Please note: All times below are in Eastern Daylight Savings Time. For clarity, the current time in Baltimore, MD is:
Schedule of Events
| TIMES ARE IN EASTERN | ||
|---|---|---|
| Monday, July 11 | ||
| 1100 | Welcome | |
| 1115 | Keynote: Matt Mitchell (Crypto Harlem) | |
| 1215 | Paper Session 1: Memory forensics Session Chair: Erika Noerenberg | |
| Memory Analysis of .NET and .Net Core Applications Awarded Best Paper of DFRWS USA 2022 | Modhuparna Manna (Louisiana State University), Andrew Case (Volatility Foundation), Aisha Ali-Gombe (Towson University) and Golden Richard (Louisiana State University) | |
| Juicing V8: A Primary Account for the Memory Forensics of the V8 JavaScript Engine | Enoch Wang (University of New Haven), Samuel Zurowski (University of New Haven), Orion Duffy (University of New Haven), Tyler Thomas (University of New Haven), and Ibrahim Baggili (University of New Haven) | |
| 1315 | Lunch | |
| 1415 | Paper Session 2: Similarity Hashing Session Chair: Frank Breitinger | |
| FRASHER -- A Framework for Automated Evaluation of Similarity Hashing | Thomas Göbel (Universität der Bundeswehr München), Frieder Uhlig (Technical University Darmstadt), Harald Baier (Universität der Bundeswehr München) and Frank Breitinger (University of Lausanne) | |
| ssdeeper: Evaluating and Improving ssdeep | Carlo Jakobs (Fraunhofer FKIE), Martin Lambertz (Fraunhofer FKIE), and Jan-Niclas Hilgert (Fraunhofer FKIE) | |
| 1515 | Break | |
| 1545 | Presentation Session 1 Session Chair: Madison Brumbelow | |
| Discovery of digital forensic dataset characteristics with CASE-Corpora | Alex Nelson (National Institute of Standards and Technology) | |
| Offline iOS Tracking and Remote Wiping | Mitch Kajzer (St. Joseph County, IN Cyber Crimes Unit) | |
| DFIR Review Showcase: iOS Settings Display Auto-Lock & Require Passcode | Scott Koenig (Nevada State Police) | |
| 1700 | AFTER HOURS EVENT Pub Quiz! hosted in Gather Town | |
| Tuesday, July 12 | ||
| 1100 | Welcome | |
| 1115 | Keynote: Samuel Cava (Multimedia Exploitation Unit, FBI) | |
| 1215 | Paper Session 3: Application Forensics Session Chair: Wietse Venema | |
| Alt-Tech Social Forensics: Forensic Analysis of Alternative Social Networking Applications | Hailey Johnson (University of New Haven), Karl Volk (University of New Haven), Robert Serafin (University of New Haven), Cinthya Grajeda-Mendez and Ibrahim Baggili (University of New Haven) | |
| Forensic Investigation of Instant Messaging Services on Linux OS: Discord and Slack as Case Studies | Megan Davis (Virginia Commonwealth University), Bridget McInnes (Virginia Commonwealth University), and Irfan Ahmed (Virginia Commonwealth University) | |
| 1315 | Lunch | |
| 1415 | Paper Session 4: Live and Static System Analysis Session Chair: Xiaodong Lin | |
| Live System Call Trace Reconstruction on Linux | Thanh Nguyen (Nvidia), Meni Orenbach (Nvidia), and Ahmad Atamli (Nvidia) | |
| KVMIveggur: Flexible, secure, and efficient support for self-service virtual machine introspection | Stewart Sentanoe (University of Passau), Thomas Dangl (University of Passau), and Hans P. Reiser (University of Passau) | |
| LibDroid: Summarizing information flow of Android Native Libraries via Static Analysis | Chen Shi (Iowa State University), Chris Chao-Chun Cheng (Iowa State University), and Yong Guan (Iowa State University) | |
| 1545 | Break | |
| 1600 | Presentation Session 2 Session Chair: Jessica Hyde | |
| A Distributed Digital Body Farm for Collecting Deleted File Decay Data | Omoche Cheche Agada (George Mason University) | |
| Building and decaying a file corpus for sub-sector analysis | Dominique Calder (George Mason University) | |
| DFIR Review Showcase: Peeking at User Notification Events in iOS 15 | Geraldine Blay (Seminole County Sheriff's Office / Operation Underground Railroad) and SA Alexis Brignoni (FBI) | |
| 1700 | AFTER HOURS EVENT Birds of a Feather sessions | Topics Include: 1) DFIR 4 Good: What Can We Do? 2) What’s next? Advances & Challenges in Digital Forensics 3) Taking Care of Yourself: Wellness in Digital Forensics |
| Wednesday, July 13 | ||
| 1000 | Workshop: Leveling Up with YARA! by Tom Lancaster (3 hours) | |
| 1030 | Workshop: CASEWorks! by Eoghan Casey and Alex Nelson (2 hours) | |
| 1300 | Lunch | |
| 1400 | Paper Session 5: Miscellaneous Session Chair: Michele Gilles | |
| Explainable Digital Forensics AI: Towards Mitigating Distrust in AI-Based Digital Forensics Analysis with Interpretable Models | Abiodun Abdullahi Solanke (University of Bologna) | |
| Ambiguous File System Partitions | Janine Schneider (Friedrich-Alexander-Universität Erlangen-Nürnberg), Maximilian Eichhorn (Friedrich-Alexander-Universität Erlangen-Nürnberg), and Felix Freiling (Friedrich-Alexander-Universität Erlangen-Nürnberg) | |
| 1500 | BREAK | |
| 1530 | Paper Session 6: Multimedia Forensics Session Chair: Kevin Fairbanks | |
| Deepfake Noise Investigation and Detection | Tianyi Wang (University of Hong Kong), Ming Liu (Qilu University of Technology), Wei Cao (Qilu University of Technology), and Kam Pui Chow (University of Hong Kong) | |
| BlackFeather: A framework for Background Noise Forensics | Qi Li (University of Guelph), Giuliano Sovernigo (University of Guelph), and Xiaodong Lin (University of Guelph) | |
| 1630 | Best paper announcement / closing remarks | |
| 1645 | Break | |
| 1800 | AFTER HOURS EVENT DFRWS Forensics Rodeo | |
| Thursday, July 14 | ||
| 1100 | Workshop: Performing Linux Forensic Analysis and Why You Should Care by Ali Hadi, Mariam Khader (4 hours) | Workshop: Velociraptor - Digging deeper by Michael Cohen (4 hours) |
| 1600 | DFRWS 2023 Open Planning Meeting | |