Friday, June 15, 2012

Interview with Professor Golden G. Richard III, University of New Orleans

Golden, can you tell us something about your background and why you decided to teach digital forensics?

I studied computer science at the University of New Orleans, then went to Ohio State to get an M.S. and Ph.D. My evil plan to try to return to New Orleans worked, when a job opening at UNO appeared just as I was finishing up at Ohio State. I made a single job application (which slightly annoyed my advisor) and got the job.

I've been teaching at UNO since 1994. I've been "hacking" (in the positive since of the word) since I was about 13--that's 35 years ago, although I don't really feel that old. Yet. I've always been interested in operating systems internals, filesystems, etc. When I met some people around 2001 that were starting a digital forensics conference, I realized that there could be a formal point and a focus for my tinkering. I started doing formal research in digital forensics around 2002 or so and classes in digital forensics at the University of New Orleans followed around 2003.

What digital forensic courses are currently offered by the University of New Orleans?

We currently offer a bunch of security courses that have slightly overlapping content. There are two core digital forensics courses, CSCI 4623 and CSCI 6621, which are undergraduate/graduate mix and graduate only, respectively. CSCI 4623 is an introductory course and includes a bunch of hands on stuff in my lab. CSCI 6621 is primarily a research course, where graduate students come up to speed on the state-of-the-art in digital forensics research, tools, etc. It's driven primarily by reading papers, but with some lab work as well. We also offer courses in reverse engineering (basically, a malware course), kernel exploitation, network penetration testing, and of course a basic computer security course. Each of these has at least some forensic component.

Tell us more about course structure and content. What core knowledge and key skills should students gain by the end of their studies?

The idea with each of our security courses is to cover foundational stuff and to reinforce that with extensive labwork. For the intro forensics courses that means I lecture using Powerpoint, do walkthroughs that illustrate a point, and then students actually do forensics in the lab. For the reverse engineering class, for example, it's similar--learn about particular aspects of malware, but then actually reverse engineering real viruses on your own. We're not a trade school, so fundamentals are tool agnostic, but we have licenses for major commercial forensics and reverse engineering software so students are exposed to the "real stuff"...

Read more

1 comment:

alistair1 said...

That guy looks cool, like Johnny Rotten for the Pistols!