DFRWS EU 2015 – Dublin 23rd – 26th March

On Monday 23rd of March 2015, Forensic Focus will be attending DFRWS EU – the European Digital Forensic Research Workshop – at University College Dublin, Ireland. If there are any topics you would particularly like us to cover in-depth, or if there are any speakers you think we should interview, please let us know in the comments.

DFRWS has been running in the USA since 2001 and expanded to Europe in 2013. Organised by some of the most prominent names in digital forensics, including Eoghan Casey, Frank Adelstein and Vassil Roussev, it has grown over the years from a small workshop group to a full conference with a double blind review and printed proceedings.

This year’s European conference runs from the 23rd – 26th of March, and Forensic Focus will be taking notes throughout the workshops and interviewing key figures.

For the first day, the conference is split into two workshop tracks, each focusing on a different area of digital forensics. Below is a brief overview of the workshops available, and of the talks and events throughout the remainder of the week.

Monday


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

GRR Incident Response Framework

Andreas Moser from Google will provide an introduction to the GRR environment for people who have never previously used it. Tasks will include reading files and registry keys and grabbing artifacts directly from live memory.

Digital Forensics Framework

Frederic Baguelin and Solal Jacob of ArxSys will demonstrate how to use DFF in forensic analyses of hard disks, memory snapshots or virtual machines. The workshop will include an overview of the graphical interface; a look at importing files and extracting information; and searching, filtering and reporting on data.

Digital Memory Forensic Interactive Workshop

Michael Cohen and Johannes Stüettgen from Google will use open source tools to detect malware and advanced system threats. Participants will be encouraged to try the techniques themselves, using both sample images and their own machines. The workshop will also cover extracting binaries from memory, memory management techniques and hooking.

Common Criteria for Digital Forensics Experts

Hans Henseler and Sophie Loenhout will present a draft version of common criteria for digital forensics experts involved in court cases in the Netherlands. This workshop is specifically aimed at expert witnesses and looks to work towards harmonising forensic computer science standards around the world.

First European Workshop on Data Analytics for Information Security and Forensics

This workshop will present a forum for digital forensics professionals to discuss innovative solutions to some of the main challenges faced in cybercrime investigations. Topics covered will include the wide-ranging sources of data available, the proprietary nature of digital forensic tools and their limitations, and how national data protection legislation can impede the investigative process.

Tuesday

Tuesday’s programme comprises of a series of talks about digital forensics, including a keynote address by Chris Ashton, the Director of Spectrum Engineering at Inmarsat. Ashton will discuss the lessons we can learn from the flightpath reconstruction analysis performed by Inmarsat when searching for flight MH370, an international passenger flight which went missing on the 8th of March 2014.

The first session following the keynote on Tuesday will look at network forensics, with topics including traffic aggregation and visualisation for network forensics, and the detection, analysis and investigation of spam campaigns.

Throughout the rest of the day a number of topics will be covered, including disk and mobile forensics, forensic tool validation, Tor forensics and malware analysis. There will also be presentations on malware triage and Android vulnerabilities.

Wednesday

The day will begin with a keynote address from Troels Oerting, the former head of European Cyber Crime (EC3) at Europol, followed by a session on forensic investigation of smart TVs and the Sony Playstation 4.

The remainder of Wednesday will be devoted to a session on handling digital evidence, and paper presentations from research groups covering topics such as handling the exchange of digital evidence across Europe, searching extracted data, and data scrutiny in fraud cases.

Thursday

The entire day on Thursday will consist of the First European Workshop on Data Analytics for Information Security and Forensics (E-DAIS). This will include discussions of current research challenges in large-scale forensic investigations; the technical problems of big data analysis for INFOSEC; and the privacy problems surrounding big data analysis for information security and forensics.

Attendees will then break into groups, where they will be encouraged to discuss text translation and mining, the legal aspects of cross-jurisdictional data collection and analysis, and approaches to strengthening human rights protection in big data analytics.

Forensic Focus will be in attendance for all four days of the conference, and you can see the full programme here. If there are any topics you would particularly like us to cover in-depth, or if there are any speakers you think we should interview, please let us know in the comments or email [email protected] with suggestions.

Leave a Comment

Latest Videos

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools. 

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

In this episode of the Forensic Focus podcast, Si and Desi explore how artificial intelligence is being leveraged to uncover crucial evidence in investigations involving child sexual abuse material (CSAM) and examine the importance of exercising caution when implementing these tools.

They also discuss a recent murder case in which cyber experts played a vital role in securing a conviction, and explore the unique challenges associated with using digital evidence as an alibi.

Show Notes:

A Practitioner Survey Exploring the Value of Forensic Tools, AI, Filtering, & Safer Presentation for Investigating Child Sexual Abuse Material (CSAM) - https://dfrws.org/wp-content/uploads/2019/06/2019_USA_paper-a_practitioner_survey_exploring_the_value_of_forensic_tools_ai_filtering_safer_presentation_for_investigating_child_sexual_abuse_material_csam.pdf

Man charged with NI murder ‘faked live stream to provide alibi’ (The Guardian) - https://www.theguardian.com/uk-news/2023/feb/02/man-charged-with-ni-faked-live-stream-to-provide-alibi

A YouTuber accused of murder faked a 6-hour livestream to produce an alibi (Sportskeeda) - https://www.sportskeeda.com/esports/news-a-youtuber-accused-murder-faked-6-hour-livestream-produce-alibi

European Interdisciplinary Cybersecurity Conference (EICC) 2023 - https://www.forensicfocus.com/event/european-interdisciplinary-cybersecurity-conference-eicc-2023/#more-493234

YouTuber reportedly faked GTA livestream to have an alibi while he committed murder (Dexerto) - https://www.dexerto.com/entertainment/youtuber-reportedly-faked-gta-livestream-to-have-an-alibi-while-he-committed-murder-2052974/

Forensic Europe Expo - https://www.forensicfocus.com/event/forensic-europe-expo/#more-493225

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_7QiFTiuY7Vw

AI In CSAM Investigations And The Role Of Digital Evidence In Criminal Cases

Forensic Focus 22nd March 2023 11:44 am

Throughout the past few years, the way employees communicate with each other has changed forever.<br /><br />69% of employees note that the number of business applications they use at work has increased during the pandemic.<br /><br />Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.<br /><br />Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.<br /><br />Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.<br /><br />With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.<br /><br />Join Monica Harris, Product Business Manager, as she showcases how investigators can:<br /><br />- Manage multiple cloud collections through a web interface<br />- Cull data prior to collection to save time and money by gaining these valuable insights of the data available<br />- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box<br />- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee<br />- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

Throughout the past few years, the way employees communicate with each other has changed forever.

69% of employees note that the number of business applications they use at work has increased during the pandemic.

Desk phones, LAN lines and even VOIP have become technologies of the past workplace environment as employees turn to cloud applications on their computers and phones to collaborate with each other in today’s workplace environment.

Whether it’s conversations in Teams, file uploads in Slack chats, or confidential documents stored in Office 365, the amount of data stored and where it is stored, is growing quicker than IT and systems administrators can keep up with.

Corporate investigators and eDiscovery professionals need to seamlessly collect relevant data from cloud sources and accelerate the time to investigative and discovery review.

With the latest in Cellebrite’s remote collection suite of capabilities, investigators and legal professionals can benefit from secure collection with targeted capabilities for the most used workplace applications.

Join Monica Harris, Product Business Manager, as she showcases how investigators can:

- Manage multiple cloud collections through a web interface
- Cull data prior to collection to save time and money by gaining these valuable insights of the data available
- Collect data from the fastest growing cloud collaboration applications like Office365, Google Workspace, Slack and Box
- Login to a single source for workplace app collection without logging into every app and pulling data from multiple sources for every employee
- Utilize a single unified collection workflow for computer, mobile and workplace cloud applications without the need to purchase multiple tools for different types of collections – a solution unique to Cellebrite’s enterprise solution capabilities

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_g6nTjfEMnsA

Tips And Tricks Data Collection For Cloud Workplace Applications

Forensic Focus 20th March 2023 11:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...