Left Accent
UAB CIS Header

Computer Forensics Research

Updated on Sun, 03/25/2012 - 1:57pm
part of The Center for Information Assurance and Joint Forensics Research

A Three-Pronged Approach

At UAB we believe the criminals are currently winning the CyberCrime war. The approach we are taking to respond to this situation falls along three lines:


  • Academics - we must start sending people into the workforce who are prepared to work as CyberCrime Investigators, whether that be in the public sector or the private sector. At UAB we call this "Training Digital Detectives for the 21st Century". Our partnership between Computer & Information Science and Justice Science has created the Certificate in Computer Forensics which students may obtain by taking course work in both departments.  We're also excited about our Masters Degree in Computer Forensics and Security Management.
  • Awareness - Its important that law enforcement, corporate security, and the public are all aware of the risks of CyberCrime and what they can do to protect themselves and help fight back.  From participating in educational events, to providing expert analysis for the media, we try to help consumers be aware of current threats to better protect themselves.
  • Research - The CyberCriminals have more manpower, more advanced technology, and freedom from borders. This means that Law Enforcement is going to need better Tools, Techniques, and Training. At UAB we believe that great ideas are born in Academic Research.

Our Computer Forensics Research Initiative:

  • talks with the people on the front lines and documents their problems.
  • listens to Law Enforcement and applies our knowledge of Computer Science to those problems.
  • studies current Investigative Methods and propose alternatives, measuring these alternative methods in the real world and reporting on our results.
  • listens to victims, whether they be corporations, individuals, or government branches, and provides them with better solutions to analyze what has happened to them, report it properly, and preserve it for proper investigation.

Why Spam Research?

Spam, or Unsolicited Commercial Email, now accounts for more than 85% of all emails sent on the Internet. A 2007 report by Ferris Research placed the economic impact of spam at $100 Billion globally and $35 Billion in the USA.

Besides having the impact of making email untrustworthy, and causing individuals to hesitate about the validity of online commerce, spam is also the source of Phishing emails, counterfeit product sales, and the main means by which viruses and other malware are propagated.

At UAB, we are applying the principles of Data Mining and Grid Computing to establish the UAB Spam Data Mine for Law Enforcement project. In this project, we invite collaboration in the form of "spam contribution" to build a large corpus of spam emails which will be analyzed and clustered to provide significant forensic and investigative data to law enforcement. The laws are in place, but the tools are lacking, to allow law enforcement to regularly identify, arrest, and successfully prosecute criminal spammers. Until this activity is automated and regularly practiced, criminals will continue to believe that spamming is a safe alternative form of income.

Focus Area: Phishing & Identity Theft

One particular type of spam that is costing Americans millions of dollars each week is Phishing. According to the Anti-Phishing Working Group, criminals create more than 20,000 unique phishing sites EACH MONTH! Each of these is a crime gateway which can lead to additional theft of finances and identities. In some cases a single phishing site has compromised hundreds of individual accounts before being shut down.

UAB is working to identify patterns among this data which would allow many unique phishing sites to be combined into a single law enforcement case. We are also working with other anti-phishing organizations and law enforcement to develop early warning systems, and actionable advise to brand owners which would allow them to protect their consumers.

The UAB PhishIntel portal provides access to more than 340,000 confirmed phishing cases to Law Enforcement and our business partners.  We also host a Monthly Phishing Contest where contributors share phishing websites with us in hopes of earning our monthly iPad prize!

Accent Right