Golden Richard III
Professor Louisiana State University
- Baton Rouge LA
Dr. Richard has over 45 years of practical experience in computer security and is a devoted advocate for applied cybersecurity education.
Areas of Expertise
Biography
Research Focus
Digital & Memory Forensics
Dr. Richard’s research focuses on digital and memory forensics, reverse engineering, and malware analysis that underpin modern cybersecurity. He pairs live-memory acquisition, AI-guided artifact mining, and large-scale cloud analytics as director of LSU’s Cyber Center to unmask advanced threats and strengthen incident response for industry and law enforcement.
Education
Ohio State University
Ph.D.
Computer Science
1994
Ohio State University
M.S.
Computer Science
1991
University of New Orleans
B.S.
Computer Science
1988
Accomplishments
DFRWS Best Paper Award
2014, 2015, 2016, 2021
DFRWS Best Student Paper Award
2018
Media Appearances
Cyber experts recommend you delete your data after 23andMe bankruptcy
WAFB 9 tv
2025-03-26
“This kind of personal data is really, can be used for bad things in the wrong hands,” said LSU Cyber Center Director Golden Richard.
LSU seeing record enrollment in cybersecurity program
WAFB 9 tv
2023-10-12
“Those needs are nationwide,” said Golden Richard. “They’re not specific to federal agencies or large corporations. Everyone needs to hire cyber security people.”
Current estimations show there are roughly 750,000 open jobs in the cybersecurity industry and people like Golden Richard are trying to help meet that need.
LSU is recognized as a Center of Academic Excellence in Cyber Operations by the NSA
Louisiana Radio Network radio
2022-09-26
LSU receives a significant designation from the National Security Agency for its cybersecurity instruction. Director of the LSU Applied Cybersecurity Lab Golden Richard said LSU’s computer science program has been recognized as a Center of Academic Excellence in Cyber Operations (CAE-CO).
“LSU was invited by the National Security Agency to be the only CAE-CO school in actually several years,” said Richard
University Expands Digital Forensics Training with Second Lab
Forensic Mag online
2022-06-10
“FIREStarter 2 is basically all hands-on [experience],” said LSU Computer Science Professor Golden Richard III, principal investigator on the project and director of the Applied Cybersecurity Lab at LSU. “We will be putting the same software and hardware components in the lab that digital forensics practitioners use on a day-to-day basis to work real cases. It’s our anticipation that every student in the cybersecurity concentration, plus any other interested computer science students [and possibly more from other disciplines], will have the opportunity to be exposed to state-of-the-art hardware and software tools for digital forensics and industrial control systems.
Articles
A step in a new direction: NVIDIA GPU kernel driver memory forensics
Forensic Science International: Digital Investigation2024
In the ever-expanding landscape of computation, graphics processing units have become one of the most essential types of devices for personal and commercial needs. Nearly all modern computers have one or more dedicated GPUs due to advancements in artificial intelligence, high-performance computing, 3D graphics rendering, and the growing demand for enhanced gaming experiences. As the GPU industry continues to grow, forensic investigations will need to incorporate these devices, given that they have large amounts of VRAM, computing power, and are used to process highly sensitive data. Past research has also shown that malware can hide its payloads within these devices and out of the view of traditional memory forensics.
Assessing the threat of Rosetta 2 on Apple Silicon devices
Forensic Science International: Digital Investigation2023
In November 2020, Apple introduced a new architecture, Apple Silicon, that would power all new laptops and desktops. Based on ARM64 and with many custom features added by Apple, this marked a complete switch from the Intel-based systems that have powered Apple laptops and desktops for many years. With such a radical change, it was obvious that many existing digital forensics and incident response techniques would need to be re-evaluated on the platform. Similarly, several new additions to the operating system are interesting as potential abuse vectors for malware and malicious actors. In this paper, we document our effort to understand the largest threat surface unique to Apple Silicon devices. This feature, called Rosetta 2, allows 64-bit Intel applications and libraries to execute seamlessly on Apple Silicon.
Every step you take, I'll be tracking you: Forensic analysis of the tile tracker application
Forensic Science International: Digital Investigation2023
The rise in popularity of personal Bluetooth trackers has incited a need for forensic analysis tools that aid law enforcement in artifact recovery. With 40 million Tile devices reportedly sold at the time of writing, Tile trackers are one of the most popular personal Bluetooth trackers. This growth has not been without consequence, as reports of Bluetooth trackers being used for malicious activities have also escalated. Our work presents a forensic analysis of the Tile ecosystem and the Tile application on iOS, Android, and Windows. This analysis revealed valuable forensic artifacts that contained a diverse set of sensitive user data, including SQLite databases, XML files, cache files, and event logs. This data included information such as geolocation coordinates from the previous 30 days
cRGB_Mem: At the intersection of memory forensics and machine learning
Forensic Science International: Digital Investigation2023
Mobile malware’s alarming sophistication and pervasiveness have continued to draw the attention of many cybersecurity researchers. Particularly on the Android platform, malware trojans designed to steal user PIIs, crypto miners, ransomware, and on-device fraud continue to infiltrate the primary Google store market and other secondary markets. While much effort has been put in place by the research community and industry to curb this menace since 2012, malware authors have consistently found ways to circumvent the existing detection and prevention mechanisms. Largely this remains so because of the restrictiveness of the feature set used in building the current classification models.
Memory analysis of. net and. net core applications
Forensic Science International: Digital Investigation2022
Memory analysis is a digital forensics technique whose goal is to model a computer system's state based solely on the analysis of a snapshot of physical memory (RAM). Memory forensics is frequently employed in incident response to detect and analyze modern malware and attack frameworks. Memory forensics is a particularly powerful tool for analyzing modern malware, which may exist only in memory and not touch non-volatile storage. Memory-only attacks leave no trace of the malware and its associated modules on the file system and all data that traverses the network is commonly encrypted. While initially focused on kernel level rootkits, memory analysis research efforts have recently shifted to detection of userland malware.
Affiliations
- Sigma Xi
- AAAS
- American Academy of Forensics Sciences (AAFS) : Fellow
Research Grants
ADP90: NASIC T-2 Program FY24
NextFlex
2025
ADP68: NASIC T-2 Program FY23
NextFlex
2024-2025
NSF POSE: Phase II: Harnessing Open High Performance Computing (HPC) Through HPX
National Science Foundation (NSF)
2024-2026
Media
