The Charger Blog

“If I had a Million Cryptos…”

Trevor Haigh, ’19 M.S., a graduate student in computer science, won a best paper award at an international conference on digital forensics and cyber crime.

January 2, 2019

By Jackie Hennessey, contributing writer


student
Trevor Haigh '19 M.S.

As soon as cryptocurrency became a ‘thing,’ Trevor Haigh grew wary. “I suspected that app developers would hop on the bandwagon and quickly create applications with poor security,” he said.

So Haigh, who is pursuing his master’s in computer science and is a member of the Tagliatela College of Engineering's Cyber Forensics Research and Education Group (CFREG), decided to find out whether cryptocurrency applications were as secure as they should be. He soon discovered they weren’t.

“In actuality, many of the applications tested did not properly secure sensitive data,” Haigh said. “This allows for an attacker to potentially steal cryptocurrency since it’s only as secure as the wallet it’s stored in. This is dangerous as most people expect cryptocurrency to be secure.”

Last fall, Haigh presented his findings at the 10th Annual EAI International Conference on Digital Forensics & Cyber Crime in New Orleans. He won the Best Paper award for “If I Had a Million Cryptos: Cryptowallet Application Analysis and A Trojan Proof-of-Concept.”

Haigh said he hopes his research “reinforces the idea that security should be a priority for app developers.” He also hopes his findings will help with forensic investigations.

“This is a great success for Trevor and our research group.”Frank Breitinger

Frank Breitinger, assistant professor of computer science and CFREG co-director and Ibrahim (Abe) Baggili, Elder Family endowed chair and associate professor of computer science, co-authored the paper and supported Haigh’s research.

“The international conference, which took place in the U.S., Europe, Asia and the Middle East over the past years, is well known among researchers in digital forensics,” Breitinger said. “This is a great success for Trevor and our research group.”

Haigh called the win “exciting and very rewarding” and said he knows he’ll be using the skills he honed – researching and writing – in his career. He graduates in May and already has a job offer to do federally-funded research.

Meanwhile, he’s on to his next project: exploring automating Android applications to assist with reverse engineering.