Please note: All times below are in British Summer Time. Current BST Time:
Wednesday, June 3, 2020
| Timings | Main Webinar Room |
|---|---|
| 14:00 to 14:15 | Welcome Address |
| 14:15 to 15:00 | Paper Session I - Memory Forensics Chair: Harald Baier |
| BMCLeech: Introducing Stealthy Memory Forensics to BMC Tobias Latzo, Julian Brost and Felix Freiling Download Paper | Slides | |
| Tampering Digital Evidence is Hard: The Case of Main Memory Images Janine Schneider, Julian Wolf and Felix Freiling Download Paper | Slides | |
| On Challenges in Verifying Trusted Executable Files in Memory Forensics Daniel Uroz and Ricardo J. Rodríguez Download Paper | Slides | |
| 15:00 to 15:45 | Paper Session II - Digital Forensic Science Chair: Hans Henseler |
| Towards Sound Forensic Arguments: Structured Argumentation Applied to Digital Forensics Practice Virginia N. L. Franqueira and Graeme Horsman Download Paper | Slides | |
| An Argumentation-Based Reasoner to Assist Digital Investigation and Attribution of Cyber-Attacks Erisa Karafili, Linna Wang and Emil Lupu Download Paper | Slides | |
| Structuring the Evaluation of Location-Related Mobile Device Evidence Eoghan Casey, David-Olivier Jaquet-Chiffelle, Hannes Spichiger, Elénore Ryser and Thomas Souvignet Download Paper | Slides | |
| 15:45 to 16:00 | Break |
| 16:00 to 16:30 | Presentation Session I Chair: Frank Adelstein |
| Digital Forensic Techniques for Preservation and Archiving Neil Jefferies Slides | |
| Automated Normalisation and correlation of mobile device extractions using CASE Eoghan Casey, Quentin Rossy and Martina Reif Slides | |
| Relevance scoring and clustering of digital traces Ameya Puranik Slides | |
| 16:30 to 17:15 | Paper Session III - Artificial Intelligence Aided Investigation Chair: Jan-Niclas Hilgert |
| DeepUAge: Improving Underage Age Estimation Accuracy to Aid CSEM Investigation Felix Anda, Nhien An Le Khac and Mark Scanlon Download Paper | Slides | |
| Cutting through the Emissions: Feature Selection from Electromagnetic Side-Channel Data for Activity Detection Asanka Sayakkara, Luis Miralles, Nhien An Le Khac and Mark Scanlon Download Paper | Slides | |
| Towards Open-Set Forensic Source Grouping on JPEG Header Information Patrick Mullan, Christian Riess and Felix Freiling Download Paper | Slides | |
| 17:15 to 17:30 | Lightning Talks Session I Chair: Daryl Pfeif |
| 17:30 to 18:30 | Posters and Free Time |
| 18:30 to ?? | Digital Forensic Rodeo |
Thursday, June 4, 2020
| Timings | Main Conference Room |
|---|---|
| 14:00 to 14:30 | Presentation Session II Chair: Jessica Hyde |
| Forensics analysis of Apple Homepod Mattia Epifani | |
| Expressing evaluative conclusions in cases involving tampering of digital evidence Timothy Bollé, Francesco Servida, Johann Polewczyk, Thomas Souvignet and Eoghan Casey Slides | |
| 14:30 to 15:15 | Paper Session IV - Network Investigations Chair: John Sheppard |
| A Scalable Platform for Enabling the Forensic Investigation of Exploited IoT Devices and their Generated Unsolicited Activities Sadegh Torabi, Elias Bou-Harb, Chadi Assi and Mourad Debbabi Download Paper | Slides | |
| IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers Xiaolu Zhang, Oren Upton, Nicole Beebe and Kim-Kwang Raymond Choo Download Paper | Slides | |
| IP addresses in the context of digital evidence in the criminal and civil case law of the Slovak Republic Pavol Sokol, Laura Rózenfeldová, Katarína Lučivjanská and Jakub Harašta Download Paper | Slides | |
| 15:15 to 15:30 | Break |
| 15:30 to 16:15 | Keynote Address: Gill Tully, UK Forensic Science Regulator Risk, Quality Assurance and Innovation in Digital Forensics A recap of digital forensics over the last 20 years, highlighting the rapid growth of digital forensics, the growth of data and the associated rapid challenges in digital forensics in an ever increasing digital world. |
| 16:15 to 16:45 | Paper Session V - Filesystem Forensics Chair: Mark Scanlon |
| Forensic Analysis of the Resilient File System (ReFS) Version 3.4 Paul Prade, Tobias Groß and Andreas Dewald Download Paper | Slides | |
| Artifacts for detecting timestamp manipulation in NTFS and their reliability David Palmbach and Frank Breitinger Download Paper | Slides | |
| 16:45 to 17:15 | Lightning Talks Chair: Daryl Pfeif |
| 17:15 to 18:00 | Birds of a Feather Session Chair: Frank Adelstein |
| 18:00 to 18:30 | Break |
| 18:30 to 21:30 | Pub Quiz (and Announcement of Best Paper Awards) Chair: Chris Hargreaves |
Friday, June 5, 2020
| Workshop Room 1 | Workshop Room 2 | |
|---|---|---|
| 13:30 to 14:30 | Insights from Waves: Gathering Forensically-useful Insights from IoT Devices with Electromagnetic Side-Channel Analysis (Part I) Presenters: Asanka Sayakkara, Nhien-An Le-Khac, Mark Scanlon (University College Dublin) | Dynamic Instrumentation for forensic research using Frida (Part I) Presenter: Or Begam (Cellebrite) |
| 14:30 to 14:45 | Break | |
| 14:45 to 16:00 | Insights from Waves: Gathering Forensically-useful Insights from IoT Devices with Electromagnetic Side-Channel Analysis (Part II) | Dynamic Instrumentation for forensic research using Frida (Part II) |
| 16:00 to 16:15 | Break | |
| 16:15 to 17:15 | Making the CASE for Cyber-investigation Interoperability (Part I) Presenters: Eoghan Casey, Harm van Beek, Jessica Hyde, Cory Hall, Vik Harichandran, John Andrew Sovern, Mattia Epifani, Claudia Meda, Fabrizio Turchi, Ryan Griffith, Deborah L. Nichols | |
| 17:15 to 17:30 | Break | |
| 17:30 to 18:45 | Making the CASE for Cyber-investigation Interoperability (Part II) | |
Extended Abstracts:
- Detecting Cyberbullying “Hotspots” on Twitter: A Predictive Analytics Approach
S.M. Ho , D. Kao , M.-J. Chiu-Huang , W. Li and C.-J. Lai - EMvidence: A Framework for digital Evidence Acquisition from IoT Devices Through Electromagnetic Side-Channel Analysis
A. Sayakkara , N.-A. Le-Khac and M. Scanlon - Big data Forensics: Hadoop 3.2.0 Reconstruction
E. Harshany , R. Benton , D. Bourrie and W. Glisson - PNG data Detector for DECA
K.C. Odogwu , P. Gladyshev and B. Habibnia - Tainted digital Evidence and privacy Protection in Blockchain-Based Systems
D. Billard
Posters:
- Big Data Forensics: Hadoop 3.2.0 Reconstruction
Edward Harshany, Ryan Benton, David Bourrie and William Glisson - Detecting Cyberbullying “Hotspots” on Twitter: A Predictive Analytics Approach
Shuyuan Mary Ho, Dayu Kao, Ming-Jung Chiu-Huang, Wenyi Li and Chung-Jui Lai - Tainted Digital Evidence and Privacy Protection in Blockchain-based Systems
David Billard - EMvidence: A Framework for Digital Evidence Acquisition from IoT Devices through Electromagnetic Side-Channel Analysis
Asanka Sayakkara, Nhien An Le Khac and Mark Scanlon - Infection Detection of Emotet Malware Using Capture-Display-Analyze Model in Wireshark Packet Extraction
Te-Min Liu, En-Chun Kuo, Da-Yu Kao - The Application of Blockchain of Custody in Criminal Investigation Process
Yueh-Tan Chiang, Fu-Ching Tsai - Chronological independently verifiable electronic chain of custody ledger using blockchain technology
Xavier Burri