Meet the New Breed of Crimefighter at CAS’s CIA/JFR
By Matt Windsor
Illustrated by Jin Chung
They may not wear spandex or leather boots, but the elite team of investigators at the College of Arts and Sciences’ Center for Information Assurance/Joint Forensics Research (CIA/JFR) do indeed have some unique superpowers.
John Grimes, J.D., a career U.S. Army veteran who only recently returned to the UAB faculty from Afghanistan where he helped coordinate U.S. intelligence, is now using his knowledge of intelligence analytics to hunt down nefarious groups attacking U.S. businesses and government agencies.
He’s not the kind of man you want to cross. On the wall of his office are certificates from sniper school, paratrooper school, and a host of other elite military training recognitions and awards.
One floor above in UAB’s University Boulevard Office Building is the office of forensic scientist Elizabeth Gardner, Ph.D., an expert on the chemistry of illegal drugs who once helped analyze the failure of deep space rockets for NASA. Students in Gardner’s labs have learned to detect microscopic traces of cocaine residue on dollar bills and sort out the dangerous chemical mixtures found in drugs sold over the Internet.
In the SPIES (Security and Privacy in Emerging Systems) lab just across the road, the computer scientist Nitesh Saxena, Ph.D., is devising transformative ways to help users stay secure online, including turning password-based logins into a game as well as protecting new ways of making sensitive transactions, such as near field communication-based payments.
Meanwhile, computer forensics expert Gary Warner is using the UAB Spam Data Mine to track the criminal gangs responsible for stealing millions of dollars in cyberspace. CIA/JFR, known as “the Center,” is directed by Tony Skjellum, Ph.D., chair of the UAB Department of Computer and Information Sciences. It now includes dozens of investigators from a range of specialties with a common goal—to stay at the cutting edge of crimefighting and share the fruits of their research with law enforcement, affected businesses, and consumers.
“Our members work together to help create, prototype, test, implement, and refine tools to strengthen all defenses against any potential attacks,” Skjellum says.
It’s important that the researchers come from a wide variety of backgrounds, adds John Sloan, Ph.D., chair of the Department of Justice Sciences and a cofounder of the Center. “Criminals work across interdisciplinary lines,” Sloan says, “and that’s how our research, development, and outreach works. There’s no other way to keep up and help law enforcement catch criminals.”
Elizabeth Gardner, Ph.D., assistant professor, Department of Justice Sciences
Specialty: Forensic chemistry
Research Focus: Identifying emerging drugs of abuse; testing illicit drugs to determine the identity and concentration of common adulterants; testing clothing from clandestine labs for methamphetamine and other drugs; infrared spectroscopy of blood; laser analysis of trace evidence.
“My work is all about the chemical analysis of organic compounds. There are very similar techniques that can be applied to everything from tracking oil spills in the Gulf to determining the composition of ‘ legal high’ drugs ordered off the Internet.”
Ragib Hasan, Ph.D., assistant professor, Department of Computer and Information Sciences
Specialty: Cloud computing and practical security
Research Focus: Trustworthy data history, provenance, and accountability for cloud computing, file systems, and databases; mobile malware; secure social networking
“Businesses are making a major push in cloud computing, with Amazon, Google, and Apple leading the way. But right now you don’t have any guarantees about what happens to your data when it goes into the cloud. I’m interested in how we can make those clouds more secure and protect privacy.”
John Grimes, J.D., assistant professor, Department of Justice Sciences, director of intelligence analytics for CIA/JFAR
Specialty: Human intelligence, counterintelligence
Research Focus: Measurements and signals intelligence; imagery and geospatial intelligence
“If you think of all things in cyberspace as dealing with ones and zeroes, my role is to round out the rest of the intelligence spectrum—the two through nine of an investigation, if you will. I focus on what a cyber-malefactor may do coming up to the keyboard and then what happens when they pull back. It’s not enough to know that a crime has happened; you have to know who has done it and prove that to the satisfaction of a judge and jury.”
Nitesh Saxena, Ph.D., assistant professor and director of the SPIES lab
Specialty: Computer security, user-centered security, and applied cryptography
Research Focus: New security paradigms for computer systems, especially smartphones and other mobile devices
“Users don’t have much intrinsic motivation to pursue security tasks online or act in a secure manner, but they do like games. So instead of entering a password, you might be prompted to play a quick game that would actually be establishing your identity or credentials.”
Gary Warner, director of computer forensics research at UAB
Specialty: Computer forensics
Research Focus: Cybercrime, especially phishing and malware; developing UAB PhishIntel database to provide comprehensive source of cybercrime evidence to law enforcement
“More than 11 million people will be victims of financial crimes this year, and a great deal of that will include malware and phishing. We need better technology to detect these attacks and a better way to protect consumers. UAB PhishIntel is part of that. We can pinpoint the criminals who are responsible for thousands of phishing attacks, and in many cases we have their e-mail accounts and locations. We can go to law enforcement and tell them, ‘These are the ones you want to go after.’”