ICDF2C 2011
Third ICST International Conference on Digital Forensics and Cyber Crime
Dublin, Ireland, 26 - 28 October 2011
TECHNICAL PROGRAMME
|
26th October 2011 |
|||||
08:30 |
- |
09:00 |
Registration |
||
|
09:00 |
- |
10:30 |
Opening Session |
||
|
Welcome address by Garda Deputy Commissioner Noirin O'Sullivan |
|||||
|
Keynote speech on International Police Cooperation in the Fight Against Cybercrime by Mr. Jaime Ansieta, Assistant Director of INTERPOL Financial and High-tech Crime Sub-directorate |
|||||
|
10:30 |
- |
10:45 |
Coffee Break |
||
|
10:45 |
- |
12:30 |
Session I: Cybercrime Investigations |
||
|
Cynthia Murphy |
|||||
|
The Role of Perception in Age Estimation |
|||||
|
Kathryn Seigfried-Spellar, Marcus Rogers, Gary Bertoline |
|||||
|
Internet Child Pornography, U.S. Sentencing Guidelines, and the Role of Internet Service Providers |
|||||
|
Esti Peshin |
|||||
|
Lawful Interception 2.0: Regulating Social Media |
|||||
|
12:30 |
- |
13:30 |
Lunch |
||
|
13:30 |
- |
14:45 |
Session II: Mobile Device Forensics – 1 |
||
|
Mark Lohrum |
|||||
|
Forensic Extractions of Data from the Nokia N900 |
|||||
|
Thomas Schaefer, Hans Hoefken, Marko Schuba |
|||||
|
Windows Phone 7 from a Digital Forensics' Perspective |
|||||
|
14:45 |
- |
15:00 |
Coffee Break |
||
|
15:00 |
- |
16:30 |
Session III: Mobile Device Forensics – 2 |
||
|
Satheesh Kumar S, Bibin Thomas, Thomas K L |
|||||
|
An agent based tool for Windows Mobile forensics |
|||||
|
Eric Katz, Richard Mislan, Marcus Rogers |
|||||
|
Results of Field Testing Mobile Phone Shielding Devices |
|||||
|
Ramindu Silva, Kelly Cole, Richard Mislan |
|||||
|
All Bot Net: A Need for Smartphone P2P Awareness |
|||||
|
17:00 |
- |
18:30 |
Tutorial I: Mobile Phone Forensics (by Cindy Murphy, Madison Police Department) |
||
|
27th October 2011 |
|||||
|
09:00 |
- |
10:30 |
Session IV: New Developments in Digital Forensics |
||
|
Keynote speech by Prof. Marcus Rogers, Purdue University |
|||||
|
Jim Lyle, US National Institute of Standards and Technology (NIST) |
|||||
|
A strategy for testing metadata based deleted file recovery tools |
|||||
|
10:30 |
- |
10:45 |
Coffee Break |
||
|
10:45 |
- |
12:30 |
Neil Rowe, Simson L Garfinkel |
||
|
Finding anomalous and suspicious files from directory metadata on a large corpus |
|||||
|
Ahmed Shosha, Joshua James, Pavel Gladyshev |
|||||
|
A Novel Methodology for Malware Intrusion Attack Path Reconstruction |
|||||
|
Frank Breitinger, Harald Baier |
|||||
|
Performance Issues about Context Triggered Piecewise Hashing |
|||||
|
12:30 |
- |
13:30 |
Lunch |
||
|
13:30 |
- |
14:40 |
Session V: Systematic Methods of Investigation |
||
|
Clive Blackwell |
|||||
|
A Forensic Framework for Incident Analysis Applied to the Insider Threat |
|||||
|
Serguei A. Mokhov, Joey Paquet, Mourad Debbabi |
|||||
|
Reasoning About a Simulated Printer Case Investigation with Forensic Lucid |
|||||
|
14:40 |
- |
15:05 |
Session VI: Short Papers |
||
|
Sean Thorpe, Abbie Barbir , Indrakshi Ray, Tyrone W A Grandison, Indrajit Ray, Robert France |
|||||
|
Formal Parameterization of Log Synchronization Events |
|||||
|
Tejashree Datar, Matt Levendoski |
|||||
|
Yahoo! Messenger Forensics on Windows Vista and Windows 7 |
|||||
|
Martin Steinebach |
|||||
|
Robust Hashing for Efficient Forensic Analysis of Image Sets |
|||||
|
Anthony Keane, Stephen O'Shaughnessy |
|||||
|
Tracking User Activity on Personal Computers |
|||||
|
15:05 |
- |
15:25 |
Coffee Break & Poster Session |
||
|
15:25 |
- |
17:10 |
Session VII: Digital Forensic Techniques |
||
|
Alexander Barnett |
|||||
|
The Forensic Value of the Windows 7 Jump List |
|||||
|
Gyu-Sang Cho, Marcus Rogers |
|||||
|
Finding Forensic Information on Creating a Folder in $LogFile of NTFS |
|||||
|
Toshinobu Yasuhira, Kazuhiro Nishimura, Tomofumi Koida |
|||||
|
Rescuing Digital Data from Submerged HDD |
|||||
|
17:30 |
- |
19:00 |
Tutorial II: Facebook Forensics (by Cernam Ltd.) |
||
|
20:00 |
- |
Conference Dinner |
|||
|
28th October 2011 |
|||||||
|
09:00 |
- |
10:30 |
Session VIII: Digital Forensics Education |
||||
|
Pavel Gladyshev, Marcus Rogers, John Sheppard, Anthony Keane Panel Session: The Future of Digital Forensic Education |
|||||||
|
Christian Moch, Felix C Freiling |
|||||||
|
Evaluating the Forensic Image Generator Generator |
|||||||
|
10:30 |
- |
10:45 |
Coffee Break |
||||
|
10:45 |
- |
12:30 |
Session IX: Internet & Network Investigations |
||||
|
Peter Wyatt, Pavel Gladyshev |
|||||||
|
Per Port Forensics, Integrating Digital Investigation into the Network Fabric |
|||||||
|
Kacper Gradon |
|||||||
|
Internet As a New Criminal Battlefield |
|||||||
|
Seth King |
|||||||
|
The Dancing Dodo – Recent spam activity on the cybercrime forums |
|||||||
|
12:30 |
- |
13:30 |
Lunch / Steering Committee Meeting |
||||
|
13:30 |
- |
14:10 |
Session X: Industry Talks Session |
||||
|
Ibrahim Baggili |
|||||||
|
Intelligent Triage Tools for Digital Forensics |
|||||||
|
Simon Collins |
|||||||
|
Role and Responsibilities of an Expert Witness |
|||||||
|
14:10 |
- |
14:30 |
Coffee Break |
||||
|
14:30 |
- |
16:00 |
Tutorial III: Taking Fingerprint Evidence form Digital Devices (by Veselko Hagen, Austria Federal Police) |
||||