Please note: All times below are in Central Daylight Time.

For clarity, the current time in Baton Rouge, LA is:

Return to the USA 2024 Conference Page

Please find our tentative program items below the table. Schedules are still work in progress.

Schedule of Events

Times are in Central Daylight Time (CDT)
Monday, July 8Day 1
Women in Forensic Computing Workshop: LSU Center for Computation and Technology (CCT)

LSU Digital Media Center 888 S. Stadium Drive Baton Rouge LA 70808
A workshop for women starting their careers in forensic computing. There will be talks, a training, a panel, all from DFIR experts, and plenty of opportunity to meet and network with your peers. Spots are limited, and the schedule and event information will be emailed to participants the week prior. To register, please fill out this form: For any questions, please contact
Tuesday, July 9Day 2
Patrick F. Taylor Hall - LSU College of Engineering 3304 S. Quad Drive, Baton Rouge, LA and 70803
08:00Registration opens
Parallel session
08:30WORKSHOP 1: Third-Party App Analysis Methodologies in Mobile Forensics
by Jessica Hyde

PFT Room 1256
WORKSHOP 2: Modern Memory Forensics with Volatility 3
by Andrew Case, Christopher Bowen and Lauren Pace

PFT Room 1245
WORKSHOP 3: Threat Simulations - a Hands-on Investigation
by Ali Hadi and Mariam Khader

PFT Room 1259
12:30Lunch (1 hour)

Capstone Gallery, Patrick F. Taylor Building, Louisiana State University, Campus, Baton Rouge, LA 70803
13:30WORKSHOP 4: Footsteps in the dark: Feeling our way to IoT device takeover via NVRAM forensics
by Anthony Andreoli, Anis Lounis, Mourad Debbabi and Aiman Hanna

PFT Room 1245
WORKSHOP 5: Internal Investigation
by Ali Hadi and Mariam Khader

PFT Room 1259
17:30End of Day
18:00LSU Stadium Tour

LSU Tiger Stadium, Nicholson Drive, LSU Campus Baton Rouge, LA 70803
Meeting point and Trolley Transportation - RM 1202, Patrick F. Taylor Building, Louisiana State University, Campus, Baton Rouge, LA 70803
19:00Welcome Reception in the Barnes Ogden Art & Design Complex, Louisiana State University, Campus, Baton Rouge, LA 70803
Wednesday, July 10Day 3
RM 1202, Patrick F. Taylor (PFT) Building, Louisiana State University, Campus, Baton Rouge, LA 70803
08:30Registration opens
09:00Welcome remarks
09:15Session Chair: Aisha Ali-Gombe, Louisiana State University

Keynote: Digital Forensics and Incident Response for Critical Infrastructure
by Chris Sistrunk, Technical Leader, ICS/OT, Mandiant
10:30Break (30 minutes)
11:00Paper Session: IoT Forensics (30 minutes per slot)
Session Chair: Heng Yin, University of California, Riverside
Enhancing Speaker Identification in Criminal Investigations through Clusterization and Rank-based Scoring
by Antonio Artur Moura, Napoleão Nepomuceno and Vasco Furtado
MARS: The First Line of Defense for IoT Incident Response
by Karley Waguespack, Kaitlyn Smith, Olame Muliri, Ramyapandian Vijayakanthan and Aisha Ali-Gombe
Started Off Local, Now We’re in the Cloud: Forensic Examination of the Amazon Echo Show 15 Smart Display
by Jona Crasselt and Gaston Pugliese
12:30Lunch (1 hour and 30 minutes)

Capstone Gallery, Patrick F. Taylor Building, Louisiana State University, Campus, Baton Rouge, LA 70803
14:00Paper Session: Data Provenance (30 minutes per slot)
Session Chair: Wietse Venema
Compiler-provenance identification in obfuscated binaries using vision transformers
by Wasif Khan, Saed Alrabaee, Jie Tang and Kim-Kwang Raymond Choo
Applying Digital Stratigraphy to the Problem of Recycled Storage Media
by Janine Schneider, Maximilian Eichhorn, Lisa Marie Dreier and Christopher Hargreaves
15:00Break (30 minutes)
15:30Presentation Session (20 minutes per slot)
Session Chair: Frank Adelstein, Hexordia
Mission Impossible: International Waters
by Joseph Jaubert
Digital Forensics Framework for Resolving Multi-Tenancy in Cloud Computing
by Deepti Gupta and Yansi Keim
Enhancing Ransomware Detection with ETW and Machine Learning
by Omar Awajan and Ali Hadi
16:30Panel Chair: Ibrahim Baggili

Panel - Digital Evidence Management by Louisiana Police

Technical Support Officer Rand y Hidalgo - LA Police
Technical Support Officer Malcolm Brown - LA Police
Lt. William Moragne - LA Police
Stephen Villere - Cellebrite
Cory Hall - Project Vic
17:30Forensic Rodeo Prep Session
18:45Poster / Networking - Cambre Atrium - Patrick F. Taylor Hall
Thursday, July 11Day 4
RM 1202, Patrick F. Taylor (PFT) Building, Louisiana State University, Campus, Baton Rouge, LA 70803
09:00Administrative remarks
09:15Session Chair: Irfan Ahmed, Virginia Commonwealth University

Keynote: The View from the Edge: Detecting and Responding to Cyber Attacks Against Controllers in Critical Infrastructure
by Dr. Tommy Morris,
Director, Center for Cybersecurity Research and Education, Eminent Scholar and Professor, Electrical and Computer Engineering, The University of Alabama in Huntsville
10:30Break (30 minutes)
11:00Paper Session: Memory Forensics 1 (30 minutes per slot)
Session Chair: Taesic Kim, Texas A&M University-Kingsville
On Enhancing Memory Forensics with FAME: Framework for Advanced Monitoring and Execution by Taha Gharaibeh, Ibrahim Baggili and Anas Mahmoud
A Step in a New Direction: NVIDIA GPU Kernel Driver Memory Forensics
by Christopher Bowen, Andrew Case, Golden Richard III and Ibrahim Baggili
volGPT: Evaluation on triaging ransomware process in memory forensics with Large Language Model
by Dong Bin Oh, Donghyun Kim, Donghyun Kim and Huy Kang Kim
12:30Lunch + Birds of a Feather (1 hour and 30 minutes)
14:00Paper Session: Event Reconstruction (30 minutes per slot)
Session Chair: Sankardas Roy, Bowling Green State University
Beyond Timestamps: Integrating Implicit Timing Information into Digital Forensic Timelines
by Lisa Marie Dreier, Céline Vanini, Frank Breitinger, Christopher Hargreaves and Felix Freiling
Time anchors: A formalization of concepts for establishing clock accuracy during event reconstruction
by Céline Vanini, Chris Hargreaves, Harm van Beek and Frank Breitinger
Hit and Run: Forensic Vehicle Event Reconstruction Through Driver-Based Cloud Data From Progressive’s Snapshot Application
by Abdur Rahman Onik, Abdulla Asad, Trevor T Spinosa and Ibrahim Baggili
15:30Break (30 minutes)
16:00Panel Chair: Pavel Gladyshev, University College Dublin

Panel - Formal Methods in Digital Forensics
Panel Members

1. Dr. Alexander Nelson, National Institute of Standards and Technology, U.S.A.

Dr. Alex Nelson is a Computer Scientist at NIST. Dr. Nelson has a dual B.A./B.S. in Mathematics and Computer Science from The Evergreen State College, and a M.S. and Ph.D. in Computer Science from the University of California, Santa Cruz. Dr. Nelson's research emphasizes foundational measurability of digital forensic processes. Since 2017, Dr. Nelson served as the inaugural CASE Ontology Committee Chair, currently serves as the UCO Ontology Committee Chair, and has had substantial input and experience in the CDO Adoption Committee. Dr. Nelson is a coauthor on multiple CASE publications, and has established many policies to enable the CDO ontologies' release processes and resource development.

2. Dr. Harm van Beek, Netherlands Forensic Institute, The Netherlands

Harm van Beek is an experienced Senior Digital-Forensic Scientist at the Netherlands Forensic Institute (NFI). His work consists of performing examinations in criminal cases and conducting scientific research in the digital forensic field. Harm is cofounder of the forensic investigation, innovation and knowledge sharing platform Hansken. He was technical director of CASE, an international standard for sharing cyber-investigation traces (2019-2020). Harm obtained his PhD in formal methods (computer science, 2005) at the Eindhoven University of Technology. Before joining the NFI, he was cofounder and CTO of ISAAC, a company dedicated to developing middleware and software for the Internet.

3. Dr. Jan Gruber, Friedrich-Alexander University Erlangen-Nürnberg,

Jan Gruber is a postdoctoral researcher in the "forensic computing group" at the IT security infrastructures lab of FAU Erlangen-Nürnberg, Germany. His research and teaching focus on digital forensics and cybercriminalistics---fields in which he gathered practical experience before joining academia. His primary interest currently revolves around the foundational qualities of digital traces and their effective use in digital investigations. He obtained his doctorate in spring 2024 and holds an M.Sc. in the subject of "Digital Forensics" (2021) as well as another one in the subject of "Computer Science & Media" (2016).

4. Dr. Pavel Gladyshev, University College Dublin, Ireland

Dr. Pavel Gladyshev is an Associate Professor at the School of Computer Science of University College Dublin (Ireland), where he started cybercrime investigation training courses for law enforcement in 1998. Later, he established the MSc program in Forensic Computing and Cybercrime Investigation in 2007. More recently, in 2021/2022, he led the development of the INTERPOL online Digital Forensics training Programme. Dr Gladyshev has worked as a digital forensic consultant, carrying out work for the Irish private sector and the police since 2005. As a researcher, Dr Gladyshev pioneered formal methods in digital forensics by proposing the first formalisation of event reconstruction problems in the early 2000s. Dr Gladyshev is a vice-chair of the board of directors of
17:15Board of Directors update
17:30Lighting Talks
18:30The Gala Dinner - Awards Banquet and Forensics Rodeo - Huey P Long Fieldhouse - LSU Campus - 50 Fieldhouse Drive

Meeting point and Trolley Transportation - RM 1202, Patrick F. Taylor Building, Louisiana State University, Campus, Baton Rouge, LA 70803
Friday, July 12Day 5
RM 1202, Patrick F. Taylor (PFT) Building, Louisiana State University, Campus, Baton Rouge, LA 70803
09:00Paper Session: Memory Forensics 2 (30 minutes per slot)
Session Chair: Andrew Case, Volexity
In the Time Loop: Data Remanence in Main Memory of Virtual Machines
by Ella Savchenko, Jenny Ottmann and Felix Freiling
TLS Key Material Identification and Extraction in Memory: Current State and Future Challenges
by Daniel Baier, Alexander Basse, Jan-Niclas Hilgert and Martin Lambertz
Decrypting IndexedDB in Private Mode of Gecko-based Browsers
by Dohun Kim, Jungheum Park and Sangjin Lee
10:30Break (30 minutes)
11:00Presentation Session (20 minutes per slot)
Session Chair: Andrew Webb, Louisiana State University
A 20-year retrospective review of baccalaureate programs in Computer Forensics in the U.S.
by Jigang Liu
Crime-Intent Sentiment Detection on Twitter Data Using Machine Learning
by Biodoumoye Bokolo
11:40Closing remarks
11:45Board Bus for Expedition and Planning Lunch at Middendorfs (
13:00 - 14:30The Planning Lunch is open to anyone who wants to actively participate in DFRWS. We will discuss strategies for continuously improving DFRWS and plan for the USA 2025 event (25th Anniversary) and beyond. (Pay On your Own)
14:45Board Boat - Cajun Pride Swamp Tour (
16:25Board Bus for direct return to Baton Rouge or drop off to (New Orleans / MSY airport)
16:451st DFRWS Expedition Bus Stops at New Orleans Airport (MSY) before returning to LSU
17:25 - 17:55Buses return to Baton Rouge
18:00DFRWS Expedition ends
19:00Unofficial GetTogether
(on your own)