we will be planting natives and perennials in front of the Greek Amphitheater. This event is made possible by our partnership with Keep Louisiana Beautiful, Auxiliary Services, RCI, and Toro.
- LSU Professor Receives NSF CAREER Award, Research Addresses Privacy Concerns in VideoconferencingSince the pandemic, our primary means of interacting have evolved to include video conferencing applications, which are broadly used to connect geographically distant people for work, school, and even socially. During these interactions, it’s not uncommon for a user to turn off his or her microphone and/or camera out of concern for privacy. However, microphones and cameras can still leak other kinds of information beyond what is seen and heard through “micro signals,” which are too tiny for humans to recognize but detectable by machines.
- LSU Shreveport Earns ‘Hunger-Free Campus’ Designation from Louisiana Board of RegentsLSU Shreveport has received a hunger-free campus designation from the Louisiana Board of Regents, signifying that the university has mechanisms in place to combat student hunger, including the LSUS Food Pantry, which opened in 2018.