| Paper | Presentation | Conference | Downloads | Author |
|---|---|---|---|
| Hash-Based Carving: Searching Media For Complete Files And File Fragments With Sector Hashing And hashdb | DFRWS USA 2015 | Simson Garfinkel, Ph.D. (NIST) and Michael McCarrin (NPS) | |
| Graph-Theoretic Characterization of Cyber-threat Infrastructures | DFRWS USA 2015 | Amine Boukhtouta (Concordia University), Djedjiga Mouheb (Concordia University), Mourad Debbabi (Concordia University), Omar Alfandi (Zayed University), Farkhund Iqbal (Zayed University), and May El Barachi (Zayed University) | |
| E-mail Authorship Attribution Using Customized Associative Classification | DFRWS USA 2015 | Michael Schmid (Concordia Institute for Information Systems Engineering), Farkhund Iqbal (College of Technological Innovation, Zayed University), and Benjamin Fung (School of Information Studies, McGill University) | |
| Detecting Very Large Sets Of Referenced Files At 40:100 Gbe, Especially Mp4 Files | DFRWS USA 2015 | Adrien Larbanet, Jonas Lerebours, and Jean Pierre David | |
| Database Forensic Analysis Through Internal Structure Carving | DFRWS USA 2015 | James Wagner (DePaul University), Alexander Rasin (DePaul University), and Jonathan Grier (Grier Forensics) | |
| BinComp: A Stratified Approach to Compiler Provenance Attribution | DFRWS USA 2015 | Saed Alrabaee (Concordia University), Paria Shirani, Mourad Debbabi (Concordia University), Ashkan Rahimian, and Lingyu Wang (Concordia University) | |
| Automatic Classification of Object Code Using Machine Learning | DFRWS USA 2015 | John Clemens (UMBC and JHU/APL) | |
| Archival Science, Digital Forensics, and New Media Art | DFRWS USA 2015 | Dianne Dietrich (Cornell University) and Frank Adelstein (Cayuga Networks) | |
| Advancing Mac OS X Rootkit Detection | DFRWS USA 2015 | Andrew Case (Volatility Foundation) and Golden Richard III, Ph.D. (UNO) | |
| Video Authentication Using File Structure and Metadata | DFRWS USA 2015 | Jake Hall | |
| The Chain Of Custody: A Big Misconception | DFRWS USA 2015 | Tobias Eggendorfer (Hochschule Ravensburg-Weingarten University of Applied Sciences) | |
| Inferring Past Activity from Partial Digital Artifacts | DFRWS USA 2015 | James Jones (George Mason University), Tahir Khan (GMU), Kathryn Laskey (GMU), Alexander Nelson, Ph.D. (NIST), Mary Laamanen (NIST), Douglas White (NIST) | |
| Finding your naughty BITS | DFRWS USA 2015 | Matthew Geiger (Dell SecureWorks) | |
| Federated Testing: Shared Test Materials from the CFTT Program at NIST | DFRWS USA 2015 | Ben Livelsberger, James Lyle | |
| Robust Bootstrapping Memory Analysis against Anti-forensics | DFRWS USA 2016 | Kyoungho Lee (Chonnam National University), Hyunuk Hwang (The Affiliated Institute of ETRI), Kibom Kim (The Affiliated Institute of ETRI), and Bongnam Noh (Chonnam National University) | |
| Rapid differential forensic imaging of mobile devices | DFRWS USA 2016 | Mark Guido (The MITRE Corporation), Justin Grover (The MITRE Corporation), and Jonathan Buttner (The MITRE Corporation) | |
| PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics | DFRWS USA 2016 | Sebastian Neuner (SBA Research), Martin Schmiedecker (SBA Research), and Edgar Weippl (SBA Research) | |
| Fingerprinting Android Packaging: Generating DNAs for Malware Detection | DFRWS USA 2016 | ElMouatez Billah Karbab (Concordia University), Mourad Debbabi (Concordia University), and Djedjiga Mouheb (University of Sharjah) | |
| Digital Forensics as a Service: an update | DFRWS USA 2016 | Harm van Beek (Netherlands Forensic Institute) | |
| Database Image Content Explorer: Carving Data That Does Not Officially Exist | DFRWS USA 2016 | James Wagner (DePaul University), Alexander Rasin (DePaul University), and Jonathan Grier (Grier Forensics) | |
| BinGold: Towards Robust Binary Analysis by Extracting the Semantics of Binary Code as Semantic Flow Graphs (SFGs) | DFRWS USA 2016 | Saed Alrabaee (Concordia University), Lingyu Wang (Concordia University), and Mourad Debbabi (Concordia University) | |
| Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy | DFRWS USA 2016 | Kevin Conlan (University of New Haven), Ibrahim Baggili (University of New Haven), and Frank Breitinger (University of New Haven) | |
| Time is on my side: Steganography in filesystem metadata | DFRWS USA 2016 | Sebastian Neuner (SBA Research), Artemios Voyiatzis (SBA Research), Martin Schmiedecker (SBA Research), Stefan Brunthaler (SBA Research), Stefan Katzenbeisser (Technische Universitat), Edgar Weippl (SBA Research) | |
| Recovery of Heavily Fragmented JPEG Files | DFRWS USA 2016 | Yanbin Tang (University of Hong Kong), Junbin Fang (Jinan University), K.P. Chow (University of Hong Kong), Siu Ming (University of Hong Kong), Jun Xu (Harbin Institute of Technology), Bo Feng (Stony Brook University), Qiong Li (Harbin Institute of Technology), Qi Han (Harbin Institute of Technology) | |
| Recovery method of deleted records and tables from ESE Database | DFRWS USA 2016 | Kim Jeonghyeon (Korea University), Park Aran (Korea University), Lee Sangjin (Korea University) | |
| Rapid, Agentless, and Scalable Forensics and Incident Response Using WARDEN | DFRWS USA 2016 | Adam Meily (Assured Information Security), Sean LaPlante (Assured Information Security), Richard Gloo (Assured Information Security) | |
| Practical Analyzing the Relation of Wallet Addresses in Bitcoin | DFRWS USA 2016 | Hiroki Kuzuno and Christian Karam | |
| InVEST: Intelligent Visual Email Search and Triage | DFRWS USA 2016 | Jay Koven (NYU Tandon School of Engineering), Enrico Bertini (NYU Tandon School of Engineering), Luke Dubois (NYU Tandon School of Engineering), Nasir Memon (NYU Tandon School of Engineering) | |
| IED Forensics: Hunting the IED Engineer | DFRWS USA 2016 | Larry Leibrock | |
| Forensic investigations in SDN networks | DFRWS USA 2016 | Izzat Alsmadi (University of New Haven), Samer Khamaiseh (Boise State University) | |
| Detecting Objective-C Malware Through Memory Forensics | DFRWS USA 2016 | Andrew Case (Volexity) and Golden Richard III, Ph.D. (Louisiana State University) | |
| Deleting collected digital evidence by exploiting a widely adopted hardware write blocker | DFRWS USA 2016 | Christopher Meffert (University of New Haven), Ibrahim Baggili (University of New Haven), Frank Breitinger (University of New Haven) | |
| dbling: Identifying Extensions Installed on Encrypted Web Thin Clients | DFRWS USA 2016 | Mike Mabey (Arizona State University), Adam Doupe (Arizona State University), Ziming Zhao (Arizona State University), Gail-Joon Ahn (Arizona State University) | |
| Data Sets Available from the National Software Reference Library | DFRWS USA 2016 | Douglas White (NIST) | |
| A practical approach to analyze smartphone backup data as a digital evidence | DFRWS USA 2016 | Jaehyeok Han, Sangjin Lee | |
| Extending The Sleuth Kit and its Underlying Model for Pooled Storage File System Forensic Analysis | DFRWS USA 2017 | Jan-Niclas Hilgert, Martin Lambertz, Daniel Plohmann | |
| Digital Forensic Approaches for Amazon Alexa Ecosystem | DFRWS USA 2017 | Hyunji Chung, Jungheum Park, and Sangjin Lee | |
| Use of Generalized Hough Transform on Interpretation of Memory Dumps | DFRWS USA 2017 | Paulo Roberto Nunes de Souza (University College Dublin), Pavel Gladyshev, Ph.D. (University College Dublin) | |
| Virtualization-Based Security: A Forensics Perspective | DFRWS USA 2017 | Jason Hale | |
| SCARF: A Container-Based Approach to Cloud-Scale Digital Forensic Processing | DFRWS USA 2017 | Christopher Stelly (University of New Orleans), Vassil Roussev, Ph.D. (University of New Orleans) | |
| Time-of-Recording Estimation for Audio Recordings | DFRWS USA 2017 | Lilei Zheng, Ying Zhang, Chien Eao Lee, Vrizlynn Thing | |
| SCADA Network Forensics of the PCCC Protocol | DFRWS USA 2017 | Saranyan Senthivel, Irfan Ahmed (University of New Orleans), Vassil Roussev, Ph.D. (University of New Orleans) | |
| Pull It Together: Enabling Interoperability of Digital Forensic Systems Using a Standard Representation and Supporting API | DFRWS USA 2017 | Sean Barnum, Ryan Griffith (DC3) | |
| Memory Based Dynamic Malware Analysis | DFRWS USA 2017 | Endre Bangerter (Bern University of Applied Sciences), Jonas Wagner | |
| Linux Memory Forensics: Dissecting the User Space Process Heap | DFRWS USA 2017 | Frank Block, Andreas Dewald | |
| Leveraging the SRTP protocol for Over-The-Network Memory Acquisition of a GE Fanuc Series 90-30 | DFRWS USA 2017 | Denton George, Filip Karpisek, Frank Breitinger (University of New Haven), Ibrahim Baggili (University of New Haven) | |
| Insights Gained From Constructing a Large Scale Dynamic Analysis Platform | DFRWS USA 2017 | Cody Miller, Dae Glendowne, Henry Cook, Demarcus Thomas, Patrick Pape, Chris Lanclos | |
| Gaslight: A Comprehensive Fuzzing Architecture for Memory Forensics Frameworks | DFRWS USA 2017 | Andrew Case (Volexity), Arghya Das, Seung-Jong Park, Ram Ramanujam, Golden Richard III, Ph.D. (Louisiana State University) | |
| Finding Digital Evidence in Mobile Devices | DFRWS USA 2017 | Hans Henseler, Ph.D. (University of Applied Sciences Leiden), Vince Noort | |
| DROP (DRone Open source Parser) Your Drone – Forensic Analysis of the DJI Phantom III | DFRWS USA 2017 | Devon Clark, Christopher Meffert (University of New Haven), Ibrahim Baggili (University of New Haven), Frank Breitinger (University of New Haven) |