Authors: Ali Hadi and Mariam Khader

DFRWS USA 2023

Abstract

Why do we need to learn Linux Forensics? Well, nowadays when you look at the number of tools available on different penetration testing systems running Linux, you should stop and ask yourself a basic question “are these tools and systems always going to be used for ethical purposes?” The answer is definitely not!

Another reason to consider learning Linux forensics is that not everyone uses Windows. You may arrive at a crime scene only to find that your suspect’s computer is a Linux operating system! If you don’t have the proper skillset, you will end up shocked and questioning your own knowledge and abilities. What should I do? Do I have the skills required to collect data from this system? Where should I look for artifacts? What do these artifacts even look like? How can we identify and track user activity? The goal of this workshop is to help DFIR analysts build the most important knowledge and skills that will give them confidence when encountering computers running a Linux OS.

Bio

Ali Hadi

Ali Hadi

Dr. Ali Hadi is a highly accomplished and experienced Senior Cybersecurity Specialist with 14+ years of professional experience in Information Technology. He is currently working as a full-time professor and researcher at the Computer and Digital Forensics and Cybersecurity Departments of Champlain College, USA. Ali is a Co-Founder and the Chief Technology Officer of Cyber 5W. He holds a PhD and MSc degree in Computer Information Systems, as well as a BSc degree in Computer Science. Throughout his professional career, Ali has earned more than 20 professional certifications. Ali is a sought-after consultant in the field of cybersecurity, offering expertise in areas such as digital forensics, incident response, adversary simulation, offensive security, and malware analysis. He is also an established author, speaker, and freelance instructor, having provided technical training to government and private firms as well as other organizations. Ali continues to be an influential figure in the digital forensics community and is dedicated to promoting forensics education and research.

Resources

Mariam Khader

Mariam Khader

Dr. Mariam Khader is an Assistant Professor at Champlain College, USA, who is highly recognized for her expertise in Computer Science, IT Security and Digital Criminology. She has earned her PhD and MSc in the respective fields and is currently a researcher at the Leahy Center, where she focuses on Mobile and Operating System Forensics as well as Big Data Forensics. Her research has been published in numerous international journals and presented at various conferences, where she has been able to share her insights with a wide range of audiences. In addition to working as a course author and speaker, Mariam has also worked as a freelance instructor, providing technical instruction to government and private firms as well as other organizations. She has obtained numerous professional certifications, such as CHFI, ECIH, CCNA, CCME, CCO, CCMP, and CCPA.

Downloads