DFRWS EU 2016 – Lausanne 29th – 31st March

From the 29th to the 31st of March 2016, Forensic Focus will be attending the European Digital Forensics Research Workshop (DFRWS EU) in Lausanne, Switzerland. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments.

Below is an overview of the subjects and speakers that will be featured at DFRWS.

lausanne

Tuesday 29th March

The week will open with a series of pre-conference workshops held at the University of Lausanne. The workshops will be split into three tracks, enabling attendees to choose a track that meets their interests. The tracks are as follows.

Track One will begin with Microsoft Exchange Forensics and will then continue with a proposal concerning evidence exchange between courts in Europe. The first half of the workshop, taking place from 9am until 12.30pm, will discuss new developments in how recent versions of Outlook and Exchange store data, and how to use these data to understand user activity. The afternoon session will be a discussion of the attempt by the EVIDENCE project to come up with a Common European Framework for digital evidence.


Get The Latest DFIR News

Join the Forensic Focus newsletter for the best DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

Track Two will commence with an introduction to virtual currencies, with a strong focus on Bitcoin. Criminal investigation of cases involving cryptocurrencies will also be discussed. In the afternoon, Track Two will be taken up by a Plaso Parser Workshop, in which Daniel White from Google will demonstrate the tool which automatically creates “super timelines”.

Track Three will have a single focus all day, although it will be split into sections. Titled ‘Fun With The Beast’, it will show attendees the intricacies of traffic mining using two important tools: Tranalyser and your brain. Role play scenarios will be set up, in which attendees will play the part of analysts trying to find anomalies in real IP traffic. This workshop is only open to attendees with Linux laptops.

Wednesday 30th March

The second day brings the start of the conference proper, with the morning’s keynote address still to be confirmed. The first session following the keynote will delve into memory forensics, with Michael Gruhn and Felix Freiling kicking off with a discussion of how to evaluate the integrity of memory acquisition methods. This will then be followed by demonstrations of Linux and Windows memory analysis respectively.

Following lunch, the afternoon will begin with a session on technology-specific analysis, including a talk from Christian Zoubek, Sabine Seufert and Andreas Dewald concerning RAID reassembly. After this the conference will continue with a series of short presentations, two of which will be based on the investigation of drug crimes. The first will talk about drug trafficking on the dark net and how it can be monitored through the analysis of trace evidence – whether digital, chemical or physical. In a similar vein, a group of researchers will follow this with a demonstration of how to use online forums to monitor the diffusion of drugs on the internet.

The final short presentation will be given by Mattia Epifani, Francesco Picasso and Marco Scarito, who will present their research into uncovering artifacts from the Windows Phone 8.

Bringing the day to a close, the last session will look at data acquisition, including the methodology used to find the best mobile forensics tool and a discussion of cold-boot attacks on scrambled DDR3 memory.

On Wednesday night the Gala Dinner will be hosted at the Starling Hotel, with the popular forensic rodeo contest and the awards for best paper included as part of the evening’s entertainment.

Thursday 31st March

The final day of the conference will begin with a keynote address, which has yet to be decided. The main session of the morning will be devoted to the handling of digital evidence, with subjects such as field triage by non-specialists, absence of expected data, and behavioural evidence analysis in cyberstalking cases being the three primary discussions.

Following lunch, a second series of short presentations will focus on a forensic overview of cloud computing; the analysis of Orweb anonymiser on Android devices; and a Digital Evidence Dashboard, which will be presented by Hans Henseler and Adrie Stander.

From 14:00 until 14:30 conference attendees will have the chance to give a ‘lightning talk’ on a topic of their choice. These can be put forward at the registration desk throughout the conference and are a great way to get your research noticed by leaders in the field.

The afternoon sessions on Thursday will begin with an in-depth look at cloud and network forensics. Benjamin Taubmann et al will discuss how to use a virtual machine to decrypt TLS information; Vassil Roussev and Shane McCulley will demonstrate the forensic analysis of cloud-based artifacts; and David Gresty et al will show us how a session-to-session analysis of internet history can aid in the forensic examination of multi-user environments.

The week will be rounded off with a final panel discussion – subject to be confirmed – and will close at 17:30 on Thursday 31st March.

Forensic Focus will be in attendance throughout the conference, and you can see the full programme and register here. If there are any topics you would particularly like to see covered in-depth, or if there are any speakers you would like to see interviewed, please leave a comment below or email scar@forensicfocus.com with suggestions.

1 thought on “DFRWS EU 2016 – Lausanne 29th – 31st March”

  1. More and more data moves to the cloud and with this out of forensics examiners reach. Suites cover this to get the data but it fails to get first-hand evidence. The other aspect is the risk of non LE people making critical mistakes in virtualized envirinments, strict 4-eyes principles included. This generates a new risk which is not enough discussed.

Leave a Comment

Latest Videos

Subscribe to the Forensic Focus Podcast: https://www.forensicfocus.com/podcast/

Si and Desi are joined by Brittany and Ailsa from digital forensics software company ADF Solutions. They discuss how ADF is addressing key challenges for digital forensics practitioners, including handling the massive volumes of data from mobile devices and the cloud.

The guests outline ADF's focus on developing their software as an easy-to-use onsite triage tool that can help quickly identify pertinent evidence. Key features include advanced handling of video files, AI-assisted classification of images, and new screen recording capabilities for mobile devices that allow suspects to safely share relevant data. 

The hosts and guests also explore ADF's ongoing research into areas like facial recognition, handling new device types like games consoles and smart watches, and identifying deepfake media.

00:00 – Introduction to Ailsa and Brittany
03:00 – The challenge of vast amounts of data
05:50 – Recovering data from Chromebooks
08:50 – Triaging using ADF tools
12:30 – Benefits of using ADF Solutions’ tools
15:50 – Limitations in types of apps
17:20 – Keeping up with technological advancements
19:15 – ADF customer base
21:00 - Artificial intelligence in classifying images
30:00 – ADF Solutions’ triaging kit
37:00 – Training with ADF
40:00 – Target user
44:50 – Roadmap of future devices to examine
51:30 – Main focus for ADF Solutions going forwards

Show Notes:
AI-generated CSAM article on Sky News - https://news.sky.com/story/thousands-of-ai-generated-child-abuse-images-being-shared-online-research-finds-12991727

Subscribe to the Forensic Focus Podcast: https://www.forensicfocus.com/podcast/

Si and Desi are joined by Brittany and Ailsa from digital forensics software company ADF Solutions. They discuss how ADF is addressing key challenges for digital forensics practitioners, including handling the massive volumes of data from mobile devices and the cloud.

The guests outline ADF's focus on developing their software as an easy-to-use onsite triage tool that can help quickly identify pertinent evidence. Key features include advanced handling of video files, AI-assisted classification of images, and new screen recording capabilities for mobile devices that allow suspects to safely share relevant data.

The hosts and guests also explore ADF's ongoing research into areas like facial recognition, handling new device types like games consoles and smart watches, and identifying deepfake media.

00:00 – Introduction to Ailsa and Brittany
03:00 – The challenge of vast amounts of data
05:50 – Recovering data from Chromebooks
08:50 – Triaging using ADF tools
12:30 – Benefits of using ADF Solutions’ tools
15:50 – Limitations in types of apps
17:20 – Keeping up with technological advancements
19:15 – ADF customer base
21:00 - Artificial intelligence in classifying images
30:00 – ADF Solutions’ triaging kit
37:00 – Training with ADF
40:00 – Target user
44:50 – Roadmap of future devices to examine
51:30 – Main focus for ADF Solutions going forwards

Show Notes:
AI-generated CSAM article on Sky News - https://news.sky.com/story/thousands-of-ai-generated-child-abuse-images-being-shared-online-research-finds-12991727

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_4z-EgH54KZk

The Power Of Digital Forensics: How ADF Solutions Is Revolutionizing The Digital Forensics Industry

Forensic Focus 103 minutes ago

Si and Desi interview Emi Polito from Amped about how to become an Amped FIVE Certified Examiner (AFCE). They discuss the exam requirements, format, timeline for certification, and Amped’s future plans. Emi explains that the certification is aimed at demonstrating competency with the Amped FIVE video analysis software after completing training. The exam consists of multiple choice questions on theory and practical exercises using the software. Emi talks about the online exam format and process for passing or failing.

Emi also discusses the broader challenges many organizations face with validation and accreditation. He emphasizes Amped's commitment to developing tools that facilitate that process. The hosts reflect on the confusing accreditation landscape and Amped’s passion for improving training and certification in forensics. This episode provides an overview of Amped's new certification and perspective on challenges in the field of video forensics.

Show Notes:

Introducing The AFCE Certification (Amped FIVE Certified Examiner) - https://www.forensicfocus.com/news/introducing-the-afce-certification-amped-five-certified-examiner/

Video Evidence Principles With Amped Software - https://www.forensicfocus.com/podcast/video-evidence-principles-with-amped-software/

Digital Image Authenticity And Integrity With Amped Authenticate - https://www.forensicfocus.com/podcast/digital-image-authenticity-and-integrity-with-amped-authenticate/

File Analysis And DVR Conversion Training From Amped Software - https://www.forensicfocus.com/reviews/file-analysis-and-dvr-conversion-training-from-amped-software/

Amped FIVE Speed Estimation 2d Filter And Training From Amped Software - https://www.forensicfocus.com/reviews/amped-five-speed-estimation-2d-filter-and-training-from-amped-software/

Amped Software’s Martino Jerian on Key Challenges and Opportunities for Video Evidence - https://www.forensicfocus.com/podcast/amped-softwares-martino-jerian-on-key-challenges-and-opportunities-for-video-evidence/

LEVA 2023 Training Symposium - https://www.leva.org/

Forensic Collision Investigation & Reconstruction Ltd - https://www.fcir.co.uk/

Amped FIVE Certified Examiner - https://ampedsoftware.com/afce-certification 

Introducing the Amped FIVE Certification Program - https://blog.ampedsoftware.com/2023/10/04/introducing-the-amped-five-certification-program

Amped Software YouTube - https://www.youtube.com/ampedsoftware
How to Use the Validation Tool in Amped FIVE - https://blog.ampedsoftware.com/2023/03/29/how-to-use-the-validation-tool-in-amped-five

Si and Desi interview Emi Polito from Amped about their new certification called Amped Five Certified Examiner (AFCE). They discuss the exam requirements, format, timeline for certification, and Amped’s future plans. Emi explains that the certification is aimed at demonstrating competency with the Amped FIVE video analysis software after completing training. The exam consists of multiple choice questions on theory and practical exercises using the software. Emi talks about the online exam format and process for passing or failing.

Emi also discusses the broader challenges many organizations face with validation and accreditation. He emphasizes Amped's commitment to developing tools that facilitate that process. The hosts reflect on the confusing accreditation landscape and Amped’s passion for improving training and certification in forensics. This episode provides an overview of Amped's new certification and perspective on challenges in the field of video forensics.

Show Notes:

Introducing The AFCE Certification (Amped FIVE Certified Examiner) - https://www.forensicfocus.com/news/introducing-the-afce-certification-amped-five-certified-examiner/

Video Evidence Principles With Amped Software - https://www.forensicfocus.com/podcast/video-evidence-principles-with-amped-software/

Digital Image Authenticity And Integrity With Amped Authenticate - https://www.forensicfocus.com/podcast/digital-image-authenticity-and-integrity-with-amped-authenticate/

File Analysis And DVR Conversion Training From Amped Software - https://www.forensicfocus.com/reviews/file-analysis-and-dvr-conversion-training-from-amped-software/

Amped FIVE Speed Estimation 2d Filter And Training From Amped Software - https://www.forensicfocus.com/reviews/amped-five-speed-estimation-2d-filter-and-training-from-amped-software/

Amped Software’s Martino Jerian on Key Challenges and Opportunities for Video Evidence - https://www.forensicfocus.com/podcast/amped-softwares-martino-jerian-on-key-challenges-and-opportunities-for-video-evidence/

LEVA 2023 Training Symposium - https://www.leva.org/

Forensic Collision Investigation & Reconstruction Ltd - https://www.fcir.co.uk/

Amped FIVE Certified Examiner - https://ampedsoftware.com/afce-certification

Introducing the Amped FIVE Certification Program - https://blog.ampedsoftware.com/2023/10/04/introducing-the-amped-five-certification-program

Amped Software YouTube - https://www.youtube.com/ampedsoftware
How to Use the Validation Tool in Amped FIVE - https://blog.ampedsoftware.com/2023/03/29/how-to-use-the-validation-tool-in-amped-five

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_atEaNas9xnE

The Amped FIVE Certified Examiner (AFCE)

Forensic Focus 29th November 2023 10:28 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles