Computer Forensics Research

At UAB we believe the criminals are currently winning the CyberCrime war. The approach we are taking to respond to this situation falls along three lines:

• Academics - we must start sending people into the workforce who are prepared to work as CyberCrime Investigators, whether that be in the public sector or the private sector. At UAB we call this "Training Digital Detectives for the 21st Century". Our partnership between Computer & Information Science and Justice Science has created the Certificate in Computer Forensics which students may obtain by taking course work in both departments.
• Awareness - Its important that law enforcement, corporate security, and the public are all aware of the risks of CyberCrime and what they can do to protect themselves and help fight back. This is why we have co-sponsored and hosted events such as:
  • Surfing the Internet Safely - co-sponsored with the FBI, this free course invited the public to hear the truth about CyberCrime and learn how to better protect themselves and their families.
  • The Birmingham Conference on Phishing - co-sponsored with the FBI, this free course invited law enforcement professional from around the SouthEast to learn how to investigate phishing.
  • The Metropolitan Summit on Identity Theft - co-sponsored with the Jefferson County District Attorney's office, this conference brought 300 law enforcement professionals together for two days to learn about and discuss identity theft.
  • Small Business Computer Security - sponsored by the FBI, the National Institute of Standards and Technology, and the Small Business Administration, this upcoming seminar on August 20th will be open to Small Business Owners and their IT Professionals.
  • InfraGard - UAB participates in the Birmingham InfraGard chapter.
  • US Secret Service Computer Crimes Working Group - UAB has hosted meetings for this organization as well!
• Research - The CyberCriminals have more manpower, more advanced technology, and freedom from borders. This means that Law Enforcement is going to need better Tools, Techniques, and Training. At UAB we believe that great ideas are born in Academic Research.

  Our Computer Forensics Research Initiative

  • talks with the people on the front lines and documents their problems.
  • listens to Law Enforcement and applies our knowledge of Computer Science to those problems.
  • studies current Investigative Methods and propose alternatives, measuring these alternative methods in the real world and reporting on our results.
  • listens to victims, whether they be corporations, individuals, or government branches, and provides them with better solutions to analyze what has happened to them, report it properly, and preserve it for proper investigation.

Spam, or Unsolicited Commercial Email, now accounts for more than 85% of all emails sent on the Internet. A 2007 report by Ferris Research placed the economic impact of spam at $100 Billion globally and $35 Billion in the USA.

Besides having the impact of making email untrustworthy, and causing individuals to hesitate about the validity of online commerce, spam is also the source of Phishing emails, counterfeit product sales, and the main means by which viruses and other malware are propagated.

At UAB, we are applying the principles of Data Mining and Grid Computing to establish the Spam Data Mining for Law Enforcement project. In this project, we invite collaboration in the form of "spam contribution" to build a large corpus of spam emails which will be analyzed and clustered to provide significant forensic and investigative data to law enforcement. The laws are in place, but the tools are lacking, to allow law enforcement to regularly identify, arrest, and successfully prosecute criminal spammers. Until this activity is automated and regularly practiced, criminals will continue to believe that spamming is a safe alternative form of income.

One particular type of spam that is costing Americans millions of dollars each week is Phishing. According to the Anti-Phishing Working Group, criminals create more than 20,000 unique phishing sites EACH MONTH! Each of these is a crime gateway which can lead to additional theft of finances and identities. In some cases a single phishing site has compromised hundreds of individual accounts before being shut down.

UAB is working to identify patterns among this data which would allow many unique phishing sites to be combined into a single law enforcement case. We are also working with other anti-phishing organizations and law enforcement to develop early warning systems, and actionable advise to brand owners which would allow them to protect their consumers.

Office: Campbell Hall Room 100
Telephone:205.934.8620
E-Mail: gar (at) cis.uab.edu
Mailing Addressr:

115 Campbell Hall 1300 University Blvd Birmingham, AL 35294-1170