Sunday, July 15, 2018
Foyer Area Grand Ballroom B Grand Ballroom C
11:30

Registration Opens
13:00 to 15:00

Linux Memory Forensics Part 1 Workshop

Hal Pomeranz (Deer Run Associates)
15:00 to 17:00

Linux Memory Forensics Part 2 Workshop

Hal Pomeranz (Deer Run Associates)
17:30

Registration Closes
18:00

Dinner On Your Own
Monday, July 16, 2018
Foyer Area Grand Ballroom (B&C)
8:00 to 9:00

Registration / Breakfast
9:00 to 9:15

Opening Remarks
9:15 to 10:15

Keynote Address
10:15 to 10:30

Break
10:30 to 12:00

Session 1 - Analysis

Chair: 
Golden Richard III, Ph.D. (Louisiana State University)

Memory Forensics and the Windows Subsystem for Linux Paper

Nathan Lewis Andrew Case (Volexity) Aisha Ali-Gombe Golden Richard III, Ph.D. (Louisiana State University)

Leveraging Relocations in Kernel ELF-binaries for Linux Kernel Version Identification Paper

Manish Bhatt Irfan Ahmed (University of New Orleans)

Forensic Analysis of Multiple Device BTRFS Configurations Using The Sleuth Kit Paper

Jan-Niclas Hilgert Martin Lambertz Shujian Yang
12:00 to 14:00

Lunch On Your Own
14:00 to 15:30

Session 2 - Artifacts

Chair: 
Wietse Venema, Ph.D. (Google)

Reconstructing Streamed Video Content: A Case Study on YouTube and Facebook Live Stream Content in the Chrome Web Browser Cache Paper

Graeme Horsman

Welcome pwn: Almond Smart Home Hub Forensics Paper

Akshay Awasthi Huw Read Iain Sutherland Konstantinos Xynos

Experience Constructing the Artifact Genome Project (AGP): Managing the Domain's Knowledge One Artifact at a Time Paper

Cinthya Grajeda Mendez Laura Sanchez Ibrahim Baggili (University of New Haven) Devon Clark Frank Breitinger (University of New Haven)
15:30 to 16:00

Break
16:00 to 16:30

Presentations 1

Chair: 
Frank Adelstein, Ph.D. (NFA Digital)

IoT 4n6: The Growing Impact of IoT on Digital Forensics Presentation

Jessica Hyde

Was the 2016 Election Hacked? Your Forensic Expertise is Needed! Presentation

Suzanne Mello-Stark
16:30 to 16:45

One Minute Teasers for Poster Sessions / Tool Demos

(sign-up on-site)
18:00

Welcome Reception & Poster / Demos

(offsite)
Tuesday, July 17, 2018
Foyer Area Grand Ballroom (B&C)
8:00 to 9:00

Registration / Breakfast
9:00 to 9:05

Administrative Remarks
9:05 to 10:00
10:00 to 10:15

Break
10:15 to 12:00

Session 3 – Mobile

Chair: 
Alex Nelson, Ph.D. (NIST)

Automated Forensic Analysis of Mobile Applications on Android Devices Paper

Xiaodong Lin Ting Chen Tong Zhu Kun Yang Fengguo Wei

DroidKex: Fast Extraction of Ephemeral TLS Keys from the Memory of Android Apps Paper

Benjamin Taubmann Omar Al Abduljaleel Hans Reiser

Digital Forensic Investigation of Two-Way Radio Communication Equipment and Services Paper

Arie Kouwen Mark Scanlon, Ph.D. (University College Dublin) Kim-Kwang Raymond Choo Nhien An Le Khac (University College Dublin)
12:00 to 14:00

Lunch On Your Own
14:00 to 15:00
15:00 to 15:30

Break
15:30 to 16:30

Presentations 2

Chair: 
Elizabeth Schweinsberg (Facebook)

Turbinia: Automation of Forensic Processing in the Cloud Presentation

Thomas Chopitea Aaron Peterson

Drone Forensics Program Presentation

Steve Watson (VTO Labs)
16:30 to 17:00

Forensic Challenge Presentation and Prizes
18:00 to 19:30

Banquet
19:30

Forensic Rodeo
Wednesday, July 18, 2018
Foyer Area Grand Ballroom (B&C) Grand Ballroom B Grand Ballroom C
8:00 to 9:00

Registration / Breakfast
9:00 to 10:30

Session 5 – Malware

Chair: 
Joe Sylve, Ph.D. (BlackBag Technologies)

Multinomial Malware Classification Via Low-level Features Paper

Sergii Banin Geir Olav Dyrkolbotn (NTNU)

Deep Learning Methodology Enabling Non-Expert Malware Analysis and Classification Paper

Quan Le Oisin Boydell Mark Scanlon, Ph.D. (University College Dublin)

CGC Monitor: A Vetting System for the DARPA Cyber Grand Challenge Paper

Michael Thompson Timothy Vidas
10:30 to 10:45

Break
10:45 to 11:45

Presentations 3

Chair: 
Bradley Schatz, Ph.D. (Schatz Forensic)

Using Santa to Augment Forensic Investigations Presentation

James Nettesheim Gary Brown

Damaged Device Forensics Presentation

Steve Watson (VTO Labs)

Adding APFS Support to The Sleuthkit Framework Presentation

Joe Sylve, Ph.D. (BlackBag Technologies)
11:45 to 12:00

Works in Progress (sign-up on-site)

Chair: 
Daryl Pfeif (Digital Forensics Solutions and DFRWS)
12:00 to 12:20

Closing Comments
12:20 to 13:30

Lunch On Your Own
13:30 to 15:30

Android Forensics and Reverse Engineering (Part 1) Workshop

Trevor Haigh (University of New Haven) Frank Breitinger (University of New Haven)

Plaso: The Missing Manual (Part 1) Workshop

Mark Hallman (SANS Institute)
15:30 to 17:30

Android Forensics and Reverse Engineering (Part 2) Workshop

Trevor Haigh (University of New Haven) Frank Breitinger (University of New Haven)

Plaso: The Missing Manual (Part 2) Workshop

Mark Hallman (SANS Institute)
18:00

DFRWS 2019 Planning Session

(food/drinks not paid for by DFRWS)
Add to My Calendar

iCal Feed

Please click the button to subscribe to the iCal feed for this Conference.