DFRWS is the leading digital forensics research conference and the 13th annual conference was held from August 4 to 7, 2013 in Monterey, CA. The 2013 conference is being held in cooperation with the Association for Computing Machinery (ACM) and its Special Interest Group on Security, Audit and Control (SIGSAC).
2013 had 13 peer-reviewed papers presented, 2 keynotes, and 2 panels, as well as 5 workshops. There was a TIE for best paper between “Language Translation for File Paths” by Neil Rowe, Riqui Schwamm, and Simson Garfinkel AND “Improved Recovery and Reconstruction of DEFLATEd Files” by Ralf Brown.
We challenged the competitors to develop the fastest and most accurate data block classifier, in a continuation of the 2012 Challenge.
The winning submission for the DFRWS2013 Forensics Challenge was created by Jungheum Park, Jewan Bang, Yunho Lee, and Jonghyun Choi of the Digital Forensic Research Center, Korea University.
Conference Location:
Monterey Marriott Monterey, CA
August 4, 2013 to August 7, 2013
Keynotes
CuteCats.exe and Protecting Citizens of the Internet
Morgan Marquis-Boire | GoogleAbstract: Since the Arab Spring, the world has become more aware about state sponsored surveillance. Some of that awareness is directly due to volunteers from Citizen Labs and the EFF helping dissidents find out what surveillance tools are lurking on their system. Hear one forensic analyst's journey to ferret out the ultimate in spyware and save the world.
Bio: Morgan Marquis-Boire works as a Security Engineer at Google specializing in Incident Response, Forensics and Malware Analysis. He is a security researcher and Technical Advisor at the Citizen Lab, Munk School of Global Affairs, University of Toronto. Recently, he has been working with the Electronic Frontier Foundation on issues surrounding dissident suppression in Syria.
He is a frequent speaker at events around the world and his work has been featured in numerous print and online publications including Bloomberg Business Week, The Wall Street Journal, The Guardian, Le Monde and The New York Times. He was also one of the original organizers of the KiwiCON conference in New Zealand.
Strangers in a Strange Land: One Local Cop's Perspective on Digital Forensics
Cindy Murphy | Police Department of Madison, WisconsinAbstract: The rapidly shifting landscape of digital media over the past two decades has brought a revolutionary change in the availability of information (both relevant and irrelevant) to law enforcement for investigative and intelligence purposes. Meanwhile, the digital cultural divide and lagging resources have resulted in a lack of funding for and attention to proper training and education for forensic examiners and investigators, for law enforcement supervisors at all levels, for prosecution and defense attorneys, and for judges and juries who directly interact with this new evidence. The result is common misconceptions and misunderstandings about the implications of digital evidence and friction over the proper scope of its collection and use. Additionally, cultural differences within the policing and software development communities can make it hard for law enforcement to describe software needs and for developers to create realistic solutions. In this inherently complex environment, how do we grok a better way forward?
Bio: Detective Cindy Murphy works for the police department of Madison, Wisconsin and has been a Law Enforcement Officer since 1985. She is a certified forensic examiner, and has been involved in computer forensics since 1999. She earned her MSc in Forensic Computing and Cyber Crime Investigation through University College, Dublin in 2011. She has directly participated in the examination of many hundreds of hard drives, cell phones, and other items of digital evidence pursuant to criminal investigations including homicides, missing persons, computer intrusions, sexual assaults, child pornography, financial crimes, and various other crimes. She has testified as a computer forensics expert in state and federal court on numerous occasions, using her knowledge and skills to assist in the successful investigation and prosecution of criminal cases involving digital evidence. She is also a part time digital forensics instructor at Madison College, and a mobile device forensics instructor for the SANS Institute. Cindy believes in constantly pushing the boundaries of what we believe is possible in order to achieve what we once believed was impossible, and that in general persistence matters at least as much as brilliance.
Participation
2013 Workshops:
- Advanced Smartphone Forensics & Incident Response with Eoghan Casey and Bradley Schatz
- Intrusion Forensics with Cory Altheide
- Timeline Analysis with l2t and plaso with Kristinn Gudjonsson and Elizabeth Schweinsberg
- Small data forensics on a large scale with Candice Quates and Vassil Roussev
- Memory Forensics to Defeat Encryption, Find Malware, and Help You Lose Weight with Jesse Kornblum
Committees
Organizing Committee
Conference Chair
Florian Buchholz, PhD (James Madison University)
Conference Vice Chair
Wietse Venema, PhD, (IBM Research)
Technical Program Chair
Clay Shields, PhD (Georgetown University)
Technical Program Vice Chair
Juan Caballero (IMDEA-Software)
Local Arrangements
Joel Young (Naval Postgraduate School)
Proceedings
Matthew Geiger (Dell SecureWorks)
Keynote
Eoghan Casey (MITRE)
Publicity
Dave Baker (MITRE)
Advertising / Sponsorship
Daryl Pfeif (Digital Forensics Solutions)
Finances
Rick Smith (ATC-NY)
Registration
Dave Baker (MITRE) and Andreas Schuster (Deutsche Telekom AG)
Challenge
Vassil Roussev, PhD (University of New Orleans)
Web
Tim Vidas (Carnegie Mellon University)
Demo / Posters
Elizabeth Schweinsberg (Google)
Workshop Chair
Golden Richard III, PhD (Univeristy of New Orleans)
Workshop Vice Chair
Frank Adelstein (GrammaTech)
Technical Program Committee
Frank Adelstein
GrammaTech
David Baker
MITRE
Nicole Beebe
The University of Texas at San Antonio
Robert Beverly
Naval Postgraduate School
Florian Buchholz
James Madison University
Juan Caballero
IMDEA Software Institute
Brian Carrier
Basis Technology
Eoghan Casey
MITRE
Jedidiah Crandall
University of New Mexico
Josiah Dykstra
UMBC
Brendan Dolan-Gavitt
Georgia Tech
William Enck
North Carolina State University
Simson Garfinkel
Naval Postgraduate School
Matthew Geiger
Dell SecureWorks
Pavel Gladyshev
University College Dublin
Sundararaman Jeyaraman
Purdue University
Xuxian Jiang
North Carolina State Univresity
Rob Joyce
ATC-NY
Brian Levine
University of Massachusetts Amherst
Marc Liberatore
University of Massachusetts Amherst
Zhiqiang Lin
University of Texas Dallas
Michael Losavio
University of Louisville
Stephen McCamant
U Minnesota
Sean Peisert
University of California, Davis
Golden Richard
University of New Orleans
Vassil Roussev
University of New Orleans
Andreas Schuster
Deutsche Telekom AG
Elizabeth Schweinsberg
Clay Shields
Georgetown University
Wietse Venema
IBM Research
Timothy Vidas
Carnegie Mellon University
Dongyan Xu
Purdue University
Joel Young
Naval Postgraduate School
Cory Altheide
Abe Baggili
Zayed University
Michael Cohen
Paul Giura
AT&T
Barbara Guttman
NIST
Ping Ji
CUNY - John Jay College of Criminal Justice
Erin Kenneally
CAIDA
Jesse Kornblum
Jamie Levy
Volatiliy
Heather Mahalik
Basis
Cindy Murphy
Madison PD
Gilbert Peterson
US Air Force Institute of Technology
Judson Powers
ATC-NY
Steve Romig
The Ohio State University
Bradely Schatz
Schatz Forensics
Jessica Smith
Stroz Friedberg
Sponsors
Sponsors help DFRWS to produce quality events and foster community. Click a logo to learn more about the sponsor.
Information about sponsorship opportunities is available at: http://www.dfrws.org/sponsorship-opportunities
DFRWS 2013 Monday Breakfast Google is a global technology leader focused on improving the ways people connect with information. Google's innovations in web search and advertising have made its website a top internet property and its brand one of the most recognized in the world.
Learn MoreBasis Techniology
DFRWS 2013 Breaks and Rodeo Prizes Basis Technology develops innovative products and solutions for digital forensics investigators in the law enforcement, intelligence, and cybersecurity communities. Our digital forensics team pioneers better, faster, and cheaper techniques for forensic evidence extraction to keep our government and corporate customers ahead of the exponential growth of data storage volumes. Basis Technology also provides advanced research and development and reverse engineering expertise to a variety of customers with uniquely challenging mobile phone, tablet, and esoteric storage device problems. Learn more at www.basistech.com.
Learn More