发新话题
打印

[转载]Digital Forensic Research Workshop 2006

[转载]Digital Forensic Research Workshop 2006

原始链接:http://www.dfrws.org/2006/program.html

Sunday, August 13, 2006
5:00 pm – 7:00Registration and Welcome Reception (sponsored by Stroz Friedberg, LLC)
Monday, August 14, 2006
8:00 – 9:00Registration
9:00 – 9:10Opening Remarks
9:10 – 10:00Keynote Address
Challenges in Digital Forensics (slides)
Ted Lindsey (FBI)
Current Cyber Investigation Challenges (abstract)
10:00 – 10:15Break
10:15 – 11:45 SESSION 1: Physical Devices (Chair: Frank Adelstein)
A Strategy for Testing Hardware Write Block Devices (slides)
James Lyle (NIST, USA)

Searching for Processes and Threads in Microsoft Windows Memory Dumps (slides)
Andreas Schuster (Deutsche Telekom AG, Germany)
Best Paper Award

A Survey of Forensic Characterization Methods for Physical Devices (slides)
Nitin Khanna, Aravind Mikkilineni, Anthony Martone, Gazi Ali, George Chiu, Jan Allebach, Ed Delp (Purdue University, USA)
11:45 – 1:15 Lunch and Breakout Discussions
1:15 – 2:15

SESSION 2 (PANEL): Working Between Disciplines – Issues in Building the Digital Forensics Bridge From Computer Science to Judicial Science (slides)

Michael Losavio, Deborah Wilson, Adel Elmaghraby, James Graham, S. Srinivasan, David Elder, Marcus Rogers

2:15 – 2:30Break
2:30 – 4:00SESSION 3: Frameworks (Chair: David Baker)
FORZA – Digital Forensics Investigation Framework That Incorporate Legal Issues (slides)
Ricci Sze-Chung Ieong (eWalker Consulting Ltd., Hong Kong)
A Cyber Forensics Ontology: Creating a New Approach to Studying Cyber Forensics (slides)
Ashley N. Brinson, Abigail Robinson (Purdue University, USA)
Arriving at an Anti-forensics Consensus: Examining How to Define and Control the Anti-forensics Problem (slides)
Ryan Harris (Purdue University, USA)
4:00 - 4:15 Break
4:15 - 5:30Tool Demo / Poster Session (Chair: Todd Shipley)
Tuesday, August 15, 2006
9:00 - 9:15Administrative Remarks
9:15 – 10:45SESSION 4: Evidence Management (Chair: Brian Carrier)
XIRAF - Ultimate Forensic Querying (slides)
Wouter Alink, Raoul Bhoedjang (Netherlands Forensic Institute, Netherlands), Peter Boncz, Arjen de Vries (Centrum voor Wiskunde en Informatica, Netherlands)
Selective and Intelligent Imaging using Digital Evidence Bags (slides)
Philip Turner (QinetiQ, UK)
Detecting False Captioning Using Common Sense Reasoning (slides)
Sangwon Lee, David Ayman, Bruce Gooch (Northwestern University, USA)
10:45 - 11:00Break
11:00 - 11:45 SESSION 5: Summary Reports (Chair: Vassil Roussev)
DFRWS Common Digital Evidence Storage Format (CDESF) Working Group
Knowledge Exploration, Analysis, and Discovery (KNEAD) Workshop (slides)
Mark Maybury and Penny Chase (The MITRE Corporation, USA)
11:45 – 1:15Lunch and Breakout Discussions
1:15 – 2:15SESSION 6: Evidence Correlation 1 (Chair: Wietse Venema)
Cross-Drive Analysis (slides)
Simson L. Garfinkel (Harvard, USA)
md5bloom: Forensic Filesystem Hashing Revisited (slides)
Vassil Roussev, Timothy Bourg, Yixin Chen, Golden G Richard (University of New Orleans, USA)
2:15 – 2:30 Break
2:30 – 3:30 SESSION 7: Evidence Correlation 2 (Chair: Marcus Rogers)
Identifying Almost Identical Files Using Context Triggered Piecewise Hashing (slides)
Jesse Kornblum (ManTech, USA)
A Correlation Method for Establishing Provenance of Timestamps in Digital Evidence (slides)
Bradley Schatz, George Mohay, Andrew Clark (Queensland University of Technology, Australia)
3:30 - 3:45Break
3:45 - 4:30 Presentations of Breakout Session Results (Panel Lead: Frank Adelstein)
4:30 – 5:15Presentations of File Carving Challenge Submissions (Lead: Brian Carrier)
5:30 – 7:00Banquet, File Carving Challenge Winner, Best Paper Award (Sponsored by WetStone Technologies)
Prizes include copies of Gargoyle Enterprise from WetStone, copies of recent digital forensic books, and more.
7:00 - ... Forensic Rodeo (Wrangler: Chet Hosmer)
Wednesday, August 16, 2006
9:00 – 10:30SESSION 8: Clever Analysis (Chair: David Baker)
An Empirical Study of Automatic Event Reconstruction Systems (slides)
Sundararaman Jeyaraman (Purdue University, USA)

Self-reported Computer Criminal Behavior: A Psychological Analysis (slides)
Marcus Rogers (Purdue University, USA), Kathryn Seigfried (John Jay University, USA), Kirti Tidke (Purdue University, USA)

Categories of Digital Investigation Analysis Techniques Based On The Computer History Model (slides)
Brian D Carrier, Eugene Spafford (Purdue University, USA)
10:30 – 10:45 Break
10:45 – 11:30Short Presentations / Works in Progress (Chair: Wietse Venema)
(5 mins each)
11:30 - 11:45 Closing Comments
11:45 – 1:00Lunch / DFRWS 2007 Planning Session

DFRWS Forensic Rodeo

The Forensic Rodeo has been a tradition at DFRWS for many years. After the banquet, attendees break into teams to tackle a digital forensic challenge. The first team to answer the questions wins. Historically, the challenges have been based on analyzing and recovering evidence from disk images. This year, the topic will be live analysis and the collection of evidence from a running system. At this point, that is all that we are saying. You are free to bring what ever tools you want...

Short Presentations / Works in Progress

The Short Presentations / Works in Progress session is a forum open to anyone interested in presenting topics that would not merit a full time slot, perhaps because it is on-going work or it is at an early idea stage. The only limitations are on the time and number of slides, specifically 5 minutes and 2 slides (more time may be allotted depending on how many people sign up). Participants can use this time as a sounding board to judge the interest of other researchers or practitioners. Presentation slots will be allocated on a strictly first come, first serve basis. Talk to Daryl Pfeif anytime during the workshop to sign up for a slot; she will be managing the schedule.

曾几何时,有人对我说:装B遭雷劈。我说:去你妈的。于是,这个人又对我说:如果再说脏话,上帝会惩罚你的。我说:我操上帝。结论:彪悍的人生不需要上帝。

TOP

发新话题