Purdue Profile: Rick Mislan

August 16, 2011

Rick Mislan, assistant professor of computer technology specializing in cyber forensics, has a collection of more than 1,000 unique cellphones and PDAs. (Purdue University photo/Andrew Hancock)

Download image

From classrooms to crime scenes, Rick Mislan, assistant professor of computer technology specializing in cyber forensics, sheds light on the techniques and technologies used in this relatively new science.

Along with educating students on small-scale digital forensics including cellphones, PDAs, smartphones, and GPS systems, Mislan works with law enforcement officials and government entities on local, state and federal criminal investigations.

How did you become interested in cyber forensics?

It’s kind of a twofold thing. I’ve always been a gadget type of person, and I've always found ways to get my hands on the latest and greatest electronic gadgets. Having all these different devices sparked my interest about how we get information off them. So back in the early '90s, I started consulting for a firm doing PDA forensics, as well as doing some forensics for individuals on computer hard drives.

How do you go about teaching cyber forensics?

The course -- Small Scale Digital Device Forensics -- started mostly with cellphone forensics, but we've been able to introduce other topics like GPS devices, thumb drives and satellite phones. The course is still in its infancy and is always evolving. Every three weeks there's a new phone on the market, so it's a challenge to keep up with an industry that's running a mile a minute.

I also instruct a two-day class for law enforcement and military organizations that takes them through the various forensic tools and how to use them. In the past five years, I’ve trained more than 2,500 individuals across the country.

What kind of things are you able to pull off these common devices?

Contacts, call history and text messages -- the trinity if you will -- are the most valuable. On smartphones there’s Internet, applications, GPS, Facebook and Twitter information, as well as other data stored locally on the phone, even if they seem to have been deleted. All of these things are used for intelligence or evidentiary purposes. The phone does not normally provide smoking gun kind of evidence, but it is intelligence and often takes an investigation to the next level.

How accurate are the cyber forensic scenes on TV shows?

They are horribly inaccurate. In my training presentation, I show a 10-second clip of a popular show where the forensic examiner uses a putty knife to open four iPads, drops four cables into them, connects them to one of our tools, hits a button and then displays all the data on the monitor within minutes. In reality that would've taken at least two to three days.

We process each device one at a time. We are talking about transferring 32 to 64 gigabytes of information through a USB cable, which is essentially like trying to get a basketball through a garden hose. Our work takes much longer than it is depicted on TV.

Did you ever think you would be in a position to work on criminal cases?

Not as a kid growing up, but it makes sense now. I'm truly a patriot. I was born and raised 10 minutes from our nation's Capitol. I served as an electronic warfare officer in the Army for 12 years. Many of my relatives were either in law enforcement or the military, so there is this brotherhood that I fit into. It's been good to be able to work in an environment that I’m familiar with and serve those who serve for us.

Have there been any memorable moments in your work with cyber forensics?

The work I'm most proud of is supporting our nation’s law enforcement, military and intelligence communities. I’ve been in some unique places -- the Pentagon, Special Forces Command, Los Angeles Police Department, New York Police Department and numerous other city and state law enforcement agencies -- helping some wonderful people do their job better or more efficiently.

Most recently, a friend came back from Afghanistan and said that the training I suggested changed the way they did things there. They went from 20 percent to 80 percent effectiveness in obtaining mobile device evidence. For me that was awesome to hear. I’m all about helping those out there who are taking bullets for us and our freedom.