Using Purpose-Built Functions And Block Hashes To Enable Small Block And Sub-File Forensics |
DFRWS USA 2010 |
|
Simson Garfinkel, Ph.D., Alex Nelson, Ph.D., Douglas White, Vassil Roussev, Ph.D. |
Windows Operating System Agnostic Memory Analysis |
DFRWS USA 2010 |
|
James Okolica, Gilbert Peterson |
A Novel Time-Memory Trade-Off Method for Password Recovery |
DFRWS USA 2009 |
|
Hwei-Ming Ying |
A Second Generation Computer Forensic Analysis System |
DFRWS USA 2009 |
|
Daniel Ayers |
Bringing Science to Digital Forensics with Standardized Forensic Corpora |
DFRWS USA 2009 |
|
Simson Garfinkel, Ph.D., Paul Farrell, Vassil Roussev, Ph.D., George Dinolt |
Computer Forensic Timeline Visualization Tool |
DFRWS USA 2009 |
|
Jens Olsson, Martin Boldt |
DEX - Digital Evidence Provenance Supporting Reproducibility and Comparison |
DFRWS USA 2009 |
|
Brian Levine, Marc Liberatore |
DIALOG - A Framework for Modeling, Analysis and Reuse of Digital Forensic Knowledge |
DFRWS USA 2009 |
|
Damir Kahvedzic, Tahar Kechadi |
Digital Forensic Implications of ZFS |
DFRWS USA 2009 |
|
Nicole Beebe, Ph.D., Sonia Mandes, Dane Stuckey |
Extending the Advanced Forensic Format to accommodate Multiple Data Sources, Logical Evidence, Arbitrary Information and Forensic Workflow |
DFRWS USA 2009 |
|
Michael Cohen, Simson Garfinkel, Ph.D., Bradley Schatz, Ph.D. |
Extraction of Forensically Sensitive Information from Windows Physical Memory |
DFRWS USA 2009 |
|
Seyed Mahmood Hejazi, Chamseddine Talhi, Mourad Debbabi |
Identification and Recovery of JPEG Files with Missing Fragments |
DFRWS USA 2009 |
|
Husrev Sencar, Nasir Memon |
Lessons Learned from the Construction of a Korean Software Reference Data Set for Digital Forensics |
DFRWS USA 2009 |
|
Sangseo Park, Cheolwon Lee, Sungjai Baek |
Teleporter - An Analytically and Forensically Sound Duplicate Transfer System |
DFRWS USA 2009 |
|
Kathryn Watkins, Mike McWhorter, Jeff Long, William Hill |
The Persistence of Memory - Forensic Identification and Extraction of Cryptographic Keys |
DFRWS USA 2009 |
|
Carsten Maartmann-Moe, André Årnes, Steffen Thorkildsen |
Using ShellBag Information to Reconstruct User Activities |
DFRWS USA 2009 |
|
Yuandong Zhu, Pavel Gladyshev, Ph.D., Joshua James |
Validation And Verification Of Computer Forensic Software Tools-Searching Function |
DFRWS USA 2009 |
|
Yinghua Guo, Jill Slay, Jason Beckett |
A Framework for Attack Patterns Discovery in Honeynet Data |
DFRWS USA 2008 |
|
Olivier Thonnard, Marc Dacier |
A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics |
DFRWS USA 2008 |
|
Farkhund Iqbal, Rachid Hadjidj, Benjamin Fung, Mourad Debbabi |
An Overall Assessment Of Mobile Internal Acquisition Tool |
DFRWS USA 2008 |
|
Gianluigi Me, Alessandro Distefano |
Automated Computer Forensics Training in a Virtualized Environment |
DFRWS USA 2008 |
|
Stephen Brueckner, Frank Adelstein, Ph.D., David Guaspari, Joseph Weeks |
Detecting File Fragmentation Point Using Sequential Hypothesis Testing |
DFRWS USA 2008 |
|
Anandabrata Pal, Husrev Sencar, Nasir Memon |
FACE - Automated Digital Evidence Discovery and Correlation |
DFRWS USA 2008 |
|
Andrew Case, Andrew Cristina, Lodovico Marziale, Golden Richard III, Ph.D., Vassil Roussev, Ph.D. |
Forensic Analysis of the Windows Registry in Memory |
DFRWS USA 2008 |
|
Brendan Dolan-Gavitt |
Forensic Memory Analysis - Files Mapped In Memory |
DFRWS USA 2008 |
|
Wouter Alink, Alex van Ballegooij |
High Speed Search Using Tarari Content Processor in Digital Forensics |
DFRWS USA 2008 |
|
Jooyoung Lee, Sungkyong Un, Dowon Hong |
Limewire Examinations |
DFRWS USA 2008 |
|
Joseph Lewthwaite, Victoria Smith |
MEGA - A Tool for Mac OS X Operating System and Application Forensics |
DFRWS USA 2008 |
|
Rob Joyce, Judson Powers, Frank Adelstein, Ph.D. |
Predicting the Types of File Fragments |
DFRWS USA 2008 |
|
William Calhoun, Drue Coles |
PyFlag - An Advanced Network Forensic Framework |
DFRWS USA 2008 |
|
Michael Cohen |
Recovering Deleted Data From the Windows Registry |
DFRWS USA 2008 |
|
Timothy Morgan |
The Impact Of Microsoft Windows Pool Allocation Strategies On Memory Forensics |
DFRWS USA 2008 |
|
Andreas Schuster |
Using JPEG Quantization Tables to Identify Imagery Processed by Software |
DFRWS USA 2008 |
|
Jesse Kornblum |
Using the HFS+ Journal For Deleted File Recovery |
DFRWS USA 2008 |
|
Aaron Burghardt, Adam Feldman |
10 Good Reasons Why You Should Shift Focus to Small Scale Digital Device Forensics |
DFRWS USA 2007 |
|
Ronald van der Knijff |
A Brief Study of Time |
DFRWS USA 2007 |
|
Florian Buchholz, Brett Tjaden |
An Efficient Technique for Enhancing Forensic Capabilities of Ext2 File System |
DFRWS USA 2007 |
|
Mridul Sankar Barik, Gaurav Gupta, Shubhro Sinha, Alok Mishra, Chandan Mazumdara |
Analyzing Multiple Logs for Forensic Evidence |
DFRWS USA 2007 |
|
Ali Reza Arasteh, Mourad Debbabi, Assaad Sakha, Mohamed Saleh |
Automated Windows Event Log Forensics |
DFRWS USA 2007 |
|
Rich Murphey |
BodySnatcher - Towards Reliable Volatile Memory Acquisition by Software |
DFRWS USA 2007 |
|
Bradley Schatz, Ph.D. |
Capture - A Tool for Behavioral Analysis of Applications and Documents |
DFRWS USA 2007 |
|
Christian Seifert, Ramon Steenson, Ian Welch, Peter Komisarczuk, Barbara Endicott-Popovsky |
Carving Contiguous and Fragmented Files with Object Validation |
DFRWS USA 2007 |
|
Simson Garfinkel, Ph.D. |
Digital Forensic Text String Searching - Improving Information Retrieval Effectiveness by Thematically Clustering Search Results |
DFRWS USA 2007 |
|
Nicole Beebe, Ph.D., Jan Clark |
File Marshal - Automatic Extraction of Peer-to-Peer Data |
DFRWS USA 2007 |
|
Frank Adelstein, Ph.D., Rob Joyce |
Forensic Data Recovery and Examination of Magnetic Swipe Card Cloning Devices |
DFRWS USA 2007 |
|
Gerry Masters, Philip Turner |
Forensic Memory Analysis - From Stack and Code to Execution History |
DFRWS USA 2007 |
|
Mourad Debbabi |
Introducing the Microsoft Vista Log File Format |
DFRWS USA 2007 |
|
Andreas Schuster |
Issues with Imaging Drives Containing Faulty Sectors |
DFRWS USA 2007 |
|
James Lyle, Mark Wozar |
Massive Threading - Using GPUs to Increase the Performance of Digital Forensics Tools |
DFRWS USA 2007 |
|
Lodovico Marziale, Golden Richard III, Ph.D., Vassil Roussev, Ph.D. |
Multi-Resolution Similarity Hashing |
DFRWS USA 2007 |
|
Vassil Roussev, Ph.D., Golden Richard III, Ph.D., Lodovico Marziale |
Specifying Digital Forensics - A Forensics Policy Approach |
DFRWS USA 2007 |
|
Carol Taylor, Barbara Endicott-Popovsky, Deborah Frincke |
The VAD Tree - A Process-Eye View of Physical Memory |
DFRWS USA 2007 |
|
Brendan Dolan-Gavitt |
A Correlation Method for Establishing Provenance of Timestamps in Digital Evidence |
DFRWS USA 2006 |
|
Bradley Schatz, Ph.D., George Mohay, Andrew Clark |
A Cyber Forensics Ontology - Creating a New Approach to Studying Cyber Forensics |
DFRWS USA 2006 |
|
Ashley Brinson, Abigail Robinson, Marcus Rogers |
A Strategy for Testing Hardware Write Block Devices |
DFRWS USA 2006 |
|
James Lyle |
A Survey of Forensic Characterization Methods for Physical Devices |
DFRWS USA 2006 |
|
Nitin Khanna, Aravind Mikkilineni, Anthony Martone, Gazi Ali, George Chiu, Jan Allebach, Ed Delp |
An Empirical Study of Automatic Event Reconstruction Systems |
DFRWS USA 2006 |
|
Sundararaman Jeyaraman, Mikhail Atallah |
Arriving at an Anti-forensics Consensus - Examining How to Define and Control the Anti-forensics Problem |
DFRWS USA 2006 |
|
Ryan Harris |
Categories of Digital Investigation Analysis Techniques Based On The Computer History Model |
DFRWS USA 2006 |
|
Brian Carrier (Honorary Board Member) , Ph.D., Prof. Eugene Spafford |
Cross-Drive Analysis |
DFRWS USA 2006 |
|
Simson Garfinkel, Ph.D. |
Current Cyber Investigation Challenges in Digital Forensics |
DFRWS USA 2006 |
|
Ted Lindsey |
Detecting False Captioning Using Common Sense Reasoning |
DFRWS USA 2006 |
|
Sangwon Lee, David Shamma, Bruce Gooch |
FORZA - Digital Forensics Investigation Framework That Incorporate Legal Issues |
DFRWS USA 2006 |
|
|
Identifying Almost Identical Files Using Context Triggered Piecewise Hashing |
DFRWS USA 2006 |
|
Jesse Kornblum |
Issues in Building the Digital Forensics Bridge From Computer Science to Judicial Science |
DFRWS USA 2006 |
|
Michael Losavio, Deborah Wilson, Adel Elmaghraby, James Graham, S. Srinivasan, David Elder, Marcus Rogers |
Knowledge Exploration, Analysis, and Discovery Workshop |
DFRWS USA 2006 |
|
Mark Maybury, Penny Chase |
md5bloom - Forensic Filesystem Hashing Revisited |
DFRWS USA 2006 |
|
Vassil Roussev, Ph.D., Timothy Bourg, Yixin Chen, Golden Richard III, Ph.D. |
Searching for Processes and Threads in Microsoft Windows Memory Dumps |
DFRWS USA 2006 |
|
Andreas Schuster |
Selective and Intelligent Imaging using Digital Evidence Bags |
DFRWS USA 2006 |
|
Philip Turner |
Self-Reported Computer Criminal Behavior - A Psychological Analysis |
DFRWS USA 2006 |
|
Marcus Rogers, Kathryn Seigfried-Spellar, Kirti Tidke |
XIRAF - Ultimate Forensic Querying |
DFRWS USA 2006 |
|
Wouter Alink, Raoul Bhoedjang, Peter Boncz |
Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence |
DFRWS USA 2005 |
|
Brian Carrier (Honorary Board Member) , Ph.D., Prof. Eugene Spafford |
Automatically Creating Realistic Targets for Digital Forensics Investigation |
DFRWS USA 2005 |
|
Frank Adelstein, Ph.D., Yun Gao, Golden Richard III, Ph.D. |
Data Hiding in Journaling File Systems |
DFRWS USA 2005 |
|
Knut Eckstein, Marko Jahnke |
Design and Implementation of Zeitline - a Forensic Timeline Editor |
DFRWS USA 2005 |
|
Florian Buchholz, Courtney Falk |
Evaluating Commercial Counter-Forensic Tools |
DFRWS USA 2005 |
|
Matthew Geiger |
File Hound - A Forensics Tool for First Responders |
DFRWS USA 2005 |
|
Wm. Blair Gillam, Marc Rogers |
Forensic Discovery |
DFRWS USA 2005 |
|
Wietse Venema, Ph.D. |
Monitoring Access to Shared Memory-Mapped Files |
DFRWS USA 2005 |
|
Christian Sarmoria, Steve Chapin |
Network Forensics Analysis with Evidence Graphs |
DFRWS USA 2005 |
|
Wei Wang, Thomas Daniels |
Preparing for Large-Scale Investigations with Case Domain Modeling |
DFRWS USA 2005 |
|
Chris Bogen, David Dampier |
Reproducibility of Digital Evidence in Forensic Investigations |
DFRWS USA 2005 |
|
Lei Pan, Lynn Batten |
Risk Sensitive Digital Evidence Collection |
DFRWS USA 2005 |
|
Erin Kenneally, Christopher Brown |
Scalpel - A Frugal, High Performance File Carver |
DFRWS USA 2005 |
|
Golden Richard III, Ph.D., Vassil Roussev, Ph.D. |
Unification of Digital Evidence from Disparate Sources |
DFRWS USA 2005 |
|
Philip Turner |
A Framework for Digital Forensic Science |
DFRWS USA 2004 |
|
Mark Pollitt |
A Framework of Distributed Agent-based Network Forensics System |
DFRWS USA 2004 |
|
Ren Wei |
A Hierarchical, Objectives-Based Framework for the Digital Investigations Process |
DFRWS USA 2004 |
|
Nicole Beebe, Ph.D., Jan Clark |
An Event-Based Digital Forensic Investigation Framework |
DFRWS USA 2004 |
|
Brian Carrier (Honorary Board Member) , Ph.D., Prof. Eugene Spafford |
Assured Information Security - Stego Intrusion Detection System |
DFRWS USA 2004 |
|
Mike Sieffert, Rodney Forbes, Charles Green, Leonard Popyack, Thomas Blake |
BBN Systems - Adversary Modeling to Develop Forensic Observables |
DFRWS USA 2004 |
|
John Lowry, Rico Valdez, Brad Wood |
Breaking the Performance Wall - The Case for Distributed Digital Forensics |
DFRWS USA 2004 |
|
Vassil Roussev, Ph.D., Golden Richard III, Ph.D. |
Forensics for Critical Information Infrastructure Protection |
DFRWS USA 2004 |
|
Ian Bryant |
Forensics, Fighter Pilots and the OODA Loop - The Role of Digital Forensics in Cyber Command and Control |
DFRWS USA 2004 |
|
Heather Dussault, Chet Maciag |
Honeynet Data Analysis - A Technique For Correlating Sebek And Network Data |
DFRWS USA 2004 |
|
Edward Balas |
Honeynets and Digital Forensics |
DFRWS USA 2004 |
|
Lance Spitzner |
How to Reuse Knowledge about Forensic Investigations |
DFRWS USA 2004 |
|
Danilo Bruschi, Mattia Monga, Lorenzo Martignoni |
MITRE - Proposal to Formalize Test and Evaluation Activities Within the Forensic and Law Enforcement Communities |
DFRWS USA 2004 |
|
Mark Hirsh |
Secure Digital Camera |
DFRWS USA 2004 |
|
Paul Blythe, Jessica Fridrich |
The Enhanced Digital Investigation Process Model |
DFRWS USA 2004 |
|
Venansius Baryamureeba, Florence Tushabe |