DFRWS 2015 EU Agenda

The DFRWS 2015 EU Agenda below summarizes the program of discussion and research. This years conference is held in cooperation with the Association for Computing Machinery (ACM) and its Special Interest Group on Security, Audit and Control (SIGSAC).

This is a preliminary program that will be updated as workshops, keynotes and the technical program details are finalized.

Monday, 23 March 2015 - Pre-Conference Workshops

Hilton Double Tree Burlington Hotel, Upper Leeson Street, Dublin 4
8:00 Registration opens (Business centre of the Burlington Hotel)
 Workshop Track 1 (Herbert Ballroom)Workshop Track 2 (Meeting Room 1&2)
08:30 Digital Forensics Framework - Part I
Frederic Baguelin & Solal Jacob (ArxSys) 		Common Criteria for Digital Forensics Experts
Hans Henseler & Sophie Loenhout
10:30 Break (Coffee and Tea)
10:45 Digital Forensics Framework - Part II
Frederic Baguelin & Solal Jacob (ArxSys) 		Common Criteria for Digital Forensics (cont)
Hans Henseler & Sophie Loenhout
12:15 Lunch (Sussex 2)
13:00 GRR Incident Response Framework
Andreas Moser (Google) 		Digital Memory Forensics interactive Workshop
Johannes Stüttgen and Michael Cohen (Google)
15:00 Break (Coffee and Tea)
15:15 GRR Incident Response Framework (cont)
Andreas Moser (Google) 		Digital Memory Forensics interactive Workshop (cont)
Johannes Stüttgen and Michael Cohen (Google)
16:45 Viking Splash Tour of Dublin City: Pick-up / Drop-off at the entrance to the Hotel.
18:30 Welcome Reception (Ballroom Reception Area)

Tuesday, 24 March 2015 - Main Conference

UCD Science Hub, University College Dublin, Belfield, Dublin 4
08:30 Registration starts at the concourse of Moore Auditorium (E0.08, UCD Science Hub)
08:30 Hired bus trip from DoubleTree Burlington Hotel to UCD Science Hub for attendees staying at DoubleTree (DoubleTree Lobby / Parking Lot)
09:30 Opening Remarks / Orientation
09:35 Keynote Address
Mr. Troels Oerting, Group CISO of Barclays Bank Plc, Former Head of European Cyber Crime Centre (EC3) at Europol
10:05 Keynote Address
Mr. Chris Ashton, Director of Spectrum Engineering at Inmarsat
The Search for MH370: Lessons from Inmarsat's Flightpath Reconstruction Analysis
10:35 SESSION 1: Network Forensics
Chair: Michael Cohen
  • Hviz: HTTP(S) Traffic Aggregation and Visualization for Network Forensics ( paper | pres ) *BEST PAPER*
    David Gugelmann, Fabian Gasser, Bernhard Ager and Vincent Lenders.
  • Spam Campaign Detection, Analysis, and Investigation ( paper | pres )
    Son Dinh, Taher Azeb, Francis Fortin, Djedjiga Mouheb and Mourad Debbabi.
11:30 Break (Coffee and Tea)
12:00 SESSION 2: Disk and Mobile Forensics
Chair: Owen Brady
  • Fast contraband detection in large capacity disk drives ( paper | pres )
    Phil Penrose, William Buchanan and Richard Macfarlane.
  • Investigating Evidence of Mobile Phone Usage by Drivers in Road Traffic Accidents ( paper | pres )
    Graeme Horsman and Lynne Conniss.
13:00 Lunch in PI Restaurant
14:10 SESSION 3: Short Presentations 1
Chair: Mark Scanlon
  • Tor Forensics on Windows OS (pres)
    Mattia Epifani, Marco Scarito and Francesco Picasso.
  • Fast and Generic Malware Triage Using openioc_scan Volatility Plugin (pres)
    Takahiro Haruyama.
  • How I forced an Android Vulnerability into bypassing MDM restrictions + DIY - Android Malware analysis (pres)
    Zubair Ashraf.
15:10 Poster Session (Tea and Coffee) in the atrium beside Moore Auditorium
15:50 SESSION 4: Memory and Malware Analysis
Chair: Solal Jacob
  • Characterization of the Windows Kernel version variability for accurate Memory analysis. ( paper | pres )
    Michael Cohen.
  • Acquisition and Analysis of Compromised Firmware Using Memory Forensics ( paper | pres )
    Johannes Stüttgen, Stefan Voemel and Michael Denzel.
  • SIGMA: A Semantic Integrated Graph Matching Approach for identifying reused functions in binary code ( paper | pres )
    Saed Alrabaee, Paria Shirani, Lingyu Wang and Mourad Debbabi.
17:30 Hired bus trip from UCD back to DoubleTree Burlington Hotel for attendees staying at DoubleTree
19:00 Dinner on your own.
20:00 DFRWS Meetup at The Dakota Bar (30 min walk / 5 min taxi from hotel)

Wednesday, 25 March 2015 - Main Conference

University College Dublin, O'Brien's Centre for Science
08:30 Registration starts at the concourse of Moore Auditorium (E0.08, UCD Science Hub)
08:30 Hired bus trip from DoubleTree Burlington Hotel to UCD Science Hub for attendees staying at DoubleTree
09:30 Opening Remarks / Orientation
09:35 Keynote Speech
David-Olivier Jaquet-Chiffelle (University of Lausanne)
Title: Digital Forensics - Behind the Scenes (pres)
10:15 SESSION 5: Investigating New Hardware
Chair: Olga Angelopoulou
  • Smart TV Forensics: Digital Traces on televisions ( paper | pres )
    Abdul Boztas, Remko Riethoven and Mark Roeloffs.
  • Forensic Analysis of a Sony PlayStation 4: A First Look ( paper | pres )
    Allen Davies, Huw Read, Konstantinos Xynos and Iain Sutherland.
11:15 Break (Coffee and Tea)
11:45 Panel Discussion
Title: Forensic Tool Validation
Moderator: Pavel Gladyshev
  • Eoghan Casey (MITRE)
  • Mikael Lindström (Europol EC3)
  • Hans Henseler (Tracks Inspector)
  • David-Olivier Jaquet-Chiffelle (Univ. Lausanne)
12:45 Lunch in PI Restaurant
13:45 SESSION 6: Handling Digital Evidence
Chair: David-Olivier Jaquet-Chiffelle
  • A scalable file based data store for forensic analysis ( paper | pres )
    Flavio Cruz, Andreas Moser and Michael Cohen.
  • Leveraging CybOX to Standardize Representation and Exchange of Digital Forensic Information ( paper | pres )
    Eoghan Casey, Greg Back, and Sean Barnum
  • Designing Robustness and Resilience in Digital Investigation Laboratories ( paper | pres )
    Philipp Amann and Joshua James.
15:15 Lightning Talks
15:30 Break (Coffee and Tea in Demo and Poster Session Area)
16:00 SESSION 7: Short Presentations 2
Chair: Hans Henseler
  • The EVIDENCE Project: Bridging the Gap in the Exchange of Digital Evidence across Europe (pres)
    Maria Angela Biasiotti and Fabrizio Turchi.
  • How to search extracted data (pres)
    Javier Collado.
  • A theoretic framework for evaluating similarity digesting tools (pres)
    Liwei Ren.
  • On Criteria for Evaluating Similarity Digest Schemes (pres)
    Jonathan Oliver.
17:30 Hired bus trip from UCD back to DoubleTree Burlington Hotel for attendees staying at DoubleTree
18:30 Start of social program, including main banquet, forensic rodeo, and other activities(DoubleTree Burlington Hotel - Sussex Restaurant)
  • Best Paper Award

Thursday 26 March 2015 - E-DAIS Workshop (Meeting Room 1&2)


First European Workshop on Data Analytics for Information Security and Forensics (E-DAIS)
Hilton Double Tree Burlington Hotel, Upper Leeson Street, Dublin 4
09:00 Registration opens (Business centre of the Burlington Hotel)
10:00 Keynote Speech:
Mr. Jean-Dominique Nollet, Head of Unit, Forensics, Research, Development, European Cybercrime Centre. Research challenges for large scale forensics & data analytics in cybercrime investigations
10:30 Panel Discussion: Technical Problems of Big Data Analysis for Information Security and forensics
11:15 Break (Coffee and Tea)
11:30 Panel Discussion: Societal / Privacy Problems of Big Data Analysis for Information Security and forensics
12:15 Lunch (Sussex Restaurant)
13:00 Breakout Groups
 
  • interoperability standards
  • visual analytic techniques for information security and forensics
  • text translation and mining for information security and forensics;
  • legal aspects of cross-jurisdictional data collection and analysis
  • socio-technical approaches to strengthening human rights protection and public oversight over investigative big data analytics
15:00 Short presentation of discussion outcomes by each group
16:00 Future actions & concluding remarks

©2001-2016 DFRWS   |   dfrws [at] dfrws [dot] org  

DFRWS is a US 501(c)(3) non-profit organization.