Golden, can you tell us something about your background and why you decided to teach digital forensics?
I studied computer science at the University of New Orleans, then went to Ohio State to get an M.S. and Ph.D. My evil plan to try to return to New Orleans worked, when a job opening at UNO appeared just as I was finishing up at Ohio State. I made a single job application (which slightly annoyed my advisor) and got the job.
I’ve been teaching at UNO since 1994. I’ve been “hacking” (in the positive sense of the word) since I was about 13–that’s 35 years ago, although I don’t really feel that old. Yet. I’ve always been interested in operating systems internals, filesystems, etc. When I met some people around 2001 that were starting a digital forensics conference, I realized that there could be a formal point and a focus for my tinkering. I started doing formal research in digital forensics around 2002 or so and classes in digital forensics at the University of New Orleans followed around 2003.What digital forensic courses are currently offered by the University of New Orleans?
We currently offer a bunch of security courses that have slightly overlapping content. There are two core digital forensics courses, CSCI 4623 and CSCI 6621, which are undergraduate/graduate mix and graduate only, respectively. CSCI 4623 is an introductory course and includes a bunch of hands on stuff in my lab. CSCI 6621 is primarily a research course, where graduate students come up to speed on the state-of-the-art in digital forensics research, tools, etc. It’s driven primarily by reading papers, but with some lab work as well. We also offer courses in reverse engineering (basically, a malware course), kernel exploitation, network penetration testing, and of course a basic computer security course. Each of these has at least some forensic component.
Tell us more about course structure and content. What core knowledge and key skills should students gain by the end of their studies?
The idea with each of our security courses is to cover foundational stuff and to reinforce that with extensive labwork. For the intro forensics courses that means I lecture using Powerpoint, do walkthroughs that illustrate a point, and then students actually do forensics in the lab. For the reverse engineering class, for example, it’s similar–learn about particular aspects of malware, but then actually reverse engineering real viruses on your own. We’re not a trade school, so fundamentals are tool agnostic, but we have licenses for major commercial forensics and reverse engineering software so students are exposed to the “real stuff”.
Please describe the facilities available to digital forensics students at the University of New Orleans.
We have two security labs that are side by side (one is in the Greater New Orleans Center for Information Assurance). These labs have a dedicated high speed network and fileserver and accounts that are distinct from the the rest of the department. Everything is virtualized. The host OS on all the machines is a flavor of Ubuntu, but all the labwork is done in VMs. Every seat has about 10K worth of commercial forensics, reverse engineering, and security software.
What is the most challenging aspect of teaching digital forensics?
Prep. I’m fanatic about not becoming a tired, lazy professor that just flips the slides from 10 years ago–I will absolutely quit before I ever let that happen. That means staying on top of things and engaging the students’ interest. The forensics courses don’t take quite as much prep time as the reverse engineering courses (which were consuming about 20 hours of my time per 1.5 hour lecture when I was initially putting them together), but staying up to date is extremely important. Not looking like an idiot in front of my extremely smart students is also very important!
The graduate employment market continues to be highly competitive. What advice would you give to final year digital forensics students to help them stand out from the crowd?
I’ll answer by saying that I see two broad categories of students. One type of student asks, “So: When will Digital Forensics II be offered”? And if I were to offer a second undergraduate course in forensics, the followup question would be “When will Digital Forensics III be offered?”. The other type of student realizes that my job is to stimulate interest in a subject, show the students how to rapidly acquire basic knowledge and skills, and how to figure out what they don’t already know. And furthermore, to understand that they will *always* have to figure out stuff they don’t already know. They also realize that I’m not refusing to offer II or III because I’m an idiot and don’t know anything else. 🙂 The second category of student might take courses # 2 or 3 or whatever in a particular subject, but would understand perfectly how to proceed if those weren’t offered. Advice: Be the second kind of student. Do. Without whining. Of course it’s hard. You hardly get to wear a wizard cap for doing something that anyone could do without effort, right? And actually having knowledge instead of making stuff up as you go along means you can be relaxed in your application of it and not come across as an abrasive, uptight $$&&^!!!.
When you're not teaching, how do you relax and unwind?
I’m a music photographer. Look here: http://www.highisomusic.com 🙂
Golden G. Richard III is a Professor of Computer Science and Research Professor at the University of New Orleans. He is also Director of the Greater New Orleans Center for Information Assurance (GNOCIA) and Co-founder of Digital Forensics Solutions, LLC. Golden's contact details can be found here.