Sunday, July 15, 2018 | ||
---|---|---|
Grand Ballroom B | Grand Ballroom C | |
13:00 to 15:00 | Getting Saucy with APFS! - The State of Apple’s New File System Sarah Edwards (SANS Institute) | Linux Memory Forensics Hal Pomeranz (Deer Run Associates) |
15:00 to 17:00 | Examining Recent Advances in Chip-Off for Mobile Device Forensics Steve Watson (VTO Labs) | |
Monday, July 16, 2018 | ||
Grand Ballroom (B&C) | ||
9:00 | Opening Remarks | |
9:15 | Keynote Address Prof. Eugene Spafford Purdue University | |
10:15 | Break | |
10:30 | Session 1 - Analysis Chair: Golden Richard III, Ph.D. (Louisiana State University) | |
Memory Forensics and the Windows Subsystem for Linux Nathan Lewis, Andrew Case (Volexity), Aisha Ali-Gombe, and Golden Richard III, Ph.D. (Louisiana State University) Best Student Paper Award USA 2018 | ||
Leveraging Relocations in Kernel ELF-binaries for Linux Kernel Version Identification Manish Bhatt (University of New Orleans) and Irfan Ahmed (University of New Orleans) | ||
Forensic Analysis of Multiple Device BTRFS Configurations Using The Sleuth Kit Jan-Niclas Hilgert, Martin Lambertz, and Shujian Yang Best Paper Award at USA 2018 | ||
12:00 | Lunch On Your Own | |
14:00 | Session 2 - Artifacts Chair: Wietse Venema, Ph.D. (Google) | |
Reconstructing Streamed Video Content: A Case Study on YouTube and Facebook Live Stream Content in the Chrome Web Browser Cache Graeme Horsman | ||
Welcome pwn: Almond Smart Home Hub Forensics Akshay Awasthi, Huw Read, Iain Sutherland, and Konstantinos Xynos | ||
Experience Constructing the Artifact Genome Project (AGP): Managing the Domain's Knowledge One Artifact at a Time Cinthya Grajeda Mendez, Laura Sanchez, Ibrahim Baggili (University of New Haven), Devon Clark, and Frank Breitinger (University of Liechtenstein) | ||
15:30 | Break | |
16:00 | Presentations 1 Chair: Frank Adelstein, Ph.D. (NFA Digital) | |
IoT 4n6: The Growing Impact of IoT on Digital Forensics Jessica Hyde (George Mason University / Magnet Forensics ) | ||
Was the 2016 Election Hacked? Your Forensic Expertise is Needed! Suzanne Mello-Stark | ||
16:30 to 16:45 | One Minute Teasers for Poster Sessions / Tool Demos (sign-up on-site) | |
18:00 | Welcome Reception & Poster / Demos Held offsite at Skyline at Waterplace | |
Tuesday, July 17, 2018 | ||
Grand Ballroom (B&C) | ||
9:00 | Administrative Remarks | |
9:05 | Keynote Address Captain John C Alfred Rhode Island State Police | |
9:55 | Best Awards | |
10:00 | Break | |
10:15 | Session 3 – Mobile Chair: Alex Nelson, Ph.D. (NIST) | |
Automated Forensic Analysis of Mobile Applications on Android Devices Xiaodong Lin, Ph.D. (Wilfrid Laurier University), Ting Chen, Tong Zhu, Kun Yang, and Fengguo Wei | ||
DroidKex: Fast Extraction of Ephemeral TLS Keys from the Memory of Android Apps Benjamin Taubmann, Omar Al Abduljaleel, and Hans Reiser | ||
Digital Forensic Investigation of Two-Way Radio Communication Equipment and Services Arie Kouwen, Mark Scanlon, Ph.D. (University College Dublin), Kim-Kwang Raymond Choo, and Nhien An Le Khac (University College Dublin) | ||
12:00 | Lunch On Your Own | |
14:00 | Session 4 – Techniques Chair: Vassil Roussev, Ph.D. (University of New Orleans) | |
Analyzing the DarkNetMarkets Subreddit for Evolutions of Tools and Trends Using LDA Topic Modeling Kyle Porter | ||
Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests Tomasz Tuzel, Mark Bridgman, and Joshua Zepf | ||
15:00 | Break | |
15:30 | Presentations 2 Chair: Elizabeth Schweinsberg (Facebook) | |
Turbinia: Automation of Forensic Processing in the Cloud Thomas Chopiteaand Aaron Peterson | ||
Drone Forensics Program Steve Watson (VTO Labs) | ||
16:30 to 17:00 | Forensic Challenge and Prizes | |
18:00 | Banquet | |
19:30 | Forensic Rodeo | |
Wednesday, July 18, 2018 | ||
Grand Ballroom C | Grand Ballroom B | |
9:00 | Session 5 – Malware Chair: Joe Sylve, Ph.D. (BlackBag Technologies) | |
Multinomial Malware Classification Via Low-level Features Sergii Banin and Geir Olav Dyrkolbotn (NTNU) | ||
Deep Learning at the Shallow End: Malware Classification for Non-Domain Experts Quan Le, Oisin Boydell, and Mark Scanlon, Ph.D. (University College Dublin) | ||
CGC Monitor: A Vetting System for the DARPA Cyber Grand Challenge Michael Thompson and Timothy Vidas | ||
10:30 | Break | |
10:45 | Presentations 3 Chair: Bradley Schatz, Ph.D. (Schatz Forensic) | |
Using Santa to Augment Forensic Investigations James Nettesheim and Gary Brown | ||
Damaged Device Forensics Steve Watson (VTO Labs) | ||
Adding APFS Support to The Sleuthkit Framework Joe Sylve, Ph.D. (BlackBag Technologies) | ||
11:45 | Works in Progress (sign-up on-site) Chair: Daryl Pfeif (Digital Forensics Solutions and DFRWS) | |
12:00 | Closing Comments | |
12:20 | Lunch On Your Own | |
13:30 to 17:30 | Plaso: The Missing Manual Mark Hallman (SANS Institute) | Android Forensics and Reverse Engineering Trevor Haigh (University of New Haven)Frank Breitinger (University of Liechtenstein) |
18:00 | DFRWS 2019 Planning Session |