DFRWS is the leading digital forensics research conference and the 13th annual conference was held from August 4 to 7, 2013 in Monterey, CA. The 2013 conference is being held in cooperation with the Association for Computing Machinery (ACM) and its Special Interest Group on Security, Audit and Control (SIGSAC).

2013 had 13 peer-reviewed papers presented, 2 keynotes, and 2 panels, as well as 5 workshops. There was a TIE for best paper between “Language Translation for File Paths” by Neil Rowe, Riqui Schwamm, and Simson Garfinkel AND “Improved Recovery and Reconstruction of DEFLATEd Files” by Ralf Brown.

We challenged the competitors to develop the fastest and most accurate data block classifier, in a continuation of the 2012 Challenge.

The winning submission for the DFRWS2013 Forensics Challenge was created by Jungheum Park, Jewan Bang, Yunho Lee, and Jonghyun Choi of the Digital Forensic Research Center, Korea University.

Conference Location:

Monterey Marriott Monterey, CA

August 4, 2013 to August 7, 2013

Keynotes

CuteCats.exe and Protecting Citizens of the Internet

Morgan Marquis-Boire | Google

Abstract: Since the Arab Spring, the world has become more aware about state sponsored surveillance. Some of that awareness is directly due to volunteers from Citizen Labs and the EFF helping dissidents find out what surveillance tools are lurking on their system. Hear one forensic analyst's journey to ferret out the ultimate in spyware and save the world.

Bio: Morgan Marquis-Boire works as a Security Engineer at Google specializing in Incident Response, Forensics and Malware Analysis. He is a security researcher and Technical Advisor at the Citizen Lab, Munk School of Global Affairs, University of Toronto. Recently, he has been working with the Electronic Frontier Foundation on issues surrounding dissident suppression in Syria.

He is a frequent speaker at events around the world and his work has been featured in numerous print and online publications including Bloomberg Business Week, The Wall Street Journal, The Guardian, Le Monde and The New York Times. He was also one of the original organizers of the KiwiCON conference in New Zealand.

Strangers in a Strange Land: One Local Cop's Perspective on Digital Forensics

Cindy Murphy | Police Department of Madison, Wisconsin

Abstract: The rapidly shifting landscape of digital media over the past two decades has brought a revolutionary change in the availability of information (both relevant and irrelevant) to law enforcement for investigative and intelligence purposes. Meanwhile, the digital cultural divide and lagging resources have resulted in a lack of funding for and attention to proper training and education for forensic examiners and investigators, for law enforcement supervisors at all levels, for prosecution and defense attorneys, and for judges and juries who directly interact with this new evidence. The result is common misconceptions and misunderstandings about the implications of digital evidence and friction over the proper scope of its collection and use. Additionally, cultural differences within the policing and software development communities can make it hard for law enforcement to describe software needs and for developers to create realistic solutions. In this inherently complex environment, how do we grok a better way forward?

Bio: Detective Cindy Murphy works for the police department of Madison, Wisconsin and has been a Law Enforcement Officer since 1985. She is a certified forensic examiner, and has been involved in computer forensics since 1999. She earned her MSc in Forensic Computing and Cyber Crime Investigation through University College, Dublin in 2011. She has directly participated in the examination of many hundreds of hard drives, cell phones, and other items of digital evidence pursuant to criminal investigations including homicides, missing persons, computer intrusions, sexual assaults, child pornography, financial crimes, and various other crimes. She has testified as a computer forensics expert in state and federal court on numerous occasions, using her knowledge and skills to assist in the successful investigation and prosecution of criminal cases involving digital evidence. She is also a part time digital forensics instructor at Madison College, and a mobile device forensics instructor for the SANS Institute. Cindy believes in constantly pushing the boundaries of what we believe is possible in order to achieve what we once believed was impossible, and that in general persistence matters at least as much as brilliance.

Participation

2013 Workshops:

  • Advanced Smartphone Forensics & Incident Response with Eoghan Casey and Bradley Schatz
  • Intrusion Forensics with Cory Altheide
  • Timeline Analysis with l2t and plaso with Kristinn Gudjonsson and Elizabeth Schweinsberg
  • Small data forensics on a large scale with Candice Quates and Vassil Roussev
  • Memory Forensics to Defeat Encryption, Find Malware, and Help You Lose Weight with Jesse Kornblum

Committees

Organizing Committee

Conference Chair

Florian Buchholz, PhD (James Madison University)

Conference Vice Chair

Wietse Venema, PhD, (IBM Research)

Technical Program Chair

Clay Shields, PhD (Georgetown University)

Technical Program Vice Chair

Juan Caballero (IMDEA-Software)

Local Arrangements

Joel Young (Naval Postgraduate School)

Proceedings

Matthew Geiger (Dell SecureWorks)

Keynote

Eoghan Casey (MITRE)

Publicity

Dave Baker (MITRE)

Advertising / Sponsorship

Daryl Pfeif (Digital Forensics Solutions)

Finances

Rick Smith (ATC-NY)

Registration

Dave Baker (MITRE) and Andreas Schuster (Deutsche Telekom AG)

Challenge

Vassil Roussev, PhD (University of New Orleans)

Web

Tim Vidas (Carnegie Mellon University)

Demo / Posters

Elizabeth Schweinsberg (Google)

Workshop Chair

Golden Richard III, PhD (Univeristy of New Orleans)

Workshop Vice Chair

Frank Adelstein (GrammaTech)

Technical Program Committee

Frank Adelstein

GrammaTech

David Baker

MITRE

Nicole Beebe

The University of Texas at San Antonio

Robert Beverly

Naval Postgraduate School

Florian Buchholz

James Madison University

Juan Caballero

IMDEA Software Institute

Brian Carrier

Basis Technology

Eoghan Casey

MITRE

Jedidiah Crandall

University of New Mexico

Josiah Dykstra

UMBC

Brendan Dolan-Gavitt

Georgia Tech

William Enck

North Carolina State University

Simson Garfinkel

Naval Postgraduate School

Matthew Geiger

Dell SecureWorks

Pavel Gladyshev

University College Dublin

Sundararaman Jeyaraman

Purdue University

Xuxian Jiang

North Carolina State Univresity

Rob Joyce

ATC-NY

Brian Levine

University of Massachusetts Amherst

Marc Liberatore

University of Massachusetts Amherst

Zhiqiang Lin

University of Texas Dallas

Michael Losavio

University of Louisville

Stephen McCamant

U Minnesota

Sean Peisert

University of California, Davis

Golden Richard

University of New Orleans

Vassil Roussev

University of New Orleans

Andreas Schuster

Deutsche Telekom AG

Elizabeth Schweinsberg

Google

Clay Shields

Georgetown University

Wietse Venema

IBM Research

Timothy Vidas

Carnegie Mellon University

Dongyan Xu

Purdue University

Joel Young

Naval Postgraduate School

Cory Altheide

Google

Abe Baggili

Zayed University

Michael Cohen

Google

Paul Giura

AT&T

Barbara Guttman

NIST

Ping Ji

CUNY - John Jay College of Criminal Justice

Erin Kenneally

CAIDA

Jesse Kornblum

Facebook

Jamie Levy

Volatiliy

Heather Mahalik

Basis

Cindy Murphy

Madison PD

Gilbert Peterson

US Air Force Institute of Technology

Judson Powers

ATC-NY

Steve Romig

The Ohio State University

Bradely Schatz

Schatz Forensics

Jessica Smith

Stroz Friedberg

Sponsors

Sponsors help DFRWS to produce quality events and foster community. Click a logo to learn more about the sponsor.

Information about sponsorship opportunities is available at: http://www.dfrws.org/sponsorship-opportunities

Google

DFRWS 2013 Monday Breakfast Google is a global technology leader focused on improving the ways people connect with information. Google's innovations in web search and advertising have made its website a top internet property and its brand one of the most recognized in the world.

Learn More

Basis Techniology

DFRWS 2013 Breaks and Rodeo Prizes Basis Technology develops innovative products and solutions for digital forensics investigators in the law enforcement, intelligence, and cybersecurity communities. Our digital forensics team pioneers better, faster, and cheaper techniques for forensic evidence extraction to keep our government and corporate customers ahead of the exponential growth of data storage volumes. Basis Technology also provides advanced research and development and reverse engineering expertise to a variety of customers with uniquely challenging mobile phone, tablet, and esoteric storage device problems. Learn more at www.basistech.com.

Learn More