DFRWS 2016 Agenda

The DFRWS 2016 Agenda below summarizes the program of discussion and research. This years conference is held in cooperation with the Association for Computing Machinery (ACM) and its Special Interest Group on Security, Audit and Control (SIGSAC).

This is a preliminary program that will be updated as workshops, keynotes and the technical program details are finalized

Sunday, August 7, 2016

11:30am Registration Opens
 Workshop Track 1Workshop Track 2
1:00-3:00pm Coding Digital Forensics Tools in Go (part 1)
3:00-5:00pm Coding Digital Forensics Tools in Go (part 2) Table Topping for Incident and Data Breach Response
5:30pm Registration closes
6:00pm Dinner on your own

Monday, August 8, 2016

8:00am Registration / Breakfast
9:00am Opening Remarks
9:15am Keynote Address
Erin Kenneally, Program Manager, Homeland Security Advanced Research Projects Agency (HSARPA), DHS
10:15am Break
10:30am SESSION 1: Memory & Executable Analysis
Session Chair: Vassil Roussev
  • "Detecting Objective-C Malware Through Memory Forensics" Andrew Case and Golden Richard
  • "BinGold: Towards Robust Binary Analysis by Extracting the Semantics of Binary Code as Semantic Flow Graphs (SFGs)" Saed Alrabaee, Lingyu Wang and Mourad Debbabi
  • "Robust Bootstrapping Memory Analysis against Anti-forensics" Kyoungho Lee, Hyunuk Hwang, Kibom Kim and Bongnam Noh
12:00pm Lunch on your own
2:00pm SESSION 2: Mobile & Thin Clients
Session Chair: Frank Adelstein
  • "Fingerprinting Android Packaging: Generating DNAs for Malware Detection" Elmouatez Billah Karbab, Mourad Debbabi and Djedjiga Mouheb
  • "Rapid differential forensic imaging of mobile devices" Mark Guido, Justin Grover and Jonathan Buttner
  • "dbling: Identifying Extensions Installed on Encrypted Web Thin Clients" Mike Mabey, Adam Doupe, Ziming Zhao and Gail-Joon Ahn
3:30pm Break
4:00pm PRESENTATIONS I
Session Chair:
  • "Practical Analyzing the Relation of Wallet Addresses in Bitcoin" Hiroki Kuzuno and Christian Karam
  • "A practical approach to analyze smartphone backup data as a digital evidence" Jaehyeok Han and Sangjin Lee
  • "Digital Forensics as a Service: an update" Harm Van Beek
5:00pm Forensic Challenge Presentation and Prizes
5:30pm Welcome Reception (off-site)

Tuesday, August 9, 2016

8:00am Registration / Breakfast
9:00am Administrative Remarks
9:05am Keynote Address
Troy Larsen, Microsoft
10:00am Break
10:30am SESSION 3: Anti-Forensics
Session Chair: Golden Richard
  • "Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy" Kevin Conlan, Ibrahim Baggili and Frank Breitinger
  • "Time is on my side: Steganography in filesystem metadata" Sebastian Neuner, Artemios Voyiatzis, Martin Schmiedecker, Stefan Brunthaler, Stefan Katzenbeisser and Edgar Weippl
  • "Deleting collected digital evidence by exploiting a widely adopted hardware write blocker" Christopher Meffert, Ibrahim Baggili and Frank Breitinger
12:00pm Lunch on your own
2:00pm SESSION 4: Data Recovery
Session Chair: Matthew Geiger
  • "Database Image Content Explorer: Carving Data That Does Not Officially Exist" James Wagner, Alexander Rasin and Jonathan Grier
  • "Recovery of Heavily Fragmented JPEG Files" Yanbin Tang, Junbin Fang, K.P. Chow, Siu Ming Yiu, Jun Xu, Bo Feng, Qiong Li and Qi Han
  • "Recovery method of deleted records and tables from ESE Database" Kim Jeonghyeon, Park Aran and Lee Sangjin
3:30pm Break
4:00pm PRESENTATIONS II
Session Chair:
  • "Forensic investigations in SDN networks" Izzat Alsmadi and Samer Khamaiseh
  • "Data Sets Available from the National Software Reference Library" Douglas White
4:40pm Five-Minute Teasers for Tool Demos and poster Sessions (sign-up on-site)
5:30pm Poster and Demo Sessions
6:00pm Banquet
7:30pm Forensic Rodeo

Wednesday, August 10, 2016

8:00am Registration / Breakfast
9:30am SESSION 5: Artifact Identification and Search
Session Chair: Elizabeth Schweinsberg
  • "CuFA: a more formal definition for digital forensic artifacts" Vikram Harichandran, Daniel Walnycky, Ibrahim Baggili and Frank Breitinger
  • "InVEST: Intelligent Visual Email Search and Triage" Jay Koven, Enrico Bertini, Luke Dubois and Nasir Memon
  • "PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics" Sebastian Neuner, Martin Schmiedecker and Edgar Weippl
11:00am Works in Progress
11:20am Closing Comments
11:30am Lunch on your own
 Workshop Track 1Workshop Track 2
1:30-3:30pm Hands-On With Open Source Similarity Digests
Using GRR and Rekall for Scalable Memory Analysis (part 1)
3:30-5:30pm IED Forensics: Hunting the IED Engineer
Using GRR and Rekall for Scalable Memory Analysis (part 2)
6:00pm DFRWS 2017 Planning Session (food/drinks not paid by DFRWS)

©2001-2016 DFRWS   |   dfrws [at] dfrws [dot] org  

DFRWS is a US 501(c)(3) non-profit organization.