Christa Miller: As the cybersecurity talent gap continues to widen, a number of universities are developing programs to fill it. Among them is University College Dublin, which has just launched its brand new Master of Science in Cybersecurity program. … Read more
Forensic Focus
Knock, Knock, Log: Threat Analysis, Detection & Mitigation of Covert Channels in Syslog Using Port Scans as Cover
In this paper, Kevin Lamshöft describes how researchers performed a threat analysis for a covert Command and Control (C2) channel using port scans as cover and syslog as carrier for data infiltration.
Session Chair: So, Kevin is presenting Knock, … Read more
Distant Traces and Their Use in Crime Scene Investigation
Starting with a physical crime scene – a fire – Manon Fischer describes how IoT devices such as “smart” plugs and thermostats store “distant traces” remotely, and could be used to help reconstruct a fire’s origin, cause, and timeline.
Session … Read more
The Wisdom of the Heap: Mesh It up by Weaving Data Structures
In this short presentation, Trufflepig Forensics’ Aaron Hartel and Christian Müller present some early stage research about the volatility of data in memory as data structures change version to version.
Session Chair: We’re now going over to memory forensics … Read more
Toward Graph-Based Network Traffic Analysis and Incident Investigation
At DFRWS-EU 2022, Milan Cermak describes the need to create data associations for use during network traffic analysis and incident investigation. The focus is on robust graph data visualization of the kind that’s commonly used in criminal investigation, allowing analysts … Read more
Memory Forensic Analysis of a Programmable Logic Controller in Industrial Control Systems
Winner of the Best Student Paper Award at DFRWS-EU 2022! Muhammad Haris Rais describes a step-wise approach to analyze the memory of specific PLCs, and subsequently find a generic framework applicable to all PLCs. By following a methodology that focused … Read more
Frontline Managed Services’ Kyle Campbell on DFIR & E-Discovery Skills & Pathways
Christa: Electronic discovery, or e-discovery, has always required some digital forensic skills as litigators prepare to present electronic data at trial. However, as technology evolves, likewise, the skills needed to identify, collect and analyze the data that’s most relevant … Read more
PEM: Remote Forensic Acquisition of PLC Memory in Industrial Control Systems
Winner of the Best Paper Award at DFRWS-EU 2022, Nauman Zubair proposes a new memory acquisition framework to remotely acquire a programmable logic controller (PLC)’s volatile memory while the PLC is controlling a physical process.
Session Chair: Welcome Nauman, … Read more
Defining Atomicity (and Integrity) for Snapshots of Storage in Forensic Computing
In this video from DFRWS-EU 2022, Jenny Ottmann revisits the discussion on quality criteria for “forensically sound” acquisition of such storage and proposes a new way to capture the intent to acquire an instantaneous snapshot from a single target system; … Read more
Introducing 2 Forensic Focus Podcast Co-Hosts: Simon Biles and Alex Desmond
Christa: Welcome to the Forensic Focus podcast. I’m your host, Christa Miller. And this week we’re switching it up a little bit. We’re introducing some new co-hosts: Simon Biles and Alex Desmond. Simon’s an IT and digital forensics expert … Read more
Extraction and Analysis of Retrievable Memory Artifacts From Windows Telegram Desktop Application
In this video from DFRWS-EU 2022, Pedro Fernandez-Alvarez describes research focused on the Telegram Desktop client, in particular the client process contents in a Windows system’s RAM.
Session Chair: We are now in the topic of memory forensics, and … Read more
Bridging the Gap: Standardizing Representation of Inferences in Diverse Digital Forensic Contexts
Session Chair: So the next speaker is Timothy. It’s going to be online, so Timothy, are you ready?
Timothy: Hi, everyone. So I’m Timothy Bollé, I’m a PhD student at the University of Lausanne. And today I will … Read more
Cellebrite’s Monica Harris on Achieving Balance in Corporate Investigations and E-Discovery
Christa: Digital forensics in enterprises increasingly overlaps corporate investigations, e-discovery and incident response, with the result that enterprises themselves must balance data acquisition and retention with employee privacy and cyber security.
This week on the Forensic Focus podcast we’re … Read more
What Can You Tell Us About Your Password? A Contextual Approach
Aikaterini: I’m Aikaterini Kanta. I’m a PhD candidate with University College Dublin, and I’m really glad to be here today. I’m going to talk to you about my PhD research. So, about contextual based decryption.
So, the average number … Read more
Towards a Working Definition and Classification for Automation in Digital Forensics
Gaëtan Michelet: So good morning, everyone. Today I will present the project we are working on with Frank Breitinger and Graham Horsman. This project is “Towards a working definition and classification for automation in the context of digital forensic”. … Read more
Digital Forensics Research Update: May 2022
Research published last month covered a wide range of issues in digital forensics, from limitations and challenges to new tools and techniques and lessons for those in higher education.
Digital forensic techniques, now and in the future
The National Institute … Read more