Sunday, August 10, 2008 |
|---|
| 5:00pm |
Registration |
Monday, August 11, 2008 |
|---|
| 8:00am |
Registration and Breakfast |
| 9:00am |
Opening Remarks |
| 9:10am |
Keynote Address
Speaker from the US Secret Service |
| 10:00am |
Break |
| 10:15am |
SESSION 1: In-Depth Analysis #1
Chair:
- Detecting File Fragmentation Point Using Sequential Hypothesis Testing. Anandabrata Pal, Husrev Sencar, Nasir Memon
-
Predicting the Types of File Fragments. William Calhoun, Drue Coles
-
Using JPEG Quantization Tables to Identify Imagery Processed by Software.
Jesse Kornblum.
|
| 11:45am |
Lunch on your own |
| 1:30pm |
SESSION 2: In-Depth Analysis #2
Chair:
- Forensic Analysis of the Windows Registry in Memory. Brendan Dolan-Gavitt
- Recovering Deleted Data From the Windows Registry. Timothy Morgan
- A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics. Farkhund Iqbal, Rachid Hadjidj, Benjamin Fung, Mourad Debbabi
|
| 3:00pm |
Break |
| 3:15pm |
Presentation of the DFRWS 2008 Forensic Challenge Submissions |
| 4:45pm |
Welcome Reception with Tool Demo & Poster Session |
Tuesday, August 12, 2008 |
|---|
| 8:00am |
Breakfast |
| 9:00am |
Session 3: Memory Analysis
Chair:
- Forensic Memory Analysis: Files mapped in memory. Ruud van Baar.
- The impact of Microsoft Windows pool allocation strategies on memory forensics. Andreas Schuster.
- FACE: Automated Digital Evidence Discovery and Correlation. Andrew Case, Andrew Cristina, Lodovico Marziale, III, Golden Richard, Vassil Roussev
|
| 10:30am |
Break |
| 10:45am |
SESSION 4: File / System Searching
Chair:
- Using the HFS+ Journal For Deleted File Recovery. Aaron Burghardt, Adam Feldman.
- MEGA: A Tool for Mac OS X Operating System and Application Forensics. Rob Joyce, Judson Powers, Frank Adelstein.
|
| 11:45am |
Lunch on your own. |
| 1:30pm |
Administrative remarks |
| 1:40pm |
Keynote Address
Recent Developments in the Law Concerning Computer Forensics
Orin Kerr (George Washington University) |
| 2:30pm |
Break |
| 2:45pm |
SESSION 5: Application Specific
Chair:
- High Speed Search using Tarari Content Processor in Digital Forensics. Jooyoung Lee.
- Limewire Examinations. Joseph Lewthwaite, Victoria Smith.
- Automated Computer Forensics Training in a Virtualized Environment. Stephen Brueckner, Frank Adelstein, David Guaspari, Joseph Weeks.
|
| 5:30pm |
Banquet
|
| 7:00pm |
Forensic Rodeo |
Wednesday, August 13, 2008 |
|---|
| 8:00am |
Breakfast |
| 9:00am |
SESSION 6: Tools
Chair:
- PyFlag - An advanced Network Forensic Framework. Michael Cohen.
- An overall assessment of Mobile Internal Acquisition Tool. Gianluigi Me, Alessandro Distefano.
- A Framework for Attack Patterns Discovery in Honeynet Data. Olivier Thonnard, Marc Dacier.
|
| 10:30am |
Break |
| 10:45am |
Short Presentations & Works in Progress
Chair:
(5 minutes each) |
| 11:30am |
Closing Comments |
| 11:45am |
Lunch & DFRWS 2009 / 2010 Planning Session |