DFRWS EU 2015 – Dublin 23rd – 26th March

On Monday 23rd of March 2015, Forensic Focus will be attending DFRWS EU – the European Digital Forensic Research Workshop – at University College Dublin, Ireland. If there are any topics you would particularly like us to cover in-depth, or if there are any speakers you think we should interview, please let us know in the comments.

DFRWS has been running in the USA since 2001 and expanded to Europe in 2013. Organised by some of the most prominent names in digital forensics, including Eoghan Casey, Frank Adelstein and Vassil Roussev, it has grown over the years from a small workshop group to a full conference with a double blind review and printed proceedings.

This year’s European conference runs from the 23rd – 26th of March, and Forensic Focus will be taking notes throughout the workshops and interviewing key figures.

For the first day, the conference is split into two workshop tracks, each focusing on a different area of digital forensics. Below is a brief overview of the workshops available, and of the talks and events throughout the remainder of the week.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.

Unsubscribe any time. We respect your privacy - read our privacy policy.

GRR Incident Response Framework

Andreas Moser from Google will provide an introduction to the GRR environment for people who have never previously used it. Tasks will include reading files and registry keys and grabbing artifacts directly from live memory.

Digital Forensics Framework

Frederic Baguelin and Solal Jacob of ArxSys will demonstrate how to use DFF in forensic analyses of hard disks, memory snapshots or virtual machines. The workshop will include an overview of the graphical interface; a look at importing files and extracting information; and searching, filtering and reporting on data.

Digital Memory Forensic Interactive Workshop

Michael Cohen and Johannes Stüettgen from Google will use open source tools to detect malware and advanced system threats. Participants will be encouraged to try the techniques themselves, using both sample images and their own machines. The workshop will also cover extracting binaries from memory, memory management techniques and hooking.

Common Criteria for Digital Forensics Experts

Hans Henseler and Sophie Loenhout will present a draft version of common criteria for digital forensics experts involved in court cases in the Netherlands. This workshop is specifically aimed at expert witnesses and looks to work towards harmonising forensic computer science standards around the world.

First European Workshop on Data Analytics for Information Security and Forensics

This workshop will present a forum for digital forensics professionals to discuss innovative solutions to some of the main challenges faced in cybercrime investigations. Topics covered will include the wide-ranging sources of data available, the proprietary nature of digital forensic tools and their limitations, and how national data protection legislation can impede the investigative process.


Tuesday’s programme comprises of a series of talks about digital forensics, including a keynote address by Chris Ashton, the Director of Spectrum Engineering at Inmarsat. Ashton will discuss the lessons we can learn from the flightpath reconstruction analysis performed by Inmarsat when searching for flight MH370, an international passenger flight which went missing on the 8th of March 2014.

The first session following the keynote on Tuesday will look at network forensics, with topics including traffic aggregation and visualisation for network forensics, and the detection, analysis and investigation of spam campaigns.

Throughout the rest of the day a number of topics will be covered, including disk and mobile forensics, forensic tool validation, Tor forensics and malware analysis. There will also be presentations on malware triage and Android vulnerabilities.


The day will begin with a keynote address from Troels Oerting, the former head of European Cyber Crime (EC3) at Europol, followed by a session on forensic investigation of smart TVs and the Sony Playstation 4.

The remainder of Wednesday will be devoted to a session on handling digital evidence, and paper presentations from research groups covering topics such as handling the exchange of digital evidence across Europe, searching extracted data, and data scrutiny in fraud cases.


The entire day on Thursday will consist of the First European Workshop on Data Analytics for Information Security and Forensics (E-DAIS). This will include discussions of current research challenges in large-scale forensic investigations; the technical problems of big data analysis for INFOSEC; and the privacy problems surrounding big data analysis for information security and forensics.

Attendees will then break into groups, where they will be encouraged to discuss text translation and mining, the legal aspects of cross-jurisdictional data collection and analysis, and approaches to strengthening human rights protection in big data analytics.

Forensic Focus will be in attendance for all four days of the conference, and you can see the full programme here. If there are any topics you would particularly like us to cover in-depth, or if there are any speakers you think we should interview, please let us know in the comments or email scar@forensicfocus.com with suggestions.

Leave a Comment

Latest Videos

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feeds settings page to add an API key after following these instructions.

Latest Articles