DFIR Review responds to the need for a focal point for up-to-date community-reviewed applied research and testing in digital forensics and incident response.

DFIR Review concentrates on targeted studies of specific devices, digital traces, analysis methods, and criminal activities to help digital forensic practitioners deal with real-world issues.

New and Notable

DFIR Review needs additional reviewers!  Perks include:

  • Reading great research and helping make the papers even better (about 1 per month)
  • Reading the articles that get nominated for the Forensic 4:cast Article of the Year
  • Certificates for completing reviews
  • The satisfaction of giving back to the community
  • Earning CPE credits (work in progress)

Apply by emailing dfirreview@dfrws.org

DFRWS DFIR Review, dfir.pubpub.org. Pink and purple streaks on a navy background.


New approaches to analyzing digital traces can help develop insights in an investigation. Often this type of material is shared via blogs by active practitioners, however, these posts often do not undergo community review or vetting, and are not presented or published in a formalized forum for long term reference. The faster this knowledge can be produced, reviewed, and shared among the DFIR community, the better able we will be to deal with new devices, digital traces, and criminal activities.

DFIR Review aims to take this up-to-date content created by practitioners and provide reviews such that the findings can be cited and stored in a reference-able format so that it may be used by others. Every accepted paper will receive a DOI number. This will enable reference in legal matters while crediting the originating source of a practitioner blog.


DFIR Review welcomes submissions that provide up-to-date knowledge in digital forensics and incident response, as well as test results that validate or update prior studies. The DFIR Review community actively encourages authors to submit their work, and will assist authors throughout the submission process as needed. Topics of interest include:

  • Forensic treatment of new devices, including Internet-of-Things
  • Forensic analysis of new smartphone apps or updated versions (inclusion of open source tools encouraged)
  • Forensic analysis of new data structures on operating systems
  • New methods of analyzing digital traces to find patterns, links and other insights
  • Insights into new ways that criminals are using technology, emphasizing technical elements and potential solutions
  • Validation and testing of new forensic tool features (inclusion of test data preferred)

Submit via EasyChair: https://easychair.org/conferences/?conf=dfirr2020

Submission implies that the work will not have been published elsewhere (except in as an abstract, academic thesis, preprint or personal blog), and publication in a virtual proceeding is approved by all authors and tacitly or explicitly by the responsible authorities where the work was carried out. Authors of high impact work will be encouraged to further develop their work and submit it to DFRWS conferences and other DFIR community events and publications. Inquiries can be directed to DFIR@dfrws.org


Submissions to DFIR Review are reviewed monthly by a panel of qualified members of the community to include practitioners, researchers, graduate students and others working in the digital forensics field.

Submissions will either be accepted or rejected on the basis of reviewer responses. For accepted submissions, reviewers will provide a detailed response including comments, further research concepts that may not have been explored, as well as validation and/or verification of initial research. The intent is that this response material will be presented along with the submission on DFIR Review.


Accepted submissions will be made available on PubPub and the DFRWS website open access under the CC BY-NC-ND license. These submissions will be organized along with reviewer response materials.

After DFIR Review publication, authors can post their work on their personal website or blog with a reference to the publication. In this way, DFIR Review is the system of record for the work, and authors can disseminate their work with a reference to the publication in DFIR Review.

Copyright and Rights

Authors will retain copyright of their work in DFIR Review. Authors will grant DFRWS the non-exclusive right to include the material in any form throughout the world, in all languages, for all time, effective when and if the work is accepted for publication.


Organizing Committee

ChairJessica Hyde (George Mason University & Magnet Forensics)
Vice ChairEoghan Casey (University of Lausanne & Digital Forensics Solutions)
Program ChairElénore Ryser (University of Lausanne)
Program Vice ChairHolger Morgenstern (Albstadt-Sigmaringen University)
Publication Co-ChairsJoseph Walsh (DeSales University)
Stephen Boyce (Marymount University & Magnet Forensics)
Industry Practitioner LiaisonsBrett Shavers (DFIR Training) / Tony Knutson (SANS Institute, Kroll)
Government Practitioner LiaisonOpen
Academia LiaisonMark McKinnon (Davenport University)
Communications ChairPrashanth Kumar Reddy Malise (George Mason University)
DFRWS LiaisonDaryl Pfeif (Digital Forensics Solutions)

Gold Reviewers

  • Addisu Afework Birhanu
  • Jessica Hyde

Silver Reviewers

  • Timothy Bollé
  • Yohannes Yemane Brhan
  • Lisa Brown
  • Eric Eppley
  • Ali Hadi
  • Anthony Knutson
  • Nickolas Ligman
  • Johann Polewczyk
  • Francesco Servida
  • Linda Shou


  • Zheng Jie Chan
  • Amanda Chung
  • Manon Fischer
  • Joshua I. James
  • Selena Ley
  • Prashanth Malise
  • Doug Metz
  • Sungmi Park
  • Elénore Ryser
  • Bradley Schatz
  • Aurèle Scoundrianos
  • Brett Shavers
  • Hannes Spichiger
  • Adrien Vincart
  • Ryan Wesley
  • Mike Williamson
  • Sara Pierce
  • Rishitha Reddy Munugala
  • Saarthik Tannan
  • Madison Brumbelow 
  • Utta Von Nuremburg
  • Kristin Ibanez
  • Charina Marrion
  • Jad Saliba
  • Alexander Brunner
  • Rishi Krishnan