DFRWS 2014 Forensics Challenge

Overview   |   Results

Submission deadline: May 30, 2014


The annual DFRWS forensic challenge has been released earlier than prior years to encourage academic programs related to digital forensics to include this as an assignment in their courses.

Mobile Malware Analysis


The overall goal of this challenge is to raise the state of the art in digital forensic practice by providing an open public venue for a best-of-breed competition. We challenge contestants to demonstrate effective methods and to develop open source tools for analyzing mobile malware. The winner will be announced in August at the DFRWS USA 2014 conference in Denver, CO.

Some examples of capabilities we would like to see:
  • Extracting metadata and components
  • Decompiling mobile malware
  • Decoding data associated with mobile malware
  • Behavioral scanners running on localhost (rather than web-based services)
  • Identifying potentially malicious functions

Contestants are encouraged to select malware samples that are interesting from a forensic analysis perspective, and that exhibit many of the challenges presented by mobile malware.

Mobile malware samples can be obtained from various sources from various sources for their analysis, including http://www.malgenomeproject.org, virusshare.com, and http://contagiodump.blogspot.com. Alternately send mail to mobilemalware+subscribegooglegroups(d0t)com.

Two Types of Competition


Submissions will be grouped into two categories to encourage both practitioners and researchers/developers to participate.

  1. Practitioners: Forensic analysis of mobile malware using existing best-of-breed methods and supporting tools. These submissions must include the malware samples that were analyzed, and documentation detailing all methods, tools and findings.
  2. Researchers/Developers: Creation of new techniques and tools for analyzing mobile malware.

When submitting your entry to this challenge, please indicate which category you would prefer. Each team can submit only one entry, either as practitioners or researchers/developers (not both).

Rules


  • Contestants may enter individually, or as a team, with no restrictions.
  • Tool(s) must work with malware that targets at least one of the following mobile OS platforms - Android, iOS, Blackberry, Windows Phone - preferably more. It can be implemented in any widely and freely available language platform.
  • Source code must be openly available under a free software license, such as those listed at http://www.gnu.org/licenses/license-list.html. The author(s) retain rights to the source code.
  • Tools may incorporate third-party free software, as long as it is compatible with your license and is included with your submission. However, submissions will be judged on the contribution your own work brings to the challenge.
  • Submissions must include clear instructions for building tool(s) from source code along with all relevant dependencies.
  • DFRWS will publish the results of the Challenge, both in detailed and summary form, along with the methodology used and the source of the specific version of each tool.

Submission


All participants must send an email to challenge@dfrws.org with the subject line "Solution submission". The email should contain official contact information for the participant/team members; it should also indicate to whom a check should be made out, in case the solution is selected for the grand prize.

The actual solution (code and relevant documentation) can be submitted in one of three ways:
  • Email attachment. If the entire submission can be packed in an archive of less than 5MB, then submission can be sent as an attachment to challenge@dfrws.org.
  • http/ftp download. The submission email can contain a download link from where the submission can be downloaded as a single file.
  • svn/git checkout. The submission email should contain appropriate instructions and credentials (if applicable) for organizers to obtain the submission.

Ideally, submissions should be self-contained; however, if bundling of third-party code is not possible (e.g., due to licensing restrictions) appropriate instructions on building the tool should be included.

As stated above, this competition is for open source tools and, in the interest of open competition, DFRWS may publish the actual submissions along with test results. Beyond that, DFRWS will make no further attempts to distribute the solutions. Although we strongly encourage toolmakers to cover as wide a range of smartphones as possible, all submissions will be given a fair chance, even if they do not cover all types of smartphones.

Prizes

  • Practitioners first prize: DFRWS will provide free conference registration to our 2014 conference for up to two members of the winning practitioners team.
  • Researchers/Developers first prize: DFRWS will provide free conference registration to our 2014 conference for up to two members of the winning R&D team.
  • Grand prize: DFRWS seeks to award an additional $1,000 cash prize to the winners, if their solution exhibits all the attributes of a field-ready tool with the necessary robustness and performance.

Contact:

Send all questions to challenge(at)dfrws<d0t>org. (Your email will be used only for this purpose and will be forgotten after DFRWS2014.)


Good Luck!

©2001-2016 DFRWS   |   dfrws [at] dfrws [dot] org  

DFRWS is a US 501(c)(3) non-profit organization.