| Paper | Presentation | Conference | Downloads | Author |
|---|---|---|---|
| Finding your naughty BITS | DFRWS USA 2015 | Matthew Geiger (Dell SecureWorks) | |
| Federated Testing: Shared Test Materials from the CFTT Program at NIST | DFRWS USA 2015 | Ben Livelsberger, James Lyle | |
| Robust Bootstrapping Memory Analysis against Anti-forensics | DFRWS USA 2016 | Kyoungho Lee (Chonnam National University), Hyunuk Hwang (The Affiliated Institute of ETRI), Kibom Kim (The Affiliated Institute of ETRI), and Bongnam Noh (Chonnam National University) | |
| Rapid differential forensic imaging of mobile devices | DFRWS USA 2016 | Mark Guido (The MITRE Corporation), Justin Grover (The MITRE Corporation), and Jonathan Buttner (The MITRE Corporation) | |
| PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics | DFRWS USA 2016 | Sebastian Neuner (SBA Research), Martin Schmiedecker (SBA Research), and Edgar Weippl (SBA Research) | |
| Fingerprinting Android Packaging: Generating DNAs for Malware Detection | DFRWS USA 2016 | ElMouatez Billah Karbab (Concordia University), Mourad Debbabi (Concordia University), and Djedjiga Mouheb (University of Sharjah) | |
| Digital Forensics as a Service: an update | DFRWS USA 2016 | Harm van Beek (Netherlands Forensic Institute) | |
| Database Image Content Explorer: Carving Data That Does Not Officially Exist | DFRWS USA 2016 | James Wagner (DePaul University), Alexander Rasin (DePaul University), and Jonathan Grier (Grier Forensics) | |
| BinGold: Towards Robust Binary Analysis by Extracting the Semantics of Binary Code as Semantic Flow Graphs (SFGs) | DFRWS USA 2016 | Saed Alrabaee (Concordia University), Lingyu Wang (Concordia University), and Mourad Debbabi (Concordia University) | |
| Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy | DFRWS USA 2016 | Kevin Conlan (University of New Haven), Ibrahim Baggili (University of New Haven), and Frank Breitinger (University of New Haven) | |
| Time is on my side: Steganography in filesystem metadata | DFRWS USA 2016 | Sebastian Neuner (SBA Research), Artemios Voyiatzis (SBA Research), Martin Schmiedecker (SBA Research), Stefan Brunthaler (SBA Research), Stefan Katzenbeisser (Technische Universitat), Edgar Weippl (SBA Research) | |
| Recovery of Heavily Fragmented JPEG Files | DFRWS USA 2016 | Yanbin Tang (University of Hong Kong), Junbin Fang (Jinan University), K.P. Chow (University of Hong Kong), Siu Ming (University of Hong Kong), Jun Xu (Harbin Institute of Technology), Bo Feng (Stony Brook University), Qiong Li (Harbin Institute of Technology), Qi Han (Harbin Institute of Technology) | |
| Recovery method of deleted records and tables from ESE Database | DFRWS USA 2016 | Kim Jeonghyeon (Korea University), Park Aran (Korea University), Lee Sangjin (Korea University) | |
| Rapid, Agentless, and Scalable Forensics and Incident Response Using WARDEN | DFRWS USA 2016 | Adam Meily (Assured Information Security), Sean LaPlante (Assured Information Security), Richard Gloo (Assured Information Security) | |
| Practical Analyzing the Relation of Wallet Addresses in Bitcoin | DFRWS USA 2016 | Hiroki Kuzuno and Christian Karam | |
| InVEST: Intelligent Visual Email Search and Triage | DFRWS USA 2016 | Jay Koven (NYU Tandon School of Engineering), Enrico Bertini (NYU Tandon School of Engineering), Luke Dubois (NYU Tandon School of Engineering), Nasir Memon (NYU Tandon School of Engineering) | |
| IED Forensics: Hunting the IED Engineer | DFRWS USA 2016 | Larry Leibrock | |
| Forensic investigations in SDN networks | DFRWS USA 2016 | Izzat Alsmadi (University of New Haven), Samer Khamaiseh (Boise State University) | |
| Detecting Objective-C Malware Through Memory Forensics | DFRWS USA 2016 | Andrew Case (Volexity) and Golden Richard III, Ph.D. (Louisiana State University) | |
| Deleting collected digital evidence by exploiting a widely adopted hardware write blocker | DFRWS USA 2016 | Christopher Meffert (University of New Haven), Ibrahim Baggili (University of New Haven), Frank Breitinger (University of New Haven) | |
| dbling: Identifying Extensions Installed on Encrypted Web Thin Clients | DFRWS USA 2016 | Mike Mabey (Arizona State University), Adam Doupe (Arizona State University), Ziming Zhao (Arizona State University), Gail-Joon Ahn (Arizona State University) | |
| Data Sets Available from the National Software Reference Library | DFRWS USA 2016 | Douglas White (NIST) | |
| A practical approach to analyze smartphone backup data as a digital evidence | DFRWS USA 2016 | Jaehyeok Han, Sangjin Lee | |
| Extending The Sleuth Kit and its Underlying Model for Pooled Storage File System Forensic Analysis | DFRWS USA 2017 | Jan-Niclas Hilgert, Martin Lambertz, Daniel Plohmann | |
| Digital Forensic Approaches for Amazon Alexa Ecosystem | DFRWS USA 2017 | Hyunji Chung, Jungheum Park, and Sangjin Lee | |
| Use of Generalized Hough Transform on Interpretation of Memory Dumps | DFRWS USA 2017 | Paulo Roberto Nunes de Souza (University College Dublin), Pavel Gladyshev, Ph.D. (University College Dublin) | |
| Virtualization-Based Security: A Forensics Perspective | DFRWS USA 2017 | Jason Hale | |
| SCARF: A Container-Based Approach to Cloud-Scale Digital Forensic Processing | DFRWS USA 2017 | Christopher Stelly (University of New Orleans), Vassil Roussev, Ph.D. (University of New Orleans) | |
| Time-of-Recording Estimation for Audio Recordings | DFRWS USA 2017 | Lilei Zheng, Ying Zhang, Chien Eao Lee, Vrizlynn Thing | |
| SCADA Network Forensics of the PCCC Protocol | DFRWS USA 2017 | Saranyan Senthivel, Irfan Ahmed (University of New Orleans), Vassil Roussev, Ph.D. (University of New Orleans) | |
| Pull It Together: Enabling Interoperability of Digital Forensic Systems Using a Standard Representation and Supporting API | DFRWS USA 2017 | Sean Barnum, Ryan Griffith (DC3) | |
| Memory Based Dynamic Malware Analysis | DFRWS USA 2017 | Endre Bangerter (Bern University of Applied Sciences), Jonas Wagner | |
| Linux Memory Forensics: Dissecting the User Space Process Heap | DFRWS USA 2017 | Frank Block, Andreas Dewald | |
| Leveraging the SRTP protocol for Over-The-Network Memory Acquisition of a GE Fanuc Series 90-30 | DFRWS USA 2017 | Denton George, Filip Karpisek, Frank Breitinger (University of New Haven), Ibrahim Baggili (University of New Haven) | |
| Insights Gained From Constructing a Large Scale Dynamic Analysis Platform | DFRWS USA 2017 | Cody Miller, Dae Glendowne, Henry Cook, Demarcus Thomas, Patrick Pape, Chris Lanclos | |
| Gaslight: A Comprehensive Fuzzing Architecture for Memory Forensics Frameworks | DFRWS USA 2017 | Andrew Case (Volexity), Arghya Das, Seung-Jong Park, Ram Ramanujam, Golden Richard III, Ph.D. (Louisiana State University) | |
| Finding Digital Evidence in Mobile Devices | DFRWS USA 2017 | Hans Henseler, Ph.D. (University of Applied Sciences Leiden), Vince Noort | |
| DROP (DRone Open source Parser) Your Drone – Forensic Analysis of the DJI Phantom III | DFRWS USA 2017 | Devon Clark, Christopher Meffert (University of New Haven), Ibrahim Baggili (University of New Haven), Frank Breitinger (University of New Haven) | |
| Deleted File Persistence on Digital Media | DFRWS USA 2017 | Jim Jones, Tahir Khan | |
| Carving Database Storage to Detect and Trace Security Breaches | DFRWS USA 2017 | James Wagner (DePaul University), Alexander Rasin (DePaul University), Boris Glavic, Karen Heart, Jacob Furst, Lucas Bressan, Jonathan Grier (Grier Forensics) | |
| Browser Artifacts of Google Drive and Gmail | DFRWS USA 2017 | Elizabeth Schweinsberg (Facebook) | |
| Availability of Datasets for Digital Forensics – and What is Missing | DFRWS USA 2017 | Cinthya Grajeda Mendez, Frank Breitinger (University of New Haven), Ibrahim Baggili (University of New Haven) | |
| Analyzing User-Event Data Using Score-based Likelihood Ratios with Marked Point Processes | DFRWS USA 2017 | Christopher Galbraith, Padhraic Smyth | |
| AFIDS: Another Forensic Image Data Set | DFRWS USA 2017 | Mark Guido (The MITRE Corporation), Michael McCarrin, David Baker (DFRWS), Vik Harichandran, Sam Brothers | |
| Advancing the AFF4 to the Challenges of Volatile Memory and Single Hashes | DFRWS USA 2017 | Bradley Schatz, Ph.D. (Schatz Forensic) | |
| Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests | DFRWS USA 2018 | Tomasz Tuzel, Mark Bridgman, Joshua Zepf | |
| Welcome pwn: Almond Smart Home Hub Forensics | DFRWS USA 2018 | Akshay Awasthi, Huw Read, Iain Sutherland, Konstantinos Xynos | |
| Reconstructing Streamed Video Content: A Case Study on YouTube and Facebook Live Stream Content in the Chrome Web Browser Cache | DFRWS USA 2018 | Graeme Horsman | |
| Multinomial Malware Classification Via Low-level Features | DFRWS USA 2018 | Sergii Banin, Geir Olav Dyrkolbotn (NTNU) | |
| Was the 2016 Election Hacked? Your Forensic Expertise is Needed! | DFRWS USA 2018 | Suzanne Mello-Stark |