Book Series: World Scientific Series in Digital Forensics and Cybersecurity

Series Editor
Dr Sanjay Goel
Professor and Chair, Information Technology Management Department
Director, Center for Forensics Analytics Complexity Energy Transportation and Security
Director of Research, NYS Center for Information Forensics and Assurance
The State University of New York at Albany

It is clear that our ability to defend our networks and data has diminished significantly. Given enough time, a determined attacker will be able to bypass an organization’s perimeter. As part of an Advanced Persistent Threat attack, motivated attackers can spend months or even years targeting a specific organization and lurking in its fringes until they break into it. Using techniques from “spear phishing” (targeted phishing/email attacks) to exploiting zero-day vulnerabilities where patches do not yet exist, an advanced attacker will breach a target network’s perimeter.

The security paradigm has changed fundamentally from the perimeter to the core — the assumption is that intrusions are inevitable and visibility into their networks is critical. Visibility into networks is the current security paradigm — Who is entering the network? What data is coming and leaving (insider threats — Snowden and Manning)? Is the integrity of data being ensured (with grades, for example)? Security Analytics and the Forensics is the new security. It involves logging all the information and then connecting the dots through data analytics, visualization, and analyst interpretation. Security professionals today need to be trained in data analytics as much as in network and computer architecture.

Digital Forensics involves collecting data from electronic devices, analyzing the data to detect critical events such as intrusions, faults and anomalies, and analyzing these events to understand the origin of the event, its perpetrators (whether they are hackers, insiders, etc.), the vulnerability that was exploited and any malicious software that may have been installed on the computers. To effectively collect data from electronic devices, an analyst needs to understand the hardware architecture, operating system, file system, and input/output (I/O) channels on a device, and the network architecture, along with the data logging protocols. Digital Forensics as a field has three primary applications: in intelligence, security, and law enforcement.

This book series covers the latest research in the field of digital forensics as well as the state-of-the-art practice in the field. Eminent researchers and practitioners have been selected to work on different volumes of the series that will be announced and released in a sequence.

About the Editor

Sanjay Goel is Professor and Chair of the Information Technology Management Department in the School of Business, Director of the Center for Forensics Analytics Complexity Energy Transportation and Security, and the Director of Research at the NYS Center for Information Forensics and Assurance at the State University of New York at Albany. He is also the Director of the Digital Forensics Program at the University. Dr. Goel received his PhD in Mechanical Engineering from RPI. His research interests include information security, cyber warfare, music piracy, complex systems, security behavior, and cyber physical systems. His research on self-organizing systems includes traffic light coordination, smart grid and social networks. He is lead author of Smart Grid Vision, prepared by the IEEE Communications Society and the IEEE Standards Association. He is actively engaged in policy efforts on cyber security norms, confidence building measures, and cyber treaties.

He won the promising Inventor's Award in 2005 from the SUNY Research Foundation. In 2006, he was awarded the SUNY Chancellor's Award for Excellence in Teaching, the UAlbany Excellence in Teaching Award, and the Graduate Student Organization Award for Faculty Mentoring. In 2010 he was awarded the UAlbany Excellence in Research Award. In 2015, he was also awarded the SUNY Chancellors' Excellence in Academic Service, UAlbany Presidents' Excellence in University Service, and School of Business Excellence in Research Award. He was named one of the three AT&T Industrial Ecology Faculty Fellows for 2009–2010. He has received grant funding from multiple sources including: the National Institute of Justice, US Department of Education, US Department of Commerce, National Science Foundation, Intelligence Advanced Research Project Activity, Region II University Transportation Research Center, New York State Energy Research and Development Agency (NYSERDA), Blackstone Foundation, AT&T Foundation and James S McDonnell Foundation. He also received a $800,000 grant to establish a Blackstone Launchpad to foster entrepreneurship and innovation among students at UAlbany, a 1.6M dollar award to develop strategies for detection of inside threat actors, and $800,000 from NIST and the Department of Commerce for understanding and fostering the ecosystem of cybersecurity in the capital district of New York and adjoining areas.

He has over 100 articles in refereed journals and conference publications including top journals such as the IEEE Journal of Selected Areas in Communication, Journal of the AIS, IEEE Transactions on Dependable Computing, California Management Review, Decision Support Systems, Communications of the AIS, Communications of the ACM and the Information & Management Journal. In addition, he has been invited to present at 50 conferences including giving over 15 keynotes and plenary talks. He is a recognized international expert in information security, cyber warfare, and smart grid and has given plenary talks in events across several countries including the US, Germany, Russia, Serbia, Croatia, and India in events that have been sponsored by NATO, OSCE, and other professional organizations. He established the Annual Symposium on Information Assurance as an academic symposium held in conjunction with the NYS Cyber Security Conference and has served as its chair. In its 14th year now; the joint event attracts over 1,200 participants. He also initiated and started the International Conference on Digital Forensics and Cyber Crime (ICDF2C) which is a popular forensics conference.