DFRWS 2008 Agenda

The DFRWS 2008 Agenda below summarizes the program of discussion and research.

Sunday, August 10, 2008

5:00pm to 6:30pm Registration

Monday, August 11, 2008

8:00am Registration and Breakfast
9:00am Opening Remarks
9:10am Keynote Address
Network Traffic Analysis of Point of Sale System Compromises
SA Ryan Moore (United States Secret Service)
10:00am Break
10:15am SESSION 1: In-Depth Analysis #1
Chair: Dave Baker
  • Detecting File Fragmentation Point Using Sequential Hypothesis Testing. Anandabrata Pal, Husrev Sencar, Nasir Memon. (paper | slides)
    Best Paper Winner
  • Predicting the Types of File Fragments. William Calhoun, Drue Coles. (paper | slides)
  • Using JPEG Quantization Tables to Identify Imagery Processed by Software. Jesse Kornblum. (paper | slides)
11:45am Lunch on your own
1:30pm SESSION 2: In-Depth Analysis #2
Chair: Golden Richard
  • Forensic Analysis of the Windows Registry in Memory. Brendan Dolan-Gavitt. (paper | slides)
  • Recovering Deleted Data From the Windows Registry. Timothy Morgan. (paper | slides)
  • A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics. Farkhund Iqbal, Rachid Hadjidj, Benjamin Fung, Mourad Debbabi. (paper | slides)
3:00pm Break
3:15pm Presentation of the DFRWS 2008 Forensic Challenge Submissions
4:15pm Tool Demo & Poster Session
5:30pm to 7:30pm Welcome Reception at The Wharf Rat

Tuesday, August 12, 2008

8:00am Breakfast
9:00am Session 3: Memory Analysis
Chair: Frank Adelstein
  • Forensic Memory Analysis: Files mapped in memory. Ruud van Baar. (paper | slides)
  • The impact of Microsoft Windows pool allocation strategies on memory forensics. Andreas Schuster. (paper | slides)
  • FACE: Automated Digital Evidence Discovery and Correlation. Andrew Case, Andrew Cristina, Lodovico Marziale, III, Golden Richard, Vassil Roussev. (paper | slides)
10:30am Break
10:45am SESSION 4: File / System Searching
Chair: Vassil Roussev
  • Using the HFS+ Journal For Deleted File Recovery. Aaron Burghardt, Adam Feldman. (paper | slides)
  • MEGA: A Tool for Mac OS X Operating System and Application Forensics. Rob Joyce, Judson Powers, Frank Adelstein. (paper | slides)
11:45am Lunch on your own.
1:30pm Administrative remarks
1:40pm Keynote Address
Recent Developments in the Law Concerning Computer Forensics
Orin Kerr (George Washington University)
2:30pm Break
2:45pm SESSION 5: Application Specific
Chair: Wietse Venema
  • High Speed Search using Tarari Content Processor in Digital Forensics. Jooyoung Lee. (paper | slides)
  • Limewire Examinations. Joseph Lewthwaite, Victoria Smith. (paper | slides)
  • Automated Computer Forensics Training in a Virtualized Environment. Stephen Brueckner, Frank Adelstein, David Guaspari, Joseph Weeks. (paper | slides)
6:00pm Banquet
  • Best Paper Award
7:30pm Forensic Rodeo

Wednesday, August 13, 2008

8:00am Breakfast
9:00am SESSION 6: Tools
Chair: Eoghan Casey
  • PyFlag - An advanced Network Forensic Framework. Michael Cohen. (paper | slides)
  • An overall assessment of Mobile Internal Acquisition Tool. Gianluigi Me, Alessandro Distefano. (paper | slides)
  • A Framework for Attack Patterns Discovery in Honeynet Data. Olivier Thonnard, Marc Dacier. (paper | slides)
10:30am Break
10:45am Short Presentations & Works in Progress
Chair:
(5 minutes each)
11:30am Closing Comments
12:30pm

Lunch & DFRWS 2009 / 2010 Planning Session
Lucy's Restaurant
(Not Included in Registration Fee)

©2001-2014 DFRWS   |   dfrws [at] dfrws [dot] org  

DFRWS is a US 501(c)(3) non-profit organization.