Location

Austin, TX
United States

DFRWS USA 2017 is being held at the Austin Hilton Convention Center in Austin, TX.

500 East 4th Street, Austin, Texas, 78701   TEL: 512-482-8000

Hilton Austin is situated adjacent to the Convention Center in downtown Austin, TX. We're a quick walk from exclusive shopping, amazing restaurants and fun live music venues on 6th Street and the surrounding area.

Keynotes

Visualizing Forensic Datasets to Develop Mitigation Strategies

Kara Nance

Virginia Tech

ABSTRACT: Mitigating threats is an approachable task after the threat-related behaviors have been identified. The situation is much more challenging when you are not sure what you are looking for. The human mind is highly adept at quickly identifying visual anomalies in large datasets. As part of a defense-in-depth strategy, these human pattern recognition capabilities can be applied to drive the evolution and refinement of threat identification and detection mechanisms. This presentation investigates the application of visualization combined with human abductive reasoning, with the initial goal of identifying some behavioral characteristics associated with a type of card-present fraud. It then demonstrates the behavioral characteristics in a digital forensics context, extends the concepts to other domains, and demonstrates how this knowledge can be used to guide the evolution of analytical tools to help protect our digital assets.

Digital Forensics When Everything is Virtual

Brian Hay

Virtualization has long been a fundamental part of the IT landscape, but is no longer confined to virtual machines running as servers in the datacenter, or as a tool for developer or researcher workstations. Virtualization is now embedded into almost everything we think of as a computer, and is becoming commonplace in networking, storage, and mobile devices. This talk aims to provide an understanding of the scope of modern virtualization, where the challenges lie today, how the technology may evolve in the future, and the implications this has for the digital forensics community.

Participation

We invite contributions in five categories: research papers, presentation proposals, panel proposals, workshop proposals, and demo proposals.

RESEARCH PAPERS undergo double-blinded, peer review, and are published by Elsevier in a special issue of Digital Investigation.

PRESENTATIONS, POSTERS, and DEMOS undergo a light review process to select presentations of maximal interest to DFRWS attendees, and filter out sales pitches. Presentation proposals must specify their target length from the following options: 20 minutes, 120 minutes (2 hours), or 240 minutes (4 hours). Note, 2-4 hour presentations are referred to as ‘workshops’ described below.

WORKSHOPS can be several hours or full day, and typically include hands-on participation by attendees, allowing for an in-depth, detailed exploration of tools and techniques of interest to DFRWS attendees. Workshops can and they can cover state-of-the-art research projects, useful tips and techniques for standard tools, or most anything that DFRWS attendees would consider beneficial. While commercial tools can be used, these workshops or tutorials should NOT be thinly-veiled commercial advertisements.

DFRWS will provide one free conference registration for each tutorial and workshop accepted.

Student award and student scholarship program

DFRWS continues its outreach to students studying digital forensics. DFRWS and its sponsors will award one or more Student Travel Scholarships each year. One scholarship will be awarded to the Best Student Research Paper awardee. More travel scholarships may be awarded, depending on sponsorship funding each year. Exact award amounts will vary, but are estimated to be between $1,000-$1,500 per award. DFRWS will notify the recipient of the Best Student Research Paper award on or before the conference registration deadline. Other awards (e.g. industry sponsored awards for research in specific topic areas) may be awarded after the registration deadline and are fully contingent on scholarship sponsorship by industry each year. Refer below for further details regarding eligibility, funding and selection.

ELIGIBILITY: Students must be co-authors on research paper submissions—presentation session presenters and poster presenters are not eligible. The student recipient of the Best Student Research Paper award must be the lead author on the paper being awarded. Student recipients of other travel scholarships (i.e. research paper awards on specific topics of interest funded by industry sponsors) must be co-authors, but they need not be lead authors. Awarded students must be the presenter of the paper for which the award was given at the conference.

FUNDING: Students must register (and pay the registration fee) for the conference and cover all travel expenses. The travel scholarships will be dispersed at the conference to reimburse student travel costs.

SELECTION: Student travel scholarship recipients will be selected by a student scholarship committee, consisting of DFRWS Organizing Committee members, DFRWS Board of Directors, and/or industry scholarship sponsors. Award recipients will be selected based on research paper quality (contribution and writing), student contribution to the paper (authorship position), and research topic.

APPLY: Write a letter to usa-scholarship@dfrws.org that includes:
- Which paper they authored
- What their author position is
- Whether they will present their paper
- An explanation of why they should receive a scholarship.

Topics of Interest

  • Memory analysis and snapshot acquisition
  • Storage forensics, including solid state
  • "Big data" forensics, related to collection, analysis, and visualization
  • Incident response and live analysis
  • Forensics of cloud and virtualized environments
  • Malware and targeted attacks (analysis and attribution)
  • Network and distributed system forensics
  • Event reconstruction methods and tools
  • Mobile and embedded device forensics
  • Digital evidence storage and preservation
  • Data recovery and reconstruction
  • Multimedia analysis
  • Database forensics
  • Tool testing and development
  • Digital evidence and the law
  • Case studies and trend reports
  • Data hiding and discovery
  • Anti-forensics and anti-anti-forensics
  • Interpersonal communications and social network analysis
  • Non-traditional forensic scenarios and approaches (e.g. vehicles, Internet of Things, industrial control systems, and SCADA)
  • Archival preservation & reconstruction

The above list is only suggestive. We welcome new, original ideas from people in academia, industry, government, and law enforcement who are interested in sharing their results, knowledge, and experience. Authors are encouraged to demonstrate the applicability of their work to practical issues. Questions about submission topics can be sent via email to: usa-papers@dfrws.org

Deadlines

Hotel Discount Ends (EXTENDED!) July 10, 2017
Early Bird Registration June 25, 2017
Presenter Registration - Workshop Presenter June 15, 2017
Presenter Registration - - Research Papers, Presentations & Posters/Demos with abstract April 19, 2017
Workshop/Tutorial Proposal Deadline March 31, 2017
Submission Deadline - Posters/Demos (with abstract to be included in printed proceedings) March 31, 2017
Submission Deadline - Presentations March 31, 2017
Submission Deadline - Research Papers February 1, 2017

Committees

Organizing Committee

Conference Chair: Elizabeth Schweinsberg (Facebook)
Conference Vice Chair: Frank Adelstein, Ph.D. (Cayuga Networks)
Program Chair: Bradley Schatz, Ph.D. (Schatz Forensic)
Program Vice Chair: Josiah Dykstra, Ph.D. (National Security Agency)
Event Management/Production: Daryl Pfeif (Digital Forensics Solutions and DFRWS)
Demo/Posters: Mark Guido (The MITRE Corporation)
Forensic Rodeo: Matthew Geiger (Qintel)
Keynotes: Golden Richard III, Ph.D. (Louisiana State University)
Proceedings: Tim Vidas (Carnegie Mellon University)
Workshop Chair: Vico Marziale, Ph.D. (BlackBag Technologies)
Workshop Vice Chair: Wietse Venema, Ph.D. (Google)
Web: Alex Nelson, Ph.D. (NIST)
Publicity: Daryl Pfeif (Digital Forensics Solutions and DFRWS)
Industry Outreach: Andrew Case (Volexity)
Academia Outreach: Nicole Beebe, Ph.D. (UTSA)
EU Coordination Chair and Forensic Challenge: Eoghan Casey, Ph.D. (University of Lausanne)
Registration: David Baker (MITRE)
Finances: Rick Smith (ATC-NY)
Advertisement/Sponsorship: Daryl Pfeif (Digital Forensics Solutions and DFRWS)
Local Host: Matthew Geiger (Qintel)
At Large Member: Vassil Roussev, Ph.D. (University of New Orleans)

Technical Program Committee

Josiah Dykstra, Ph.D. (National Security Agency)
Bradley Schatz, Ph.D. (Schatz Forensic)
Frank Adelstein, Ph.D. (Cayuga Networks)
Ibrahim Baggili (University of New Haven)
David Baker (MITRE)
Nicole Beebe, Ph.D. (UTSA)
Robert Beverly, Ph.D. (Naval Postgraduate School)
Frank Breitinger (University of New Haven)
Florian Buchholz (James Madison University)
Lorenzo Cavallaro (Royal Holloway)
Michael Cohen (Google)
Jedidiah Crandall (University of New Mexico)
Rinku Dewri (University of Denver)
Sarah Edwards (Parsons Corporation/SANS Institute)
Simson Garfinkel, Ph.D. (U.S. Census Bureau)
Zeno Geradts (Netherlands Forensic Institute)
Paul Giura (AT&T Security Research Center)
Cory Hall (MITRE)
Chris Hargreaves (Hargs)
Andrea Lanzi (Eurocom Institute)
Timothy Leschke, Ph.D. (Johns Hopkins University)
Zhiqiang Lin (University of Texas at Dallas)
David Loveall (FBI)
Andrew Marrington (Zayed University)
Vico Marziale, Ph.D. (BlackBag Technologies)
Alex Nelson, Ph.D. (NIST)
Erika Noerenberg (Log Rhythm)
Fernando Perez-Gonzalez (Universidad de Vigo)
Gilbert Peterson (US Air Force Institute of Technology)
Tu-Tach Quach (Sandia National Laboratories)
Golden Richard III, Ph.D. (Louisiana State University)
Vassil Roussev, Ph.D. (University of New Orleans)
Neil Rowe (Naval Postgraduate School)
Andreas Schuster (BFK edv-consulting GmbH)
Elizabeth Schweinsberg (Facebook)
Kathryn Seigfried-Spellar (The University of Alabama)
Clay Shields (Georgetown University)
Jill Slay (UNSW Canberra)
Joe Sylve, Ph.D. (BlackBag Technologies)
Wietse Venema, Ph.D. (Google)
Tim Vidas (Carnegie Mellon University)
Andrew White (Dell Secureworks)
Junyuan Zeng (The University of Texas at Dallas)

Registration

 

 

DFRWS USA 2017 registration includes access to all presentations, a copy of the printed proceedings, breakfasts, a welcome reception, and entrance to the famous rodeo challenge. Additionally, registered attendees may attend a banquet (including presentation of best paper awards).

Group discounts are available. If you have a group larger than four, please contact usa-registration@dfrws.org

If you are a student in a third level graduate or postgraduate degree programme, you may qualify for a student grant covering part or all of your registration fee and/or travel expenses. Please note that travel grants are normally reserved for students presenting original research papers at the conference. For more information, please contact usa-registration@dfrws.org. The decisions will be made by the organizing committee on a case-by-case basis considering your circumstances, provided evidence, objectives of the conference, and the available/remaining funds.

Early bird registration ends June 25th.

Type of RegistrationEarly BirdRegular RateOnsite Registration
Regular Attendee$700 (USD)$775 (USD)$800 (USD)
Full Time Student Special Rate$500 (USD)$575 (USD)$600 (USD)
Law Enforcement Special Rate$500 (USD)$575 (USD)$600 (USD)
Single Day (no other discounts apply; additional charge for Tuesday banquet)$300 (USD)$300 (USD)$300 (USD)

Sponsors

Sponsor Benefits

Sponsors of the conference will gain visibility for their companies, demonstrate their support of forensic research and development, and contribute to the success of the conference. All sponsors will have their logo listed on the DFRWS USA 2017 website with a link to their website and will be listed in the printed proceedings. They will also get recognition at specific events that they sponsor.

Details on becoming a sponsor can be found here.

Dell - Platinum Sponsor

SecureWorks is a global provider of intelligence-driven information security solutions exclusively focused on protecting its clients from cyberattacks. SecureWorks’ solutions enable organizations to fortify their cyber defenses to prevent security breaches, detect malicious activity in real time, prioritize and respond rapidly to security breaches and predict emerging threats.

Access Data - Silver Sponsor

Whether it’s for investigation, litigation or compliance, AccessData® offers industry-leading solutions that put the power of forensics in your hands.  For 30 years, AccessData has worked with more than 130,000 clients in law enforcement, government agencies, corporations and law firms around the world to understand and focus on their unique collection-to-analysis needs.  The result?  Products that empower faster results, better insights, and more connectivity.

No Starch Press - Rodeo Prize Sponsor

San Francisco–based No Starch Press has published the finest in geek entertainment since 1994, covering topics like hacking, open source, Linux, LEGO,​ STEM, and programming for all ages. Our titles have personality and attitude, our authors are passionate about their subjects, and we read and edit every book that bears our name. Our goal is to make computing accessible to technophile and novice alike, and our readers appreciate our straightforward presentation and fearless approach to the complex world of technology.

Google - Student Scholarship Sponsor

Google's mission is to organize the world's information and make it universally accessible and useful. Google is pleased to sponsor scholarships for students to attend DFRWS.

Forensic Focus - Media Sponsor

Forensic Focus is the web's leading digital forensics portal for computer forensics and eDiscovery professionals.  Founded in 2002, the site encourages open discussion and information sharing in support of best practice development within the digital forensics industry. Although perhaps best known for its busy forums, Forensic Focus also offers breaking industry news, a worldwide directory of computer forensics education courses, interviews with industry thought leaders, job vacancy listings, a growing articles section and a monthly email newsletter with over 16,000 subscribers.

DomainTools

DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at https://www.domaintools.com or follow us on Twitter:@domaintools