DFRWS USA 2016 was held at the Crowne Plaza Hotel in Seattle, WA August 7-10, 2016.  Erin Kenneally and Troy Larson provided inspiration through the keynote addresses.  There were 15 peer reviewed papers, 6 industry presentations, and 6 workshops rounding out the 4 days.  We ventured to the Living Computer Museum for the Welcome Reception and had a grand time trying out the “old” computers.

The Best Paper Award went to “Detecting Objective-C Malware Through Memory Forensics Paper” by Andrew Case (Volexity) and Golden Richard III, Ph.D. (UNO).

The 2016 DFRWS Forensic Challenge was on Software-Defined Networking (SDN) and sought to advance the state-of-the-art in SDN forensics by focusing the community’s attention on this emerging domain.

Conference Location:

Seattle, WA United States

August 7, 2016 to August 10, 2016

Keynotes

Erin Kenneally | Department of Homeland Security

Erin Kenneally is a Program Manager in the Cyber Security Division for the Homeland Security Advanced Research Projects Agency (HSARPA) with the DHS Science & Technology Directorate. Her portfolio comprises trusted data sharing, privacy, cyber analytics, and information communications technology ethics. She manages the IMPACT (Information Marketplace for Policy and Analysis of Cyber-risk and Trust) and Cyber Economics/Analytics programs. Prior to joining CSD, Kenneally was Founder and CEO of Elchemy, Inc., and served as Technology-Law Specialist at the International Computer Science Institute (ICSI) and the Center for Internet Data Analysis (CAIDA) and Center for Evidence-based Security Research (CESR) at the University of California, San Diego.Erin is a licensed Attorney specializing in information technology law, including privacy technology, data protection, trusted information sharing, technology policy, cybercrime, data ethics, and emergent IT legal risks. She holds Juris Doctorate and Masters of Forensic Sciences degrees and is a graduate of Syracuse University and The George Washington University.

Troy Larson | Microsoft

Troy Larson is a 13-year veteran forensic examiner with Microsoft. He is currently focused on developing incident response and forensics capability for Microsoft cloud infrastructure and tenants. Accompanied by his trusty Laser Shark, Troy is a frequent speaker on forensic considerations related to Azure, Windows, and Office. Prior to joining Microsoft, Troy served tours of duty with Ernst & Young's national forensics practice and Attenex, Inc. Troy is a member of the Washington State Bar and received his undergraduate and law degrees from the University of California at Berkeley.

Participation

We invite contributions in five categories: research papers, presentation proposals, panel proposals, tutorial/workshop proposals, and demo proposals.

RESEARCH PAPERS are evaluated through a double-blind, peer-reviewing process, and accepted research papers will be published in printed proceedings by Elsevier.

PRESENTATIONS are opportunities for industry researchers and practitioners who do not have the time to write a paper, but who have forensics information and experiences that would be of interest to DFRWS attendees. Presentation proposals undergo a light reviewing process to filter out sales pitches and ensure the topic is relevant to our audience.

TUTORIALS and WORKSHOPS allow for an in-depth, detailed presentation of tools and techniques of interest to DFRWS attendees and they can cover state-of-the-art research projects, useful tips and techniques for standard tools, or most anything that DFRWS attendees would consider beneficial. While commercial tools can be used, these workshops or tutorials should NOT be thinly-veiled commercial advertisements.

We strongly encourage workshop/tutorial authors to include activities that require active participation by attendees (e.g., a sample forensic analysis on their own laptops using a particular tool or set of tools).

DFRWS will provide one free conference registration for each tutorial and workshop accepted.

Topics of Interest

  • Memory analysis and snapshot acquisition
  • Storage forensics, including file system and Flash
  • “Big data” approaches to forensic, including collection, data mining, and large scale visualization
  • Incident response and live analysis
  • Virtualized environment forensics, with specific attention to the cloud and virtual machine introspection
  • Malware and targeted attacks: analysis, attribution
  • Network and distributed system forensics
  • Event reconstruction methods and tools
  • Mobile and embedded device forensics
  • Digital evidence storage and preservation
  • Data recovery and reconstruction
  • Multimedia analysis
  • Database forensics
  • Tool testing and development
  • Digital evidence and the law
  • Case studies and trend reports
  • Data hiding and discovery
  • Anti-forensics and anti-anti-forensics
  • Interpersonal communications and social network analysis
  • Non-traditional forensic scenarios and approaches (e.g. vehicles, control systems, and SCADA)

The above list is only suggestive. We welcome new, original ideas from people in academia, industry, government, and law enforcement who are interested in sharing their results, knowledge, and experience. Authors are encouraged to demonstrate the applicability of their work to practical issues. Questions about submission topics can be sent via email to: usa-papers (at) dfrws (dot) Org

Click Here For Proposal Requirements

Deadlines

DateEvent
April 8, 2016 Submission Deadline - Presentations
April 8, 2016 Submission Deadline - Posters/Demos with abstract to be included in printed proceedings
April 8, 2016 Workshop Proposal Deadline
April 22, 2016 Conference Registration Deadline - Papers / Presentations / Posters with abstracts in the printed proceedings
May 1, 2016 Workshop Acceptance Notification
June 15, 2016 Workshop Presenter Registration
June 1, 2016 Workshop Draft of Slides Due
July 8, 2016 Hotel Reservation Reduced Rate Deadline
July 8, 2016 DFRWS Forensics Challenge Deadline
August 7, 2016 Submission Deadline - Posters/Demos without abstract to be included in printed proceedings

Committees

Organizing Committee

Conference Chair

Wietse Venema, Ph.D. (Google)

Conference Vice Chair

Elizabeth Schweinsberg (Facebook)

Registration, Keynotes, Publicity

Dave Baker

Web

Josiah Dykstra, Ph.D. (National Security Agency)

Program Chair

Nicole Beebe, Ph.D. (UTSA)

Program Vice Chair

Bradley Schatz, Ph.D. (Schatz Forensic)

Advertisement/Sponsorship

Daryl Pfeif (Digital Forensics Solutions and DFRWS)

Event Management/Production

Daryl Pfeif (Digital Forensics Solutions and DFRWS)

Demo/Posters

Alex Nelson, Ph.D. (NIST)

Forensic Rodeo

Matthew Geiger (Qintel)

Keynotes, Publicity

Tim Vidas (Carnegie Mellon University)

Proceedings

Frank Adelstein, Ph.D. (NFA Digital)

Workshop Chair

Golden Richard III, Ph.D. (Louisiana State University)

Workshop Vice Chair

Vico Marziale, Ph.D. (BlackBag Technologies)

Forensic Challenge

Rob Beverly, Ph.D.

Finances

Rick Smith (ATC-NY)

Academia Outreach

Nicole Beebe, Ph.D. (UTSA)

General

Simson Garfinkel, Ph.D. (U.S. Census Bureau)

General

Eoghan Casey, Ph.D. (University of Lausanne)

General

Vassil Roussev, Ph.D. (University of New Orleans)

Technical Program Committee

Frank Adelstein

Cayuga Networks

Irfan Ahmed

University of New Orleans

Cory Altheide

Crowdstrike

Stefan Axelsson

Norwegian University of Science and Technology

Ibrahim Baggili

University of New Haven

David Baker

DFRWS

Masooda Bashir

Illinois

Nicole Beebe, Ph.D.

UTSA

Robert Beverly

Naval Postgraduate School

Frank Breitinger

University of New Haven

Ralf Brown

CMU

Florian Buchholz

James Madison University

Eoghan Casey, Ph.D.

University of Lausanne

Lorenzo Cavallaro

Royal Holloway

Kim-Kwang Choo

University of South Australia

K.P. Chow

University of Hong Kong

Michael Cohen

Google

Jedidiah Crandall

University of New Mexico

Dave Dampier

Mississippi State University

Rinku Dewri

University of Denver

Brendan Dolan-Gavitt

Georgia Institute of Technology

Josiah Dykstra, Ph.D.

National Security Agency

Sarah Edwards

SANS Institute

Barbara Endicott-Popovsky

University of Washington

Simson Garfinkel, Ph.D.

U.S. Census Bureau

Matthew Geiger

Dell Secureworks

Paul Giura

AT&T Security Research Center

Sanjay Goel

University of Alband

Barbara Guttman

NIST

Rob Joyce

ATC-NY

Ezhil Kalaimannan

UWF

Andrea Lanzi

Universita` degli studi di Milano)

Christopher Lee

UNC

Timothy Leschke, Ph.D.

Johns Hopkins University

Jamie Levy

Volatility

Zhiqiang Lin

The Ohio State University

Bryant Ling

FBI

David Loveall

FBI

Andrew Marrington

Zayed University

Vico Marziale, Ph.D.

BlackBag Technologies

Cindy Murphy

Madison Police Department

K Nance

University of Alaska Fairbanks

Alex Nelson

NIST

Fernando Perez-Gonzalez

Universidad de Vigo

Gilbert Peterson

US Air Force Institute of Technology

Daryl Pfeif

Digital Forensics Solutions and DFRWS

Judson Powers

ATC-NY

Tu-Thach Quach

Sandia National Laboratories

Golden Richard III, Ph.D.

Louisiana State University

Steve Romig

Ohio State University

Vassil Roussev, Ph.D.

University of New Orleans

Neil Rowe

Naval Postgraduate School

Bradley Schatz, Ph.D.

Schatz Forensic

Elizabeth Schweinsberg

Google

Kathryn Seigfried-Spellar

Purdue University

Clay Shields

Georgetown University

Jill Slay

La Trobe University

Joe Sylve

BlackBag Technologies

Benjamin Turnbull

University of New South Wales

Wietse Venema, Ph.D.

Google

Tim Vidas

Carnegie Mellon University

Andrew White

Dell Secureworks

Dongyan Xu

Purdue University

Junyuan Zeng

The University of Texas at Dallas

Registration

DFRWS USA registration includes access to all presentations, a copy of the printed proceedings, breakfasts, a welcome reception on Monday, August 8, 2016, and entrance to the famous Rodeo Challenge. Additionally, attendees registered for the whole conference may attend a banquet on Tuesday, August 9, 2016 (there is an additional charge for single-day attendees).

Please read our Refund Policy. Send any questions about this process to usa-registration (at) dfrws (dot) org or call Rick Smith at 607-257-1975.

Sponsors

Sponsors help DFRWS to produce quality events and foster community. Click a logo to learn more about the sponsor.

Information about sponsorship opportunities is available at: http://www.dfrws.org/sponsorship-opportunities

Dell - Platinum Sponsor

Secure Works is a global provider of intelligence-driven information security solutions exclusively focused on protecting its clients from cyber attacks. Secure Works’ solutions enable organizations to fortify their cyber defenses to prevent security breaches, detect malicious activity in real time, prioritize and respond rapidly to security breaches and predict emerging threats.

Learn More

Amazon.com

At Amazon, we are obsessed with customer trust. Information Security maintains this by guarding the confidentiality and integrity of Amazon and customer data. We assess risk, classify data and systems, detect potential intrusion, and render useless the value of data that may be leaked.Our teams span over 10 countries worldwide, and our focus areas include: security intelligence, application security, incident response, security operations, risk and compliance, acquisitions and subsidiaries, and external partner security. Our mission includes instilling awareness to safeguard all customer and employee data, applications, services, and assets. To accomplish this, we unite with Amazon organizations to build security best practices into enterprise-wide systems. Our guidance and leadership equip our partners to maintain high security standards.”We’re hiring new security talent!

Learn More

Google - Student Scholarship Sponsor

Google's mission is to organize the world's information and make it universally accessible and useful. Google is pleased to sponsor scholarships for students to attend DFRWS.

Learn More