Inside UAB's Computer Forensics Lab

By Gail Short

fall2010_spamlab
Left to right, Anthony Skjellum, Gary Warner, and John Sloan joined forces to make UAB’s Computer Forensics Lab a reality.

Caught up in the flood of attention surrounding this year’s World Cup soccer tournament in South Africa, some fans got soaked: Major spam e-mail campaigns lured the unsuspecting with offers of discounted—and entirely fake—tickets and team apparel. These and other “cyberscams,” say experts, are on the rise around the world. Thieves have posed as Haiti earthquake victims and official representatives of everything from local banks to the Social Security Administration in order to bilk the unwary. In 2009 alone, the U.S. Internet Crime Complaint Center handled more than 336,000 reports of online fraud, and victims lost an estimated $559 million.

Send in the Cybersleuths

Unfortunately for most victims, however, they didn’t lose enough money. “If a victim loses less than $100,000 due to a cyberscam, then the matter falls within the jurisdiction of state or local law enforcement,” says John Sloan, Ph.D., chairman of the UAB Department of Justice Sciences. “But very few local police departments have officers who are trained to even begin a cybercrime investigation, let alone bring that case to a conclusion.” Only police departments in large cities such as New York have cybercrime units, Sloan continues. “And if the bad guys are overseas, then law enforcement can run into all kinds of jurisdictional issues between different countries.”

The federal government is hoping to tackle the problem by bringing on a new generation of digital detectives—and schooling pavement-based police in the techniques they’ll need to catch binary bad guys. Last fall, the Department of Homeland Security announced plans to hire 1,000 cybersecurity professionals over three years to fill critical positions.

Many of those experts may be UAB alumni. To help meet the soaring demand for cyberpros, Sloan joined with Anthony Skjellum, Ph.D., chairman of the UAB Department of Computer and Information Sciences, and renowned computer security expert Gary Warner, UAB’s director for research in computer forensics, to plan a training laboratory where both students and law enforcement officers can learn to identify and track online scammers.

Their virtual idea became reality this spring, when the Computer Forensics Laboratory opened as a joint initiative of the departments of Justice Sciences and Computer and Information Sciences.

The Face of the Enemy

The 3,000-square-foot facility is divided into three areas of interest: Two are dedicated to tracking and shutting down spam and phishing campaigns; the third focuses on emerging threats such as viruses.

Law enforcement officers from across Alabama will attend training workshops at the lab, where they will learn how to conduct cybercrime investigations, says Sloan. Graduate students will use the facility’s workstations to conduct research projects under the direction of Warner and other UAB faculty members. Undergraduate students will be able to use the lab for independent study assignments, and they can also volunteer to work in the lab to gain experience on actual investigations.

“Our students will learn, for instance, how to analyze spam coming to UAB computers, identify where the attacks are coming from, and track the people who are sending them, and then learn how to develop filters against those attacks,” Sloan says.

White Hats Meet Black Hats

Meanwhile, UAB researchers, led by Warner, will develop new ways to solve difficult problems related to Internet crimes. The researchers will also attend classes in the lab on data mining—the process of identifying patterns in databases—which can offer insight into how hackers target potential audiences for a particular kind of attack.

Funding for the facility came from the U.S. Department of Justice’s Community Oriented Policing Services program and from Lowell Wenger, Ph.D., then dean of the UAB School of Natural Sciences and Mathematics, and Jean Ann Linney, Ph.D., then dean of the UAB School of Social and Behavioral Sciences. UAB has commitments from several corporations to support scholarships for students in computer forensics, says Sloan.

Skjellum is hopeful that the new lab will attract students from around the country. “We are solving real problems,” he says. “Our students learn how to stop attacks and create tools that will put cybercriminals in jail.”