DFRWSUSA 2019 July 14, 2019 to July 17, 2019, Portland, USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Keynote Address Sarah Edwards , Jonathan Levin N/A
Windows Memory Forensics: Detecting (un)intentionally hidden injected Code by examining Page Table Entries Paper Frank Dewald Malware utilizes code injection techniques to either manipulate other processes (e.g. done by banking trojans) ...
Inception: Virtual Space in Memory Space in Real Space -- Memory Forensics of Immersive Virtual Reality with the HTC Vive Frank Breitinger , Ibrahim Baggili , Peter Casey , Rebecca Lindsay-decusati Virtual Reality (VR) has become a reality. With the technology's increased use cases, comes its ...
Syntactical File Carving and Automated Generation of Reproducible Datasets Jan-niclas Hilgert , Martin Lambertz , Mariia Rybalka , Roman Schell File carving is a technique to recover files from a storage medium without relying on ...
bring2lite: a structural Concept and Tool for Forensic Data Analysis and Recovery of Deleted SQLite Records Christian Baier As of today mobile applications such as WhatsApp or Skype make use of the SQLite ...
DB3F & DF-Toolkit: The Database Forensic File Format and the Database Forensic Toolkit Jonathan Grier , James Wagner , Alexander Rasin , Karen Heart , Rebecca Jacob The majority of sensitive and personal user data is stored in different Database Management Systems ...
Using NTFS Cluster Allocation Behavior to Find the Location of User Data Stefan Axelsson , Geir Olav Dyrkolbotn , Martin Karresand Digital forensics is heavily affected by the large and increasing amount of data to be ...
Extreme Damaged Devices Steve Watson With some regularity, law enforcement agencies encounter devices that have experienced extreme damage. These devices ...
Forensic Jailbreaking of iOS devices Bradley Schatz Accessing all the evidence is iOS devices has become increasingly difficult in recent years, and ...
Introducing Digital Forensics Science in a Virtual Learning Environment Eoghan Casey , Daryl Pfeif , Cassy Soden This presentation explains the design, development, implementation and future of the Cyber Sleuth Science Lab ...
CASE the Cyber-investigation Analysis Standard Expression Vik Harichandran , Cory Hall , Andrew Sovern , Deborah Nichols , Navaneeth Subramanian , Trevor Bobka As the cybersecurity domain has grown, the amount of increasingly varied information needing to be ...
Android Auto & Google Assistant – How Google Encourages Hands-Free Motoring Joshua Hickman This presentation will cover Google’s Android Auto, an application that allows for hands-free use of ...
Old Filesystems in New IoT Devices Steve Watson As IoT devices continue to grow in popularity, more opportunities will emerge to determine if ...
An Incomplete Tour of the Forensic Implications of the Windows 10 Activity Timeline Vico Marziale The Activity Timeline feature was released in Windows 10 version 1803. It tracks many types ...
Memory forensics as Triage Analysis Aaron Sparling Memory forensics is fast and efficient and the speed begins with the acquisition process prior ...
Forensic analysis of the Nintendo 3DS NAND Iain Sutherland , Konstantinos Xynos , Huw Read , Gus Pessolano Games consoles present a particular challenge to the forensics investigator due to the nature of ...
Forensic analysis of water damaged mobile devices Aya Nishimura Mobile devices routinely arrive at forensics labs suffering from water damage, which can be the ...
Digital Forensic Practices and Methodologies for AI Speaker Ecosystems Junghoon Oh , Wooyeon Jo , Yeonghun Shin , Hyungchan Kim , Dongkyun Yoo , Donghyun Bob) , Cheulhoon Kang , Jongmin Jin , Bitna Na , Taeshik Shon Various Internet of Things (IoT) devices, such as AI speakers, are being released with different ...
Leveraging Electromagnetic Side-Channel Analysis for the Investigation of IoT Devices Mark Scanlon , Nhien Khac , Asanka Sayakkara Internet of Things (IoT) devices have expanded the horizon of digital forensic investigations by providing ...
Detection of Lateral Movement Across Valid Accounts by Using Human Behavior in the Physical Environment Tomohiko Yano It becomes difficult to detect attackers intruding in the enterprise network.Attackers often perform lateral movement ...
Not Your Father’s Forensics: Concept Searching for Data Forensic Investigations: Uncover what keywords miss Warren Kruse Data volumes are exploding as are potential data sources requiring analysis for investigations. Wading through ...
Forensic String Search Tool Quirks or What I Learned Testing String Search Tools James Lyle One might expect that if the results of an indexed search of a test image ...
HookTracer: A System for Automated and Accessible API Hooks Analysis Andrew Case , Aisha Ali-gombe , Golden Richard Iii , Mingxuan Sun , Ryan Maggio , Md Firoz-ul-amin , Mohammad Jalalzai The use of memory forensics is becoming commonplace in digital investigation and incident response, as ...
FbHash: A New Similarity Hashing Scheme for Digital Forensics Douglas White , Monika Singh , Donghoon Chang , Mohona Ghosh , Somitra Sanadhya With the rapid growth of the World Wide Web and Internet of Things, a huge ...
A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) Ibrahim Baggili , Cinthya Grajeda Mendez , Laura Sanchez , Cory Hall For those investigating cases of Child Sexual Abuse Material (CSAM), there is the potential harm ...
AFF4-L: A scalable open logical evidence container Bradley Schatz With the proliferation of cloud-based evidence and locked down physical storage logical imaging is increasingly ...