Sunday, August 7, 2016
Main Hall Workshop Track 1 Workshop Track 2
11:30 to 13:00

Registration Opens

13:00 to 15:00

Coding Digital Forensics Tools in Go (part 1)

Lodovico Marziale (BlackBag Technologies) Joe Sylve (BlackBag Technologies)

Rapid, Agentless, and Scalable Forensics and Incident Response Using WARDEN

Adam Meily (Assured Information Security) Sean LaPlante (Assured Information Security) Richard Gloo (Assured Information Security)
15:00 to 17:00

Coding Digital Forensics Tools in Go (part 2)

Lodovico Marziale (BlackBag Technologies) Joe Sylve (BlackBag Technologies)
17:30

Registration closes

18:00

Dinner on your own

Monday, August 8, 2016
Main Hall
8:00

Registration/Breakfast

9:00

Opening Remarks

9:15
10:15

Break

10:30

Session 1: Memory & Executable Analysis

Chairs: 
Vassil Roussev, Ph.D. (University of New Orleans)

Detecting Objective-C Malware Through Memory Forensics

Andrew Case (Volexity) Golden Richard III, Ph.D. (University of New Orleans)

BinGold: Towards Robust Binary Analysis by Extracting the Semantics of Binary Code as Semantic Flow Graphs (SFGs)

Saed Alrabaee (Concordia University) Lingyu Wang (Concordia University) Mourad Debbabi (Concordia University)

Robust Bootstrapping Memory Analysis against Anti-forensics

Kyoungho Lee (Chonnam National University) Hyunuk Hwang (The Affiliated Institute of ETRI) Kibom Kim (The Affiliated Institute of ETRI) Bongnam Noh (Chonnam National University)
12:00

Lunch on your own

14:00

Session 2: Mobile & Thin Clients

Chairs: 
Frank Adelstein, Ph.D. (Cayuga Networks)

Fingerprinting Android Packaging: Generating DNAs for Malware Detection

ElMouatez Billah Karbab (Concordia University) Mourad Debbabi (Concordia University) Djedjiga Mouheb (Concordia University)

Rapid differential forensic imaging of mobile devices

Mark Guido (The MITRE Corporation) Justin Grover (The MITRE Corporation) Jonathan Buttner (The MITRE Corporation)

dbling: Identifying Extensions Installed on Encrypted Web Thin Clients

Mike Mabey (Arizona State University) Adam Doupe (Arizona State University) Ziming Zhao (Arizona State University) Gail-Joon Ahn (Arizona State University)
15:30

Break

16:00
17:00 to 17:15

One-Minute Teasers for Tool Demos and poster Sessions (sign-up on-site)

18:00 to 18:30

Poster and Demo Sessions (off-site)

18:30 to 20:00

Welcome Reception (off-site)

Location: http://www.livingcomputermuseum.org/

A shuttle bus to and from the conference hotel will be provided from 5-9 

Tuesday, August 9, 2016
Main Hall
8:00

Registration/Breakfast

9:00

Administrative Remarks

9:15

Keynote Address

10:00

Break

10:30

Session 3: Anti-Forensics

Chairs: 
Golden Richard III, Ph.D. (University of New Orleans)

Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy

Kevin Conlan (University of New Haven) Ibrahim Baggili (University of New Haven) Frank Breitinger (University of New Haven)

Time is on my side: Steganography in filesystem metadata

Sebastian Neuner (SBA Research) Artemios Voyiatzis (SBA Research) Martin Schmiedecker (SBA Research) Stefan Brunthaler (SBA Research) Stefan Katzenbeisser (Technische Universitat) Edgar Weippl (SBA Research)

Deleting collected digital evidence by exploiting a widely adopted hardware write blocker

Christopher Meffert (University of New Haven) Ibrahim Baggili (University of New Haven) Frank Breitinger (University of New Haven)
12:00

Lunch on your own

14:00

Session 4: Data Recovery

Chairs: 
Matthew Geiger (SecureWorks)

Database Image Content Explorer: Carving Data That Does Not Officially Exist

James Wagner (DePaul University) Alexander Rasin (DePaul University) Jonathan Grier (Grier Forensics)

Recovery of Heavily Fragmented JPEG Files

Yanbin Tang ( University of Hong Kong) Junbin Fang (Jinan University) K.P. Chow (University of Hong Kong) Siu Ming (University of Hong Kong) Jun Xu (Harbin Institute of Technology) Bo Feng (Stony Brook University) Qiong Li (Harbin Institute of Technology) Qi Han (Harbin Institute of Technology)

Recovery method of deleted records and tables from ESE Database

Kim Jeonghyeon (Korea University) Park Aran (Korea University) Lee Sangjin (Korea University)
15:30

Break

16:00

Presentations II

Forensic investigations in SDN networks

Izzat Alsmadi (University of New Haven) Samer Khamaiseh (Boise State University)

Data Sets Available from the National Software Reference Library

Douglas White (NIST)
16:45 to 17:15

Forensic Challenge Presentation and Prizes

18:00 to 19:30

Banquet

19:30 to 22:00

Forensic Rodeo

Wednesday, August 10, 2016
Main Hall Workshop Track 1 Workshop Track 2
8:00

Registration Opens

9:30

Session 5: Artifact Identification and Search

Chairs: 
Elizabeth Schweinsberg (Google)

CuFA: a more formal definition for digital forensic artifacts

Vikram Harichandran (University of New Haven) Daniel Walnycky (University of New Haven) Ibrahim Baggili (University of New Haven) Frank Breitinger (University of New Haven)

InVEST: Intelligent Visual Email Search and Triage

Jay Koven (NYU Tandon School of Engineering) Enrico Bertini (NYU Tandon School of Engineering) Luke Dubois (NYU Tandon School of Engineering) Nasir Memon (NYU Tandon School of Engineering)

PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics

Sebastian Neuner (SBA Research) Martin Schmiedecker (SBA Research) Edgar Weippl (SBA Research)
11:00

Works in Progress

11:15

Closing Comments

11:30

Lunch on your own

13:30 to 15:30
15:30 to 17:30
18:00

DFRWS 2017 Planning Session (first round food/drinks paid by DFRWS)

http://www.altstadtseattle.com/

Add to My Calendar

iCal Feed

Please click the button to subscribe to the iCal feed for this Conference.