Paper | Presentation Conference Downloads Author
Key-Hiding On The ARM Platform DFRWS EU 2014
Alexander Nilsson, Marcus Andersson, Stefan Axelsson
OBA2 - An Onion Approach to Binary Code Authorship Attribution DFRWS EU 2014
Saed Alrabaee, Noman Saleem, Stere Preda, Lingyo Wang, Mourad Debbabi
On The Database Lookup Problem Of Approximate Matching DFRWS EU 2014
Frank Breitinger, Harald Baier, Douglas White
OpenLV - Empowering Investigators and First-Responders in the Digital Forensics Process DFRWS EU 2014
Brian Kaplan, Matthew Geiger
Out Of Sight, But Not Out Of Mind - Traces Of Nearby Devices' Wireless Transmissions In Volatile Memory DFRWS EU 2014
Wicher Minnaard
Practical Use of Approximate Hash Based Matching in Digital Investigations DFRWS EU 2014
Petter Christian Bjelland, André Årnes, Katrin Franke
Robust Linux Memory Acquisition with Minimal Target Impact DFRWS EU 2014
Johannes Stuettgen, Michael Cohen
Windows Surface RT Tablet Forensics DFRWS EU 2014
Asif Iqbal, Hanan Alobaidli, Andrew Marrington, Andy Jones
A Study of User Data Integrity During Acquisition of Android Devices DFRWS USA 2013
Namheun Son, Yunho Lee, Dohyun Kim, Joshua James, Sangjin Lee, Kyungho Lee
An Evaluation Platform for Forensic Memory Acquisition Software DFRWS USA 2013
Stefan Voemel, Johannes Stuettgen
Android Forensics - Automated Data Collection And Reporting From A Mobile Device DFRWS USA 2013
Justin Grover
Anti-Forensic Resilient Memory Acquisition DFRWS USA 2013
Johannes Stüttgen, Michael Cohen
Automated Identification of Installed Malicious Android Applications DFRWS USA 2013
Mark Guido, Justin Grover, Jared Ondricek, Dave Wilburn, Drew Hunt, Thanh Nguyen
Design and Implementation of FROST - Digital Forensic Tools for the OpenStack Cloud Computing Platform DFRWS USA 2013
Josiah Dykstra, Ph.D., Alan Sherman
File Fragment Encoding Classification - An Empirical Approach DFRWS USA 2013
Vassil Roussev, Ph.D., Candice Quates
FRASH - A Framework To Test Algorithms Of Similarity Hashing DFRWS USA 2013
Frank Breitinger, Georgios Stivaktakis, Harald Baier
Improved Recovery and Reconstruction of DEFLATEd Files DFRWS USA 2013
Ralf Brown
Integrity Verification of User Space Code DFRWS USA 2013
Andrew White, Bradley Schatz, Ph.D., Ernest Foo
Language Translation for File Paths DFRWS USA 2013
Neil Rowe, Riqui Schwamm, Simson Garfinkel, Ph.D.
Modern Ships Voyage Data Recorders - A Forensics Perspective on the Costa Concordia Shipwreck DFRWS USA 2013
Mario Piccinelli, Paolo Gubian
Unicode Search of Dirty Data, Or How I Learned to Stop Worrying and Love Unicode Technical Standard 18 DFRWS USA 2013
Jon Stewart, Joel Uckelman
A General Strategy for Differential Forensic Analysis DFRWS USA 2012
Simson Garfinkel, Ph.D., Alex Nelson, Ph.D., Joel Young
Acquiring Forensic Evidence from Infrastructure-as-a-Service Cloud Computing DFRWS USA 2012
Josiah Dykstra, Ph.D., Alan Sherman
An Analysis of Ext4 for Digital Forensics DFRWS USA 2012
Kevin Fairbanks
An Automated Timeline Reconstruction Approach for Digital Forensic Investigations DFRWS USA 2012
Christopher Hargreaves, Jonathan Patterson
Bin-Carver - Automatic Recovery of Binary Executable Files DFRWS USA 2012
Scott Hand, Zhiqiang Lin, Guofei Gu, Bhavani Thuraisingham
Content Triage with Similarity Digests - The M57 Case Study DFRWS USA 2012
Vassil Roussev, Ph.D., Candice Quates
Finding and Identifying Text in 900+ Languages DFRWS USA 2012
Ralf Brown
IntroLib - Efficient and Transparent Library Call Introspection for Malware Forensics DFRWS USA 2012
Zhui Deng, Dongyan Xu, Xiangyu Zhang, Xuxian Jiang
Lessons Learned Writing Computer Forensics Tools and Managing a Large Digital Evidence Corpus DFRWS USA 2012
Simson Garfinkel, Ph.D.
Social Networking Applications on Mobile Devices DFRWS USA 2012
Noora Al Mutawa, Ibrahim Baggili, Andrew Marrington
Surveying The User Space Through User Allocations DFRWS USA 2012
Andrew White, Bradley Schatz, Ph.D., Ernest Foo
Testing the National Software Reference Library DFRWS USA 2012
Neil Rowe
The Use of Random Sampling in Investigations Involving Child Abuse Material DFRWS USA 2012
Michael Wilkinson, Brian Jones, Syd Pleno
Triage in Digital Forensics DFRWS USA 2012
Ryan Moore
Using NLP Techniques for File Fragment Classification DFRWS USA 2012
Oles Zhulyn, Simran Fitzgerald, George Mathews, Colin Morris
Visualization in Malware and Forensics DFRWS USA 2012
Danny Quist
Advanced Evidence Collection and Analysis of Web Browser Activity DFRWS USA 2011
Junghoon Oh, Seungbong Lee, Sangjin Lee
An Evaluation of Forensic Similarity Hashes DFRWS USA 2011
Vassil Roussev, Ph.D.
Augmenting Password Recovery with Online Profiling DFRWS USA 2011
Khawla Al-Wehaibi, Tim Storer, Brad Glisson
CAT Detect - A Tool for Detecting Inconsistency in Computer Activity Timelines DFRWS USA 2011
Andrew Marrington, Ibrahim Baggili, George Mohay, Andrew Clark
Detecting Data Theft Using Stochastic Forensics DFRWS USA 2011
Jonathan Grier
Digital Forensics in Consumer Online Privacy Class Actions DFRWS USA 2011
Scott Kamber
Distributed Forensics and Incident Response in the Enterprise DFRWS USA 2011
Michael Cohen, Darren Bilby, Germano Caronni
eDiscovery Case Study DFRWS USA 2011
A. J. Krouse
Empirical Analysis of Solid State Disk Data Retention when used with Contemporary Operating Systems DFRWS USA 2011
Christopher King
Extracting the Windows Clipboard from Memory DFRWS USA 2011
James Okolica, Gilbert Peterson
Forensic Carving of Network Packets and Associated Data Structures DFRWS USA 2011
Robert Beverly, Ph.D., Simson Garfinkel, Ph.D., Greg Cardwell
Privacy-Preserving Network Flow Recording DFRWS USA 2011
Bilal Shebaro, Jedidiah Crandall
Reconstructing Corrupt DEFLATEd Files DFRWS USA 2011
Ralf Brown
System for the Proactive, Continuous, and Efficient Collection of Digital Forensic Evidence DFRWS USA 2011
Clay Shields, Ophir Frieder, Mark Maloof
Towards a General Collection Methodology for Android Devices DFRWS USA 2011
Chengye Zhang, Nicolas Christin
Visualization in Testing a Volatile Memory Forensic Tool DFRWS USA 2011
Hajime Inoue, Frank Adelstein, Ph.D., Robert Joyce
Android Anti-Forensics Through a Local Paradigm DFRWS USA 2010
Alessandro Distefano, Gianluigi Me, Francesco Pace
Automated Mapping of Large Binary Objects Using Primitive Fragment Type Classification DFRWS USA 2010
Gregory Conti, Sergey Bratus, Benjamin Sangster, Roy Ragsdale, Matthew Supan, Andrew Lichtenberg, Robert Perez-Alemany, Anna Shubina
Different Interpretations of ISO9660 File Systems DFRWS USA 2010
Brian Carrier (Honorary Board Member) , Ph.D.
Digital Forensics Research - The Next 10 Years DFRWS USA 2010
Simson Garfinkel, Ph.D.
Dynamic Recreation of Kernel Data Structures for Live Forensics DFRWS USA 2010
Golden Richard III, Ph.D., Andrew Case, Lodovico Marziale
Extracting Windows Command Line Details from Physical Memory DFRWS USA 2010
Richard Stevens, Eoghan Casey, Ph.D.
Forensic Investigation of Peer-to-Peer File Sharing Network DFRWS USA 2010
Robert Erdely, Thomas Kerle, Brian Levine, Marc Liberatore, Clay Shields
Hash Based Disk Imaging Using AFF4 DFRWS USA 2010
Michael Cohen, Bradley Schatz, Ph.D.
If Error Rate is Such a Simple Concept, Why Don't I have One for My Forensic Tool Yet DFRWS USA 2010
James Lyle
Leaving Timing Channel Fingerprints in Hidden Service Log Files DFRWS USA 2010
Bilal Shebaro, Fernando Perez-Gonzalez, Jedidiah Crandall
Live Memory Forensics of Mobile Phones DFRWS USA 2010
Vrizlynn L. L. Thing, Kian-Yong Ng, Ee-Chien Chang
Secure USB Bypassing Tool DFRWS USA 2010
Jewan Bang, Byeongyeong Yoo, Sangjin Lee
The Normalized Compression Distance as a File Fragment Classifier DFRWS USA 2010
Stefan Axelsson
Treasure and Tragedy in kmem_cache Mining for Live Forensics Investigation DFRWS USA 2010
Golden Richard III, Ph.D., Andrew Case, Lodovico Marziale, Cris Neckar
Using Purpose-Built Functions And Block Hashes To Enable Small Block And Sub-File Forensics DFRWS USA 2010
Simson Garfinkel, Ph.D., Alex Nelson, Ph.D., Douglas White, Vassil Roussev, Ph.D.
Windows Operating System Agnostic Memory Analysis DFRWS USA 2010
James Okolica, Gilbert Peterson
A Novel Time-Memory Trade-Off Method for Password Recovery DFRWS USA 2009
Hwei-Ming Ying
A Second Generation Computer Forensic Analysis System DFRWS USA 2009
Daniel Ayers
Bringing Science to Digital Forensics with Standardized Forensic Corpora DFRWS USA 2009
Simson Garfinkel, Ph.D., Paul Farrell, Vassil Roussev, Ph.D., George Dinolt
Computer Forensic Timeline Visualization Tool DFRWS USA 2009
Jens Olsson, Martin Boldt
DEX - Digital Evidence Provenance Supporting Reproducibility and Comparison DFRWS USA 2009
Brian Levine, Marc Liberatore
DIALOG - A Framework for Modeling, Analysis and Reuse of Digital Forensic Knowledge DFRWS USA 2009
Damir Kahvedzic, Tahar Kechadi
Digital Forensic Implications of ZFS DFRWS USA 2009
Nicole Beebe, Ph.D., Sonia Mandes, Dane Stuckey
Extending the Advanced Forensic Format to accommodate Multiple Data Sources, Logical Evidence, Arbitrary Information and Forensic Workflow DFRWS USA 2009
Michael Cohen, Simson Garfinkel, Ph.D., Bradley Schatz, Ph.D.
Extraction of Forensically Sensitive Information from Windows Physical Memory DFRWS USA 2009
Seyed Mahmood Hejazi, Chamseddine Talhi, Mourad Debbabi
Identification and Recovery of JPEG Files with Missing Fragments DFRWS USA 2009
Husrev Sencar, Nasir Memon
Lessons Learned from the Construction of a Korean Software Reference Data Set for Digital Forensics DFRWS USA 2009
Sangseo Park, Cheolwon Lee, Sungjai Baek
Teleporter - An Analytically and Forensically Sound Duplicate Transfer System DFRWS USA 2009
Kathryn Watkins, Mike McWhorter, Jeff Long, William Hill
The Persistence of Memory - Forensic Identification and Extraction of Cryptographic Keys DFRWS USA 2009
Carsten Maartmann-Moe, André Årnes, Steffen Thorkildsen
Using ShellBag Information to Reconstruct User Activities DFRWS USA 2009
Yuandong Zhu, Pavel Gladyshev, Ph.D., Joshua James
Validation And Verification Of Computer Forensic Software Tools-Searching Function DFRWS USA 2009
Yinghua Guo, Jill Slay, Jason Beckett
A Framework for Attack Patterns Discovery in Honeynet Data DFRWS USA 2008
Olivier Thonnard, Marc Dacier
A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics DFRWS USA 2008
Farkhund Iqbal, Rachid Hadjidj, Benjamin Fung, Mourad Debbabi
An Overall Assessment Of Mobile Internal Acquisition Tool DFRWS USA 2008
Gianluigi Me, Alessandro Distefano
Automated Computer Forensics Training in a Virtualized Environment DFRWS USA 2008
Stephen Brueckner, Frank Adelstein, Ph.D., David Guaspari, Joseph Weeks
Detecting File Fragmentation Point Using Sequential Hypothesis Testing DFRWS USA 2008
Anandabrata Pal, Husrev Sencar, Nasir Memon
FACE - Automated Digital Evidence Discovery and Correlation DFRWS USA 2008
Andrew Case, Andrew Cristina, Lodovico Marziale, Golden Richard III, Ph.D., Vassil Roussev, Ph.D.
Forensic Analysis of the Windows Registry in Memory DFRWS USA 2008
Brendan Dolan-Gavitt
Forensic Memory Analysis - Files Mapped In Memory DFRWS USA 2008
Wouter Alink, Alex van Ballegooij
High Speed Search Using Tarari Content Processor in Digital Forensics DFRWS USA 2008
Jooyoung Lee, Sungkyong Un, Dowon Hong
Limewire Examinations DFRWS USA 2008
Joseph Lewthwaite, Victoria Smith
MEGA - A Tool for Mac OS X Operating System and Application Forensics DFRWS USA 2008
Rob Joyce, Judson Powers, Frank Adelstein, Ph.D.
Predicting the Types of File Fragments DFRWS USA 2008
William Calhoun, Drue Coles
PyFlag - An Advanced Network Forensic Framework DFRWS USA 2008
Michael Cohen
Recovering Deleted Data From the Windows Registry DFRWS USA 2008
Timothy Morgan
The Impact Of Microsoft Windows Pool Allocation Strategies On Memory Forensics DFRWS USA 2008
Andreas Schuster
Using JPEG Quantization Tables to Identify Imagery Processed by Software DFRWS USA 2008
Jesse Kornblum