Fortify Research Laboratories

Fortifying Internet Freedoms
AAron R. Walters

AAron Walters

Founding Partner, Volatile Systems LLC

Workshop Chair, Open Memory Forensics Workshop (OMFW)

Lecturer, ENTS, University of Maryland, College Park

Graduate Student, Computer Science, Purdue University

Research Interests: Distributed Systems, Anomaly Detection, Data Mining, Multi-Sensor Data Fusion, Digital Forensics

Advisor: Prof. Cristina Nita-Rotaru

Thesis Committee: Prof. Dongyan Xu, Prof. Eugene Spafford

Laboratory: Dependable and Secure Distributed Systems Lab

Blogs

Volatile Systems: Empowering Investigators

Volatility: Volatile memory analysis research

Projects:

The Volatility Framework: Volatile memory forensics framework

FATKit: A Framework for the Extraction and Analysis of Digital Forensic Data from Volatile System Memory

A Survivable Infrastructure for National Civilian Biodefense

Awards:

First Place, DFRWS 2008 Challenge

Journal Publications:

N. Petroni, A. Walters, T. Fraser, and W. Arbaugh, "FATKit: A Framework for the Extraction and Analysis of Digital Forensic Data from Volatile System Memory" ,Digital Investigation Journal 3(4):197-210, December 2006

X. Jiang, F. Buchholz, A. Walters, D. Xu, Y. Wang, E. H. Spafford, "Tracing Worm Break-in and Contaminations via Process Coloring: A Provenance-Preserving Approach", IEEE Transactions on Parallel and Distributed Systems, 2007.

R. Torres, X. Sun, A. Walters, C. Nita-Rotaru and S. Rao, "Enabling Confidentiality of Data Delivery in an Overlay Broadcasting System," IEEE Journal on Selected Areas in Communications.

A. Walters, D. Zage, C. Nita-Rotaru, "A Framework for Mitigating Attacks Against Measurement-Based Adaptation Mechanisms in Unstructured Multicast Overlay Networks," IEEE/ACM Transactions on Networking, 2007.

Conference Publications:

A. Walters, B. Matheny, D. White, "Using Hashing to Improve Volatile Memory Forensic Analysis," American Academy of Forensic Sciences 60th Annual Meeting. Washington, D.C., February 2008.

R. Torres, X. Sun, A. Walters, C. Nita-Rotaru and S. Rao, "Enabling Confidentiality of Data Delivery in an Overlay Broadcasting System," Proc. of the 26th IEEE INFOCOM, Anchorage, Alaska, May 2007.

A. Walters and N. Petroni, "Volatools: Integrating Volatile Memory Forensics into the Digital Investigation Process," Black Hat DC 2007, February 2007.

A. Walters, D. Zage, and C. Nita-Rotaru, "Mitigating Attacks Against Measurement-Based Adaptation Mechanisms in Unstructured Multicast Overlay Networks," The 14th IEEE International Conference on Network Protocols November (ICNP) 12-15, 2006 Santa Barbara, California.

N. Petroni, T. Fraser, A. Walters, and W. Arbaugh, "An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data," Proc. of the 15th USENIX Security Symposium, August 2006.

X. Jiang, A. Walters, F. Buchholz, D. Xu, Y. Wang, E. Spafford, "Provenance-Aware Tracing of Worm Break-in and Contaminations: A Process Coloring Approach", Proc. of the 26th IEEE International Conference on Distributed Computing Systems, July 2006.

Theses:

A. Walters, "Mitigating Attacks Against Measurement-Based Adaptation Mechanisms in Overlay Networks," Master Thesis, Purdue University. May 2006.

Other Publications:

A. Walters and C. Nita-Rotaru, "Analysis of Malicious Abstract Faults in Adaptive Measurement-Based Overlay Networks," In SOSP 2005, Poster, Brighton, UK, October 2005.

A. Walters, "FATKit: Detecting Malicious Library Injection and Upping the "Anti"" , July 2006.

Invited Talks:

A. Walters, "Advanced Digital Forensics: Finding Malevolence in the Cloud Before it Bursts", Cloud Computing Expo 2010 West, November 2010.

A. Walters, "Memory Forensics Research and Revolution: Innovating in a Volatile World", Annual ACM Northeast Digital Forensics Exchange (NeFX), September 2010.

A. Walters, "Memory Forensics Research and Revolution: The Past, Present, and Future", Digital Forensics Research Workshop (DFRWS), August 2010.

A. Walters, "Advanced Digital Forensics: Finding Malevolence in the Cloud Before it Bursts", Cloud Expo East, April 2010.

A. Walters, "Advanced Memory Forenics: What's in Your RAM", Hacker Halted USA, September 2009.

A. Walters, "Upping the 'Anti': Using Memory Analysis to Fight Malware," SANS WhatWorks Summit in Forensics and Incident Response, October 2008.

A. Walters, "Advanced Memory Forensics," NoVa Sec, April 2008.

A. Walters, "Volatile Memory Analysis," Europol, High Tech Crime Expert Meeting, The Hague, November 2007.

A. Walters, "Augmenting Digital Investigations with Volatile Memory Analysis," University of Wisconsin-Madison, Lockdown 2007, August 2007.

Conference Talks

A. Walters, "Volatility 1.3," Open Memory Forensics Workshop (OMFW), August 2008.

A. Walters, B. Matheny, D. White, "Using Hashing to Improve Volatile Memory Forensic Analysis," American Academy of Forensic Sciences 60th Annual Meeting. Washington, D.C., February 2008.

A. Walters, "Advanced Volatile Memory Analysis," 2008 Department of Defense Cyber Crime Conference, January 2008.

A. Walters and N. Petroni, "Volatools: Integrating Volatile Memory Forensics into the Digital Investigation Process," Black Hat DC 2007, February 2007.

A. Walters, "FATKit: A Framework for the Extraction and Analysis of Digital Forensic Data from Volatile System Memory," Digital Forensic Research Workshop: Work In Progress, August 2006.

Conference Panels

"Cloud Security Panel", B. Cox, D. Walsh, A. Walters, D. Moreau, E. Hight,IEEE CLOUD 2011: The 4th International Conference on Cloud Computing,July 2011.

"Cyber Situational Awareness", M. Stern, BG J. Davis, S. McGurk, M. Sachs, A. Walters, AFCEA Homeland Security Conference, February 2011.

"How do we maintain assured command and control in the cloud environment?", K. McCann, J. Huegel, P. Stoneberg, A. Walters, 2010 DISA Technical Exchange: Defending a Private, Enterprise Cloud in a Hostile Environment, November 2010.

"The Future of Memory Analysis", A. Walters, R. Stevens, J. Okolica, Digital Forensics Research Workshop, August 2010.

Service

Editorial Board, Digital Investigation: The International Journal of Digital Forensics & Incident Response.

Workshop Chair, Open Memory Forensics Workshop 2008, Baltimore, MD.

Reviewer, IEEE Security & Privacy 2008.

TPC Member, DFRWS 2008, Baltimore, MD.

Reviewer, IEEE Security & Privacy 2006.

Reviewer, NDSS Symposium 2006, San Diego, California.

Contact:

IRC: #4tphi on freenode

EMAIL: