Eoghan Casey, Ph.D. (University of Lausanne)

Abstract

This workshop is organized by members of the community involved with implementing the evolving community-developed standard called Cyber-investigation Analysis Standard Expression (CASE).

CASE is intended to serve the needs of the broadest possible range of cyber-investigation domains, including digital forensics, incident response, counter-terrorism, criminal justice, forensic intelligence, and situational awareness.

The primary motivation for CASE is interoperability - to advance the exchange of cyber-investigation information between tools and organizations. CASE aligns with and extends the Unified Cyber Ontology (UCO).

The purpose of this workshop is to bring together developers who are implementing, or interested in implementing, CASE within their tools or systems. In addition, this workshop will discuss pilot testing of exchange mechanisms for sharing CASE bundles, including the EVIDENCE2e-CODEX project in Europe.

This is an opportunity for developers from different organizations and vendors to present their work on implementations in their tools and systems, and for developers to learn from each other and suggest improvements to CASE.