Difference between revisions of "Current Research"

From Simson Garfinkel
Jump to navigationJump to search
m
m
 
(13 intermediate revisions by the same user not shown)
Line 1: Line 1:
My primary area of research is in the area of document and media exploitation (DOMEX) and computer forensics. Projects that I am currently working on in this area include:
My primary research interests center on data, and specifically data security, privacy, storage and correlation. In the 1990s my emphasis was largely on data security, largely driven by my experiences working an Internet service provider on Martha's Vineyard. From 1998-2003 I worked on network monitoring---first telephone networks, then IP networks---at Sandstorm Enterprises. From 2003 through 2014 I worked mostly on the digital forensics of stored data. Since 2015 I have mostly worked on data privacy and ethics issues, exploring de-identification at NIST and now differential privacy at the US Census Bureau. I also have strong interest in usability.
* Developing techniques for [[ADOMEX|Automated Document and Media Exploitation]] (ADOMEX). Current exploitation projects involve:
** Rapid disk analysis --- techniques for determining the content of a terabyte hard drive in 2-3 minutes, rather than 2-3 hours or 2-3 days.
** User profiling --- techniques for automatically figuring out who was the primary use of a hard drive, who were the other users, what the user did with the files, who they contacted, and their social network.
* Creating the [[Real Data Corpus]], a large-scale unclassified corpus of real information from real computer users all over the world. Most work done in computer forensics today is done with little scientific controls on personal data belonging to the experimenter. We are creating a corpus of real and realistic data that can be used for research and training. The Real Data Corpus currently has more than 2000 images of disk drives and USB memory sticks. This corpus is available for us by researchers with minimal restrictions. I am also exploring the use of anonymization techniques to create corpora for use by researchers.


As of May 2020, I am looking for students to help on the following projects:
* Improving the usefulness of the https://digitalcorpora.org/ website, with:
** Providing better visualizations of the data sets we have available for download
** Identifying which data sets are being used with better real-time analysis of our web server log files.
** Provide brief summary web pages of each dataset, like a [[forensic nutrition label]]. (We also need to develop the forensic nutrition label.)
** Engaging the digital forensics educational community to find out what data sets would be more useful.


The remainder of my research is in the field of usability and security. Here I am involved in several projects, including:
* Papers about the current state of Cloud Forensics
* An evaluation of best practices for email security, with a special emphasis on the S/MIME and Domain Keys standards.
** An overview paper for ACSAC 2020.
* An on-going evaluation in the use of human subjects in computer security research.
** A review journal paper that goes deeper and looks at the full subject/


Other information that you will find here includes:
* Paper(s) on AI and Digital Forensics
** What is AI being used for, and what could it be used for?
** Can we apply AI ethics to this?
 
* Paper on the philosophy of differential privacy.
 
* Paper on AI Ethics and Security for [https://www.nspw.org/2020 NSPW]
 
* Creating better open source mail analysis tools
** It is surprising how few articles there are in the computer science literature about email analysis.
** [https://github.com/simsong/slgmailtools I have a framework] for extracting information from mail archives.
**
 
* Completing NIST SP 800-188, de-identifying government datasets.
 
* Create Python3 plug-in for Autopsy
** Currently Autopsy requires plug-ins be written in Python2 with Jython. But using [https://www.py4j.org py4j], the same bridge that pyspark uses, it should be possible to have a bridge to programs written in Python3.
 
If you have interest, please contact me at sgarfin2@gmu.edu
 
==About the Summer 2020 Internship Program==
The Summer 2020 Internship program will run from May 21st, 2020 through August 6, 2020, although students may start and end late. The internship is unpaid, but students working with me will get:
* Regularly scheduled phone or video conferences to discuss their progress.
* The opportunity to collaborate on submitted research papers, and their name as a co-author on any papers that are submitted based on research that they participate in.
* References/recommendations that can be used for future academic programs or employment.
 
==See Also==
 
Other information that you will find on this site includes:
* [[Students|My students]]
* [[Students|My students]]
* [[Unpublished|Unpublished research papers]]
* [[Unpublished|Unpublished research papers]]
* [[:Category:Resources|Resources for students]]
* [[:Category:Resources|Resources for students]]
* Forensics Wiki: [https://forensicswiki.xyz/wiki/index.php?title=Research_Topics Open Research Projects in computer forensics].

Latest revision as of 12:07, 15 May 2020

My primary research interests center on data, and specifically data security, privacy, storage and correlation. In the 1990s my emphasis was largely on data security, largely driven by my experiences working an Internet service provider on Martha's Vineyard. From 1998-2003 I worked on network monitoring---first telephone networks, then IP networks---at Sandstorm Enterprises. From 2003 through 2014 I worked mostly on the digital forensics of stored data. Since 2015 I have mostly worked on data privacy and ethics issues, exploring de-identification at NIST and now differential privacy at the US Census Bureau. I also have strong interest in usability.

As of May 2020, I am looking for students to help on the following projects:

  • Improving the usefulness of the https://digitalcorpora.org/ website, with:
    • Providing better visualizations of the data sets we have available for download
    • Identifying which data sets are being used with better real-time analysis of our web server log files.
    • Provide brief summary web pages of each dataset, like a forensic nutrition label. (We also need to develop the forensic nutrition label.)
    • Engaging the digital forensics educational community to find out what data sets would be more useful.
  • Papers about the current state of Cloud Forensics
    • An overview paper for ACSAC 2020.
    • A review journal paper that goes deeper and looks at the full subject/
  • Paper(s) on AI and Digital Forensics
    • What is AI being used for, and what could it be used for?
    • Can we apply AI ethics to this?
  • Paper on the philosophy of differential privacy.
  • Paper on AI Ethics and Security for NSPW
  • Creating better open source mail analysis tools
    • It is surprising how few articles there are in the computer science literature about email analysis.
    • I have a framework for extracting information from mail archives.
  • Completing NIST SP 800-188, de-identifying government datasets.
  • Create Python3 plug-in for Autopsy
    • Currently Autopsy requires plug-ins be written in Python2 with Jython. But using py4j, the same bridge that pyspark uses, it should be possible to have a bridge to programs written in Python3.

If you have interest, please contact me at sgarfin2@gmu.edu

About the Summer 2020 Internship Program

The Summer 2020 Internship program will run from May 21st, 2020 through August 6, 2020, although students may start and end late. The internship is unpaid, but students working with me will get:

  • Regularly scheduled phone or video conferences to discuss their progress.
  • The opportunity to collaborate on submitted research papers, and their name as a co-author on any papers that are submitted based on research that they participate in.
  • References/recommendations that can be used for future academic programs or employment.

See Also

Other information that you will find on this site includes: