Golden G. Richard III // hacker in professorial clothing

Publications

Publications

Books, chapters, and edited volumes, followed by papers in reverse-chronological order. PDF links point to local copies where available.

Books, Chapters & Edited Volumes

  1. C. J. Hoofnagle, G. G. Richard III, Cybersecurity in Context: Technology, Policy, and Law, Wiley, 2024.
  2. G. G. Richard III, “Disinformation: A Cybersecurity Perspective,” in The Disinformers: Social Media, Disinformation, and Elections, LSU Press, 2024. ISBN 9780807182581.  [pdf]
  3. G. G. Richard III, A. Case, M. Manna, E. Hahne, A. Ali-Gombe, “Digital Investigation and the Trojan Defense, Revisited,” in Ijeh AC, Curran K (eds.), Crime Science and Digital Forensics: A Holistic View, CRC Press (Taylor & Francis), 2020.  [pdf]
  4. M. H. Ligh, A. Case, J. Levy, A. Walters; G. G. Richard III (Technical Editor), The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory, Wiley, 2014.
  5. V. Roussev, L. Wang, G. G. Richard III, L. Marziale, “A Cloud Computing Platform for Large-scale Forensic Computing,” in Research Advances in Digital Forensics V, Springer, 2009.  [pdf]
  6. L. Marziale, S. Movva, G. G. Richard III, V. Roussev, L. Schwiebert, “Massively-Threaded Digital Forensics Tools,” in Handbook of Research on Computational Forensics, IGI Global, 2009.
  7. V. Roussev, G. G. Richard III, V. Marziale, “Classprints: Class-aware Similarity Hashes,” in Research Advances in Digital Forensics IV, Springer, 2008. ISBN 978-0-387-84926-3.  [pdf]
  8. G. G. Richard III, V. Roussev, L. Marziale, “In-place File Carving,” in Research Advances in Digital Forensics III, Springer, 2007, pp. 217–230.  [pdf]
  9. G. G. Richard III, V. Roussev, “Digital Forensics Tools: The Next Generation,” in Digital Crime and Forensic Science in Cyberspace, Idea Group, 2006, pp. 75–90.  [pdf]
  10. G. G. Richard III, V. Roussev, “Toward Secure, Audited Processing of Digital Evidence: Filesystem Support for Digital Evidence Bags,” in Research Advances in Digital Forensics II, Springer, 2006, pp. 29–40.  [pdf]
  11. Y. Chen, V. Roussev, G. G. Richard III, Y. Gao, “Content-Based Image Retrieval for Digital Forensics,” in Research Advances in Digital Forensics, Springer, 2005, pp. 271–282.  [pdf]
  12. F. Adelstein, S. Gupta, G. G. Richard III, L. Schwiebert, Fundamentals of Mobile and Pervasive Computing, McGraw-Hill, 2004.
  13. G. G. Richard III, Service and Device Discovery: Protocols and Programming, McGraw-Hill, 2002.
  14. M. B. Kooijmans, B. Foix, T. Newling, G. G. Richard III, S. Tu, Experiences Moving a Java Application to OS/390, IBM ITSO, 1999.

Papers

  1. A. Case, A. Sellers, G. G. Richard III, D. McDonald, G. Moreira, “Defeating EDR Evading Malware with Memory Forensics,” DEFCON, August 2024.  [pdf]
  2. C. Bowen, A. Case, I. Baggili, G. G. Richard III, “A Step in a New Direction: NVIDIA GPU Kernel Driver Memory Forensics,” Forensic Science International: Digital Investigation, vol. 49, July 2024.  [pdf]
  3. J. Jankura, H. Catallo-Stooks, I. Baggili, G. G. Richard III, “Catch Me if You Can: Analysis of Digital Devices and Artifacts Used in Murder Cases,” ICDF2C, November 2023.
  4. R. Mettig, C. Glass, A. Case, G. G. Richard III, “Assessing the Threat of Rosetta 2 on Apple Silicon Devices,” Forensic Science International: Digital Investigation, vol. 46, September 2023.  [pdf]
  5. A. Alshaya, A. Kardorff, C. Facundus, I. Baggili, G. G. Richard III, “Memory Forensics of the OpenDaylight SDN Controller,” 18th Intl. Conf. on Availability, Reliability and Security, August 2023.
  6. L. Pace, L. Salmon, C. Bowen, I. Baggili, G. G. Richard III, “Every Step You Take, I’ll be Tracking You: Forensic Analysis of the Tile Tracker Application,” Forensic Science International: Digital Investigation, vol. 45, July 2023.  [pdf]
  7. A. Ali-Gombe, S. Sudhakaran, R. Vijayakanthan, G. G. Richard III, “RGB Mem: At the Intersection of Memory Forensics and Machine Learning,” DFRWS, July 2023.  [pdf]
  8. A. Case, G. Moreira, A. Sellers, G. G. Richard III, “New Memory Forensics Techniques to Defeat Device Monitoring Malware,” Black Hat USA 2022, August 2022, Las Vegas.  [pdf]
  9. M. Manna, A. Case, A. Ali-Gombe, G. G. Richard III, “Memory Analysis of .NET and .NET Core Applications,” DFRWS 2022, July 2022.  [pdf]
  10. S. Sudhakaran, A. Ali-Gombe, A. Case, G. G. Richard III, “Evaluating the Reliability of Android Userland Memory Forensics,” ICCWS 2022.  [pdf]
  11. A. Case, G. G. Richard III, “Fixing a Memory Forensics Blind Spot: Linux Kernel Tracing,” Black Hat USA 2021, August 2021, Las Vegas.  [pdf]
  12. M. Manna, A. Case, A. Ali-Gombe, G. G. Richard III, “Modern macOS Userland Runtime Analysis,” Forensic Science International: Digital Investigation, vol. 38, September 2021.  [pdf]
  13. M. Jalalzai, C. Feng, C. Busch, G. G. Richard III, J. Niu, “The Hermes BFT for Blockchains,” IEEE Transactions on Dependable and Secure Computing, 2021.  [pdf]
  14. R. Maggio, A. Case, A. Ali-Gombe, G. G. Richard III, “Seance: Divination of Tool-Breaking Changes in Forensically Important Binaries,” DFRWS 2021, July 2021.  [pdf] Best Paper
  15. A. Ali-Gombe, G. G. Richard III, “The Recreation and Visualization of Runtime Objects Relationship from Process Memory Images,” 73rd AAFS Annual Meeting, February 2021.
  16. M. Manna, A. Case, G. G. Richard III, “Performing Mac Memory Analysis Using Objective-C and Swift Data Structures,” 73rd AAFS Annual Meeting, February 2021.
  17. S. Sudhakaran, A. Ali-Gombe, G. G. Richard III, “Examining the Impact of Garbage Collection and Process States in Userland Memory Forensics,” 73rd AAFS Annual Meeting, February 2021.
  18. A. Orgah, G. G. Richard III, A. Case, “MemForC: Memory Forensics Corpus Creation for Malware Analysis,” 16th ICCWS, 2021.  [pdf]
  19. S. Sudhakaran, A. Ali-Gombe, A. Orgah, A. Case, G. G. Richard III, “AmpleDroid: Recovering Large Object Files from Android Application Memory,” IEEE WIFS, 2020.
  20. A. Ali-Gombe, A. Tambaoan, A. Gurfolino, G. G. Richard III, “App-Agnostic Post-Execution Semantic Analysis of Android In-Memory Forensics Artifacts,” ACSAC, 2020.  [pdf]
  21. S. Paruchuri, A. Case, G. G. Richard III, “Gaslight Revisited: Efficient and Powerful Fuzzing of Digital Forensics Tools,” Computers and Security, vol. 97, 2020.  [pdf]
  22. A. Case, R. Maggio, M. Firoz-Ul-Amin, M. Jalalzai, A. Ali-Gombe, M. Sun, G. G. Richard III, “Hooktracer: Automatic Detection and Analysis of Keystroke Loggers Using Memory Forensics,” Computers and Security, vol. 96, 2020.  [pdf]
  23. A. Case, R. Maggio, M. Manna, G. G. Richard III, “Memory Analysis of macOS Page Queues,” DFRWS 2020, July 2020, Memphis, TN.  [pdf]
  24. A. Ali-Gombe, S. Sudhakaran, A. Case, G. G. Richard III, “DroidScraper: A Tool for Android In-Memory Object Recovery and Reconstruction,” RAID 2019, Beijing, China.  [pdf]
  25. M. Jalalzai, C. Busch, G. G. Richard III, “Proteus: A Scalable BFT Consensus Protocol for Blockchains,” IEEE Blockchain-2019, Atlanta, GA.  [pdf]
  26. M. Jalalzai, C. Busch, G. G. Richard III, “An Experimental Evaluation of BFT Protocols for Blockchains,” ICBC 2019, San Diego, CA.  [pdf]
  27. A. Case, M. Jalalzai, M. Firoz-Ul-Amin, R. Maggio, A. Ali-Gombe, M. Sun, G. G. Richard III, “HookTracer: A System for Automated and Accessible API Hooks Analysis,” DFRWS 2019, Portland, OR.  [pdf]
  28. C. Weems, I. Ahmed, G. G. Richard III, J. Russell, E. Neil, “Susceptibility and Resilience to Cyber Threat,” PLOS ONE, 2018.  [pdf]
  29. N. Lewis, A. Case, A. Ali-Gombe, G. G. Richard III, “Memory Forensics and the Windows Subsystem for Linux,” DFRWS 2018, Providence, RI.  [pdf] Best Student Paper
  30. R. Bhatia, B. Saltaformaggio, S. J. Yang, A. Ali-Gombe, X. Zhang, D. Xu, G. G. Richard III, “Tipped Off by Your Memory Allocator: Device-Wide User Activity Sequencing from Android Memory Images,” NDSS 2018, San Diego, CA.  [pdf]
  31. A. Ali-Gombe, B. Saltaformaggio, R. Ramanujam, D. Xu, G. G. Richard III, “Towards a More Dependable Hybrid Analysis of Android Malware Using Aspect-Oriented Programming,” Computers and Security, vol. 73, March 2018.
  32. A. Case, A. Das, S.-J. Park, R. Ramanujam, G. G. Richard III, “Gaslight: A Comprehensive Fuzzing Architecture for Memory Forensics Frameworks,” DFRWS 2017, Austin, TX.  [pdf]
  33. J. D. Russell, C. F. Weems, I. Ahmed, G. G. Richard III, “Self-reported Secure and Insecure Cyber Behavior,” Journal of Cyber Security Technology, 2017.  [pdf]
  34. A. Case, G. G. Richard III, “Memory Forensics: The Path Forward,” Journal of Digital Investigation, 20(3), pp. 23–33, 2017.  [pdf]
  35. J. Sylve, V. Marziale, G. G. Richard III, “Modern Windows Hibernation File Analysis,” Journal of Digital Investigation, 20(3), pp. 16–22, 2017.  [pdf]
  36. B. Saltaformaggio, R. Bhatia, X. Zhang, D. Xu, G. G. Richard III, “Screen after Previous Screens: Spatial-Temporal Recreation of Android App Displays from Memory Images,” USENIX Security 2016, Austin, TX.  [pdf]
  37. W. Johnson, A. Luzader, I. Ahmed, V. Roussev, G. G. Richard III, C. Lee, “Development of Peer Instruction Questions for Cybersecurity Education,” USENIX ASE ’16, Austin, TX.  [pdf]
  38. A. Ali-Gombe, G. G. Richard III, I. Ahmed, V. Roussev, “Don’t Touch that Column: Portable, Fine-Grained Access Control for Android’s Native Content Providers,” ACM WiSec 2016, Darmstadt, Germany.  [pdf]
  39. A. Case, G. G. Richard III, “Detecting Objective-C Malware through Memory Forensics,” DFRWS 2016, Seattle, WA.  [pdf] Best Paper
  40. J. Sylve, V. Marziale, G. G. Richard III, “Pool Tag Quick Scanning for Windows Memory Analysis,” DFRWS-EU 2016, Lausanne, Switzerland.  [pdf]
  41. A. Tamrakar, J. Russell, I. Ahmed, G. G. Richard III, C. Weems, “SPICE: A Software Tool for Bridging the Gap Between End-user’s Insecure Cyber Behavior and Personality Traits,” CODASPY 2016, New Orleans, LA.
  42. A. Ali-Gombe, I. Ahmed, G. G. Richard III, V. Roussev, “AspectDroid: An Android App Analysis System,” CODASPY 2016, New Orleans, LA.  [pdf]
  43. A. Ali-Gombe, I. Ahmed, G. G. Richard III, V. Roussev, “OpSeq: Android Malware Fingerprinting,” PPREW 2015 (ACSAC), Los Angeles, CA.  [pdf]
  44. A. Case, G. G. Richard III, “Advancing Mac OS X Rootkit Detection,” DFRWS 2015, Philadelphia, PA.  [pdf]
  45. J. Grier, G. G. Richard III, “Rapid Forensic Imaging of Large Disks with Sifting Collectors,” DFRWS 2015, Philadelphia, PA.  [pdf] Best Paper
  46. G. G. Richard III, A. Case, “In Lieu of Swap: Analyzing Compressed RAM in Mac OS X and Linux,” DFRWS 2014, Denver, CO.  [pdf] Best Paper
  47. G. G. Richard III, I. Ahmed, “Compressed RAM and Live Forensics,” 66th AAFS Annual Meeting, February 2014, Seattle, WA.
  48. I. Ahmed, G. G. Richard III, “Kernel Pool Monitoring for Live Forensics,” 66th AAFS Annual Meeting, February 2014, Seattle, WA.
  49. I. Ahmed, G. G. Richard III, A. Zoranic, V. Roussev, “Integrity Checking of Function Pointers in Kernel Pools via Virtual Machine Introspection,” ISC 2013, Dallas, TX.  [pdf] Best Paper
  50. I. Ahmed, A. Zoranic, S. Javaid, G. G. Richard III, V. Roussev, “IDTchecker: Rule-based Integrity Checking of Interrupt Descriptor Tables in Cloud Environments,” IFIP WG 11.9 2013, Orlando, FL.  [pdf]
  51. I. Ahmed, G. G. Richard III, “Live Forensic Analysis of Kernel Code for Malware Detection in Cloud Computing Environments,” 65th AAFS Annual Meeting, February 2013, Washington, DC. Outstanding Research
  52. S. Javaid, A. Zoranic, I. Ahmed, G. G. Richard III, “Atomizer: A Fast, Scalable and Lightweight Heap Analyzer for Virtual Machines in a Cloud Environment,” LAW’12 (ACSAC), Orlando, FL.  [pdf]
  53. I. Ahmed, S. Obermeier, M. Naedele, G. G. Richard III, “SCADA Systems: Challenges for Forensic Investigators,” IEEE Computer, 45(12), December 2012.  [pdf]
  54. I. Ahmed, S. Javaid, A. Zoranic, G. G. Richard III, “ModChecker: Kernel Module Integrity Checking in the Cloud Environment,” CloudSec 2012, Pittsburgh, PA.  [pdf]
  55. J. Sylve, A. Case, L. Marziale, G. G. Richard III, “Acquisition and Analysis of Volatile Memory from Android Devices,” Journal of Digital Investigation, 8(3), 2011.  [pdf]
  56. G. G. Richard III, “Kernel Version-Independent Tools for Deep, Live Digital Forensics Investigation,” 62nd AAFS Annual Meeting, 2010.
  57. A. Case, L. Marziale, C. Neckar, G. G. Richard III, “Treasure and Tragedy in kmem_cache Mining for Live Forensics Investigation,” DFRWS 2010, Portland, OR.  [pdf]
  58. A. Case, L. Marziale, G. G. Richard III, “Dynamic Recreation of Kernel Data Structures for Live Forensics,” DFRWS 2010, Portland, OR.  [pdf]
  59. G. G. Richard III, “The Impact of Multicore CPUs and GPUs on Digital Forensics Tool Design,” 61st AAFS Annual Meeting, 2009. Best Presentation
  60. G. G. Richard III, “A Highly Immersive Approach to Teaching Reverse Engineering,” CSET 2009 (USENIX Security), Montreal, CA.  [pdf]
  61. V. Roussev, L. Wang, G. G. Richard III, L. Marziale, “MMR: A Platform for Large-Scale Forensic Computing,” IFIP WG 11.9 2009.  [pdf]
  62. M. Kaur, S. Bhatt, L. Schwiebert, G. G. Richard III, “An Efficient Protocol for Service Discovery in Wireless Sensor Networks,” SUPE’08 (GLOBECOM), New Orleans, LA.  [pdf]
  63. A. Case, A. Cristina, L. Marziale, G. G. Richard III, V. Roussev, “FACE: Automated Digital Evidence Discovery and Correlation,” DFRWS 2008, Baltimore, MD.  [pdf]
  64. V. Roussev, G. G. Richard III, L. Marziale, “Hash-based Classification of Data: Class-based Similarity Hashing,” IFIP WG 11.9 2008, Kyoto, Japan.  [pdf]
  65. L. Marziale, G. G. Richard III, V. Roussev, “Massive Threading: Using GPUs to Increase the Performance of Digital Forensics Tools,” DFRWS 2007, Boston, MA.  [pdf]
  66. V. Roussev, G. G. Richard III, L. Marziale, “Multi-Resolution Similarity Hashing,” DFRWS 2007, Boston, MA.  [pdf]
  67. G. G. Richard III, V. Roussev, L. Marziale, “In-place File Carving,” IFIP WG 11.9 2007.  [pdf]
  68. G. G. Richard III, V. Roussev, V. Marziale, “Forensic Discovery Auditing of Digital Evidence Containers,” Journal of Digital Investigation, 4(2), June 2007, pp. 88–97.  [pdf]
  69. V. Roussev, Y. Chen, T. Bourg, G. G. Richard III, “md5bloom: Forensic Filesystem Hashing Revisited,” DFRWS 2006, West Lafayette, IN.  [pdf]
  70. V. Roussev, G. Priego, G. G. Richard III, “TouchSync: Lightweight Synchronization for Ad-Hoc Mobile Collaboration,” CTS 2006.  [pdf]
  71. G. G. Richard III, V. Roussev, “Next Generation Digital Forensics,” Communications of the ACM, February 2006.  [pdf]
  72. G. G. Richard III, V. Roussev, “Toward Secure, Audited Processing of Digital Evidence: Filesystem Support for Digital Evidence Bags,” IFIP WG 11.9 2006, Orlando, FL.  [pdf]
  73. D. Tingstrom, V. Roussev, G. G. Richard III, “dRamDisk: Efficient RAM Sharing on a Commodity Cluster,” IPCCC 2006, Phoenix, AZ.  [pdf]
  74. F. Adelstein, Y. Gao, G. G. Richard III, “Automatically Creating Realistic Targets for Digital Forensics Investigation,” DFRWS 2005, New Orleans, LA.  [pdf]
  75. G. G. Richard III, V. Roussev, “Scalpel: A Frugal, High Performance File Carver,” DFRWS 2005, New Orleans, LA.  [pdf]
  76. L. Klos, G. G. Richard III, “A Reliable Extension to the ODMRP Ad Hoc Multicast Protocol,” ICWN 2005.  [pdf]
  77. L. Klos, G. G. Richard III, “Reliable Ad Hoc Group Communication Using Local Neighborhoods,” WiMob 2005.  [pdf]
  78. F. Adelstein, P. Alla, R. Joyce, G. G. Richard III, “Physically Locating Wireless Intruders,” Journal of Universal Computer Science, 11(1), pp. 4–19, 2005.  [pdf]
  79. Y. Chin, V. Roussev, G. G. Richard III, Y. Gao, “Content-Based Image Retrieval for Digital Forensics,” IFIP 2005.  [pdf]
  80. V. Roussev, G. G. Richard III, “Breaking the Performance Wall: The Case for Distributed Digital Forensics,” DFRWS 2004, Baltimore, MD.  [pdf]
  81. A. Altalhi, G. G. Richard III, “Load-Balanced Routing Through Virtual Paths,” IPCCC 2004.  [pdf]
  82. F. Adelstein, P. Alla, R. Joyce, G. G. Richard III, “Physically Locating Wireless Intruders,” IAS 2004.  [pdf]
  83. Y. Gao, G. G. Richard III, V. Roussev, “Bluepipe: An Architecture for On-the-Spot Digital Forensics,” International Journal of Digital Evidence, 3(1), 2004.  [pdf]
  84. A. Altalhi, G. G. Richard III, “Virtual Paths Routing: A Highly Dynamic Routing Protocol for Ad Hoc Wireless Networks,” MP2P’04.  [pdf]
  85. F. Adelstein, G. G. Richard III, L. Schwiebert, “Distributed Multicast Tree Generation with Dynamic Group Membership,” Computer Communications, 26(10), June 2003.  [pdf]
  86. A. Altalhi, G. G. Richard III, “Dynamic Routes Through Virtual Paths Routing for Ad Hoc Networks,” CIIT 2003.  [pdf]
  87. J. Allard, P. Gonin, M. Singh, G. G. Richard III, “A User Level Framework for Ad hoc Routing,” LCN 2002.  [pdf]
  88. L. Klos, G. G. Richard III, “Reliable Group Communication in an Ad Hoc Network,” LCN 2002.  [pdf]
  89. J. Allard, V. Chinta, S. Gundala, G. G. Richard III, “Jini Meets UPnP: An Architecture for Jini/UPnP Interoperability,” SAINT 2003.  [pdf]
  90. V. Mahadevan, M. Abdelguerfi, S. Tu, G. G. Richard III, “Benchmarking Data Replication Performance for DIMHRS,” CIC 2002.  [pdf]
  91. C. Jiao, L. Schwiebert, G. G. Richard III, “Adaptive Header Compression for Wireless Networks,” LCN 2001.  [pdf]
  92. G. G. Richard III, “Service Advertisement and Discovery: Enabling Universal Device Cooperation,” IEEE Internet Computing, 4(5), Sept/Oct 2000.  [pdf]
  93. L. Klos, G. G. Richard III, “Julep: An Environment for the Evaluation of Distributed Process Recovery Protocols,” PRDC 2000.  [pdf]
  94. S. Helal, C. Lee, Y. Zhang, G. G. Richard III, “An Architecture for Wireless LAN/WAN Integration,” WCNC 2000.  [pdf]
  95. R. Ladner, M. Abdelguerfi, G. G. Richard III, L. Klos, B. Liu, K. Shaw, “A Distributed Virtual Reality Prototype for Real Time GPS Data,” 2nd Intl. Workshop on Telegeoprocessing, 2000.  [pdf]
  96. F. Adelstein, G. G. Richard III, L. Schwiebert, “Building Dynamic Multicast Trees in Mobile Networks,” IWGC ’99.  [pdf]
  97. F. Adelstein, F. Hosch, G. G. Richard III, L. Schwiebert, “Bessie: Portable Generation of Network Descriptions for Simulation,” IC3N ’98, pp. 787–791.  [pdf]
  98. G. G. Richard III, “Efficient Vector Time with Dynamic Process Creation and Termination,” Journal of Parallel and Distributed Computing 55, pp. 109–120, 1998.  [pdf]
  99. G. G. Richard III, S. Tu, “On Patterns for Practical Fault Tolerant Software in Java,” 17th IEEE SRDS, pp. 144–150, 1998.  [pdf]
  100. G. G. Richard III, M. Singhal, “Complete Process Recovery: Using Vector Time to Handle Multiple Failures in Distributed Systems (revised),” IEEE Concurrency, pp. 50–59, Summer 1997.  [pdf]
  101. G. G. Richard III, “Perl and Socket-Based Client/Server Programming in Introductory Operating Systems Classes,” TCOS Bulletin, Fall 1996.  [pdf]
  102. F. Adelstein, G. G. Richard III, L. Schwiebert, R. Parent, M. Singhal, “A Distributed Graphics Library System,” Software Practice and Experience, 24(4), April 1994.  [pdf]
  103. G. G. Richard III, M. Singhal, “Using Logging and Asynchronous Checkpointing to Implement Recoverable Distributed Shared Memory,” 12th IEEE SRDS, Princeton, NJ, pp. 58–67, October 1993.  [pdf]