Paper | Presentation Conference Downloads Author
Using Purpose-Built Functions And Block Hashes To Enable Small Block And Sub-File Forensics DFRWS USA 2010
Simson Garfinkel, Ph.D., Alex Nelson, Ph.D., Douglas White, Vassil Roussev, Ph.D.
Windows Operating System Agnostic Memory Analysis DFRWS USA 2010
James Okolica, Gilbert Peterson
A Novel Time-Memory Trade-Off Method for Password Recovery DFRWS USA 2009
Hwei-Ming Ying
A Second Generation Computer Forensic Analysis System DFRWS USA 2009
Daniel Ayers
Bringing Science to Digital Forensics with Standardized Forensic Corpora DFRWS USA 2009
Simson Garfinkel, Ph.D., Paul Farrell, Vassil Roussev, Ph.D., George Dinolt
Computer Forensic Timeline Visualization Tool DFRWS USA 2009
Jens Olsson, Martin Boldt
DEX - Digital Evidence Provenance Supporting Reproducibility and Comparison DFRWS USA 2009
Brian Levine, Marc Liberatore
DIALOG - A Framework for Modeling, Analysis and Reuse of Digital Forensic Knowledge DFRWS USA 2009
Damir Kahvedzic, Tahar Kechadi
Digital Forensic Implications of ZFS DFRWS USA 2009
Nicole Beebe, Ph.D., Sonia Mandes, Dane Stuckey
Extending the Advanced Forensic Format to accommodate Multiple Data Sources, Logical Evidence, Arbitrary Information and Forensic Workflow DFRWS USA 2009
Michael Cohen, Simson Garfinkel, Ph.D., Bradley Schatz, Ph.D.
Extraction of Forensically Sensitive Information from Windows Physical Memory DFRWS USA 2009
Seyed Mahmood Hejazi, Chamseddine Talhi, Mourad Debbabi
Identification and Recovery of JPEG Files with Missing Fragments DFRWS USA 2009
Husrev Sencar, Nasir Memon
Lessons Learned from the Construction of a Korean Software Reference Data Set for Digital Forensics DFRWS USA 2009
Sangseo Park, Cheolwon Lee, Sungjai Baek
Teleporter - An Analytically and Forensically Sound Duplicate Transfer System DFRWS USA 2009
Kathryn Watkins, Mike McWhorter, Jeff Long, William Hill
The Persistence of Memory - Forensic Identification and Extraction of Cryptographic Keys DFRWS USA 2009
Carsten Maartmann-Moe, André Årnes, Steffen Thorkildsen
Using ShellBag Information to Reconstruct User Activities DFRWS USA 2009
Yuandong Zhu, Pavel Gladyshev, Ph.D., Joshua James
Validation And Verification Of Computer Forensic Software Tools-Searching Function DFRWS USA 2009
Yinghua Guo, Jill Slay, Jason Beckett
A Framework for Attack Patterns Discovery in Honeynet Data DFRWS USA 2008
Olivier Thonnard, Marc Dacier
A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics DFRWS USA 2008
Farkhund Iqbal, Rachid Hadjidj, Benjamin Fung, Mourad Debbabi
An Overall Assessment Of Mobile Internal Acquisition Tool DFRWS USA 2008
Gianluigi Me, Alessandro Distefano
Automated Computer Forensics Training in a Virtualized Environment DFRWS USA 2008
Stephen Brueckner, Frank Adelstein, Ph.D., David Guaspari, Joseph Weeks
Detecting File Fragmentation Point Using Sequential Hypothesis Testing DFRWS USA 2008
Anandabrata Pal, Husrev Sencar, Nasir Memon
FACE - Automated Digital Evidence Discovery and Correlation DFRWS USA 2008
Andrew Case, Andrew Cristina, Lodovico Marziale, Golden Richard III, Ph.D., Vassil Roussev, Ph.D.
Forensic Analysis of the Windows Registry in Memory DFRWS USA 2008
Brendan Dolan-Gavitt
Forensic Memory Analysis - Files Mapped In Memory DFRWS USA 2008
Wouter Alink, Alex van Ballegooij
High Speed Search Using Tarari Content Processor in Digital Forensics DFRWS USA 2008
Jooyoung Lee, Sungkyong Un, Dowon Hong
Limewire Examinations DFRWS USA 2008
Joseph Lewthwaite, Victoria Smith
MEGA - A Tool for Mac OS X Operating System and Application Forensics DFRWS USA 2008
Rob Joyce, Judson Powers, Frank Adelstein, Ph.D.
Predicting the Types of File Fragments DFRWS USA 2008
William Calhoun, Drue Coles
PyFlag - An Advanced Network Forensic Framework DFRWS USA 2008
Michael Cohen
Recovering Deleted Data From the Windows Registry DFRWS USA 2008
Timothy Morgan
The Impact Of Microsoft Windows Pool Allocation Strategies On Memory Forensics DFRWS USA 2008
Andreas Schuster
Using JPEG Quantization Tables to Identify Imagery Processed by Software DFRWS USA 2008
Jesse Kornblum
Using the HFS+ Journal For Deleted File Recovery DFRWS USA 2008
Aaron Burghardt, Adam Feldman
10 Good Reasons Why You Should Shift Focus to Small Scale Digital Device Forensics DFRWS USA 2007
Ronald van der Knijff
A Brief Study of Time DFRWS USA 2007
Florian Buchholz, Brett Tjaden
An Efficient Technique for Enhancing Forensic Capabilities of Ext2 File System DFRWS USA 2007
Mridul Sankar Barik, Gaurav Gupta, Shubhro Sinha, Alok Mishra, Chandan Mazumdara
Analyzing Multiple Logs for Forensic Evidence DFRWS USA 2007
Ali Reza Arasteh, Mourad Debbabi, Assaad Sakha, Mohamed Saleh
Automated Windows Event Log Forensics DFRWS USA 2007
Rich Murphey
BodySnatcher - Towards Reliable Volatile Memory Acquisition by Software DFRWS USA 2007
Bradley Schatz, Ph.D.
Capture - A Tool for Behavioral Analysis of Applications and Documents DFRWS USA 2007
Christian Seifert, Ramon Steenson, Ian Welch, Peter Komisarczuk, Barbara Endicott-Popovsky
Carving Contiguous and Fragmented Files with Object Validation DFRWS USA 2007
Simson Garfinkel, Ph.D.
Digital Forensic Text String Searching - Improving Information Retrieval Effectiveness by Thematically Clustering Search Results DFRWS USA 2007
Nicole Beebe, Ph.D., Jan Clark
File Marshal - Automatic Extraction of Peer-to-Peer Data DFRWS USA 2007
Frank Adelstein, Ph.D., Rob Joyce
Forensic Data Recovery and Examination of Magnetic Swipe Card Cloning Devices DFRWS USA 2007
Gerry Masters, Philip Turner
Forensic Memory Analysis - From Stack and Code to Execution History DFRWS USA 2007
Mourad Debbabi
Introducing the Microsoft Vista Log File Format DFRWS USA 2007
Andreas Schuster
Issues with Imaging Drives Containing Faulty Sectors DFRWS USA 2007
James Lyle, Mark Wozar
Massive Threading - Using GPUs to Increase the Performance of Digital Forensics Tools DFRWS USA 2007
Lodovico Marziale, Golden Richard III, Ph.D., Vassil Roussev, Ph.D.
Multi-Resolution Similarity Hashing DFRWS USA 2007
Vassil Roussev, Ph.D., Golden Richard III, Ph.D., Lodovico Marziale
Specifying Digital Forensics - A Forensics Policy Approach DFRWS USA 2007
Carol Taylor, Barbara Endicott-Popovsky, Deborah Frincke
The VAD Tree - A Process-Eye View of Physical Memory DFRWS USA 2007
Brendan Dolan-Gavitt
A Correlation Method for Establishing Provenance of Timestamps in Digital Evidence DFRWS USA 2006
Bradley Schatz, Ph.D., George Mohay, Andrew Clark
A Cyber Forensics Ontology - Creating a New Approach to Studying Cyber Forensics DFRWS USA 2006
Ashley Brinson, Abigail Robinson, Marcus Rogers
A Strategy for Testing Hardware Write Block Devices DFRWS USA 2006
James Lyle
A Survey of Forensic Characterization Methods for Physical Devices DFRWS USA 2006
Nitin Khanna, Aravind Mikkilineni, Anthony Martone, Gazi Ali, George Chiu, Jan Allebach, Ed Delp
An Empirical Study of Automatic Event Reconstruction Systems DFRWS USA 2006
Sundararaman Jeyaraman, Mikhail Atallah
Arriving at an Anti-forensics Consensus - Examining How to Define and Control the Anti-forensics Problem DFRWS USA 2006
Ryan Harris
Categories of Digital Investigation Analysis Techniques Based On The Computer History Model DFRWS USA 2006
Brian Carrier (Honorary Board Member) , Ph.D., Prof. Eugene Spafford
Cross-Drive Analysis DFRWS USA 2006
Simson Garfinkel, Ph.D.
Current Cyber Investigation Challenges in Digital Forensics DFRWS USA 2006
Ted Lindsey
Detecting False Captioning Using Common Sense Reasoning DFRWS USA 2006
Sangwon Lee, David Shamma, Bruce Gooch
FORZA - Digital Forensics Investigation Framework That Incorporate Legal Issues DFRWS USA 2006
Identifying Almost Identical Files Using Context Triggered Piecewise Hashing DFRWS USA 2006
Jesse Kornblum
Issues in Building the Digital Forensics Bridge From Computer Science to Judicial Science DFRWS USA 2006
Michael Losavio, Deborah Wilson, Adel Elmaghraby, James Graham, S. Srinivasan, David Elder, Marcus Rogers
Knowledge Exploration, Analysis, and Discovery Workshop DFRWS USA 2006
Mark Maybury, Penny Chase
md5bloom - Forensic Filesystem Hashing Revisited DFRWS USA 2006
Vassil Roussev, Ph.D., Timothy Bourg, Yixin Chen, Golden Richard III, Ph.D.
Searching for Processes and Threads in Microsoft Windows Memory Dumps DFRWS USA 2006
Andreas Schuster
Selective and Intelligent Imaging using Digital Evidence Bags DFRWS USA 2006
Philip Turner
Self-Reported Computer Criminal Behavior - A Psychological Analysis DFRWS USA 2006
Marcus Rogers, Kathryn Seigfried-Spellar, Kirti Tidke
XIRAF - Ultimate Forensic Querying DFRWS USA 2006
Wouter Alink, Raoul Bhoedjang, Peter Boncz
Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence DFRWS USA 2005
Brian Carrier (Honorary Board Member) , Ph.D., Prof. Eugene Spafford
Automatically Creating Realistic Targets for Digital Forensics Investigation DFRWS USA 2005
Frank Adelstein, Ph.D., Yun Gao, Golden Richard III, Ph.D.
Data Hiding in Journaling File Systems DFRWS USA 2005
Knut Eckstein, Marko Jahnke
Design and Implementation of Zeitline - a Forensic Timeline Editor DFRWS USA 2005
Florian Buchholz, Courtney Falk
Evaluating Commercial Counter-Forensic Tools DFRWS USA 2005
Matthew Geiger
File Hound - A Forensics Tool for First Responders DFRWS USA 2005
Wm. Blair Gillam, Marc Rogers
Forensic Discovery DFRWS USA 2005
Wietse Venema, Ph.D.
Monitoring Access to Shared Memory-Mapped Files DFRWS USA 2005
Christian Sarmoria, Steve Chapin
Network Forensics Analysis with Evidence Graphs DFRWS USA 2005
Wei Wang, Thomas Daniels
Preparing for Large-Scale Investigations with Case Domain Modeling DFRWS USA 2005
Chris Bogen, David Dampier
Reproducibility of Digital Evidence in Forensic Investigations DFRWS USA 2005
Lei Pan, Lynn Batten
Risk Sensitive Digital Evidence Collection DFRWS USA 2005
Erin Kenneally, Christopher Brown
Scalpel - A Frugal, High Performance File Carver DFRWS USA 2005
Golden Richard III, Ph.D., Vassil Roussev, Ph.D.
Unification of Digital Evidence from Disparate Sources DFRWS USA 2005
Philip Turner
A Framework for Digital Forensic Science DFRWS USA 2004
Mark Pollitt
A Framework of Distributed Agent-based Network Forensics System DFRWS USA 2004
Ren Wei
A Hierarchical, Objectives-Based Framework for the Digital Investigations Process DFRWS USA 2004
Nicole Beebe, Ph.D., Jan Clark
An Event-Based Digital Forensic Investigation Framework DFRWS USA 2004
Brian Carrier (Honorary Board Member) , Ph.D., Prof. Eugene Spafford
Assured Information Security - Stego Intrusion Detection System DFRWS USA 2004
Mike Sieffert, Rodney Forbes, Charles Green, Leonard Popyack, Thomas Blake
BBN Systems - Adversary Modeling to Develop Forensic Observables DFRWS USA 2004
John Lowry, Rico Valdez, Brad Wood
Breaking the Performance Wall - The Case for Distributed Digital Forensics DFRWS USA 2004
Vassil Roussev, Ph.D., Golden Richard III, Ph.D.
Forensics for Critical Information Infrastructure Protection DFRWS USA 2004
Ian Bryant
Forensics, Fighter Pilots and the OODA Loop - The Role of Digital Forensics in Cyber Command and Control DFRWS USA 2004
Heather Dussault, Chet Maciag
Honeynet Data Analysis - A Technique For Correlating Sebek And Network Data DFRWS USA 2004
Edward Balas
Honeynets and Digital Forensics DFRWS USA 2004
Lance Spitzner
How to Reuse Knowledge about Forensic Investigations DFRWS USA 2004
Danilo Bruschi, Mattia Monga, Lorenzo Martignoni
MITRE - Proposal to Formalize Test and Evaluation Activities Within the Forensic and Law Enforcement Communities DFRWS USA 2004
Mark Hirsh
Secure Digital Camera DFRWS USA 2004
Paul Blythe, Jessica Fridrich
The Enhanced Digital Investigation Process Model DFRWS USA 2004
Venansius Baryamureeba, Florence Tushabe