Please note: All times below are in Eastern Daylight Time. Current EDT Time:
Register now!
| Monday, July 12, 2021 | |
|---|---|
| 1100 | Welcome |
| 1115 | Keynote: "Contemplating the Curious Contradictions of Digital Forensics & 0-days" by Maddie Stone, Security Researcher at Google's Project Zero |
| 1215 | Paper Session 1: Malware Session Chair: Tim Vidas |
| Robust Malware Detection Models: Learning from Adversarial Attacks and Defenses by Hemant Rathore (BITS Pilani), Adithya Samavedhi (BITS Pilani), Sanjay K. Sahay (BITS Pilani), and Mohit Sewak (Microsoft) | |
| Malware Family Classification via Efficient Huffman Features by Stephen O Shaughnessy (Technological University Dublin) and Frank Breitinger (University of Lausanne) | |
| 1315 | Lunch |
| 1415 | Paper Session 2: Memory Forensics Session Chair: Frank Adelstein |
| Duck Hunt: Memory Forensics of USB Attack Platforms by Tyler Thomas (University of New Haven), Mathew Piscitelli (University of New Haven), Bhavik Nahar (University of New Haven), and Ibrahim Baggili (University of New Haven) | |
| Seance: Divination of Tool-Breaking Changes in Forensically Important Binaries by Ryan Maggio (Louisiana State University), Andrew Case (Volatility Foundation), Aisha Ali-Gombe (Towson University), and Golden G. Richard III (Louisiana State University) | |
| Leveraging Intel DCI for Memory Forensics by Tobias Latzo (Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU)), Matti Schulze (FAU), and Felix Freiling (FAU) | |
| 1545 | Break |
| 1600 | Presentation Session # 1: Mobile Forensics Session Chair: Jessica Hyde |
| Time Well Spent: Precision Timing, Monotonic Clocks and the iOS PowerLog database by Mike Williamson (Magnet Forensics) and Sab Strong | |
| Forensic Analysis of Xiaomi IoT Ecosystem by Evangelos Dragonas | |
| Accuracy of Geolocation Metadata on Pictures Taken Using a Mobile Phone by Elénore Ryser and David-Olivier Jaquet-Chiffelle | |
| 1700 | AFTER HOURS EVENT - Pub Quiz |
| Tuesday, July 13 | |
|---|---|
| 1100 | Welcome |
| 1115 | Keynote: "The Wonderful, Quirky, and Woefully Misunderstood World of Industrial DFIR" by Lesley Carhart, Principle Incident Responder, Dragos, Inc. |
| 1215 | Paper Session 3: ICS / Hardware Forensics Session Chair: Wietse Venema |
| How Viable is Password Cracking in Digital Forensic Investigation? Analyzing the Guessability of Over 3.9 Billion Real-World Accounts by Aikaterini Kanta (University College Dublin and European Commission, Joint Research Centre, Sein Coray (University of Basel), Iwen Coisel (European Commission, Joint Research Centre), and Mark Scanlon (University College Dublin) | |
| A Behavioral-based Forensic Investigation Approach for Analyzing Attacks on Water Plants Using GANs by Nataliia Neshenko (Florida Atlantic University), Elias Bou-Harb (University of Texas at San Antonio), and Borko Furht (University of Texas at San Antonio) | |
| 1315 | Lunch |
| 1415 | Paper Session 4: Data Modeling and Analysis Session Chair: Alex Nelson |
| LogExtractor: Extracting Digital Evidence from Android Log Messages via String and Taint Analysis by Chris Chao-Chun Cheng (Iowa State University), Chen Shi (Iowa State University), Neil Zhenqiang Gong (Duke University), and Yong Guan (Iowa State University) | |
| ChunkedHCs Algorithm for Authorship Verification Problems: Reddit Case Study by Anh Duc Le (Munster Technological University and Rigr AI), Justin McGuinness (Munster Technological University), and Edward Dixon (Rigr AI) | |
| Using Micro-Services and Artificial Intelligence to Analyze Criminal Evidence by Iaslan Silva (Federal University of Rio Grande do Norte), João Marcos Valle (Federal University of Rio Grande do Norte), Gabriel Souza (Federal University of Rio Grande do Norte), Jaine Budke (Federal University of Rio Grande do Norte), Daniel Araújo (Federal University of Rio Grande do Norte), Bruno Carvalho (Federal University of Rio Grande do Norte), Nélio Cacho (Federal University of Rio Grande do Norte), Henrique Sales (Federal University of Rio Grande do Norte), Frederico Lopes (Federal University of Rio Grande do Norte), and Rivaldo Silva Júnior (Ministerio Publico do Rio Grande do Norte) | |
| 1545 | Break |
| 1600 | Presentation Session 2: Artifacts and Analysis |
| Computer Forensic Reference Data Sets (CFReDS v2.0) for Digital Evidence by Rick Ayers, Mehdi Shahid, and Barbara Guttman (NIST) | |
| Topological Data Analysis for Ransomware Detection on the Bitcoin Blockchain by Cuneyt Akcora (University of Manitoba) | |
| CANCELLED by Shanon Burgess (Crash Analysis, LLC) | |
| 1700 | AFTER HOURS EVENT - Birds of a Feather session #1 |
| Wednesday, July 14 | ||
|---|---|---|
| 1000 | Workshop #1: Practical Chromebook Forensics (Jessica Hyde, 2 hours) | Workshop #2: The Next Ten Years of Challenges for Digital Forensics (Graeme Horsman and Virginia Franqueira, 2 hours) |
| 1300 | Lunch | |
| 1400 | Paper Session 5: IoT / Mobile Session Chair: Matthew Geiger | |
| Coffee Forensics — Reconstructing Data in IoT Devices Running Contiki OS by Jens-Petter Sandvik (National Criminal Investigation Service (Kripos) and NTNU), Katrin Franke (Norwegian University of Science and Technology (NTNU), Habtamu Abie (Norwegian Computing Centre), and Andre Årnes (NTNU and Telenor Group) | ||
| Machine Learning Based Approach to Analyze File Meta Data for Smart Phone File Triage by Cezar Serhal (University College Dublin) and Nhien-An Le-Khac (University College Dublin) | ||
| Chip Chop - Smashing the Mobile Phone Secure Chip for Fun and Digital Forensics by Gunnar Alendal (Norwegian University of Science and Technology (NTNU), Geir Olav Dyrkolbotn (NTNU), and Stefan Axelsson (NTNU) | ||
| 1530 | BREAK | |
| 1545 | Paper Session 6: Digital Forensics Skills Session Chair: Erika Noerenberg | |
| Another Brick in the Wall: An Exploratory Analysis of Digital Forensics Programs in the United States by Syria McCullough (University of New Haven), Stella Abudu (University of New Haven), Ebere Onwubuariri (University of New Haven), and Ibrahim Baggili (University of New Haven) | ||
| What Do Incident Response Practitioners Need to Know? A Skillmap for the Years Ahead by Radek Hranicky (Brno University of Technology), Frank Breitinger (University of Liechtenstein), Ondrej Rysavy (Brno University of Technology), John Sheppard (Waterford Institute of Technology), Florin Schaedler (University of Liechtenstein), Holger Morgenstern (Albstadt-Sigmaringen University) and Simon Malik (Albstadt-Sigmaringen University) | ||
| JTAG-based PLC Memory Acquisition Framework for Industrial Control Systems by Muhammad Haris Rais (Virginia Commonwealth University), Rima Asmar Awad (Oak Ridge National Laboratory), Juan Lopez Jr (Oak Ridge National Laboratory), and Irfan Ahmed (Virginia Commonwealth University) | ||
| 1715 | Best paper announcement / closing remarks | |
| 1730 | Break | |
| 1800 | AFTER HOURS EVENT - Forensics Rodeo | |
| Thursday, July 15 | ||
|---|---|---|
| 1000 | Workshop #1: Velociraptor Deep Dive (Michael Cohen, 4 hours) | Workshop #2: Advancing Forensics Analysis with CASE (Eoghan Casey, 4 hours) |
| 1400 | Birds of a Feather session #2 | |
| 1530 | DFRWS 2022 Open Planning Meeting | |