2007 Conference on Digital Forensics, Security and Law

The ADFSL 2007 Conference on Digital Forensics, Security and Law will be
held in Arlington, Virginia USA on April 18-20, 2007 and is calling for
papers and proposals in, or related to, the following areas.

1) Digital forensics curriculum
2) Cyber law curriculum
3) Information assurance curriculum
4) Accounting digital forensics curriculum
5) Digital forensics teaching methods
6) Cyber law teaching methods
7) Information assurance teaching methods
8 Accounting digital forensics teaching methods

Continued below…9) Digital forensics case studies
10) Cyber law case studies
11) Information assurance case studies
12) Accounting digital forensics case studies

13) Digital forensics and information technology
14) Cyber law and information technology
15) Information assurance and information technology
16) Accounting digital forensics information technology

Get The Latest DFIR News!

Top DFIR articles in your inbox every month.


Unsubscribe any time. We respect your privacy - read our privacy policy.

17) International issues in digital forensics
18 International issues in cyber law
19) International issues in information assurance
20) International issues in accounting digital forensics

The deadline for submissions is midnight EST, December 31, 2006.
Abstracts may be submitted for review. Papers whose abstracts are
accepted pending final paper review must have the final paper submitted by
midnight EST, February 28, 2007.

Submission Types

Short briefing papers: Such papers need not be extensive. A technology or
a management briefing on an aspect of digital forensics, information
assurance, and/or cyber law would be enough. Such papers will be presented
by the author in a round table discussion format at the conference.
Typical length would be around 1500-2000 words.

Research papers: Such papers need to be extensive. Usually a research
question or an argument is posed and subsequently conducted. Empirical
work (quantitative or qualitative) would be necessary. Research papers
will be presented by the authors in a regular conference session. Typical
length would be around 5000-6000 words. All research papers will be
considered for publication in the Journal of Digital Forensics, Security
and Law (JDFSL).

Case Studies: Case studies are typically descriptions of a given digital
forensics situation. Names of organizations/actors can be kept anonymous
to maintain confidentiality. Case studies will be presented by the authors
at the conference. Typical length would be around 5000-6000 words. All
case studies will be considered for publication in the Journal of Digital
Forensics, Security and Law (JDFSL).

Panels: Panels and workshop proposals are welcome. These would typically
be around 1000 words long and cover a current technology or a
controversial issue.

The primary audience will include individuals who are interested in
developing curriculum and teaching methods as well as conducting
research related to the areas of digital forensics, security and law. This
conference will be of value to both academic and practitioner audiences.

All submissions are double blind peer reviewed.

ADDITIONAL INFORMATION FOR THE CONFERENCE IS AT:
http://www.digitalforensics-conference.org

REGISTRATION INFORMATION IS AT:
http://www.digitalforensics-conference.org/registration.htm

The Chair of the conference is Dr. Glenn S. Dardick.
Dr. Dardick may be reached via email at [email protected]

Glenn S. Dardick, Ph.D.
804-402-9239
804-680-3038 (FAX)
Email: [email protected]

Assistant Professor of Information systems, Longwood University
Email: [email protected]

Director, Association for Digital Forensics, Security and Law
Website: http://www.adfsl.org

Editor, Journal of Digital Forensics, Security and Law
Website: http://www.jdfsl.org

Leave a Comment

Latest Videos

Quantifying Data Volatility for IoT Forensics With Examples From Contiki OS

Forensic Focus 22nd June 2022 5:00 am

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run. 

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems. 

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

File timestamps are used by forensics practitioners as a fundamental artifact. For example, the creation of user files can show traces of user activity, while system files, like configuration and log files, typically reveal when a program was run.

Despite timestamps being ubiquitous, the understanding of their exact meaning is mostly overlooked in favor of fully-automated, correlation-based approaches. Existing work for practitioners aims at understanding Windows and is not directly applicable to Unix-like systems.

In this paper, we review how each layer of the software stack (kernel, file system, libraries, application) influences MACB timestamps on Unix systems such as Linux, OpenBSD, FreeBSD and macOS.

We examine how POSIX specifies the timestamp behavior and propose a framework for automatically profiling OS kernels, user mode libraries and applications, including compliance checks against POSIX.

Our implementation covers four different operating systems, the GIO and Qt library, as well as several user mode applications and is released as open-source.

Based on 187 compliance tests and automated profiling covering common file operations, we found multiple unexpected and non-compliant behaviors, both on common operations and in edge cases.

Furthermore, we provide tables summarizing timestamp behavior aimed to be used by practitioners as a quick-reference.

Learn more: https://dfrws.org/presentation/a-systematic-approach-to-understanding-macb-timestamps-on-unixlike-systems/

YouTube Video UCQajlJPesqmyWJDN52AZI4Q_i0zd7HtluzY

A Systematic Approach to Understanding MACB Timestamps on Unixlike Systems

Forensic Focus 21st June 2022 5:00 am

This error message is only visible to WordPress admins

Important: No API Key Entered.

Many features are not available without adding an API Key. Please go to the YouTube Feed settings page to add an API key after following these instructions.

Latest Articles

Share to...