Please note: All times below are in Eastern Daylight Time. Current EDT Time:

Register now!

Monday, July 12, 2021
1115Keynote: "Contemplating the Curious Contradictions of Digital Forensics & 0-days" by Maddie Stone, Security Researcher at Google's Project Zero
1215Paper Session 1: Malware
Session Chair: Tim Vidas
Robust Malware Detection Models: Learning from Adversarial Attacks and Defenses
by Hemant Rathore (BITS Pilani), Adithya Samavedhi (BITS Pilani), Sanjay K. Sahay (BITS Pilani), and Mohit Sewak (Microsoft)
Malware Family Classification via Efficient Huffman Features
by Stephen O Shaughnessy (Technological University Dublin) and Frank Breitinger (University of Lausanne)
1415Paper Session 2: Memory Forensics
Session Chair: Frank Adelstein
Duck Hunt: Memory Forensics of USB Attack Platforms
by Tyler Thomas (University of New Haven), Mathew Piscitelli (University of New Haven), Bhavik Nahar (University of New Haven), and Ibrahim Baggili (University of New Haven)
Seance: Divination of Tool-Breaking Changes in Forensically Important Binaries
by Ryan Maggio (Louisiana State University), Andrew Case (Volatility Foundation), Aisha Ali-Gombe (Towson University), and Golden G. Richard III (Louisiana State University)
Leveraging Intel DCI for Memory Forensics
by Tobias Latzo (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Matti Schulze (FAU), and Felix Freiling (FAU)
1600Presentation Session # 1: Mobile Forensics
Session Chair: Jessica Hyde
Time Well Spent: Precision Timing, Monotonic Clocks and the iOS PowerLog database
by Mike Williamson (Magnet Forensics) and Sab Strong
Forensic Analysis of Xiaomi IoT Ecosystem
by Evangelos Dragonas
Accuracy of Geolocation Metadata on Pictures Taken Using a Mobile Phone by Elénore Ryser and David-Olivier Jaquet-Chiffelle
Tuesday, July 13
1115Keynote: "The Wonderful, Quirky, and Woefully Misunderstood World of Industrial DFIR" by Lesley Carhart, Principle Incident Responder, Dragos, Inc.
1215Paper Session 3: ICS / Hardware Forensics
Session Chair: Wietse Venema
How Viable is Password Cracking in Digital Forensic Investigation? Analyzing the Guessability of Over 3.9 Billion Real-World Accounts
by Aikaterini Kanta (University College Dublin and European Commission, Joint Research Centre, Sein Coray (University of Basel), Iwen Coisel (European Commission, Joint Research Centre), and Mark Scanlon (University College Dublin)
A Behavioral-based Forensic Investigation Approach for Analyzing Attacks on Water Plants Using GANs
by Nataliia Neshenko (Florida Atlantic University), Elias Bou-Harb (University of Texas at San Antonio), and Borko Furht (University of Texas at San Antonio)
1415Paper Session 4: Data Modeling and Analysis
Session Chair: Alex Nelson
LogExtractor: Extracting Digital Evidence from Android Log Messages via String and Taint Analysis
by Chris Chao-Chun Cheng (Iowa State University), Chen Shi (Iowa State University), Neil Zhenqiang Gong (Duke University), and Yong Guan (Iowa State University)
ChunkedHCs Algorithm for Authorship Verification Problems: Reddit Case Study
by Anh Duc Le (Munster Technological University and Rigr AI), Justin McGuinness (Munster Technological University), and Edward Dixon (Rigr AI)
Using Micro-Services and Artificial Intelligence to Analyze Criminal Evidence
by Iaslan Silva (Federal University of Rio Grande do Norte), João Marcos Valle (Federal University of Rio Grande do Norte), Gabriel Souza (Federal University of Rio Grande do Norte), Jaine Budke (Federal University of Rio Grande do Norte), Daniel Araújo (Federal University of Rio Grande do Norte), Bruno Carvalho (Federal University of Rio Grande do Norte), Nélio Cacho (Federal University of Rio Grande do Norte), Henrique Sales (Federal University of Rio Grande do Norte), Frederico Lopes (Federal University of Rio Grande do Norte), and Rivaldo Silva Júnior (Ministerio Publico do Rio Grande do Norte)
1600Presentation Session 2: Artifacts and Analysis
Computer Forensic Reference Data Sets (CFReDS v2.0) for Digital Evidence
by Rick Ayers, Mehdi Shahid, and Barbara Guttman (NIST)
Topological Data Analysis for Ransomware Detection on the Bitcoin Blockchain
by Cuneyt Akcora (University of Manitoba)
CANCELLED Damaged Device Forensics: The Art of Chip-Swap Forensics
by Shanon Burgess (Crash Analysis, LLC)
1700AFTER HOURS EVENT - Birds of a Feather session #1
Wednesday, July 14
1000Workshop #1: Practical Chromebook Forensics
(Jessica Hyde, 2 hours)
Workshop #2: The Next Ten Years of Challenges for Digital Forensics
(Graeme Horsman and Virginia Franqueira, 2 hours)
1400Paper Session 5: IoT / Mobile
Session Chair: Matthew Geiger
Coffee Forensics — Reconstructing Data in IoT Devices Running Contiki OS
by Jens-Petter Sandvik (National Criminal Investigation Service (Kripos) and NTNU), Katrin Franke (Norwegian University of Science and Technology (NTNU), Habtamu Abie (Norwegian Computing Centre), and Andre Årnes (NTNU and Telenor Group)
Machine Learning Based Approach to Analyze File Meta Data for Smart Phone File Triage
by Cezar Serhal (University College Dublin) and Nhien-An Le-Khac (University College Dublin)
Chip Chop - Smashing the Mobile Phone Secure Chip for Fun and Digital Forensics
by Gunnar Alendal (Norwegian University of Science and Technology (NTNU), Geir Olav Dyrkolbotn (NTNU), and Stefan Axelsson (NTNU)
1545Paper Session 6: Digital Forensics Skills
Session Chair: Erika Noerenberg
Another Brick in the Wall: An Exploratory Analysis of Digital Forensics Programs in the United States
by Syria McCullough (University of New Haven), Stella Abudu (University of New Haven), Ebere Onwubuariri (University of New Haven), and Ibrahim Baggili (University of New Haven)
What Do Incident Response Practitioners Need to Know? A Skillmap for the Years Ahead
by Radek Hranicky (Brno University of Technology), Frank Breitinger (University of Liechtenstein), Ondrej Rysavy (Brno University of Technology), John Sheppard (Waterford Institute of Technology), Florin Schaedler (University of Liechtenstein), Holger Morgenstern (Albstadt-Sigmaringen University) and Simon Malik (Albstadt-Sigmaringen University)
JTAG-based PLC Memory Acquisition Framework for Industrial Control Systems
by Muhammad Haris Rais (Virginia Commonwealth University), Rima Asmar Awad (Oak Ridge National Laboratory), Juan Lopez Jr (Oak Ridge National Laboratory), and Irfan Ahmed (Virginia Commonwealth University)
1715Best paper announcement / closing remarks
1800AFTER HOURS EVENT - Forensics Rodeo
Thursday, July 15
1000Workshop #1: Velociraptor Deep Dive
(Michael Cohen, 4 hours)
Workshop #2: Advancing Forensics Analysis with CASE
(Eoghan Casey, 4 hours)
1400Birds of a Feather session #2
1530DFRWS 2022 Open Planning Meeting