Foyer Area | Grand Ballroom B | Grand Ballroom C | |
---|---|---|---|
2018-07-15T11:30:00-05:00 |
Registration Opens |
|
|
2018-07-15T13:00:00-05:00 13:00 to 15:00
|
|
Getting Saucy with APFS! - The State of Apple’s New File System Workshop Sarah Edwards (SANS Institute)
|
Linux Memory Forensics Part 1 Workshop Hal Pomeranz (Deer Run Associates)
|
2018-07-15T15:00:00-05:00 15:00 to 17:00
|
|
Examining Recent Advances in Chip-Off for Mobile Device Forensics Workshop Steve Watson (VTO Labs)
|
Linux Memory Forensics Part 2 Workshop Hal Pomeranz (Deer Run Associates)
|
2018-07-15T17:30:00-05:00 |
Registration Closes |
|
|
2018-07-15T18:00:00-05:00 |
Dinner On Your Own |
|
|
Foyer Area | Grand Ballroom (B&C) | |
---|---|---|
2018-07-16T08:00:00-05:00 8:00 to 9:00
|
Registration / Breakfast |
|
2018-07-16T09:00:00-05:00 9:00 to 9:15
|
|
Opening Remarks |
2018-07-16T09:15:00-05:00 9:15 to 10:15
|
|
Keynote Address |
2018-07-16T10:15:00-05:00 10:15 to 10:30
|
Break |
|
2018-07-16T10:30:00-05:00 10:30 to 12:00
|
|
Session 1 - AnalysisChair: Golden Richard III, Ph.D. (Louisiana State University)
Memory Forensics and the Windows Subsystem for Linux Paper Nathan Lewis
Andrew Case (Volexity)
Aisha Ali-Gombe
Golden Richard III, Ph.D. (Louisiana State University)
Leveraging Relocations in Kernel ELF-binaries for Linux Kernel Version Identification Paper Manish Bhatt
Irfan Ahmed (University of New Orleans)
Forensic Analysis of Multiple Device BTRFS Configurations Using The Sleuth Kit Paper Jan-Niclas Hilgert
Martin Lambertz
Shujian Yang
|
2018-07-16T12:00:00-05:00 12:00 to 14:00
|
Lunch On Your Own |
|
2018-07-16T14:00:00-05:00 14:00 to 15:30
|
|
Session 2 - ArtifactsChair: Wietse Venema, Ph.D. (Google)
Reconstructing Streamed Video Content: A Case Study on YouTube and Facebook Live Stream Content in the Chrome Web Browser Cache Paper Graeme Horsman
Welcome pwn: Almond Smart Home Hub Forensics Paper Akshay Awasthi
Huw Read
Iain Sutherland
Konstantinos Xynos
Experience Constructing the Artifact Genome Project (AGP): Managing the Domain's Knowledge One Artifact at a Time Paper Cinthya Grajeda Mendez
Laura Sanchez
Ibrahim Baggili (University of New Haven)
Devon Clark
Frank Breitinger (University of New Haven)
|
2018-07-16T15:30:00-05:00 15:30 to 16:00
|
Break |
|
2018-07-16T16:00:00-05:00 16:00 to 16:30
|
|
Presentations 1Chair: Frank Adelstein, Ph.D. (NFA Digital)
IoT 4n6: The Growing Impact of IoT on Digital Forensics Presentation Jessica Hyde
Was the 2016 Election Hacked? Your Forensic Expertise is Needed! Presentation Suzanne Mello-Stark
|
2018-07-16T16:30:00-05:00 16:30 to 16:45
|
|
One Minute Teasers for Poster Sessions / Tool Demos(sign-up on-site) |
2018-07-16T18:00:00-05:00 |
Welcome Reception & Poster / Demos(offsite) |
|
Foyer Area | Grand Ballroom (B&C) | |
---|---|---|
2018-07-17T08:00:00-05:00 8:00 to 9:00
|
Registration / Breakfast |
|
2018-07-17T09:00:00-05:00 9:00 to 9:05
|
|
Administrative Remarks |
2018-07-17T09:05:00-05:00 9:05 to 10:00
|
|
Keynote Address |
2018-07-17T10:00:00-05:00 10:00 to 10:15
|
Break |
|
2018-07-17T10:15:00-05:00 10:15 to 12:00
|
|
Session 3 – MobileChair: Alex Nelson, Ph.D. (NIST)
Automated Forensic Analysis of Mobile Applications on Android Devices Paper Xiaodong Lin
Ting Chen
Tong Zhu
Kun Yang
Fengguo Wei
DroidKex: Fast Extraction of Ephemeral TLS Keys from the Memory of Android Apps Paper Benjamin Taubmann
Omar Al Abduljaleel
Hans Reiser
Digital Forensic Investigation of Two-Way Radio Communication Equipment and Services Paper Arie Kouwen
Mark Scanlon, Ph.D. (University College Dublin)
Kim-Kwang Raymond Choo
Nhien An Le Khac (University College Dublin)
|
2018-07-17T12:00:00-05:00 12:00 to 14:00
|
Lunch On Your Own |
|
2018-07-17T14:00:00-05:00 14:00 to 15:00
|
|
Session 4 – TechniquesChair: Vassil Roussev, Ph.D. (University of New Orleans)
Analyzing the DarkNetMarkets Subreddit for Evolutions of Tools and Trends Using LDA Topic Modeling Paper Kyle Porter
Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests Paper Tomasz Tuzel
Mark Bridgman
Joshua Zepf
|
2018-07-17T15:00:00-05:00 15:00 to 15:30
|
Break |
|
2018-07-17T15:30:00-05:00 15:30 to 16:30
|
|
Presentations 2Chair: Elizabeth Schweinsberg (Facebook)
Turbinia: Automation of Forensic Processing in the Cloud Presentation Thomas Chopitea
Aaron Peterson
Drone Forensics Program Presentation Steve Watson (VTO Labs)
|
2018-07-17T16:30:00-05:00 16:30 to 17:00
|
|
Forensic Challenge Presentation and Prizes |
2018-07-17T18:00:00-05:00 18:00 to 19:30
|
|
Banquet |
2018-07-17T19:30:00-05:00 |
|
Forensic Rodeo |
Foyer Area | Grand Ballroom (B&C) | Grand Ballroom B | Grand Ballroom C | |
---|---|---|---|---|
2018-07-18T08:00:00-05:00 8:00 to 9:00
|
Registration / Breakfast |
|
|
|
2018-07-18T09:00:00-05:00 9:00 to 10:30
|
|
Session 5 – MalwareChair: Joe Sylve, Ph.D. (BlackBag Technologies)
Multinomial Malware Classification Via Low-level Features Paper Sergii Banin
Geir Olav Dyrkolbotn (NTNU)
Deep Learning Methodology Enabling Non-Expert Malware Analysis and Classification Paper Quan Le
Oisin Boydell
Mark Scanlon, Ph.D. (University College Dublin)
CGC Monitor: A Vetting System for the DARPA Cyber Grand Challenge Paper Michael Thompson
Timothy Vidas
|
|
|
2018-07-18T10:30:00-05:00 10:30 to 10:45
|
Break |
|
|
|
2018-07-18T10:45:00-05:00 10:45 to 11:45
|
|
Presentations 3Chair: Bradley Schatz, Ph.D. (Schatz Forensic)
Using Santa to Augment Forensic Investigations Presentation James Nettesheim
Gary Brown
Damaged Device Forensics Presentation Steve Watson (VTO Labs)
Adding APFS Support to The Sleuthkit Framework Presentation Joe Sylve, Ph.D. (BlackBag Technologies)
|
|
|
2018-07-18T11:45:00-05:00 11:45 to 12:00
|
|
|
|
|
2018-07-18T12:00:00-05:00 12:00 to 12:20
|
Closing Comments |
|
|
|
2018-07-18T12:20:00-05:00 12:20 to 13:30
|
Lunch On Your Own |
|
|
|
2018-07-18T13:30:00-05:00 13:30 to 15:30
|
|
|
Android Forensics and Reverse Engineering (Part 1) Workshop Trevor Haigh (University of New Haven)
Frank Breitinger (University of New Haven)
|
Plaso: The Missing Manual (Part 1) Workshop Mark Hallman (SANS Institute)
|
2018-07-18T15:30:00-05:00 15:30 to 17:30
|
|
|
Android Forensics and Reverse Engineering (Part 2) Workshop Trevor Haigh (University of New Haven)
Frank Breitinger (University of New Haven)
|
Plaso: The Missing Manual (Part 2) Workshop Mark Hallman (SANS Institute)
|
2018-07-18T18:00:00-05:00 |
DFRWS 2019 Planning Session(food/drinks not paid for by DFRWS) |
|
|
|