Golden, can you tell us something about your background and why you decided to teach digital forensics?
I studied computer science at the University of New Orleans, then went
to Ohio State to get an M.S. and Ph.D. My evil plan to try to return to
New Orleans worked, when a job opening at UNO appeared just as I was
finishing up at Ohio State. I made a single job application (which
slightly annoyed my advisor) and got the job.
I've been teaching at UNO since 1994. I've been "hacking" (in the
positive since of the word) since I was about 13--that's 35 years ago,
although I don't really feel that old. Yet. I've always been interested
in operating systems internals, filesystems, etc. When I met some people
around 2001 that were starting a digital forensics conference, I
realized that there could be a formal point and a focus for my
tinkering. I started doing formal research in digital forensics around
2002 or so and classes in digital forensics at the University of New
Orleans followed around 2003.
What digital forensic courses are currently offered by the University of New Orleans?
We currently offer a bunch of security courses that have slightly
overlapping content. There are two core digital forensics courses, CSCI
4623 and CSCI 6621, which are undergraduate/graduate mix and graduate
only, respectively. CSCI 4623 is an introductory course and includes a
bunch of hands on stuff in my lab. CSCI 6621 is primarily a research
course, where graduate students come up to speed on the state-of-the-art
in digital forensics research, tools, etc. It's driven primarily by
reading papers, but with some lab work as well. We also offer courses in
reverse engineering (basically, a malware course), kernel exploitation,
network penetration testing, and of course a basic computer security
course. Each of these has at least some forensic component.
Tell us more about course structure and
content. What core knowledge and key skills should students gain by the
end of their studies?
The idea with each of our security courses is to cover foundational
stuff and to reinforce that with extensive labwork. For the intro
forensics courses that means I lecture using Powerpoint, do walkthroughs
that illustrate a point, and then students actually do forensics in the
lab. For the reverse engineering class, for example, it's
similar--learn about particular aspects of malware, but then actually
reverse engineering real viruses on your own. We're not a trade school,
so fundamentals are tool agnostic, but we have licenses for major
commercial forensics and reverse engineering software so students are
exposed to the "real stuff"...