DFRWS 2014 Agenda

The DFRWS 2014 Agenda below summarizes the program of discussion and research. This years conference is held in cooperation with the Association for Computing Machinery (ACM) and its Special Interest Group on Security, Audit and Control (SIGSAC). .

Google Calendar DFRWS Google Calendar

Sunday, August 3, 2014

11:30am Registration Opens
 Workshop Track 1Workshop Track 2
1:00pm GRR Tutorial Part 1
RE(:) go
3:00pm GRR Tutorial Part 2 SQLite Analysis
(Note: this session runs 3:00pm-5:00pm)
5:30pm Registration closes

Monday, August 4, 2014

8:00am Registration/Breakfast
9:00am Opening Remarks - Wietse Venema
9:15am Keynote Address (pres)
Catalin Grigoras (University of Colorado at Denver)
10:15am Break
10:30am SESSION 1: Memory
Chair: Josiah Dykstra
  • "In Lieu of Swap: Analyzing Compressed RAM in Mac OS X and Linux" Golden G. Richard III and Andrew Case ( paper | pres ) Best Paper
  • "Image-Based Kernel Fingerprinting" Vassil Roussev, Irfan Ahmed and Thomas Sires ( paper | pres )
  • "Testing the Forensic Soundness of Forensic Examination Environments on Bootable Media" Ahmed Abdel Latif Mohamed, Andrew Marrington, Farkhund Iqbal and Ibrahim Baggili ( paper | pres )
12:00pm Lunch on your own
2:00pm SESSION 2: Files
Chair: Elizabeth Schweinsberg
  • "Design Tradeoffs for Developing Fragmented Video Carving Tools" Eoghan Casey and Rikkert Zoun ( paper | pres )
  • "Extracting Hidden Messages in Steganographic Images" Tu-Thach Quach ( paper | pres )
3:00pm Break
Chair: Vassil Roussev
  • "The National Software Reference Library" Douglas White (NIST) (pres)
  • "These Logs Were Made for Talking" Matt Bromiley (505Forensics) (pres)
  • "Information Assurance in a distributed forensic cluster - FCluster and FClusterfs" Nick Pringle and Mikhaila Burgess (University of South Wales) (pres)
  • "Enabling Digital Forensics Practices in Libraries, Archives and Museums: The BitCurator Experience" Christopher A. Lee and Kam Woods (University of North Carolina, Chapel Hill) (pres)
4:30pm Five-Minute Teasers for Tool Demos and poster session
5:00pm Welcome Reception (Poster and Demo session)

Tuesday, August 5, 2014

8:00am Registration/Breakfast
9:00am Administrative Remarks
9:05am Keynote Address (pres)
Travis Goodspeed
10:00am Break
10:30am SESSION 3: Non-traditional devices
Chair: Golden Richard
  • "Cooperative mode: Comparative storage metadata verification applied to the Xbox 360" Alex Nelson, Erik Steggall and Darrell Long ( paper | pres )
  • "Preliminary forensic analysis of the Xbox One" Jason Moore, Ibrahim Baggili, Andrew Marrington and Armindo Rodrigues ( paper | pres )
  • "Digital Investigations for IPv6-Based Wireless Sensor Networks" Vijay Kumar, George Oikonomou, Theo Tryfonas, Dan Page and Iain Phillips ( paper | pres )
12:00pm Lunch on your own
2:00pm SESSION 4: Formalisms
Chair: Frank Adelstein
  • "Developing a New Digital Forensics Curriculum" Anthony Lang, Masooda Bashir, Roy Campbell and Lizanne Destefano ( paper | pres )
  • "VMI-PL: A Monitoring Language for Virtual Platforms Using Virtual Machine Introspection" Florian Westphal, Stefan Axelsson, Christian Neuhaus and Andreas Polze ( paper | pres )
  • "A Complete Formalized Knowledge Representation Model for Advanced Digital Forensics Timeline Analysis" Yoan Chabot, Aurelie Bertaux, Christophe Nicolle and Tahar Kechadi ( paper | pres )
3:15pm Break
Chair: Simson Garfinkel
  • "The Regional Computer Forensics Lab System" Sean K. O'Brien (FBI) (pres)
  • "Memory Forensics with Hyper-V Virtual Machines" Wyatt Roersm (NVINT) (pres)
  • "The application of reverse engineering techniques against the Arduino microcontroller to acquire uploaded applications" Steve Watson (Intel) (pres)
4:45pm DFRWS 2014 Forensic Challenge presentations and prizes (pres)
6:00pm Banquet
  • Best Paper Award
7:30pm Forensic Rodeo
Champions: idontworkatgoogle: Andreas Moser, Eric Mak and Johannes Stuettgen.

Wednesday, August 6, 2014

8:00am Registration/Breakfast
9:00am SESSION 5: Data acquisition & mining
Chair: Wietse Venema
  • "A forensically robust method for acquisition of iCloud data" Kurt Oestreicher ( paper | pres )
  • "Multidimensional Investigation of Source Port 0 Probing" Elias Bou-Harb, Nour-Eddine Lakhdari, Hamad Binsalleeh and Mourad Debbabi ( paper | pres ) Best Student Paper
  • "Ranking algorithms for digital forensic string search hits" Nicole Beebe and Lishu Liu ( paper | pres )
11:00am Short Presentations & Works in Progress
(5 minutes each)
11:15am Closing Comments
11:30am Lunch on your own
 Workshop Track 1Workshop Track 2
1:00pm Timeline Analysis Part 1
Memory Forensics, beginner level, Part 1
3:00pm Timeline Analysis Part 2 Memory Forensics, beginner level, Part 2
6:30pm Dinner & DFRWS 2015 / 2016 Planning Session
(Not Included in Registration Fee)

Thursday, August 7, 2014

9:00am Digital Forensics Curriculum Standards 2nd Workshop (8 hours)

©2001-2016 DFRWS   |   dfrws [at] dfrws [dot] org  

DFRWS is a US 501(c)(3) non-profit organization.