Difference between revisions of "Current Research"

From Simson Garfinkel
Jump to navigationJump to search
m
m
Line 14: Line 14:
* [[Unpublished|Unpublished research papers]]
* [[Unpublished|Unpublished research papers]]
* [[:Category:Resources|Resources for students]]
* [[:Category:Resources|Resources for students]]
* [http://www.forensicswiki.org/wiki/Open_Research_Topics Open Research Projects] in computer forensics.

Revision as of 03:44, 2 October 2012

My primary area of research is in the area of document and media exploitation (DOMEX) and computer forensics. Projects that I am currently working on in this area include:

  • Developing techniques for Automated Document and Media Exploitation (ADOMEX). Current exploitation projects involve:
    • Rapid disk analysis --- techniques for determining the content of a terabyte hard drive in 2-3 minutes, rather than 2-3 hours or 2-3 days.
    • User profiling --- techniques for automatically figuring out who was the primary use of a hard drive, who were the other users, what the user did with the files, who they contacted, and their social network.
  • Creating the Real Data Corpus, a large-scale unclassified corpus of real information from real computer users all over the world. Most work done in computer forensics today is done with little scientific controls on personal data belonging to the experimenter. We are creating a corpus of real and realistic data that can be used for research and training. The Real Data Corpus currently has more than 2000 images of disk drives and USB memory sticks. This corpus is available for us by researchers with minimal restrictions. I am also exploring the use of anonymization techniques to create corpora for use by researchers.


The remainder of my research is in the field of usability and security. Here I am involved in several projects, including:

  • An evaluation of best practices for email security, with a special emphasis on the S/MIME and Domain Keys standards.
  • An on-going evaluation in the use of human subjects in computer security research.

Other information that you will find here includes: