Papers & Presentations Archive - Page 12 of 81

Paper \| Presentation	Conference	Author
Carving Contiguous and Fragmented Files with Object Validation	DFRWS USA 2007	Simson Garfinkel, Ph.D. (Naval Postgraduate School, Harvard University)
Capture – A Tool for Behavioral Analysis of Applications and Documents	DFRWS USA 2007	Christian Seifert (Victoria University of Wellington), Ramon Steenson (Victoria University of Wellington), Ian Welch (Victoria University of Wellington), Peter Komisarczuk (Victoria University of Wellington), and Barbara Endicott-Popovsky (University of Washington)
BodySnatcher – Towards Reliable Volatile Memory Acquisition by Software	DFRWS USA 2007	Bradley Schatz (Evimetry)
A Brief Study of Time	DFRWS USA 2007	Florian Buchholz (James Madison University) and Brett Tjaden (James Madison University)
The VAD Tree – A Process-Eye View of Physical Memory	DFRWS USA 2007	Brendan Dolan-Gavitt (MITRE Corporation)
Specifying Digital Forensics – A Forensics Policy Approach	DFRWS USA 2007	Carol Taylor (University of Idaho), Barbara Endicott-Popovsky (University of Washington), Deborah A. Frincke (Pacific Northwest National Laboratory)
Issues with Imaging Drives Containing Faulty Sectors	DFRWS USA 2007	James R. Lyle (National Institute of Standards and Technology), Mark Wozar (National Institute of Standards and Technology)
Introducing the Microsoft Vista Log File Format	DFRWS USA 2007	Andreas Schuster (Deutsche Telekom AG)
Forensic Memory Analysis – From Stack and Code to Execution History	DFRWS USA 2007	Ali Reza Arasteh (Concordia University), Mourad Debbabi (Concordia University)
Forensic Data Recovery and Examination of Magnetic Swipe Card Cloning Devices	DFRWS USA 2007	Gerry Masters(QinetiQ), Philip Turner (QinetiQ,)
File Marshal – Automatic Extraction of Peer-to-Peer Data	DFRWS USA 2007	Frank Adelstein (ATC-NY), Rob Joyce (ATC-NY)
Automated Windows Event Log Forensics	DFRWS USA 2007	Rich Murphey (Applied Cognitive Solutions)
Analyzing Multiple Logs for Forensic Evidence	DFRWS USA 2007	Ali Reza Arasteh (Concordia University), Mourad Debbabi (Concordia University), Assaad Sakha (Concordia University), Mohamed Saleh (Concordia University)
An Efficient Technique for Enhancing Forensic Capabilities of Ext2 File System	DFRWS USA 2007	Mridul Sankar Barik (Jadavpur University), Gaurav Gupta (KPMG), Shubhro Sinha (Bengal Engineering and Science University), Alok Mishra (Bengal Engineering and Science University), Chandan Mazumdara (Jadavpur University)
10 Good Reasons Why You Should Shift Focus to Small Scale Digital Device Forensics	DFRWS USA 2007	Ronald van der Knijff (Netherlands Forensic Institute)
Using the HFS+ Journal For Deleted File Recovery	DFRWS USA 2008	Aaron Burghardt (Booz Allen Hamilton), Adam J. Feldman (Booz Allen Hamilton)
The Impact Of Microsoft Windows Pool Allocation Strategies On Memory Forensics	DFRWS USA 2008	Andreas Schuster (Deutsche Telekom AG)
PyFlag – An Advanced Network Forensic Framework	DFRWS USA 2008	Michael Cohen (Australian Federal Police)
Predicting the Types of File Fragments	DFRWS USA 2008	William C. Calhoun (Bloomsburg University of Pennsylvania), Drue Coles (Bloomsburg University of Pennsylvania)
MEGA – A Tool for Mac OS X Operating System and Application Forensics	DFRWS USA 2008	Rob Joyce (ATC-NY), Judson Powers (ATC-NY), Frank Adelstein, Ph.D. (ATC-NY)
High Speed Search Using Tarari Content Processor in Digital Forensics	DFRWS USA 2008	Jooyoung Lee (Electronics and Telecommunications Research Institute, Korea), Sungkyong Un (Electronics and Telecommunications Research Institute, Korea), Dowon Hong (Electronics and Telecommunications Research Institute, Korea)
FACE – Automated Digital Evidence Discovery and Correlation	DFRWS USA 2008	Andrew Case (University of New Orleans), Andrew Cristina (University of New Orleans), Lodovico Marziale (University of New Orleans), Golden Richard III, Ph.D. (University of New Orleans), and Vassil Roussev, Ph.D. (University of New Orleans)
Automated Computer Forensics Training in a Virtualized Environment	DFRWS USA 2008	Stephen Brueckner (ATC-NY), David Guaspari (ATC-NY), Frank Adelstein (ATC-NY), Joseph Weeks (Air Force Research Laboratory, USA)
A Novel Approach of Mining Write-Prints for Authorship Attribution in E-mail Forensics	DFRWS USA 2008	Farkhund Iqbal (Concordia University), Rachid Hadjidj (Concordia University), Benjamin C.M. Fung (Concordia University), Mourad Debbabi (Concordia University)
A Framework for Attack Patterns Discovery in Honeynet Data	DFRWS USA 2008	Olivier Thonnard (Royal Military Academy, Belgium), Marc Dacier (Institut Eurecom)
Using JPEG Quantization Tables to Identify Imagery Processed by Software	DFRWS USA 2008	Jesse Kornblum (Defense Cyber Crime Institute, USA)
Recovering Deleted Data From the Windows Registry	DFRWS USA 2008	Timothy D. Morgan (VSR Investigations)
Limewire Examinations	DFRWS USA 2008	Joseph Lewthwaite (Defense Cyber Crime Institute, USA), Victoria Smith (Department of Defense, USA)
Forensic Memory Analysis – Files Mapped In Memory	DFRWS USA 2008	R.B. van Baar (Netherlands Forensic Institute), W. Alink (Netherlands Forensic Institute), A.R. van Ballegooij (Netherlands Forensic Institute)
Forensic Analysis of the Windows Registry in Memory	DFRWS USA 2008	Brendan Dolan-Gavitt (MITRE Corporation)
Detecting File Fragmentation Point Using Sequential Hypothesis Testing	DFRWS USA 2008	AnanAnandabrata Pal (Polytechnic University, Brooklyn), Husrev T. Sencar (Polytechnic University, Brooklyn), Nasir Memon (Polytechnic University, Brooklyn)
An Overall Assessment Of Mobile Internal Acquisition Tool	DFRWS USA 2008	Alessandro Distefano (University of Rome), Gianluigi Me (University of Rome)
Validation And Verification Of Computer Forensic Software Tools-Searching Function	DFRWS USA 2009	Yinghua Guo, Jill Slay (La Trobe University), and Jason Beckett
Using ShellBag Information to Reconstruct User Activities	DFRWS USA 2009	Yuandong Zhu, Pavel Gladyshev, Ph.D. (University College Dublin), and Joshua James (University College Dublin)
Extraction of Forensically Sensitive Information from Windows Physical Memory	DFRWS USA 2009	Seyed Mahmood Hejazi, Chamseddine Talhi, and Mourad Debbabi (Concordia University)
Digital Forensic Implications of ZFS	DFRWS USA 2009	Nicole Beebe, Ph.D. (UTSA), Sonia Mandes, and Dane Stuckey
A Second Generation Computer Forensic Analysis System	DFRWS USA 2009	Daniel Ayers
A Novel Time-Memory Trade-Off Method for Password Recovery	DFRWS USA 2009	Hwei-Ming Ying
The Persistence of Memory – Forensic Identification and Extraction of Cryptographic Keys	DFRWS USA 2009	Carsten Maartmann-Moe, Andr√© √Örnes (Norwegian University of Technology and Science), Steffen Thorkildsen
Teleporter – An Analytically and Forensically Sound Duplicate Transfer System	DFRWS USA 2009	Kathryn Watkins, Mike McWhorter, Jeff Long, William Hill
Lessons Learned from the Construction of a Korean Software Reference Data Set for Digital Forensics	DFRWS USA 2009	Sangseo Park, Cheolwon Lee, Sungjai Baek
Identification and Recovery of JPEG Files with Missing Fragments	DFRWS USA 2009	Husrev Sencar, Nasir Memon (NYU Tandon School of Engineering)
Extending the Advanced Forensic Format to accommodate Multiple Data Sources, Logical Evidence, Arbitrary Information and Forensic Workflow	DFRWS USA 2009	Michael Cohen (Google), Simson Garfinkel, Ph.D. (U.S. Census Bureau), Bradley Schatz, Ph.D. (Schatz Forensic)
DIALOG – A Framework for Modeling, Analysis and Reuse of Digital Forensic Knowledge	DFRWS USA 2009	Damir Kahvedzic, Tahar Kechadi
DEX – Digital Evidence Provenance Supporting Reproducibility and Comparison	DFRWS USA 2009	Brian Levine (University of Massachusetts Amherst), Marc Liberatore (University of Massachusetts Amherst)
Computer Forensic Timeline Visualization Tool	DFRWS USA 2009	Jens Olsson, Martin Boldt
Bringing Science to Digital Forensics with Standardized Forensic Corpora	DFRWS USA 2009	Simson Garfinkel, Ph.D. (U.S. Census Bureau), Paul Farrell, Vassil Roussev, Ph.D. (University of New Orleans), George Dinolt
Windows Operating System Agnostic Memory Analysis	DFRWS USA 2010	James Okolica and Gilbert Peterson (US Air Force Institute of Technology)
Using Purpose-Built Functions And Block Hashes To Enable Small Block And Sub-File Forensics	DFRWS USA 2010	Simson Garfinkel, Ph.D. (Naval Postgraduate School), Alex Nelson, Ph.D. (Naval Postgraduate School), Douglas White (NIST), and Vassil Roussev, Ph.D. (University of New Orleans)
Secure USB Bypassing Tool	DFRWS USA 2010	Jewan Bang, Byeongyeong Yoo, and Sangjin Lee