Welcome

Dr. Travis Eygabroad is an Assistant Professor of Computer and Information Sciences at St. Ambrose University, where he leads an active research group dedicated to exploring and counteracting advanced anti-forensic methods. Supported by the Stoffel Fund for Excellence in Scientific Inquiry, his work focuses on “Unveiling the Hidden”: a comprehensive analysis of anti-forensic techniques and their impacts on traditional digital forensics. Each semester (and throughout our summer research institute), two to three motivated undergraduate students collaborate with Travis to push the boundaries of what is possible in both detecting and mitigating computer anti-forensics.

Our Mission

“To bridge the gap between evolving anti-forensic methodologies and the tools that investigators rely on—making cutting-edge insights and countermeasures freely available to the entire digital forensics community.”

In today’s cyber landscape, adversaries employ sophisticated methods—data wiping, encryption, steganography, cryptography, and log tampering—to obscure or destroy digital evidence. Without constant innovation, forensic toolkits quickly fall behind. Our research initiative empowers students to:

  1. Catalog & Analyze Anti-Forensic Techniques
    By surveying the latest literature and conducting hands-on experiments, our team dissects prevalent and emerging methods that cybercriminals use to evade detection. This includes everything from deep-wipe utilities on Windows to embedded payloads hidden inside images.
  2. Evaluate & Enhance Existing Forensic Tools
    Leveraging specialized software—such as EnCase Forensic, Autopsy, and a suite of open-source utilities—students rigorously test how well current forensic solutions recover data after an anti-forensic attack. When vulnerabilities appear, we design improvements or entirely new modules to strengthen detection and recovery.
  3. Develop Open-Source Countermeasures
    All students participate in creating robust, freely available scripts and tools that detect or mitigate anti-forensic methods. By the end of each project phase, our enhancements (and the documentation to use them) are published online so that law enforcement, incident responders, and fellow researchers can immediately incorporate them into their investigations.
  4. Disseminate Knowledge & Training
    Beyond software development, our team writes up analysis reports, presents findings at academic conferences, and hosts workshops for both SAU students and external professionals. Real-world, scenario-based training modules—built from actual research data—ensure that new digital forensic practitioners understand not only the “how,” but the “why” behind each countermeasure.

What We Do

1. Undergraduate-Driven Research

Every fall and spring semester, and throughout the summer (via the University’s Summer Research Institute), selected Computer Science and Cybersecurity majors engage in independent study under Travis’s mentorship. Student responsibilities include:

  • Conducting literature reviews on anti-forensic tools and techniques
  • Designing controlled experiments (e.g., data wiping scenarios, steganography embedding, custom cryptographic tests)
  • Running full forensic tool evaluations to measure detection accuracy, runtime, and data recovery rates
  • Prototyping scripts and plug-ins that extend open-source frameworks (Python, C++, or Java) for deeper artifact analysis
  • Drafting sections of academic manuscripts, preparing conference posters, and co-presenting at local/national symposia

Prerequisite coursework typically includes Programming I/II, Data Structures & Algorithms, and foundational courses in operating systems or cybersecurity. Over the course of their involvement, students graduate with hands-on mastery of digital evidence acquisition, forensic tool chains, and scientific validation techniques.

2. State-of-the-Art Facilities & Tools

Our research lab is equipped with:

  • A high-end forensic workstation (64 GB RAM, SSD storage, hardware write-blockers) licensed for EnCase Forensic
  • Multiple laptops preloaded with alternative OS images (Windows 11, Linux distributions) and dedicated hard drives for destructive testing
  • A growing library of anti-forensic toolsets—file-wiping executables, steganography packages, encryption suites, and log-tampering scripts—for students to reverse-engineer and test

These resources allow our team to replicate real-world adversary tactics more faithfully than any textbook scenario. By isolating each technique—data wiping, steganographic embedding, or encrypted container stuffing—students develop an intuitive sense of where and how digital evidence can be compromised.

Funding & Support

Our work is proudly funded by the Stoffel Fund for Excellence in Scientific Inquiry. The Stoffel award has enabled us to:

  • Acquire essential hardware (forensic workstation, laptops, extra hard drives)
  • Maintain a current license for EnCase Forensic
  • Purchase specialized software modules (e.g., memory carving add-ons, steganalysis libraries)
  • Support travel and presentation fees for conferences in digital forensics

Over the next four to five years, our timeline targets incremental deliverables: from initial literature reviews and baseline testing (Year 1) to final tool integration and peer-reviewed publication (Year 5).

Why It Matters

  • Empowering Future Forensic Practitioners: Students gain industry-level skills in anti-forensic analysis, preparing them for careers in law enforcement, cybersecurity firms, or advanced graduate studies.
  • Leveling the Playing Field: By releasing all our tools and reports under open-source licenses, we democratize access to techniques that would otherwise be locked behind expensive commercial toolkits.
  • Strengthening the Global Forensics Community: Our findings are publicly shared—journals, conferences, webinars—so that investigators worldwide (regardless of budget) can incorporate proven countermeasures.
  • Addressing an Urgent Need: As file-wiping, steganography, and log-tampering grow more accessible, forensic labs risk missing critical evidence. Our research directly narrows that gap, making digital investigations more reliable and defensible.

Get Involved

  • Undergraduates: If you’re a Computer Science or Cybersecurity major interested in gaining real-world forensic research experience, email Travis at [email protected]. Independent study spots and summer internships are available on a rolling basis.
  • External Collaborators: We welcome discussions with law enforcement agencies, industry partners, and fellow academic researchers. If you have a dataset—an unusual wiping tool or a novel steganography variant—you’d like us to analyze, please reach out.
  • Stay Connected: Subscribe to our mailing list for blog updates, tool releases, and workshop announcements.