From the 4th to the 7th of June 2017, Forensic Focus will be attending the Techno Security & Digital Forensics Conference in Myrtle Beach, South Carolina, USA. If there are any topics you’d particularly like us to cover, or any speakers you think we should interview, please let us know in the comments.
Below is an overview of the subjects and speakers that will be featured at Techno Security.
Sunday June 4th
Throughout the week, the conference will be split into seven tracks: Audit / Risk Management, Forensics, Information Security, Investigations, Sponsor Product Demos, Cellebrite Lab, and Magnet Forensics Lab. Attendees will be able to dip in and out of each track depending on their interests. Forensic Focus will mainly be following the Forensics and Investigations tracks throughout the conference.
Sunday will begin at midday, with various options for attendees to choose from. Anne-Marie Moore and Chris Adamczyk from Media Sonar Technologies will discuss how digital forensic investigations are having to increase in speed in order to keep up with the increasing pace of life in a technological world. The talk will cover information for practitioners from all sectors and will focus on using social media tools and methodologies to respond to cyber attacks and uncover information.
Meanwhile, forensic examiner Colin Fagan will be demonstrating a case study of how to use Cellebrite to unlock encrypted devices, and how the information gleaned from this procedure can help investigators who are working on cold cases. Larry Daniel of Guardian Digital Forensics will show attendees of the Forensics track how to identify and react to faked communications, and Ron Dormido from Kroll will show how the Linux Analysis Platform can be a great help to forensic investigations.
Apple iOS devices will be the subject of discussion at the 1pm Forensics track, alongside a talk about the forensic value of hybrid drives, and Magnet Forensics’ Jessica Hyde’s discussion of how security applications and anti-forensic measures are affecting investigations.
Many investigators, particularly those who are relatively new to the field, worry about having to appear in court to defend their results. Herbert Joe, an attorney at Yonovitz & Joe LLP, will talk attendees through the legal qualifications required of security expert witnesses in state and federal courts across the USA.
Richard Spradley from Whooster will discuss investigative database discoveries, including how to tell the difference between real-time and historic information, and how to effectively utilise the investigative databases available to law enforcement professionals.
On the Information Security track, Leo Pate from Atlantic will talk about cyber threat models – the pros and cons of various model types, and what your organisation could be doing better. Meanwhile Rene Novoa from Drivesavers will demonstrate some of the newest ransomware techniques and will look at the importance of Bitcoin to ransom demands in cyberspace.
At 3pm, Bob Petrachek from BlackBag will talk attendees through Windows memory forensics and its uses in investigations. SSA John O’Brien will discuss the application of digital forensic techniques to prescription drug investigations, and following this Eric Wahlberg of Final Mobile Forensics will answer the question of whether alternative data recovery methods are able to stand up in a court of law.
The day will be rounded off by Sasha Sheremetov from Rusolut, who will demonstrate chip-off forensics, with a particular focus on data recover after deletion in flash memory.
Monday June 5th
Monday’s keynote address at 8am will be given by Christopher Church from INTERPOL. After this, the conference will split into its tracks from 9.30 onwards.
The opening options include a demonstration of CRU’s latest digital forensics and ediscovery solutions; a discussion of passcode breaking and mobile forensics by Jeremy Kirby of Susteen; an overview of the Pulse nightclub case study by investigator Ed Michael from Cellebrite; and a discussion by Nicola Chemello of Securcube regarding the increasing role of cell tower data in digital forensic investigations.
In the Information Security track at 10:30, Robert Slocum from Forcepoint will talk about how to better understand end users and the cyber security risks they present, and how organisations can use this knowledge to build better security solutions.
Lee Reiber from Oxygen Forensics will be giving the intriguingly titled discussion ‘The Forensic Kill Chain’, which will look at how concepts used in military combat can be applied to the computer security model of cyber attacks. Alongside this, in the Investigations track, attendees will be introduced to the four dimensions of breach investigations – people, objects, locations, and events – and how the connections between apparently unrelated facts can be uncovered and used in investigations.
Following a lunch break, the tracks will discuss forensics for auditors; automation of threat hunting and triage; the security implications of the internet of things; and the dark side of P2P applications and shared content.
At 3:30pm Jimmy Schroering from DME Forensics will look at suveillance digital video recorders and their potential uses in digital forensic investigations. Ben LeMere from Berla will take attendees through a case study that will demonstrate how to collect and analyse digital data from motor vehicle systems, as well as mobile devices that can connect to these. And Jerry Diamond from MSAB will show how to deconstruct SQLite databases as part of the Forensics track.
The day will draw to a close with three talks, including a discussion of dark web investigative techniques by Stephen Arnold from ArnoldIT, and an overview of the current state of Mac forensics by Steve Whalen from SUMURI.
Tuesday June 6th
Matthew Rosenquist from Intel will kick off Tuesday’s programme with the keynote speech at 8am, after which Kenny Wong will demonstrate some of SalvationDATA’s digital forensics solutions.
Chip-off forensics is a hotly contested and highly delicate process, so the 9:30am talk by Bob Elder from Teel Technologies will be of interest to anyone who is thinking of employing this methodology in their investigations. Elder will discuss non-heat methods for chip removal, namely “polishing” and “milling”.
Jad Saliba from Magnet Forensics will discuss the Internet of Things, and how to make it relevant to forensic investigations; and Stanley Francois will give a review of regulations and standards for the executive management of cyber information warfare. Meanwhile, Kahrmann Ziegenbein from Toonari will be giving an overview of exculpatory evidence in social media investigations.
At 10:30 the Forensics track will see a discussion of drone forensics, while Oleg Davydov will demonstrate the speed of Oxygen Forensics’ products when applied to Android forensics.
Following a break for lunch, Mathieu Gorge from VigiTrust will discuss the security implications of health data and what users can do to try to protect themselves from hackers. Christine Townsend from MusterPoint Solutions will show how everyone within an organisation, whether they are a trained analyst or not, can uncover useful information from open source areas such as social media analysis; and in the Forensics track, a panel discussion will be held on the future of mobile forensics.
At 3:30pm Zuly Gonzalez from Light Point Security will help online criminal investigators to understand how to keep their cover intact, and a dual discussion by Cisco and the Department of Homeland Security will talk about how the Internet of Things might be about to revolutionise intelligence collection and analysis. Meanwhile a panel discussion will be held on potentially new ways to approach the acquisition and analysis of digital evidence.
The day will draw to a close with two track options: Lee Reiber will demonstrate how to use Oxygen Forensics’ solutions to uncover deleted data from applications; and Stephen Arnold from ArnoldIT will demonstrate open source and commercial options for deep web investigations.
Wednesday June 7th
An in-depth session from 9:00-11:50am will look at how DDoS attacks work. Using a live portable computer lab, the speakers will demonstrate how a black hat hacker launches a DDoS attack, and how various software solutions can help to combat and investigate such attacks. Attendees will be given free toolkits along with free downloadable software and research papers on DDoS attacks.
Alongside this, another in-depth discussion will be focusing on streamlined child exploitation investigations and what best practices in these cases look like for digital forensics practitioners.
Later on in the morning, Shelley Ma and Elizabeth Cookson from Kivu Consulting will look at how to uncover and analyse residual artifacts from private and incognito browsers, as well as TOR forensics.
The remainder of Wednesday’s program will be available shortly on the Techno Security website.
As well as the conference itself, there will be additional options for attendees to explore throughout the week. From Wednesday May 30th – Saturday June 3rd, representatives from Cellebrite, Magnet Forensics, and Teel Technologies will be demonstrating how their solutions can be used in various types of digital forensic investigations. Further details can be found here.
Sessions for the Cellebrite Lab, Magnet Forensics Lab, and Sponsor Demos are still in development and will be finalised soon.
Forensic Focus will be in attendance throughout the conference, and you can see the full programme and register here. If there are any topics you would particularly like to see covered in-depth, or if there are any speakers you would like to see interviewed, please leave a comment below or email [email protected] with suggestions.