About

Marcus K Rogers, PhD, CISSP, DFCP-F, FAAFS, is an Associate Dean for Faculty, Professor, and Director of the Cyber Forensics Lab at Purdue University. His research interests include applied cyber forensics, psychological digital crime scene analysis, and cyber terrorism. Dr. Rogers has held prominent roles such as the former Editor-in-Chief of the Journal of Digital Forensics Security & Law and Treasurer of the American Academy of Forensic Sciences. He is a Fellow of both the American Academy of Forensic Sciences and CERIAS, reflecting his significant contributions to the field of digital forensics and security. He holds a PhD in Psychology (Forensic) from the University of Manitoba, along with a Master's in Psychology - Personality and a Bachelor's in Psychology/Criminology from the same institution. Dr. Rogers has earned multiple certifications, including Certified Digital Forensics Practitioner, Certified Computer Crime Investigator, and Certified Information Systems Security Professional (CISSP). His professional career includes numerous awards and honors, such as the American Academy of Forensics Sciences Digital and Multimedia Sciences Outstanding Case Study Award, and recognition as a Pillar of CERIAS. He is an active researcher and speaker, contributing extensively to the academic and professional community through publications, conference presentations, and editorial roles in various forensic and cybersecurity journals.

Research topics

• Computer Science
• Artificial Intelligence
• Computer Security
• Internet privacy
• World Wide Web
• Medicine
• Engineering
• Social psychology
• Psychology
• Medical emergency
• Software engineering
• Risk analysis (engineering)
• Data science
• Operating system

Selected publications

• Can individual differences in cognitive capacity predict cybersecurity performance?

  Computers & Security · 2025-04-11 · 2 citations

  article
  PublisherDOI

• Defining Cognitive Workload Through Individual Differences in Capacity-Resource Limitations and Cybersecurity Performance

  SSRN Electronic Journal · 2024-01-01

  preprintOpen access
  PublisherDOI

• Testing a hybrid risk assessment model: Predicting CSAM offender risk from digital forensic artifacts

  Child Abuse & Neglect · 2024-06-25 · 2 citations

  article
  PublisherDOI

• Analyzing the Nexus between Cyberaggression Outside the Workplace, Social Support, and Insider Threat Behaviors

  SSRN Electronic Journal · 2024-01-01

  preprintOpen access
  PublisherDOI

• We are meeting on Microsoft Teams: Forensic analysis in Windows, Android, and <scp>iOS</scp> operating systems

  Journal of Forensic Sciences · 2023-02-03 · 13 citations

  articleOpen accessSenior author

  Microsoft released a new communication platform, Microsoft Teams, in 2017. Due in part to COVID-19, the popularity of communication platforms, like Microsoft Teams, increased exponentially. Given its user base and increased popularity, it seems likely that digital forensic investigators will encounter cases where Microsoft Teams is a relevant component. However, because Microsoft Teams is a relatively new application, there is limited forensic research on the application particularly focusing on mobile operating systems. To address this gap, an analysis of data stored at rest by Microsoft Teams was conducted on the Windows 10 operating system as well as on Android and Apple iOS mobile operating systems. Basic functionalities, such as messaging, sharing files, participating in video conferences, and other functionalities that Teams provides, were performed in an isolated testing environment. Cellebrite UFED Physical Analyzer and Magnet AXIOM Examine tools were used to analyze the mobile devices and the Windows device, respectively. Manual or non-automated investigation recovered, at least partially, the majority of artifacts across all three operating systems. In this study, a total of 77.6% of the populated artifacts were partially or fully recovered in the manual investigation. On the other hand, forensic tools used did not automatically recover many of the artifacts found with the manual investigation. Only 13.8% of artifacts were partially or fully recovered by the forensic tools across all three devices. These discovered artifacts and the results of the investigations are presented in order to aid digital forensic investigations.

  PublisherOA PDFDOI

• Sensor Data Protection in Cyber-Physical Systems

  Annals of Computer Science and Information Systems · 2022-09-26 · 1 citations

  articleOpen accessSenior author

  Cyber-Physical Systems (CPS) have a physical part that can interact with sensors and actuators. The data that is read from sensors and the one generated to drive actuators is crucial for the correct operation of this class of devices. Most implementations trust the data being read from sensors and the outputted data to actuators. Real-time validation of the input and output of data for any system is crucial for the safety of its operation. This paper proposes an architecture for handling this issue through smart data guards detached from sensors and controllers and acting solely on the data. This mitigates potential issues of malfunctioning sensors and intentional sensor and controller attacks. The data guards understand the expected data, can detect anomalies and can correct them in real-time. This approach adds more guarantees for fault-tolerant behavior in the presence of attacks and sensor failures.

  PublisherOA PDFDOI

• Investigating Wearable Fitness Applications: Data Privacy and Digital Forensics Analysis on Android

  Applied Sciences · 2022 · 26 citations

  • Computer Science
  • Computer Security
  • Computer Science

  Wearable devices are becoming more and more prevalent in our daily lives as people become more curious about how well they are doing in monitoring, improving, or maintaining their health and fitness. Fitness trackers and smartwatches have become almost ubiquitous, so these devices have begun to play a critical role in forensic investigations. In this paper, the authors conducted a forensic analysis of the controlling applications for three popular fitness bands and smartwatches (i.e., Amazon Halo, Garmin Connect, and Mobvoi) on an Android smartphone device to (1) provide forensic investigators with a road-map of forensically relevant data that are stored within these applications and (2) highlight any privacy concerns that the stored data within these applications may present to the applications’ users. Our findings indicate that the three fitness applications store a wealth of user data. In particular, the Amazon Halo app stores daily, weekly, and monthly activity-related data for at least the last 13 days. The user’s Tone Analysis results were also recovered. The Garmin Connect application also records detailed user activity information, as it was possible to recover the last 15 days worth of user activity data. The Garmin Connect user’s general location was also determined via the application’s weather notification feature. Lastly, the Mobvoi application records all data points from the time the device is first used until the last time the device is used. These data points may include heart rates taken every 5 min and step counts. Our findings highlight the possibility of collecting personally identifiable information about users of these devices and apps, including their profile information, habits, location, and state of mind. These findings would be pertinent to forensic investigators in the event that these or similar applications are part of an investigation.

  PublisherOA PDFDOI

• Resilient Architecture Framework for Robotic Systems

  2022-10-06 · 5 citations

  article

  Robotic architectures in use today provide some mechanisms for evolution but fall short of their capabilities for dynamic reconfiguration and adaptation during run-time. Adding new modes of operation, components, and connections allows for supporting the evolution of a product throughout long periods. We analyze and discuss the possibilities of performing architecture modifications on the fly without rebooting the systems since a reboot may be undesirable or impossible. For this, we rely on strict component interfaces and a component manager subsystem that can make the transition from one architecture to another while the robot is operating. Our study focuses on modern systems such as ROS2 and PX4 and assumes a publish-subscribe mechanism for communication. The ability to modify the software architecture allows for adaptive solutions that work in different environments and are less susceptible to specific attacks. Switching to a safer architecture can limit some functionality but can increase security. Working with structurally defined interfaces, we set the possibility of using COTS components that comply with our requirements to build new architectures. This can make reuse and composition easier and improve time-to-market while guaranteeing reliability and safety.

  PublisherDOI

• Component Interface Standardization in Robotic Systems

  Annals of Computer Science and Information Systems · 2022-09-26 · 2 citations

  articleOpen accessSenior author

  Components are heavily used in software systems, including robotic systems. The growth in sophistication and diversity of new capabilities for robotic systems presents new challenges to their architectures. Their complexity is growing exponentially with the advent of AI, smart sensors, and the complex tasks they have to accomplish. Such complexity requires a more flexible approach to creating, using, and interoperability of software components. The issue is exacerbated because robotic systems increasingly rely on third-party components for specific functions. In order to achieve this kind of interoperability, including dynamic component replacement, we need a way to standardize their interfaces. We desperately need a formal approach for specifying what an interface of a robotic software component should contain. This study analyzes the issue and presents a universal and generic approach to standardizing component interfaces for robotic systems. Our approach is inspired and influenced by well-established robotic architectures such as ROS, PX4, and Ardupilot. The study also applies to other software systems with similar characteristics to robotic systems. We consider using JSON or Domain-Specific Languages (DSL) development with tools such as Antlr or Xtext and automatic code and configuration files generation for frameworks such as ROS and PX4. A case study with ROS2 has been done as a proof of concept for the proposed methodology.

  PublisherOA PDFDOI

• A Brief History of Digital Forensics and Digital Evidence

  Elsevier eBooks · 2022-11-04 · 2 citations

  book-chapter1st authorCorresponding
  PublisherDOI

Frequent coauthors

• Kathryn C. Seigfried‐Spellar

  Purdue University West Lafayette

  14 shared

• Gyu-Sang Cho

  8 shared

• Ümit Karabiyik

  8 shared

• Fahad E. Salamh

  Purdue University System

  6 shared

• Ibrahim Baggili

  Louisiana State University

  5 shared

• Steve Debrota

  5 shared

• Timothy Wedge

  5 shared

• Eric T. Matson

  5 shared

Awards & honors

• American Academy of Forensic Sciences Digital and Multimedia…
• American Academy of Forensic Sciences Digital and Multimedia…
• Pillar of CERIAS 2012
• Fellow - American Academy of Forensic Sciences 2009
• CERIAS Fellow - (Center for Education and Research in Inform…