May 15, 2014
“The only assumption about digital security that you can make is that nothing is truly secure.” –Imani Palmer
As most of us are aware, our increasingly digital society has given rise to cybercriminals who can commit a crime with far-reaching impacts from anyplace the world. All they need is a computer and the internet. That’s why the newly-emerging field of Digital Forensics (DF) is so important. In order to catch and stop the bad guys, the good guys need to be just as good—maybe even better.
Helping train the good guys is Imani Palmer, a research assistant for Illinois’ Program in Digital Forensics (PDF). How did the Digital Security Ph.D. student get to where she is today? According to Palmer, it stems from a career aspiration she’s had ever since she was a youngster. While some girls want to be a nurse, or a teacher, or a movie star, Palmer has always wanted to be a superhero—the kind WITH superpowers.
“But obviously, you don’t get superpowers, sadly enough. And I was like, ‘Man, that’s not cool. I want superpowers!”
Then she found out about programming and Computer Science (CS).
“It’s sort of a superpower,” she submits. “Not a lot of people know about it, and you can do some interesting stuff, and then it’s like, ‘How can I use my powers for good?’ It’s pretty cheesy I guess.”
Cheesy or not, lucky for us—and bad news for hackers and digital criminals everywhere—she decided to use her “powers” for good and went into Digital Forensics (DF).
According to Palmer, just like in old tv Westerns, where the good guys and the bad guys are clearly delineated based on the color of their hats, in DF, the good guys are nicknamed white-hat hackers; the bad guys, black-hat hackers (obviously).
What motivates black-hat hackers? For one, their prowess on the computer gives them their sense of self-worth.
“I think the idea is that either they like to prove themselves,” says Palmer, “or they’re really, really, really bored, and they like to demonstrate skills…they say most hackers are socially inept in many ways, so therefore this is the way they can demonstrate that they're good.”
And there really are white-hat hackers—good guys who are so good at computers that they could really do some damage—but choose not to.
“What you have are the white-hat hackers who just naturally know they don’t want to harm anybody,” acknowledges Palmer. “So you’re more likely to find a person who’s just really good at hacking that never decided to go into the black hat field. There’s a decent amount of those people who are still out there…who have decided to make that choice.”
So can Palmer hack computers? (If she is a hacker, she’s obviously of the white-hat variety, since she wants to use her powers for good).
“I cannot legally say if I can or not,” she hedges, tactfully evading the question. Carefully choosing her words, she responds: “There are things I know that are useful to many computer science people.”
But though she won’t tell us how good she really is, she admits that some of the things she knows are downright scary: “I’ve figured some things out on my own that would probably be very upsetting to people if they found out about the poor security behind certain things.”
So when did Palmer have her epiphany about being a digital forensic scientist? During a forensics science class in high school. She recalls, “I accidently set myself up for this field...I went through the nitty gritty of how to collect evidence, and why it’s so tedious, and why all the shows are fake.”
(While we're on the topic, are any crime shows nowadays realistic when it comes to cybercrime? NCIS? CSI? Nope. “Law and Order from the 1990s,” reports Palmer. “I think that maybe would have been possibly the closest.”)
However, having decided on a career in DF, Palmer experienced a disappointing setback while trying to prepare for it. As an undergraduate studying computer science, she discovered that her school didn’t have a lot of security in classes.
“So that was boring, and I was upset in a way that I couldn’t focus on the one thing I had planned to focus on after I got into computer science.”
Ironically, much of what Palmer knows about DF didn’t actually come from a classroom. She indicates she learned about it by extensive reading and from TV.
“It’s not like I had to look too hard to find information, and I guess I’m sort of coming in around the proper time with Edward Snowden and Bradley Manning, that security is now in the forefront of everybody’s mind. So I was like, ‘Oh, so now everybody wants to pay attention!’”
Of course, from TV, she probably learned what NOT to do. In fact, Palmer reports that they’re thinking of using some tv show footage for instructional purposes.
“We are trying to get the students into it. So we are trying to see if we can take some video clips and mix them in so we don’t have to talk about it, so they can see something in action.”
While her undergraduate education didn’t emphasize cybersecurity, Palmer wanted a graduate school that did. She reports looking for a school where digital security was expanding, so she chose Illinois, where she is working under Information Trust Institute (ITI) experts Roy Campbell and Masooda Bashir.
With digital forensics being in the forefront of everyone’s mind, there must be a rush to train scientists in the field, correct? Actually, Palmer says not many schools across the country have legitimate undergraduate programs. And among those that do, “All their programs are so different. I think that really is the main problem: no one has a similar goal in mind.”
Even students are in different camps regarding their goals: “Some people want to be digital forensic examiners,” says Palmer. “Some people want to do research. How do we bridge this gap so that everybody is working together in one way or another?”
Even more troubling than the small number of programs is the lack of uniform standards. For example, the national government, local government, industry, and academia all have different standards, “and they’re not the same,” admits Palmer. “We’re definitely trying to work with the FBI and see what they do, and see how we can relate our standards to their standards.”
Another aspect that needs standardization is the certification process needed to become an examiner. According to Palmer, there are three major ones, and different jobs require different ones, depending on whether a DF examiner will be working in Washington, D.C., a large company, or a major legal firm.
So if the FBI, CIA, or Homeland Security are responsible for protecting the United States’ computer infrastructure, how stringent are their examiner requirements? To stop a hacker, one has got to be pretty darn good, right? Even better than the hacker?
“Some don’t even require a computer science undergraduate degree." admits Palmer. "You can get them right out of high school, which is pretty shocking. That’s where the standardization needs to start coming in. A lot of FBI offices have two-day seminars.”
What’s even worse, Palmer indicates that the head of national security’s degree is not in computer science, but in political science.
“Not saying that’s not a decent major, but how does the chair of security not know about cyber security in this day and age, and how would you know if you didn’t have some major related to it?” While his staff members probably do, she asserts, “I really wish the top guy could understand the CS behind what’s actually going on!”
So one focus of PDF is establishing standards. Says Palmer, “We want some standards to be set up, and we’re hoping to set these standards with these classes.”
Another complication regarding Digital Forensics is that the field itself is a hybrid; it’s right in the middle of where computer science, law, forensics, finance, and business intersect. Because digital forensic scientists should be familiar with all of these areas, the program is interdisciplinary. For example, while a DF examiner trained in computer science might be able to catch a hacker in the act, to convict the cybercriminal, he or she would need to follow all the legal protocols.
Thus, PDF’s new Digital Forensics 202 course will address this. Similar to PDF’s first course developed last semester (DF 201), it will be interdisciplinary but more in depth—especially regarding the law.
“With adjustments in Digital Forensics 201, we’re finding out what students really don’t know about the legal system. They struggled with that more so than we believed they would have, so the second course will be more all-encompassing regarding the legal aspects of DF.”
So every lab and homework assignment will include a legal portion addressing: “How does this apply? How would you prove to a jury that your document or the method which with you analyzed was valid?”
Not exposed to the legal aspects of DF as an undergrad, surprisingly, Palmer had been in high school. During an early meeting, she realized, “Oh, wow, I know some of this already. Why do I know this already? Because of high school law class and high school forensics class,” in which she had studied court cases and legal aspects of DF.
PDF is also emphasizing the need for research in the field. Says Palmer, “So, I think our idea is to give a research-esque mindset to students.”
After exposing students to what digital forensic examiners do, they had students develop their own technique, or create a module for next year’s groups, to “get them in that mindset of why this needs to be a research field soon. Hopefully, we can get these students out into the world and then start actually creating this research field.”
This area where CS and law intersect is one reason why more research is needed:
“Overall, I just wish there would be more research in this area so that people can learn and develop new techniques, and then the court systems can keep up with everything that is going on in DF. So hopefully the legal and CS can one day meet ends, and we can make it easier to come up with solutions than waiting for a bill to be passed.”
In addition to strengthening research, PDF creators also hope to eventually provide certification in Digital Forensics. “I think the dream is for DF to be a minor or a certificate…then from the certificate, they can get some type of job in DF.”
Palmer has personal dreams as well. Once she finishes her education, Palmer hopes to own her own company: “Providing security suggestions; be a tool for people. It’s mainly startups who struggle the most, because they are growing so fast they are not able to keep up with security. They probably need things like that. Whoever wants my help can have it.”
However, she is very specific about one key point of her dream; she stipulates that she wants to “have a bunch of people under me, so I don’t have to do a bunch of the work.”
Does Palmer have any final word of advice for us non-computer scientists? For instance, what does she tell her mother about how to protect herself from cybercrime?
“Always log off, and always turn off,” advises Palmer.
Story and photographs by Elizabeth Innes, Communications Specialist, I-STEM Education Initiative. (Image of white cowboy hat courtesy of
Al-Bar Ranch.
More: Computer Science, Student Spotlight, Women in STEM, 2014
For more on the Program in Digital Forensics, see the I-STEM article: Campus Experts Developing a Digital Forensics Undergraduate Curriculum.