The 6th Annual DFRWS was held from August 14 to 16, 2006 in Lafayette, Indiana and featured presentations and discussions on new strategies to meet the accelerating challenges of digital forensics around the world.  There were 18 peer reviewed papers and a keynote by Ted Lindsey, FBI on “Current Cyber Investigation Challenges in Digital Forensics”

Day 1 featured a panel on “Issues in Building the Digital Forensics Bridge From Computer Science to Judicial Science” with Michael Losavio, Deborah Wilson, Adel Elmaghraby, James Graham, S. Srinivasan, David Elder, and Marcus Rogers.

The Best Paper Award went to “Searching for Processes and Threads in Microsoft Windows Memory Dumps” by Andreas Schuster, Deutsche Telekom AG, Germany.

The Forensics Challenge was on Data Carving — the process of extracting a collection of data from a larger data set. Data carving techniques frequently occur during a digital investigation when the unallocated file system space is analyzed to extract files. The files are “carved” from the unallocated space using file type-specific header and footer values. File system structures are not used during the process.  The results of existing file carving tools typically contain many false positives. An investigator must test each of the extracted files by opening them in an application that supports the file type. The goal of the DFRWS 2006 Forensics Challenge was to design and develop file carving algorithms that identify more files and reduce the number of false positives.

The 2006 Forensics Challenge Winners were Klayton Monroe, Andy Bair & Jay Smith.


Conference Location:

Lafayette, IN United States

August 14, 2006 to August 16, 2006


Current Cyber Investigation Challenges in Digital Forensics

Ted Lindsey | FBI

Abstract: The challenges facing cyber investigators and forensic examiners have never been greater. Our tools are unable to keep pace with the exponential growth in storage device capacity and distributed network environments. How do we find the needle in the haystack when the haystack is 10 stories tall? In addition, the advent of whole drive encryption may render our traditional image acquisition methods useless. Wireless technology has enabled an entirely new attack vector that can be launched from nearly anywhere and leaves little or no trace. More ominously, our opponents are actively taking steps to thwart our examination techniques. These are just a handful on the problems facing us as we enter the 21st century. I'll cover some of the problems that I've encountered as a cyber investigator and forensic examiner as well as some of the challenges I see from the perspective of a software engineer and independent software development firm.



Organizing Committee

Frank Adelstein


David Baker


Brian Carrier

Basis Technology

Eoghan Casey

Stroz Friedberg

Dan Kalil

Air Force Research Lab, Assured Information Security

Chet Maciag

Air Force Research Lab

Daryl Pfeif

Digital Forensics Solutions

Golden G. Richard, III

University of New Orleans

Marcus Rogers

Purdue University

Vassil Roussev

University of New Orleans

Todd Shipley


Wietse Venema


Technical Program Committee

Cory Altheide


Tom Bacon

Southern Oregon University

Nicole Beebe

University of Texas at San Antonio

Florian Buchholz

James Madison University

R. Chandramouli

Stevens Institute of Technology

Olivier De Vel

Australian Department of Defense

Tom Daniels

Iowa State University

Dave Dittrich

University of Washington

Derick Donnelly

Black Bag Technologies

Heather Dussalt

State University of New York Institute of Technology

Knut Eckstein


Dario Forte

DFLabs Italy

Yun Gao

University of New Orleans

Simson Garfinkel

Harvard University

Yong Guan

Iowa State University

Warren Harrison

Portland State University

Chet Hosmer

Wetsone Technologies

Erin Keneally

San Diego Supercomputer Center

Jesse Kornblum

ManTech CFIA

Michael Losavio

University of Louisville

James Lyle


Nasir Memon

Polytechnic University

Srinivas Mukkamala

New Mexico Tech

Judie Mulholland

Florida State University

Gilbert Peterson

Air Force Institute of Technology

Steve Romig

Ohio State University

Kulesh Shanmugasundaram

Polytechnic University

JK.P. Subbalakshmi

Stevens Institute of Technology

Duminda Wijesekera

George Mason University


Sponsors help DFRWS to produce quality events and foster community. Click a logo to learn more about the sponsor.

Information about sponsorship opportunities is available at:


WetStone software solutions support investigators and analysts engaged in cyber-crime investigations, digital forensics, and incident response activities.

Learn More

Stroz Freidberg, LLC

Stroz Friedberg is a leading global consulting firm for ... Please visit our website listed below for more services and details.

Learn More