DFRWS 2007 Keynote Speakers

Greg Hoglund

Digital Forensics, Covert Monitoring, and Active Methods
HBGary, Inc

Abstract: New methods and capabilities for collecting evidence are emerging that include live memory analysis and ongoing covert monitoring of insider threats. These methods go far beyond the tradition of hard-drive imaging or pulling data from firmware. Advanced attack capabilities such as rootkits and botnets are bringing forensics and incident response together not just for evidence collection, but also for reverse engineering to understand the threat. Software weapons are being developed that include very advanced systems to thwart detection, hide and transmit data, and resist forensics analysis. These are all modern challenges for the next generation of digital forensics. Hoglund will talk about various technology, both offensive and defensive, and share insights into the emerging problems that need to be solved.

Bio: Greg Hoglund has published a great deal of work related to reverse engineering, software exploitation, and rootkit development. He founded the website rootkit.com in the late 1990's to help people understand what may be the most popular and advanced backdoor technology. He has published several best-selling books on computer security. His latest book, Exploiting Online Games, takes the focus away from traditional security and into online game hacking which represents not only fun and games, but also a real underground economy in virtual property. Greg is currently CEO of HBGary, Inc, his third security start-up, and has released the product "HBGary Inspector", a program designed to reverse engineer malware using active methods (www.hbgary.com).

Ronald van der Knijff

Scientific Investigator
Netherlands Forensic Institute

Bio: Ronald van der Knijff received his B.Sc. degree on electrical engineering in 1991 from the Rijswijk Institute of Technology. After performing military service as a Signal Officer he obtained his M.Sc. degree on Information Technology in 1996 from the Eindhoven University of Technology. Since then he works at the Digital Technology and Biometrics department of the Netherlands Forensic Institute as a scientific investigator. He is responsible for the embedded systems group and is also court-appointed expert witness in this area. He is author of the (outdated) cards4labs and TULP software and founder of the TULP2G framework. He is a visiting lecturer on ‘Cards & IT’ at the Dutch Police Academy; a visiting lecturer on ‘Smart Cards and Biometrics’ at the  Masters Program ‘Information Technology’ of TiasNimbas Business School and a visiting lecturer on ‘Mobile and Embedded Device Forensics’ at the Master’s in ‘Artificial Intelligence’ of  the University in Amsterdam (UvA). He wrote a chapter on embedded systems analysis in Eoghan Casey’s Handbook of Computer Crime Investigation - Forensic Tools and Technology.

©2001-2016 DFRWS   |   dfrws [at] dfrws [dot] org  

DFRWS is a US 501(c)(3) non-profit organization.