Paper | Presentation Conference Downloads Author
Modern Ships Voyage Data Recorders - A Forensics Perspective on the Costa Concordia Shipwreck DFRWS USA 2013
Mario Piccinelli, Paolo Gubian
Unicode Search of Dirty Data, Or How I Learned to Stop Worrying and Love Unicode Technical Standard 18 DFRWS USA 2013
Jon Stewart, Joel Uckelman
A General Strategy for Differential Forensic Analysis DFRWS USA 2012
Simson Garfinkel, Ph.D., Alex Nelson, Ph.D., Joel Young
Acquiring Forensic Evidence from Infrastructure-as-a-Service Cloud Computing DFRWS USA 2012
Josiah Dykstra, Ph.D., Alan Sherman
An Analysis of Ext4 for Digital Forensics DFRWS USA 2012
Kevin Fairbanks
An Automated Timeline Reconstruction Approach for Digital Forensic Investigations DFRWS USA 2012
Christopher Hargreaves, Jonathan Patterson
Bin-Carver - Automatic Recovery of Binary Executable Files DFRWS USA 2012
Scott Hand, Zhiqiang Lin, Guofei Gu, Bhavani Thuraisingham
Content Triage with Similarity Digests - The M57 Case Study DFRWS USA 2012
Vassil Roussev, Ph.D., Candice Quates
Finding and Identifying Text in 900+ Languages DFRWS USA 2012
Ralf Brown
IntroLib - Efficient and Transparent Library Call Introspection for Malware Forensics DFRWS USA 2012
Zhui Deng, Dongyan Xu, Xiangyu Zhang, Xuxian Jiang
Lessons Learned Writing Computer Forensics Tools and Managing a Large Digital Evidence Corpus DFRWS USA 2012
Simson Garfinkel, Ph.D.
Social Networking Applications on Mobile Devices DFRWS USA 2012
Noora Al Mutawa, Ibrahim Baggili, Andrew Marrington
Surveying The User Space Through User Allocations DFRWS USA 2012
Andrew White, Bradley Schatz, Ph.D., Ernest Foo
Testing the National Software Reference Library DFRWS USA 2012
Neil Rowe
The Use of Random Sampling in Investigations Involving Child Abuse Material DFRWS USA 2012
Michael Wilkinson, Brian Jones, Syd Pleno
Triage in Digital Forensics DFRWS USA 2012
Ryan Moore
Using NLP Techniques for File Fragment Classification DFRWS USA 2012
Oles Zhulyn, Simran Fitzgerald, George Mathews, Colin Morris
Visualization in Malware and Forensics DFRWS USA 2012
Danny Quist
Advanced Evidence Collection and Analysis of Web Browser Activity DFRWS USA 2011
Junghoon Oh, Seungbong Lee, Sangjin Lee
An Evaluation of Forensic Similarity Hashes DFRWS USA 2011
Vassil Roussev, Ph.D.
Augmenting Password Recovery with Online Profiling DFRWS USA 2011
Khawla Al-Wehaibi, Tim Storer, Brad Glisson
CAT Detect - A Tool for Detecting Inconsistency in Computer Activity Timelines DFRWS USA 2011
Andrew Marrington, Ibrahim Baggili, George Mohay, Andrew Clark
Detecting Data Theft Using Stochastic Forensics DFRWS USA 2011
Jonathan Grier
Digital Forensics in Consumer Online Privacy Class Actions DFRWS USA 2011
Scott Kamber
Distributed Forensics and Incident Response in the Enterprise DFRWS USA 2011
Michael Cohen, Darren Bilby, Germano Caronni
eDiscovery Case Study DFRWS USA 2011
A. J. Krouse
Empirical Analysis of Solid State Disk Data Retention when used with Contemporary Operating Systems DFRWS USA 2011
Christopher King
Extracting the Windows Clipboard from Memory DFRWS USA 2011
James Okolica, Gilbert Peterson
Forensic Carving of Network Packets and Associated Data Structures DFRWS USA 2011
Robert Beverly, Ph.D., Simson Garfinkel, Ph.D., Greg Cardwell
Privacy-Preserving Network Flow Recording DFRWS USA 2011
Bilal Shebaro, Jedidiah Crandall
Reconstructing Corrupt DEFLATEd Files DFRWS USA 2011
Ralf Brown
System for the Proactive, Continuous, and Efficient Collection of Digital Forensic Evidence DFRWS USA 2011
Clay Shields, Ophir Frieder, Mark Maloof
Towards a General Collection Methodology for Android Devices DFRWS USA 2011
Chengye Zhang, Nicolas Christin
Visualization in Testing a Volatile Memory Forensic Tool DFRWS USA 2011
Hajime Inoue, Frank Adelstein, Ph.D., Robert Joyce
Android Anti-Forensics Through a Local Paradigm DFRWS USA 2010
Alessandro Distefano, Gianluigi Me, Francesco Pace
Automated Mapping of Large Binary Objects Using Primitive Fragment Type Classification DFRWS USA 2010
Gregory Conti, Sergey Bratus, Benjamin Sangster, Roy Ragsdale, Matthew Supan, Andrew Lichtenberg, Robert Perez-Alemany, Anna Shubina
Different Interpretations of ISO9660 File Systems DFRWS USA 2010
Brian Carrier (Honorary Board Member) , Ph.D.
Digital Forensics Research - The Next 10 Years DFRWS USA 2010
Simson Garfinkel, Ph.D.
Dynamic Recreation of Kernel Data Structures for Live Forensics DFRWS USA 2010
Golden Richard III, Ph.D., Andrew Case, Lodovico Marziale
Extracting Windows Command Line Details from Physical Memory DFRWS USA 2010
Richard Stevens, Eoghan Casey, Ph.D.
Forensic Investigation of Peer-to-Peer File Sharing Network DFRWS USA 2010
Robert Erdely, Thomas Kerle, Brian Levine, Marc Liberatore, Clay Shields
Hash Based Disk Imaging Using AFF4 DFRWS USA 2010
Michael Cohen, Bradley Schatz, Ph.D.
If Error Rate is Such a Simple Concept, Why Don't I have One for My Forensic Tool Yet DFRWS USA 2010
James Lyle
Leaving Timing Channel Fingerprints in Hidden Service Log Files DFRWS USA 2010
Bilal Shebaro, Fernando Perez-Gonzalez, Jedidiah Crandall
Live Memory Forensics of Mobile Phones DFRWS USA 2010
Vrizlynn L. L. Thing, Kian-Yong Ng, Ee-Chien Chang
Secure USB Bypassing Tool DFRWS USA 2010
Jewan Bang, Byeongyeong Yoo, Sangjin Lee
The Normalized Compression Distance as a File Fragment Classifier DFRWS USA 2010
Stefan Axelsson
Treasure and Tragedy in kmem_cache Mining for Live Forensics Investigation DFRWS USA 2010
Golden Richard III, Ph.D., Andrew Case, Lodovico Marziale, Cris Neckar
Using Purpose-Built Functions And Block Hashes To Enable Small Block And Sub-File Forensics DFRWS USA 2010
Simson Garfinkel, Ph.D., Alex Nelson, Ph.D., Douglas White, Vassil Roussev, Ph.D.
Windows Operating System Agnostic Memory Analysis DFRWS USA 2010
James Okolica, Gilbert Peterson
A Novel Time-Memory Trade-Off Method for Password Recovery DFRWS USA 2009
Hwei-Ming Ying
A Second Generation Computer Forensic Analysis System DFRWS USA 2009
Daniel Ayers
Bringing Science to Digital Forensics with Standardized Forensic Corpora DFRWS USA 2009
Simson Garfinkel, Ph.D., Paul Farrell, Vassil Roussev, Ph.D., George Dinolt
Computer Forensic Timeline Visualization Tool DFRWS USA 2009
Jens Olsson, Martin Boldt
DEX - Digital Evidence Provenance Supporting Reproducibility and Comparison DFRWS USA 2009
Brian Levine, Marc Liberatore
DIALOG - A Framework for Modeling, Analysis and Reuse of Digital Forensic Knowledge DFRWS USA 2009
Damir Kahvedzic, Tahar Kechadi
Digital Forensic Implications of ZFS DFRWS USA 2009
Nicole Beebe, Ph.D., Sonia Mandes, Dane Stuckey
Extending the Advanced Forensic Format to accommodate Multiple Data Sources, Logical Evidence, Arbitrary Information and Forensic Workflow DFRWS USA 2009
Michael Cohen, Simson Garfinkel, Ph.D., Bradley Schatz, Ph.D.
Extraction of Forensically Sensitive Information from Windows Physical Memory DFRWS USA 2009
Seyed Mahmood Hejazi, Chamseddine Talhi, Mourad Debbabi
Identification and Recovery of JPEG Files with Missing Fragments DFRWS USA 2009
Husrev Sencar, Nasir Memon
Lessons Learned from the Construction of a Korean Software Reference Data Set for Digital Forensics DFRWS USA 2009
Sangseo Park, Cheolwon Lee, Sungjai Baek
Teleporter - An Analytically and Forensically Sound Duplicate Transfer System DFRWS USA 2009
Kathryn Watkins, Mike McWhorter, Jeff Long, William Hill
The Persistence of Memory - Forensic Identification and Extraction of Cryptographic Keys DFRWS USA 2009
Carsten Maartmann-Moe, André Årnes, Steffen Thorkildsen
Using ShellBag Information to Reconstruct User Activities DFRWS USA 2009
Yuandong Zhu, Pavel Gladyshev, Ph.D., Joshua James
Validation And Verification Of Computer Forensic Software Tools-Searching Function DFRWS USA 2009
Yinghua Guo, Jill Slay, Jason Beckett
A Framework for Attack Patterns Discovery in Honeynet Data DFRWS USA 2008
Olivier Thonnard, Marc Dacier
A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics DFRWS USA 2008
Farkhund Iqbal, Rachid Hadjidj, Benjamin Fung, Mourad Debbabi
An Overall Assessment Of Mobile Internal Acquisition Tool DFRWS USA 2008
Gianluigi Me, Alessandro Distefano
Automated Computer Forensics Training in a Virtualized Environment DFRWS USA 2008
Stephen Brueckner, Frank Adelstein, Ph.D., David Guaspari, Joseph Weeks
Detecting File Fragmentation Point Using Sequential Hypothesis Testing DFRWS USA 2008
Anandabrata Pal, Husrev Sencar, Nasir Memon
FACE - Automated Digital Evidence Discovery and Correlation DFRWS USA 2008
Andrew Case, Andrew Cristina, Lodovico Marziale, Golden Richard III, Ph.D., Vassil Roussev, Ph.D.
Forensic Analysis of the Windows Registry in Memory DFRWS USA 2008
Brendan Dolan-Gavitt
Forensic Memory Analysis - Files Mapped In Memory DFRWS USA 2008
Wouter Alink, Alex van Ballegooij
High Speed Search Using Tarari Content Processor in Digital Forensics DFRWS USA 2008
Jooyoung Lee, Sungkyong Un, Dowon Hong
Limewire Examinations DFRWS USA 2008
Joseph Lewthwaite, Victoria Smith
MEGA - A Tool for Mac OS X Operating System and Application Forensics DFRWS USA 2008
Rob Joyce, Judson Powers, Frank Adelstein, Ph.D.
Predicting the Types of File Fragments DFRWS USA 2008
William Calhoun, Drue Coles
PyFlag - An Advanced Network Forensic Framework DFRWS USA 2008
Michael Cohen
Recovering Deleted Data From the Windows Registry DFRWS USA 2008
Timothy Morgan
The Impact Of Microsoft Windows Pool Allocation Strategies On Memory Forensics DFRWS USA 2008
Andreas Schuster
Using JPEG Quantization Tables to Identify Imagery Processed by Software DFRWS USA 2008
Jesse Kornblum
Using the HFS+ Journal For Deleted File Recovery DFRWS USA 2008
Aaron Burghardt, Adam Feldman
10 Good Reasons Why You Should Shift Focus to Small Scale Digital Device Forensics DFRWS USA 2007
Ronald van der Knijff
A Brief Study of Time DFRWS USA 2007
Florian Buchholz, Brett Tjaden
An Efficient Technique for Enhancing Forensic Capabilities of Ext2 File System DFRWS USA 2007
Mridul Sankar Barik, Gaurav Gupta, Shubhro Sinha, Alok Mishra, Chandan Mazumdara
Analyzing Multiple Logs for Forensic Evidence DFRWS USA 2007
Ali Reza Arasteh, Mourad Debbabi, Assaad Sakha, Mohamed Saleh
Automated Windows Event Log Forensics DFRWS USA 2007
Rich Murphey
BodySnatcher - Towards Reliable Volatile Memory Acquisition by Software DFRWS USA 2007
Bradley Schatz, Ph.D.
Capture - A Tool for Behavioral Analysis of Applications and Documents DFRWS USA 2007
Christian Seifert, Ramon Steenson, Ian Welch, Peter Komisarczuk, Barbara Endicott-Popovsky
Carving Contiguous and Fragmented Files with Object Validation DFRWS USA 2007
Simson Garfinkel, Ph.D.
Digital Forensic Text String Searching - Improving Information Retrieval Effectiveness by Thematically Clustering Search Results DFRWS USA 2007
Nicole Beebe, Ph.D., Jan Clark
File Marshal - Automatic Extraction of Peer-to-Peer Data DFRWS USA 2007
Frank Adelstein, Ph.D., Rob Joyce
Forensic Data Recovery and Examination of Magnetic Swipe Card Cloning Devices DFRWS USA 2007
Gerry Masters, Philip Turner
Forensic Memory Analysis - From Stack and Code to Execution History DFRWS USA 2007
Mourad Debbabi
Introducing the Microsoft Vista Log File Format DFRWS USA 2007
Andreas Schuster
Issues with Imaging Drives Containing Faulty Sectors DFRWS USA 2007
James Lyle, Mark Wozar
Massive Threading - Using GPUs to Increase the Performance of Digital Forensics Tools DFRWS USA 2007
Lodovico Marziale, Golden Richard III, Ph.D., Vassil Roussev, Ph.D.
Multi-Resolution Similarity Hashing DFRWS USA 2007
Vassil Roussev, Ph.D., Golden Richard III, Ph.D., Lodovico Marziale
Specifying Digital Forensics - A Forensics Policy Approach DFRWS USA 2007
Carol Taylor, Barbara Endicott-Popovsky, Deborah Frincke
The VAD Tree - A Process-Eye View of Physical Memory DFRWS USA 2007
Brendan Dolan-Gavitt